Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: thisisme on June 06, 2024, 06:09:47 AM

Title: DNS-Server option on a Wireguard instance
Post by: thisisme on June 06, 2024, 06:09:47 AM
Hey

What does the DNS-Server option on a Wireguard instance configuration do? I know what it does when set on the client, but what happens exactly when I set it on the opnsense?
Title: Re: DNS-Server option on a Wireguard instance
Post by: hushcoden on June 12, 2024, 09:42:48 AM
Indeed, it would be helpful if someone would shed some light on this.
Title: Re: DNS-Server option on a Wireguard instance
Post by: Bob.Dig on June 12, 2024, 10:07:46 AM
If it is about the Peer generator, it is for a peer-config.
Title: Re: DNS-Server option on a Wireguard instance
Post by: tiermutter on June 12, 2024, 10:40:46 AM
I thought this is kinda push option for DNS and tried it, but it seems to have no function (Client is using it's default DNS when tunnel is up with no DNS set in client config).

I believe this option was once intended to be used for such but never finished. Also manpages and several docs won't refer to this option as if it doesn't exist.
Title: Re: DNS-Server option on a Wireguard instance
Post by: franco on June 12, 2024, 02:05:42 PM
It sets the DNS server locally. It's pretty obscure wg-quick shorthand and very often breaks your router's ability to resolve names.

https://www.reddit.com/r/WireGuard/comments/11edvs2/wgquick_and_dns/

It's only really useful for single client use where you want to route all over the tunnel (like a branch office).


Cheers,
Franci
Text only | Text with Images