Addition to "WireGuard route all traffic through wireguard"

The wiki here describes how to route all traffic through the VPN, including DNS queries to prevent any leaks. I believe the DNS section should add the step of setting "Ignore resolv file" (Network -> DHCP and DNS -> Resolv and Host Files), otherwise the router will not utilize the DNS server specified via the 'list server' parameter in the dnsmasq config, thus causing the DNS to be resolved by the local peer and thus leak outside the VPN.

1 Like

Feel free to add, but im not experiencing this described behavior. Also, if following the Wiki link posted, the DNS leaking you described is impossible:

it is also a good idea to use a DNS Server hosted on the “Wireguard Server” (Same Public IP).

...but since its the same Public IP as the WG peer, it's also not tunneled. Using the peers's internal/WG IP can fix that.