Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Mauro Santos <registo.mailling@gmail.com>
To: Alexander Skwar <alexanders.mailinglists+nospam@gmail.com>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Android App not setting DNS when allowed IPS not 0.0.0.0/0
Date: Fri, 7 Aug 2020 11:51:44 +0100	[thread overview]
Message-ID: <338b5098-1125-584b-e3c9-19a6c6015926@gmail.com> (raw)
In-Reply-To: <CADn-QaO2gn8vX0qA9jeitSGiSK11qengh0U5_JjonTmSND84Tg@mail.gmail.com>

On 07/08/20 05:29, Alexander Skwar wrote:
> hello
> 
> Welcome to the club — that is EXACTLY what I'm talking about in the
> thread "WireGuard macOS App doesn't set system default DNS".
> 
> Are you on macOS as well? Using the WireGuard App or are you using wg-quick?
> 
> Regards,
> 
> Alexander
> 

Hello,

I'm not on macOS, this is a problem with the android app, just like the
subject says ;)

I don't know if wg-quick has the same problem, on my laptop I have
unbound running and I use that. I do not have any dns settings on my
wg-quick config files.

Regards,
Mauro Santos

> Am Do., 6. Aug. 2020 um 16:20 Uhr schrieb Mauro Santos
> <registo.mailling@gmail.com>:
> 
>>
>> Hello,
>>
>> Like the subject says I have found that when I'm not routing all traffic
>> through the vpn then my dns setting seems to be ignored (tested with
>> nsleaktest.com).
>>
>> If I route all traffic through the vpn then it works as expected.
>>
>> home network: 192.168.20.0/24
>>
>> vpn "server" is at 192.168.20.10 and internal vpn address is 10.4.4.1,
>> where I have the dns server running and a few other services accessible
>> only though the vpn.
>>
>> "server" config (with systemd-networkd)
>> wireguard.netdev:
>> [NetDev]
>> Name = wireguard
>> Kind = wireguard
>> Description = WireGuard VPN
>>
>> [WireGuard]
>> ListenPort = 4911
>> PrivateKey = ...
>> #Publickey = ...
>>
>> # Phone
>> [WireGuardPeer]
>> PublicKey = ...
>> AllowedIPs = 10.4.4.3/32
>>
>> wireguard.network
>> [Match]
>> Name = wireguard
>>
>> [Network]
>> Address = 10.4.4.1/24
>>
>> "client" config (android vpn app):
>> [Interface]
>> name: msi
>> public key: ...
>> addresses: 10.4.4.3/32
>> dns servers: 10.4.4.1
>>
>> [Peer]
>> public key: ...
>> allowed ips: 10.4.4.0/24
>> endpoint: 192.168.20.10:4911
>>
>> The problem also persists if I access the vpn from outside my internal
>> network and is "fixed" if I change the allowed ips from 10.4.4.0/24 to
>> 0.0.0.0/0.
>>
>> From what I have searched, other people with similar problems had a
>> configuration problem, but I don't think it is the case here since my
>> dns servers in on the same machine as other services and I can access
>> the other services without problems.
>>
>> Any ideas on what the problem could be? I have checked the log on the
>> android app but none of the messages in the log seems to indicate any
>> problem, should I be looking for some warning/error messages in particular?
>>
>> --
>> Mauro Santos
> 
> 
> 
> --
> 
> 
> 
> Alexander
> --
> =>        Google+ => http://plus.skwar.me         <==
> => Chat (Jabber/Google Talk) => a.skwar@gmail.com <==
>

  reply	other threads:[~2020-08-07 10:51 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-06 11:22 Mauro Santos
2020-08-07  4:29 ` Alexander Skwar
2020-08-07 10:51   ` Mauro Santos [this message]
2020-08-07 11:59     ` Alexander Skwar
2020-08-08  8:04       ` Mauro Santos

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=338b5098-1125-584b-e3c9-19a6c6015926@gmail.com \
    --to=registo.mailling@gmail.com \
    --cc=alexanders.mailinglists+nospam@gmail.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).