From: Andre Heider <a.heider@gmail.com>
To: wireguard@lists.zx2c4.com
Subject: android and endpoint dyndns
Date: Wed, 25 Jan 2023 10:28:37 +0100 [thread overview]
Message-ID: <d9bf06e6-ded9-e857-5713-566bdcbd4e8c@gmail.com> (raw)
Hi all,
I'm using wireguard on android, and it works just fine.
The wg endpoint also has it's own dns server, which I too configured on
the wg droid app, so I can reach my network boxes with their internal
domain names.
I also enabled "Always-on VPN" and "Block connections without VPN" on
the phone's system settings, so everything goes through the wg
interface. When it's not up nothing gets in or out - just as desired.
Unfortunately I have to live with a changing ip on the server/endpoint.
Which is why I use a dyndns hostname as wg endpoint.
Now, if I set "Private DNS" on the droid's system settings to a specific
*public* server ("Private DNS provider hostname"), it even works if the
ip of my wg server changes! Meaning the wg vpn setup automagically picks
up the new ip. (How, btw? Is that an android feature or implemented on
the wg app?).
But using a public server there obviously breaks reaching my internal
boxes using their domain names, since those are only provided by my own
dns server. And for that, I have to set "Private DNS" to "Automatic".
But that in return breaks the wg setup if my endpoint's ip changes, I
have to manually dis/reenable the wg interface then. The workflow/around
then becomes:
- set "Private DNS" to "Automatic"
- disable wg interface
- enable wg interface
- set "Private DNS" to "Private DNS provider hostname"
Which gets really annoying as you can imagine.
Is there a solution to this? I guess if the wg app would use a specific
dns server to just resolve the endpoint's hostname it should work? Is
that possible?
Thanks,
Andre
reply other threads:[~2023-02-07 4:33 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d9bf06e6-ded9-e857-5713-566bdcbd4e8c@gmail.com \
--to=a.heider@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).