From f50d2e140beaca82dc6f842f8761606279e0218f Mon Sep 17 00:00:00 2001 From: Selva Nair Date: Thu, 30 Apr 2026 18:32:43 +0200 Subject: [PATCH] DNS server documentation update Github: OpenVPN/openvpn#937 Change-Id: I53b3f4c60897a1f4dd5efeb6575d525ffb082402 Signed-off-by: Selva Nair Acked-by: Frank Lichtenheld Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1646 Message-Id: <20260430163249.13638-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg36816.html Signed-off-by: Gert Doering (cherry picked from commit c77d3e90d9d97e5447d35b545f9c8f07bf4c8ce3) --- doc/man-sections/client-options.rst | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index 1664eedd..3ad91043 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -216,7 +216,8 @@ configuration. DNS server options it must be between 0 and 127. The server id is used to group options and also for ordering the list of configured DNS servers; lower numbers come first. DNS servers being pushed to a client replace - already configured DNS servers with the same server id. + already configured DNS servers with the same server id. Only the group of + options corresponding to the lowest server id is applied. The ``address`` option configures the IPv4 and / or IPv6 address(es) of the DNS server. Up to eight addresses can be specified per DNS server. @@ -249,6 +250,19 @@ configuration. so that ``--dns`` overrides ``--dhcp-option``. Thus, ``--dns`` can be used today to migrate from ``--dhcp-option``. + Windows only: + + #. If tap-windows6 is in use, dns servers are set by DHCP by default. + In this case only ``--dns search-domains`` and ``--dns server n address ..`` + with the lowest value of ``n`` are interpreted. All other ``--dns`` options + are ignored. Use of the dco driver is the recommended way to make use of these + new features. + + #. If ``--dns server n resolve-domains`` is in use, the DNS server addresses + corresponding to ``n`` are set on the interface only if ``search-domains`` is + also specified. Otherwise these DNS addresses are used only for NRPT rules for + split-DNS. + --explicit-exit-notify n In UDP client mode or point-to-point mode, send server/peer an exit notification if tunnel is restarted or OpenVPN process is exited. In