Unbound outgoing network interface

Started by crt333, August 02, 2023, 02:43:29 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 02, 2023, 02:43:29 PM
My config has 1 WAN and 3 WG tunnels (WG1, WG2, WG3) each with interfaces and gateways configured.

I have VLANS going out to each of these gateways

I'd really like unbound to send recursive queries out on WG1 rather than WAN, but it doesn't seem to honor anything that I set in "Outgoing network interfaces", everything always goes to WAN.

I asked about this earlier and it was suggested gateway priorities might fix this, but I thought that would confuse the WG tunnel routing which need to go out WAN. I am now using static routes to my WG endpoints over WAN, and then changing WG1 gateway to upstream with low priority, and this seems to work with all local router traffic (unbound, ntp, etc) all going out WG1.

Is there a better way to achieve this?
August 04, 2023, 09:01:34 PM #1
That's the way to do it. Routing of traffic from local services is performed strictly according to the routing table(s). FreeBSD supports multiple routing tables (FIBs), but OPNsense doesn't. Since you can't create static routes for a recursive resolver (which needs to contact many servers), your only option is to change the default route.

Correct me if I'm wrong.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
August 04, 2023, 09:10:52 PM #2
Thanks Maurice

It seems to work well, I just wanted to make sure I'm not doing something obviously wrong.
Print
Go Up Pages1
User actions