* Feature Request: Configurable Re-Resolving of DNS Endpoints
@ 2022-04-27 18:50 Pierre Grimme
[not found] ` <CAHx9mscwNEn9Ao3Br_x6tEFJg4uBrf1K8wXaJoM2jZf_5=C52Q@mail.gmail.com>
0 siblings, 1 reply; 2+ messages in thread
From: Pierre Grimme @ 2022-04-27 18:50 UTC (permalink / raw)
To: wireguard
[Situation]
Using a Domain as Endpoint on your WG-Client to reach the server with
a dynamic IP address breaks the connectivity when the server changes
its public IP address.
Wireguard only resolves domains once and uses from there on the
resolved IP address. This is a huge problem in the private sector,
where static IP addresses are not common. Even worse is the situation
with Dual-Stack-Lite configurations, where your public IPv4 address is
not reachable from outside. You have to use domains pointing to your
current IPv6 address to get connection to your local network.
The end user does not understand why the connection is not working
anymore, especially on mobile devices. Also, a workaround with the
re-resolve script is not possible due to lack of system file access
and permissions. Private internet connections are force quitted every
24h. More often if something goes wrong.
[Intention]
There is an open-source project called netmaker which builds meshed
networks with wireguard vpn connections. If you try to self-host this
program on your private internet connection you need an endpoint
address which is static. The need here is to input an address
dynamically via a domain so you could always reach your server master.
[Solution]
The solution would be to re-resolve the endpoint address from time to
time. The big benefit is that your endpoint IP could be dynamic. Your
domain can point to a cname, a or aaaa record, which would enable
people with a Dual-Stack-Lite internet connection a "stable"
connection. Due to the concept of wireguard to be minimalistic it
would be perfect, if the feature is off by default and only turned on
when you enable it in wg-interface config. It would be great to have a
configurable parameter e.g "dns-resolve-duration = 10 #in seconds"
The solution should be usable with all available wireguard clients.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Feature Request: Configurable Re-Resolving of DNS Endpoints
[not found] ` <CAHx9mscwNEn9Ao3Br_x6tEFJg4uBrf1K8wXaJoM2jZf_5=C52Q@mail.gmail.com>
@ 2022-04-28 5:55 ` Pierre Grimme
0 siblings, 0 replies; 2+ messages in thread
From: Pierre Grimme @ 2022-04-28 5:55 UTC (permalink / raw)
To: wireguard
Am Mi., 27. Apr. 2022 um 22:55 Uhr schrieb Omkhar Arasaratnam
<omkhar@gmail.com>:
>
> Like this?
>
> https://github.com/WireGuard/wireguard-tools/blob/master/contrib/reresolve-dns/reresolve-dns.sh
This script may be a good option for Linux Clients, but for Android
devices or Chromebook not. The main point
of this feature request is to provide an additional configurable
parameter which implements nicely into
wg.conf files.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-28 5:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-27 18:50 Feature Request: Configurable Re-Resolving of DNS Endpoints Pierre Grimme
[not found] ` <CAHx9mscwNEn9Ao3Br_x6tEFJg4uBrf1K8wXaJoM2jZf_5=C52Q@mail.gmail.com>
2022-04-28 5:55 ` Pierre Grimme
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).