On Mon, May 7, 2018 at 1:21 PM, ѽ҉ᶬḳ℠ <[email protected]> wrote: > 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1 as WG endpoint node > WG 0.0.20180420-1 > DHCP no > Firewall off (both server and client) > wg-quick not utilized > > Which DNS resolver is utilized by the clients inside a WG tunnel, the > client's resolver or the server's? And can this be tweaked in WG? > There are no "clients inside a WG tunnel", only traffic inside the tunnel :-D On a standard linux, this is controlled by /etc/resolv.conf whether or not there is VPN. /etc/resolv.conf can be (mis-)managed by dhcp clients and other daemons. For most boxes I use dnscache running on 127.0.0.1 and I do occasionally configure it to forward queries to another cache (so /etc/resolv.conf is never touched).
> Clients are connecting to the endpoint node and subnets each end are > reachable through the tunnel. The traffic to the inet from the WG however is > not escaping via the server's default route. Added the IPS's gateway node > (81.x.x.x) to the WG iface but that did not provide inet connection for the > connected clients. > > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 0.0.0.0 81.x.x.x 0.0.0.0 UG 0 0 0 eth0 > 81.x.x.x 0.0.0.0 255.255.255.255 UH 0 0 0 wg0 > 192.168.120.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0 > Not sure what you want to do here... Assuming your other end of the WG tunnel is say 192.168.120.1, then you should add it as a default gw (and it should route your packets). ip route add default via 192.168.120.1 (no need for `dev wg0` at the end I think) Kalin. _______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
