[Wireguard] Name does not resolve - only on reboot

Started by andre_x, February 01, 2024, 03:30:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 01, 2024, 03:30:05 PM
I've setup a Wireguard VPN that works.
Today we had 2 blackout and both the time the VPN didn't connect automatically to the endpoint.
I've checked and in the logs I see
Code Select
Name does not resolve. If i disable and enable back the endpoint, it works.
So it seems that after Opnsense restarts it's not able to resolve a public DNS and WG doesn't retry.
How can I solve this problem?
Thanks!
February 01, 2024, 03:34:50 PM #1
Make DNS more reliable? It appears to be querying a server that isn't able to resolve yet...


Cheers,
Franco
February 01, 2024, 04:02:09 PM #2 Last Edit: February 01, 2024, 04:14:02 PM by andre_x
Probably the Internet connection isn't up yet (the vDSL modem is slow).
Why WG doesn't retry?
February 01, 2024, 04:26:06 PM #3
The internet connection is up in the post-connect hook (newwanip), but the DNS server it's going to query is not. No idea where and how you resolve DNS but usually that's an issue when you try to query an internal server for an external answer right at the moment the edge device got the connectivity, which means the internal server may not have it yet.

This doesn't happen when you have DNS resolution going through localhost out to the Internet.

Case in point: https://github.com/opnsense/plugins/issues/3186#issuecomment-1905263283


Cheers,
Franco
February 01, 2024, 04:38:08 PM #4
Well...I've just realized that I didn't setup any DNS  :| OPS!
Thanks!
February 01, 2024, 04:57:27 PM #5
There's no way it was DNS :D


Cheers,
Franco
Print
Go Up Pages1
User actions