Subject: DNS-servers and a VPN-connection

DNS-servers and a VPN-connection

From: Gisle Vanem <>
Date: Wed, 02 Nov 2011 23:58:35 +0100

Hi list. A bit quite here.

A problem with C-ares has been bugging me ever since I got a
VPN connection (from On Win-XP / Win-7 this
requires the installation of an PPP-adapter that comes and goes
into play as the VPN goes up/down (when back from sleep-mode
I use MS Outlook Express to force it back up). Ok so, the routing
table is automatically updated depending on the state of the VPN.
Normally any Winsock program is unaware of this and any created
socket() get to it's destination okay.

Obviously I want everything to be encrypted; even DNS-lookups
(they're a big give-away if someone wants to snoop). Therein is
the problem with C-ares. It uses GetAdaptersAddresses() and loops
over all the adapters to extract a server list.

Since my ISP ignores DNS-request from non-ISP-customers, C-ares
programs hangs for a long time (I'm virtually in New York when the VPN
is up). Then according to "ipconfig" I should use / Otherwise (vpn down) I should use my ISP's servers / I wish there was an easy way to make
C-ares adapt to this situation. It would be easier to script my way out;
if C-ares has an /etc/resolv.conf on Windows too.

Does somebody got more insight into such things? Is GetBestRoute()
handy in such situations?

Received on 2011-11-02