android and endpoint dyndns

WireGuard Archive mirror
 help / color / mirror / Atom feed

From: Andre Heider <a.heider@gmail.com>
To: wireguard@lists.zx2c4.com
Subject: android and endpoint dyndns
Date: Wed, 25 Jan 2023 10:28:37 +0100	[thread overview]
Message-ID: <d9bf06e6-ded9-e857-5713-566bdcbd4e8c@gmail.com> (raw)

Hi all,

I'm using wireguard on android, and it works just fine.

The wg endpoint also has it's own dns server, which I too configured on 
the wg droid app, so I can reach my network boxes with their internal 
domain names.

I also enabled "Always-on VPN" and "Block connections without VPN" on 
the phone's system settings, so everything goes through the wg 
interface. When it's not up nothing gets in or out - just as desired.

Unfortunately I have to live with a changing ip on the server/endpoint. 
Which is why I use a dyndns hostname as wg endpoint.

Now, if I set "Private DNS" on the droid's system settings to a specific 
*public* server ("Private DNS provider hostname"), it even works if the 
ip of my wg server changes! Meaning the wg vpn setup automagically picks 
up the new ip. (How, btw? Is that an android feature or implemented on 
the wg app?).

But using a public server there obviously breaks reaching my internal 
boxes using their domain names, since those are only provided by my own 
dns server. And for that, I have to set "Private DNS" to "Automatic". 
But that in return breaks the wg setup if my endpoint's ip changes, I 
have to manually dis/reenable the wg interface then. The workflow/around 
then becomes:
- set "Private DNS" to "Automatic"
- disable wg interface
- enable wg interface
- set "Private DNS" to "Private DNS provider hostname"

Which gets really annoying as you can imagine.

Is there a solution to this? I guess if the wg app would use a specific 
dns server to just resolve the endpoint's hostname it should work? Is 
that possible?

Thanks,
Andre

                 reply	other threads:[~2023-02-07  4:33 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d9bf06e6-ded9-e857-5713-566bdcbd4e8c@gmail.com \
    --to=a.heider@gmail.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).