So in system -> settings -> general I have 1.1.1.1 as my DNS.
'Allow DNS server list to be overridden by DHCP/PPP on WAN' is NOT checked.
'Do not use the local DNS service as a nameserver for this system' is NOT checked.
I also have unbound DNS enabled.
In my DHCP settings I have set the DNS as 192.168.1.3, this is the only place I have set 192.168.1.3 for any DNS settings. (apart from WireGuard config)
Now I'd assume that only DHCP clients would use 192.168.1.3 but it appears that OPNsense itself is also using it as it's default DNS server? When I run 'dig' on the command line it is using 192.168.1.3 by default, also '/etc/resolv.conf' has 192.168.1.3. If 192.168.1.3 is offline then dig does not work.
How do I make OPNsense use either 1.1.1.1 as it's DNS or 127.0.0.1 (unbound)?
Since we had the same issue not long ago I get straight to the biscuits: are you using WireGuard?
Cheers,
Franco
Hi Franco, yes I am using Wireguard
Bingo :)
Wireguard overwrites the system resolv.conf unfortunately if you use the DNS option so you cannot use it.
Cheers,
Franco
Oh ok!
Will it get fixed / will there be any issues if I remove the DNS option in VPN -> Wireguard -> Local -> DNS Server
And just specify the DNS server on my client side config only? Or is that a required field?
It can't be fixed since WireGuard is scripted to take over resolv.conf of the system. Better to set DNS on the clients indeed.
In the plugin we can only add a proper help text and maybe hide the feature under advanced.
Cheers,
Franco