Manually provided DNS server addresses are higher priority than DHCP's
With the recent revelation of DNS server security issues, many have expressed a desire to use DNS servers they know to be secure rather than the servers specified by their routers via DHCP, which often are those of a particular ISP.
When you manually enter a DNS server address in Mac OS X Leopard's Network preference pane, the manually entered address(es) appear below any DHCP-provided addresses (which are shown in grey as they are unchangeable), leading one to assume that DHCP-provided addresses always have priority over any a user may specify.
However, a check of the /etc/resolv.conf file generated by Mac OS X shows that in fact user-provided DNS addresses will supercede any provided by DHCP.
As an example, if your router promotes itself as a DHCP server, its IP address, say "192.168.0.253," will appear, greyed out, in the Network->Advanced->DNS preferences pane.
If you then add, say, OpenDNS' addresses of "208.67.222.222" and "208.67.220.220," the preferences window will show:
192.168.0.253 (greyed out)
208.67.222.222
208.67.220.220
But the generated /etc/resolv.conf will show the order Mac OS X will actually reference the servers is:
nameserver 208.67.222.222
nameserver 208.67.220.220
nameserver 192.168.0.253
While this is non-intuitive, given how the addresses are displayed in the preference pane, it is exactly the way a user would hope things would work - allowing one to specify DNS servers to be used in lieu of any a router provides, especially handy if the router propagates the address of a DNS server that is having issues, that is untrusted or is simply overloaded or offline.
Quad 2.5 GHz G5, 5 GB | 2.33 GHz MBP C2D 2 GB, Mac OS X (10.5.4)