I'm unable to get OPNsense to check for updates because DNS is failing.
/etc/resolv.conf has an incorrect nameserver (10.13.13.1) that I cannot ping and also says it's generated by resolvconf
I can modify my DNS settings through System->Settings->General but when I reboot it reverts back to the incorrect configuration.
Also running, Unifi controller through 3rd party repo, wondering if this isn't the cause?
I want to solve this.
What is the wireguard plugin?
Cheers,
Franco
Wireguard!! That's what was causing it, a month or so ago I was in the middle of setting up a connection to a remote server, got side tracked and never came back to finish it up. Also, have yet to successfully setup a connection like that so I'm sure there were incorrect parameters.
None-the-less you got me pointed in the right direction, thank you, thank you!
No problem. Unfortunately the upstream wireguard tooling replaces resolv.conf when you set DNS in the plugin. We since hid it under advanced but it's a bit non-obvious in any case.
Cheers,
Franco
What is the most proven solution to find these wery well hidden parameter settings? Export the entire config as a monolithic .xml file and grep it as a txt file for the offending string?
Quote from: franco on March 30, 2021, 07:24:33 PM
Unfortunately the upstream wireguard tooling replaces resolv.conf when you set DNS in the plugin. We since hid it under advanced but it's a bit non-obvious in any case.
This caught me out too when I was setting up WG with selective routing to an external VPN provider. Unfortunate behaviour. Wonder if Jason's current work on the kernel implementation will touch any of this?
I think it's wg-quick so kernel side won't change this. Eventually the tooling needs a rewrite for bash-less support in FreeBSD (if included there), but for now it is what it is.
Cheers,
Franco
Jason's todo list references this?
- Examine possibility of a non-bash wg-quick(8 ) for sending upstream.
That's why I mentioned it....
Cheers,
Franco