Posted: Sat Jun 10, 2023 10:40 Post subject: SmartDNS with Wireguard and PBR
I am using a wireguard tunnel for the home Network. I have set up the PBR so that only certain clients use the wireguard tunnel, based on the source IP.
I also use SmartDNS. SmartDNS doesn‘t use the wireguard tunnel because the router IP is not defined as a source IP to use the tunnel. Thats why I had DNS leaks.
I have now added a destination based policy to the wireguard configuration that routes all queries to the DNS server IPs through the tunnel. This works, but it seems like a bandaid solution. Now the DNS requests of all clients are routed through the wireguard tunnel, and not just those specified as a source in the PBR configuration.
Is there an easy and elegant way to only resolve DNS requests from PBR-source IPs through the tunnel and all others not?
Sticky:WireGuard guides and documentation _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Unfortunately it doesn’t discuss smartdns. And the suggested split DNS option makes the VPN clients use the VPN DNS servers, which is not what I want.
Assigning different DNS servers depending on client IP would make the client resolve the DNS requests themselves. I want dd-wrt to do it, because I don’t trust all my devices to use DoH/DoT.
Unless I have missed something, there doesn’t seem to be a solution for my problem.