<span class="Apple-style-span" style="border-collapse: collapse; "><div class="im" style="color: rgb(80, 0, 80); ">On Sat, Jul 11, 2009 at 2:24 AM, Tom Metro <span dir="ltr"><<a href="mailto:tmetro%2Bdnsmasq@gmail.com" target="_blank" style="color: rgb(0, 0, 204); ">tmetro+dnsmasq@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<div>No lease information reported? (Is this Windows XP or Vista?)</div><div></div></blockquote><div><br></div></div><div>I removed the lease information, MAC, and adapter brand/model to shorten the output. The machine's running XP.</div>
<div class="im" style="color: rgb(80, 0, 80); "><div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
Is 192.168.1.?? an attempt to obscure an internal, non-routable address?<br></blockquote><div><br></div></div><div>Yes, sorry, I was just masking internal IPs; they are the correct ones.</div><div class="im" style="color: rgb(80, 0, 80); ">
<div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
Why isn't DHCP enabled for that connection?<br></blockquote><div><br></div></div><div>I was surprised by that, too, since I am getting assigned an address; I don't have anything set manually for that connection.</div>
<div class="im" style="color: rgb(80, 0, 80); "><div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
<div>1. No 'DNS Suffix Search List' entry<br>2. The 'Connection-specific DNS Suffix' is empty</div></blockquote></blockquote><div><br></div></div><div class="im" style="color: rgb(80, 0, 80); "><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
Normally the suffix has little impact on DNS and only applies when looking up unqualified names, but so far this is the best lead. Perhaps when it sees any suffix specified, it moves that DNS server up in priority.<br><br>
You could try statically specifying a suffix for the VPN - to put both connections on a level playing field, or you could try tweaking the Dnsmasq settings so that it doesn't supply a suffix to the client. Try unsetting the domain= option.<div>
</div></blockquote><div><br></div></div><div>I tried unsetting the domain option, and (in a second test) adding a domain suffix to the VPN connection, but neither had an effect. The only thing I noticed is that, with the router, the 'DNS Suffix Search List' entry is not present. With Dnsmasq, it's always present, although empty if the dnsmasq.conf domain option is not set.</div>
<div class="im" style="color: rgb(80, 0, 80); "><div><br></div><blockquote class="gmail_quote" style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0.8ex; border-left-width: 1px; border-left-color: rgb(204, 204, 204); border-left-style: solid; padding-left: 1ex; ">
Have you tried specifying the DNS servers statically? List the VPN server first, then your LAN server. If the VPN server is unreachable, it ought to proceed to your LAN server, though that might result in a delay.</blockquote>
<div><br></div></div><div>That's actually a really simple solution, and it works as expected. I'll have to see how noticeable the delay is. At this point I'm just curious as to why it changed. I spent some more time googling this, and apparently querying VPN DNS first is the expected behavior on XP (Vista has slightly different rules). I found a couple of posts from people who wanted the opposite, but none of the responders knew how to make that happen.</div>
<div><br></div><div>In any case, this seems like mainly a Windows issue; I'll spend some more time playing around with it. Thanks for your help!</div><div><br></div><font color="#888888"><div>David</div></font></span>