When connecting to a VPN you may have a DNS server which serves for a particular domain. For example when connected to your companies VPN, your local DNS config in /etc/resolv.conf is updated with: nameserver 192.168.1.1
The DNS server 192.168.1.1 is your companies internal DNS server which resolves admin.example.org to 192.168.1.100 You need to access admin.example.org on 192.168.1.100 but don’t necessarily want to have all DNS queries go to 192.168.1.1 You also don’t want manage /etc/hosts entries which can become stale over time.
dnsmasq a lightweight DNS and DHCP service can help. Simply install dnsmasq, starting off with a simple config.
listen-address=127.0.0.1
bind-interfaces
conf-dir=/etc/dnsmasq.d/Create /etc/dnsmasq.d/example.org.conf
address=/vpn.example.org/198.51.100.100
server=/example.org/192.168.1.1- line one returns
198.51.100.100for the host vpn.example.org - line two specifies
192.168.1.1as the upstream DNS server for all other example.org queries such as admin.example.org
Reload the dnsmasq service.
systemctl restart dnsmasqAnd finally update /etc/resolv.conf
nameserver 127.0.0.1Now your local resolver clients will use dnsmasq as a DNS server with dnsmasq only forwarding queries for example.org to the upstream DNS server 192.168.1.1