DomainVPNRouting Domain VPN Routing v3.0.6 ***Release***

[Ranger802004]

***v3.1.0-beta3 has been released to the beta channel***

Release Notes:
v3.1.0-beta3 - 04/08/2025
Enhancements:
- Added functionality to cache ASN IP Subnets for faster restoration from reboot or service restart. This can be enabled or disabled via the ASNCACHE configuration option. Default: Disabled
- ASN queries will now check existing IPSets for IP Subnets that are no longer applicable to the ASN and remove them.
- New configuration options to enable DNS-over-TLS for an interface if a custom DNS Server is configured for it, the options in the configuration menu will become displayed when a DNS Server is configured. DoT requires dig to be installed to function properly.

Fixes:
- Fixed an issue when Domain VPN Routing is getting system parameters it was not applying the boot delay timer configuration.
- Fixed an issue where dig,jq,python3 packages were being checked before Entware was mounted. Will now continue to check if Entware is mounted if Entware is detected as being installed until it times out after 30 checks.

 

[Ranger802004]

@Ranger802004 Which policy takes priority over which policy? I just wanted to validate this with you. I added an ASN to the WAN policy (it's a massive amount of IP's), however, a subset of those domains I wanted to route over VPN, so added those to my "Inside" Policy. I did a tracepath (yes, entware package, not tracert) to a URL and it went over WAN as expected, then did a tracepath to another known URL under the same ASN, and it behaved correctly to go through VPN. Can you please confirm? I know these update every 15 minutes via cron, but just want to seek your insights on normal behaviour and if there might be any leakage?

Thanks again for all of your work on this!

The priority is interface based with the following hardcoded values. I'm not opposed to adding logic for customizing the priorities, it's just never been requested but the request can be made via GitHub.

WAN (Single WAN): 150
WAN0/WAN1 (Dual WAN): 150
OVPNC1: 1000
OVPNC2: 2000
OVPNC3: 3000
OVPNC4: 4000
OVPNC5: 5000
WGC1: 6000
WGC2: 7000
WGC3: 8000
WGC4: 9000
WGC5: 10000

 

[iTyPsIDg]

If @js28194 makes the Github request, please let us know. I would like to follow the request. I prefer my WireGuard policy have precedence over my OpenVPN policies due to performance.

 

[js28194]

I created a new "issue" on github referencing this thread. I hope I explained myself correctly though.