2 AP WIfi. Wireguard. DNS problem

Hello. I have created two WiFi access points, with the first access point routing packets to the WAN, the second access point routing packets to the Wireguard VPN. After installing the Wireguard interface and installing vpn policy routing, the DNS on the WAN and VPN Wireguard disappears. Ping passes through the WAN and Wireguard VPN. Please help! How do I set up DNS?

Disable peer DNS and specify public DNS as upstream provider:
https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#upstream_dns_provider

It doesn't work, I've tried it before.




Try other DNS providers and restart the router to clear its cache.

Unfortunately, it didn't help, maybe I need to configure Forwarding and firewall?I rebooted the router


I am connected to this router, if I turn on the surfshark VPN app, then everything works fine, if I turn off surfshark, the DNS disappears.

what does the app have to do with the router issue ?

No relation.

ok, in that case, what DNSes does your client get when you use the wireshark VPN.

Desktop, Surfshark VPN turn off. Nslookup show
OpenWrt.lan
Address: fd16:deb1:7405::1

Desktop, Surfshark VPN turn on. Nslookup show
64.14.236.151.in-addr.arpa
Address: 151.236.14.64

On your first post it looks like both the ISP and the VPN provider are using the 100.x CGNAT IP range, and the ISP has you in a /16. Do those networks overlap? That will make routing difficult.

1 Like

Thank you for the answer, changing the ip address did not help.

The nameserver value should be 127.0.0.1? Снимок

ubus call system board; uci show dhcp
root@OpenWrt:~# ubus call system board; uci show dhcp
{
        "kernel": "5.4.143",
        "hostname": "OpenWrt",
        "system": "MediaTek MT7628AN ver:1 eco:2",
        "model": "TP-Link TL-WR841N v13",
        "board_name": "tplink,tl-wr841n-v13",
        "release": {
                "distribution": "OpenWrt",
                "version": "21.02.0",
                "revision": "r16279-5cc0535800",
                "target": "ramips/mt76x8",
                "description": "OpenWrt 21.02.0 r16279-5cc0535800"
        }
}
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].boguspriv='1'
dhcp.@dnsmasq[0].filterwin2k='0'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].nonegcache='0'
dhcp.@dnsmasq[0].authoritative='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.d/resolv.conf.auto'
dhcp.@dnsmasq[0].nonwildcard='1'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].ednspacket_max='1232'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv4='server'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.lan.ra_flags='managed-config' 'other-config'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.wan.ra_flags='none'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
dhcp.SLAN=dhcp
dhcp.SLAN.interface='SLAN'
dhcp.SLAN.start='100'
dhcp.SLAN.limit='150'
dhcp.SLAN.leasetime='12h'
dhcp.SLAN.ra_flags='none'

1 Like

You have not disabled loopback or IPv6, have you?

No.

I installed DNS on the end devices manually and everything worked. I did not find out the reason why the received DNS from openwrt did not work.

1 Like
uci show network; netstat -l -n -p | grep -e dnsmasq