Hi all.
As suggested here https://airvpn.org/topic/20303-airvpn-configuration-on-openwrt-preventing-traffic-leakage-outside-tunnel/ (maybe he/she only suggests creating a seperate interface for OpenVPN-AirVPN connecting IPs), I'm thinking of seperating all DNS requests of IPs connected to OpenVPN. Is it plausible with current OpenVPN LuCI app and possibly with coexistence of Stangri's packages (VPN Bypass or VPN Policy Routing)? Could you please show me how?
Thanks.
A pre question for anyone here is just how complex/intensive each "dns" requirement is....
a) How many vpn routed clients?
b) Do they require services on the local network
-For basic setups, altering the dhcpOPTION for VPN-routed clients would be one way.
-iptables input MANGLING/MARKING incoming 53 is another left field extensible option without the overhead of multiple lookup zones or nameserver processes.
Ok, I'm an alien on this subject. So, please guide me on this.
So, there are 32 static leases, around ten of which has been leased on the DNS right now. But we are two people on the same network. It is not that much, I suppose.
That is the possible maximum of our network.
They do require services on local network, like accessing a Samba server, not that much. Specific IPs shall need access to router interface on 192.168.1.1 and modem interface on 192.168.0.1.
Some IPs shall have VPN access directly with router, some only through its own software to control exclusions directly.
I use OpenDNS right now and send IP address info through Dynamic DNS LuCI app, but I might try DNSCrypt Proxy in the future for excluded IPs, which bypass OpenVPN.
I also use Adblock LuCI app, which uses dnsmasq filtering, I suppose. That might also affect these issues.
Is that too complex or what?
Thanks.