https://netmaker.org logo
Join Discord
Powered by
Hello, I tried out netmaker yesterday but had to n...
# client
r
Hello, I tried out netmaker yesterday but had to notice that the external DNS that I configured to an IP that is reachable by an egress gateway on a private network is not used for DNS queries on iOS using the wireguard app with an ingress gw. Is this expected? And if so how can I make use of split DNS by using an internal DNS server inside of the VPN mesh network.
j
did you set defaultextclientdns on the network?
r
Yes I set it to the IP of the DNS server
j
so the DNS= field should be set on the ext clients. Do you see it in the wg config file that is generated?
btw, it only gets put on ext clients that are generated after you add that field. It will not be applied to existing ext clients.
r
Yes the wireguard app also shows the IP in the dns field
j
ok, if that's the case, there must be an issue with the reachability of the DNS server
attempt an nslookup using the dns server specified to make sure it's reachable
nslookup google.com 192.168.178.200
r
I can pint the dns server ip using the nettools app on my iphone so thats working
j
make sure nslookup works though
r
Well if i do nslookups they generally work. But my internal domains return an NXDOMAIN. And the coredns logs on the netmaker server also contain a record saying they where resolved to an nx domain, which is strange since it seems like the DNS request is not forwarded to the configured external dns server correctly
I also don't understand why the coredns on the netmaker server is queried and not the external DNS server that I set on the network
Got it working by chaning DNS_MODE: "off" and PORT_FORWARD_SERVICES: "" on the netmaker docker container on the netmaker server which is also my ingress gw
j
Can't reach DNS on egress gateway
Ah! that makes a lot of sense. With the forwarding service, dns requests get redirected to CoreDNS on the server, regardless of their destination.
PreviousNext
Powered by