On Thu, 20 Sep 2018 16:13:46 -0400 (EDT) Paul Wouters <[email protected]> wrote:
> On Thu, 20 Sep 2018, Alex wrote: > > > I'm interested in building a tunnel between two Linux boxes > > specifically to send DNS requests. > Yes it is possible. The easiest would be to just do a host-to-host > tunnel that covers everything included DNS, eg: > > https://libreswan.org/wiki/Host_to_host_VPN > > If you really want to limit it to DNS, then you need to that > that connection and copy it so you have two (using two different > names, eg dns-tcp and dns-ucp) and then add > > # assumes left is the DNS client, right the DNS server > leftprotoport=udp/%any > rightprotoport=udp/53 Note, this example is not enough, you also need another tunnel for tcp/53 traffic. So Paul's initial suggestion to tunnel everything host-host is quite much simpler. -- Tuomo Soini <[email protected]> Foobar Linux services +358 40 5240030 Foobar Oy <https://foobar.fi/> _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
