How does iOS interpret pushed DNS servers and search domains?

On a split-tunnel, where redirect-gateway is not pushed by the server, and at least one pushed DNS server is present:

  • route all DNS requests through pushed DNS server(s) if no added search domains.
  • route DNS requests for added search domains only, if at least one added search domain.

For example, the following directive on the server will tell the client to route all DNS requests to

push "dhcp-option DNS"

while these directives on the server will only route foo.tld and bar.tld DNS requests to

push "dhcp-option DNS"
push "dhcp-option DOMAIN foo.tld"
push "dhcp-option DOMAIN bar.tld"

Note that with redirect-gateway, the above discussion is moot, since all DNS requests are always routed through the VPN regardless of the presence or absence of added search domains.