Home/stef-openclaw-skills
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3c0d859081cfed56b1a927b78cbc90b88a5d3ae
stef-openclaw-skills/docs/plans/2026-03-12-nordvpn-macos-dns-design.md
Stefano Fiorini 6bc21219a7 docs: add nordvpn macos dns plan
2026-03-12 01:35:32 -05:00

1.2 KiB
Raw Blame History

NordVPN macOS DNS Design

Goal

Keep NordVPN DNS while connected on macOS, but only apply it to active physical services so the WireGuard backend does not break Tailscale or other virtual interfaces.

Behavior

  • Keep the generated WireGuard config free of DNS = ...
  • During connect on macOS:
    • detect active physical network services
    • snapshot current DNS/search-domain settings
    • set NordVPN DNS only on those physical services
  • During disconnect:
    • restore the saved DNS/search-domain settings
  • During failed connect after DNS changes:
    • restore DNS before returning the error

DNS Values

  • IPv4 primary: 103.86.96.100
  • IPv4 secondary: 103.86.99.100
  • No IPv6 DNS for now

Service Selection

Include only enabled physical services from networksetup. Exclude names matching:

  • Tailscale
  • Bridge
  • Thunderbolt Bridge
  • Loopback
  • VPN
  • utun

Persistence

  • Save DNS snapshot under ~/.nordvpn-client
  • Overwrite on each successful connect
  • Clear after successful disconnect restore

Verification

  • Unit tests for service selection and DNS snapshot/restore helpers
  • Direct logic/config tests
  • Avoid live connect tests from this session unless explicitly requested because they can drop connectivity
Reference in New Issue View Git Blame Copy Permalink