I dont mean to be a bother, but recently i got wiregaurd setup so myself and my friends can access resources such as my server. i have it setup for the client and the server to only allow To be tunneled, so for example my friends can google and resolve DNS just fine and its all in there network, then when they want to access the server it will be at and the docker services will run on ports for example 8080:80. and to be honest it works great for me and friend 1. but for friend 2 DNS doesnt resolve???
he can ping he can acess the services on but he cant resolve DNS when wiregaurded in.
his network has ipv6 and ipv4, my network only has ip4 and friend 1’s network is ipv4 only. do you smart people on the internet think ipv6 could be an issue? friend 2 is running linux mint if that matters. I know a little about networking but by no means am an network engineer.
its a slight issue friend 2 really wants to be able to google and play command and conquer pvp at the same time. any help would be greatly appreciated as im kinda stumped!
-edit SOLVED i had a DNS for the client config and i just had to remove it client side.
Has friend 2 set his name servers to something custom, or is he using your network’s default? My partner uses an iPhone and it has some sort of built in DNS so she doesn’t benefit from me installing DNS based adblock on the network. You could see if a similar thing is at play.
What DNS resolvers are being used?
i figured it out i had dns in the client wiregaurd config
Amen brother!
You and friend 1 have working setups. Friend 2 can’t seem to get their setup to work. So the problem has to be specific to friend 2’s machine or network.
To start at the very basics, when WG is disabled, what are friend 2’s DNS servers, as listed in “/etc/resolve.conf” (Linux) or in “ipconfig” on Windows. This can be an IPv4 or IPv6 address. Whatever it is, take note of it. Also try to ping it and make sure the ping is successful.
Then have friend 2 enable WG. Now try pinging the same DNS servers again. If this fails, you are one step closer to the problem. If this succeeds, then check to see if WG caused new DNS servers to replace the former ones.
One possibility is that friend 2’s home network also uses 192.168.8.X, and so the machine tries to reach the DNS servers by going through WG. But we need more details before making this conclusion.
You also said friend 2 can ping (aka Quad9), but is this friend using Quad9 as their DNS server? If so, what exactly is observed when you say that “DNS doesn’t resolve”? Is this an error in a browser or the result from running “nslookup” in the command line?
IPv6 isn’t likely to be directly responsible for DNS resolution failures, but a misconfigured WG tunnel that causes an IPv6 DNS server to be blackholed is one way to create resolution failure. It may also just be red herring, and the issue is contained entirely to IPv4. I would not recommend turning off IPv6, because that’s almost always the wrong answer and sweeps the other problems under the rug.