I have a domain (example.com) which is setup to have two views. host1.example.com will be 10.0.0.1 in an internal network and 149.120.10.14 (a public IP) when queried from outside.
This means that a device connected to Internet should have its usual set of DNSes used normally (the ones it gets from DHCP, say 8.8.8.8) and they will resolve host1.example.com to its external IP.
When connected via VPN, this device should however receive from the OpenVPN server a specific DNS to resolve example.com (and only example.com).
My understading is that using
push "dhcp-option DNS 10.10.10.100"
where 10.10.10.100 is the internal, VPN reachable DNS server would overwrite the DNS servers on the device, loosing the ones it already had.
Is there a way to push a DNS nameserver with the option to use it only for a specific domain and retain the existing other DNSes (used for Internet/company resolution)?
Best Answer
This is not possible. But here is a workaround.
Setup a DNS server inside your VPN network and use it as DNS server for all VPN users.
On this DNS server, setup primary zone for your specific domain name (example.com) with the internal IP addresses. And setup DNS redirection to run DNS queries which the DNS server can't handle itself.
In this case, all DNS queries on the zone example.com will use DNS records from your server and all other DNS queries will be solved by 8.8.8.8 for example.