I am a hobbyist with limited knowledge with my network setup in the following way:
Using policy based routing I have set up only certain IPs to go over the wireguard tunnel. Although this seems to be partly working I can't seem to figure out how best to setup DNS.
I have currently disabled 'DNS as advertised by peer' in the wan interface and put in the VPN DNS servers in as option dns 'x.x.x.x x.x.x.x' in the WG interface as well as DNS forwardings in the DHCP and DNS section.
With policy based routing turned off the WG becomes the default and ipleak.net shows the same IP for both IPV4 and DNS server. However, as soon as I turn policy based routing on, the DNS server mentioned on ipleak.net changes and DNS requests are no longer routed over WG both for IPs within and outside of the policy based routing rules.
How do I route all VPN DNS requests through the WG tunnel (as long as the tunnel is up, I only need a killswitch for certain IPs and do this through firewall rules) and have the IPs outside of the tunnel get DNS from WAN (or VPN as well if it is easier)?