DNS server used by OPNsense itself

Started by banana999, January 23, 2021, 01:56:58 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 23, 2021, 01:56:58 PM Last Edit: January 23, 2021, 04:25:53 PM by banana999
So in system -> settings -> general I have 1.1.1.1 as my DNS.
'Allow DNS server list to be overridden by DHCP/PPP on WAN' is NOT checked.
'Do not use the local DNS service as a nameserver for this system' is NOT checked.

I also have unbound DNS enabled.
In my DHCP settings I have set the DNS as 192.168.1.3, this is the only place I have set 192.168.1.3 for any DNS settings. (apart from WireGuard config)

Now I'd assume that only DHCP clients would use 192.168.1.3 but it appears that OPNsense itself is also using it as it's default DNS server? When I run 'dig' on the command line it is using 192.168.1.3 by default, also '/etc/resolv.conf' has 192.168.1.3. If 192.168.1.3 is offline then dig does not work.

How do I make OPNsense use either 1.1.1.1 as it's DNS or 127.0.0.1 (unbound)?
January 23, 2021, 07:31:17 PM #1
Since we had the same issue not long ago I get straight to the biscuits: are you using WireGuard?


Cheers,
Franco
January 23, 2021, 07:35:15 PM #2
Hi Franco, yes I am using Wireguard
January 23, 2021, 07:36:07 PM #3
Bingo :)

Wireguard overwrites the system resolv.conf unfortunately if you use the DNS option so you cannot use it.


Cheers,
Franco
January 23, 2021, 07:39:12 PM #4
Oh ok!

Will it get fixed / will there be any issues if I remove the DNS option in VPN -> Wireguard -> Local -> DNS Server
And just specify the DNS server on my client side config only? Or is that a required field?
January 23, 2021, 07:52:42 PM #5
It can't be fixed since WireGuard is scripted to take over resolv.conf of the system. Better to set DNS on the clients indeed.

In the plugin we can only add a proper help text and maybe hide the feature under advanced.


Cheers,
Franco
Print
Go Up Pages1
User actions