Unbound outgoing network interface

[crt333]

My config has 1 WAN and 3 WG tunnels (WG1, WG2, WG3) each with interfaces and gateways configured.

I have VLANS going out to each of these gateways

I'd really like unbound to send recursive queries out on WG1 rather than WAN, but it doesn't seem to honor anything that I set in "Outgoing network interfaces", everything always goes to WAN.

I asked about this earlier and it was suggested gateway priorities might fix this, but I thought that would confuse the WG tunnel routing which need to go out WAN. I am now using static routes to my WG endpoints over WAN, and then changing WG1 gateway to upstream with low priority, and this seems to work with all local router traffic (unbound, ntp, etc) all going out WG1.

Is there a better way to achieve this?

[Maurice]

That's the way to do it. Routing of traffic from local services is performed strictly according to the routing table(s). FreeBSD supports multiple routing tables (FIBs), but OPNsense doesn't. Since you can't create static routes for a recursive resolver (which needs to contact many servers), your only option is to change the default route.

Correct me if I'm wrong.

Cheers
Maurice

[crt333]

Thanks Maurice

It seems to work well, I just wanted to make sure I'm not doing something obviously wrong.