From 680bb02af941967b374f727b58ce81caaec1c671 Mon Sep 17 00:00:00 2001 From: Johan Brandhorst-Satzkorn Date: Wed, 30 Oct 2024 13:59:50 -0700 Subject: [PATCH] docs/client-agent: clarify use of override_upstream_dns_servers (#5220) * docs/client-agent: clarify use of override_upstream_dns_servers The override_upstream_dns_servers option is recommended whenever a user needs to override the DNS servers discovered from the system. However, if a user supplies a DNS server that is only useable while connected to a specific network, it will break the internet in cases where it is not able to resolve these DNS servers. Encourage users to supply both the VPN servers and the default DNS servers. * Update website/content/docs/api-clients/client-agent.mdx Co-authored-by: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> * Update website/content/docs/api-clients/client-agent.mdx Co-authored-by: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> --------- Co-authored-by: Dan Heath <76443935+Dan-Heath@users.noreply.github.com> --- .../content/docs/api-clients/client-agent.mdx | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/website/content/docs/api-clients/client-agent.mdx b/website/content/docs/api-clients/client-agent.mdx index 69dc5e2771..b2b6795578 100644 --- a/website/content/docs/api-clients/client-agent.mdx +++ b/website/content/docs/api-clients/client-agent.mdx @@ -534,12 +534,24 @@ To configure the DNS server(s) to use, use the `override_upstream_dns_servers` c # The DNS servers must be specified as an IP, or an IP:Port. # If no port is provided, port 53 is assumed. # The order of the entries specifies the priority. +# We recommended providing both the VPN DNS servers +# and the default DNS servers, so that DNS requests can +# be resolved even when the VPN is not active. override_upstream_dns_servers = [ - "8.8.8.8", - "8.8.4.4:53", + "10.0.0.1", # Example primary VPN DNS server + "10.0.0.2", # Example secondary VPN DNS server + "8.8.8.8", # Fallback default DNS server + "8.8.4.4:53", # Fallback default DNS server with a custom port ] ``` + + +The `override_upstream_dns_servers` is used for all non-Boundary DNS requests. +If you only provide the VPN DNS servers, the Client Agent will not be able to resolve any DNS requests when the VPN is not active. + + + #### Primary network interfaces By default, the Client Agent creates IPs on the primary network interface to serve its DNS server.