https://netmaker.org logo
Powered by
#client
Title
# client
r

ripe-jackal-88551

06/02/2022, 1:18 PM
Hello, I tried out netmaker yesterday but had to notice that the external DNS that I configured to an IP that is reachable by an egress gateway on a private network is not used for DNS queries on iOS using the wireguard app with an ingress gw. Is this expected? And if so how can I make use of split DNS by using an internal DNS server inside of the VPN mesh network.
j

jolly-london-20127

06/02/2022, 1:49 PM
did you set defaultextclientdns on the network?
r

ripe-jackal-88551

06/02/2022, 1:53 PM
Yes I set it to the IP of the DNS server
j

jolly-london-20127

06/02/2022, 6:39 PM
so the DNS= field should be set on the ext clients. Do you see it in the wg config file that is generated?
btw, it only gets put on ext clients that are generated after you add that field. It will not be applied to existing ext clients.
r

ripe-jackal-88551

06/02/2022, 7:16 PM
Yes the wireguard app also shows the IP in the dns field
j

jolly-london-20127

06/02/2022, 7:17 PM
ok, if that's the case, there must be an issue with the reachability of the DNS server
attempt an nslookup using the dns server specified to make sure it's reachable
nslookup google.com 192.168.178.200
r

ripe-jackal-88551

06/02/2022, 7:21 PM
I can pint the dns server ip using the nettools app on my iphone so thats working
j

jolly-london-20127

06/02/2022, 7:21 PM
make sure nslookup works though
r

ripe-jackal-88551

06/02/2022, 7:40 PM
Well if i do nslookups they generally work. But my internal domains return an NXDOMAIN. And the coredns logs on the netmaker server also contain a record saying they where resolved to an nx domain, which is strange since it seems like the DNS request is not forwarded to the configured external dns server correctly
I also don't understand why the coredns on the netmaker server is queried and not the external DNS server that I set on the network
Got it working by chaning DNS_MODE: "off" and PORT_FORWARD_SERVICES: "" on the netmaker docker container on the netmaker server which is also my ingress gw
j

jolly-london-20127

06/03/2022, 1:55 PM
Can't reach DNS on egress gateway
Ah! that makes a lot of sense. With the forwarding service, dns requests get redirected to CoreDNS on the server, regardless of their destination.
Powered by