Assign Separate DNS Servers to Airwall Agents and Servers

If you need Airwall Agents and Servers to use different DNS servers, you can assign different DNS servers on an overlay or individually for Airwall Agents and Servers that support it.

Supported Versions

Supported Versions

v2.2.11 and later Conductor, and v2.2.11 and later and Airwall Agents and Servers on platforms that support setting DNS servers (currently macOS, Windows, and Linux). iOS and Android support the global DNS server setting.

Required Role
  • System or network administrators
  • Permissions to edit the Airwall Agents and Servers or Overlay where you're updating the settings.

Bulk editing supports setting DNS servers on Airwall Agents and Servers.

DNS Setting Priority

The Conductor has a global DNS setting that applies to all Airwall Agents and Servers on your Airwall secure network. You can override the global setting on individual Airwall Agents and Servers, or on an Overlay to apply the DNS setting to all Airwall Agents and Servers that support it on the Overlay.

Here’s how the priority is set on DNS settings:

DNS Setting Priority Result
1 – Airwall Agents and Servers
  • Overrides the global Conductor DNS server setting.

  • Can be appended to with DNS Servers set on the Overlay.

  • Only available on platforms that support the DNS setting (currently iOS, macOS, Windows, and Android).

  • Will not fall back to the global DNS server setting.
2 – Overlay
  • Overrides the global Conductor DNS server setting.

  • DNS servers set on the overlay are appended to the end of the DNS Server list set on individual Airwall Agents and Servers.

  • Only applies to Airwall Agents and Servers in the Overlay that support the DNS Server setting.

3 – Conductor Global
  • Applies to Airwall Agents and Servers that both support the DNS setting, and don’t have a DNS setting on an Overlay or individually.

  • Is overridden by both Overlay or per-Airwall Agent or Server settings.

Note: MacOS DNS Settings – MAC DNS settings only operate on DHCP interfaces. If your underlay is a static IP, no DNS settings will be applied. At product startup and normal shutdown, DHCP interfaces are returned to DHCP DNS defaults.
Note:

The DNS SRV record covered in Connect an Airwall Gateway with a DNS SRV record is only used for specifying a Conductor URL when deploying Airwall Gateways, and is not related to the DNS Server specified in Conductor settings.