Jump to content
TorGuard
  • 0
AlexW

DNS broken on Wireguard with macOS

Rate this question

Question

AlexW

Hi,

I'm using Wireguard with macOS (latest Catalina version). I've tried Wireguard in the Torguard app, and the stand-alone client using the configs from the support area - both seem to have the same result.

As soon as the client connects it sets the system DNS server to be the gateway IP of the VPN connection - DNS queries then fail totally. I'm actually connected however as I can nslookup / dig to servers (local network and external) and get correct results. I can also ping internally and externally to IPs correctly.

If I go into System Prefs and update my DNS IP that seems to reset the system to the correct DNS Server and all is happy.

What's wrong with my setup that it requires this manual workaround?

eg.  on connection:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 10.29.1.1
  if_index : 17 (utun3)
  flags    : Supplemental, Request A records
  reach    : 0x00000002 (Reachable)
  order    : 103400

This doesn't work - 10.29.1.1 is not returning any DNS queries.

After manually updating/touching in System Preferences we're back to normal:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 1.1.1.1
  if_index : 17 (utun3)
  flags    : Supplemental, Request A records
  reach    : 0x00000003 (Reachable,Transient Connection)
  order    : 102800

 

This behaviour seems to be the same for both the official TG client using wireguard, and for the official Wireguard client too.

 

Thanks

Share this post


Link to post
Share on other sites

1 answer to this question

Recommended Posts

  • 0
Support
On 9/12/2020 at 3:54 AM, AlexW said:

Hi,

I'm using Wireguard with macOS (latest Catalina version). I've tried Wireguard in the Torguard app, and the stand-alone client using the configs from the support area - both seem to have the same result.

As soon as the client connects it sets the system DNS server to be the gateway IP of the VPN connection - DNS queries then fail totally. I'm actually connected however as I can nslookup / dig to servers (local network and external) and get correct results. I can also ping internally and externally to IPs correctly.

If I go into System Prefs and update my DNS IP that seems to reset the system to the correct DNS Server and all is happy.

What's wrong with my setup that it requires this manual workaround?

eg.  on connection:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 10.29.1.1
  if_index : 17 (utun3)
  flags    : Supplemental, Request A records
  reach    : 0x00000002 (Reachable)
  order    : 103400

This doesn't work - 10.29.1.1 is not returning any DNS queries.

After manually updating/touching in System Preferences we're back to normal:

$ scutil --dns
DNS configuration

resolver #1
  nameserver[0] : 1.1.1.1
  if_index : 17 (utun3)
  flags    : Supplemental, Request A records
  reach    : 0x00000003 (Reachable,Transient Connection)
  order    : 102800

 

This behaviour seems to be the same for both the official TG client using wireguard, and for the official Wireguard client too.

 

Thanks

 

Hey Alex - what version of TG are you tuning just now?

Regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...