[Situation] Using a Domain as Endpoint on your WG-Client to reach the server with a dynamic IP address breaks the connectivity when the server changes its public IP address. Wireguard only resolves domains once and uses from there on the resolved IP address. This is a huge problem in the private sector, where static IP addresses are not common. Even worse is the situation with Dual-Stack-Lite configurations, where your public IPv4 address is not reachable from outside. You have to use domains pointing to your current IPv6 address to get connection to your local network. The end user does not understand why the connection is not working anymore, especially on mobile devices. Also, a workaround with the re-resolve script is not possible due to lack of system file access and permissions. Private internet connections are force quitted every 24h. More often if something goes wrong.
[Intention] There is an open-source project called netmaker which builds meshed networks with wireguard vpn connections. If you try to self-host this program on your private internet connection you need an endpoint address which is static. The need here is to input an address dynamically via a domain so you could always reach your server master. [Solution] The solution would be to re-resolve the endpoint address from time to time. The big benefit is that your endpoint IP could be dynamic. Your domain can point to a cname, a or aaaa record, which would enable people with a Dual-Stack-Lite internet connection a "stable" connection. Due to the concept of wireguard to be minimalistic it would be perfect, if the feature is off by default and only turned on when you enable it in wg-interface config. It would be great to have a configurable parameter e.g "dns-resolve-duration = 10 #in seconds" The solution should be usable with all available wireguard clients.
