Re: WireGuard behaviour with systemd-resolved

[Lane Russell]

I'm not sure of the proper way to resolve this issue with systemd-resolved, but 
I was able to get to a more comfortable position in my case by disabling 
systemd-resolved and manually configuring my DNS servers in /etc/resolv.conf. 
Since the machine in question always sends all traffic over the VPN, I 
statically set the IP of the WireGuard server in the wg-quick config file so I 
wouldn't have to have public DNS in /etc/resolv.conf.

It appears that some testing is needed with WireGuard/wg-quick on systems using 
systemd-resolved. I'm happy to help test, but I'm not very familiar with 
systemd-resolved's inner workings, so I may be of limited use.___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

WireGuard behaviour with systemd-resolved

[Lane Russell]

I've noticed some concerning behaviour using WireGuard on Manjaro GNOME. When 
the WireGuard interface is brought up, the system starts using the DNS servers 
provided in the wg-client.conf file. Intermittently however, internal DNS 
records will resolve using their public IP addresses. Using tcpdump, I'm able 
to see the system is using 8.8.8.8 and 8.8.4.4 for some queries. These 
addresses are configured as fallback DNS servers in systemd-resolved. They were 
acquired via DHCP before the WireGuard interface was brought up.

Is this an issue with WireGuard, or systemd-resolved? Based on what information 
I'm able to find, it appears there are some big concerns with how 
systemd-resolved handles DNS, so I'm more inclined to think the issue lies 
there.___
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard