From 3ba93e93dee15dedd82e710558474a1319aa1113 Mon Sep 17 00:00:00 2001
From: Nick Sweeting <git@sweeting.me>
Date: Sat, 21 Mar 2026 02:01:15 -0700
Subject: [PATCH] Clarify local DNS behavior in docs

---
 README.md | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 08dd99d..48fa0c5 100644
--- a/README.md
+++ b/README.md
@@ -717,15 +717,14 @@ This key can be generated with `wg genkey > example.key`
 
 #### `DNS`
 
-The DNS server(s) to announce to VPN clients via DHCP, most clients will use this server for DNS requests over the VPN, but clients can also override this value locally on their nodes
+This is a `wg-quick` convenience option for the local machine, not a WireGuard setting that is announced or pushed to peers. In `wg-quick`, IP entries are applied as DNS servers for the local interface via `resolvconf`, and non-IP entries are treated as DNS search domains. See [wg-quick(8)](https://man7.org/linux/man-pages/man8/wg-quick.8.html) and the [WireGuard for Windows parser](https://git.zx2c4.com/wireguard-windows/tree/conf/parser.go).
 
 **Examples**
 
-* The value can be left unconfigured to use the system's default DNS servers
-* A single DNS server can be provided  
-`DNS = 1.1.1.1`
-* or multiple DNS servers can be provided  
-`DNS = 1.1.1.1,8.8.8.8`
+* The value can be left unconfigured to use the system's default DNS handling
+* A single DNS server can be provided: `DNS = 1.1.1.1`
+* Multiple DNS servers can be provided: `DNS = 1.1.1.1,8.8.8.8`
+* A DNS server and search domain can be provided: `DNS = 10.0.0.2, internal.example.com`
 
 #### `Table`