Menu
What's new
By:
Filters Better Search

local DNS for site to site VPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

That's good news (and a relief)! Was it tun11?

I can't think of a good way of both sides being part of the same domain without additional servers and running different DNS software. But the main problem is that the whole thing falls apart when the VPN link goes down, unless you cluster the DNS servers. That's probably too complex and expensive for a home setup.

Your idea of appending suffixes is probably the way to go. I remember we used to do that with Windows PC's on a corporate network. You can set the "Append these DNS suffixes" in the IPv4 Advanced IP Settings tab. This worked well because the PC's were locked down and the settings pushed out by a Group Policy. Off the top of my head I don't know whether the same can be achieved with dnsmasq on the router - Let me think about that one.
 
Sorry, I haven't been able to think of a better solution. DHCP can't push out a domain search order to Windows PC's.

If you don't have many PC's you could set the search order manually on each one. But if you ever changed a LAN domain name you'd have to remember to change all the PC's as well.

Untitled.png
 
Yes it was tun11 that fixed it.

I've been looking at this all night too, seeing if there was a way to push the dns suffix using dhcp-option 015, 135 and I think 119, but they are not picked up by Windows it seems.

Another option I was seeing, I'm starting to see the role of dnsmasq, it seems there is a way to add search domains on the server side (router) using dhclient.conf of resolve.conf, i'm still reading up and testing a few options. Do you have any on server side options?
 
Yes I thought about resolv.conf but it doesn't help. In the Unix world the "search" settings in resolv.conf would be the equiveilent of Windows' DNS Suffix Search List. But both are options used by DNS clients. So if you had multiple search domains in resolv.conf nslookups should work from the router's command line but that doesn't apply to clients on the LAN querying dnsmasq. dnsmasq doesn't normally process the search settings, and if you force it to it ignores all but the first domain.

dhclient.conf is not used by dnsmasq, only ISC DHCP Client.
 
You must log in or register to reply here.

Similar threads

N
Wireguard Site to Site problem with clients
Replies
11
Views
740
ZebMcKayhan
Z
T
Wireguard Client VPN not using DNS
Replies
14
Views
733
Tom Jo-Jo Junior Shabadoo
Tom Jo-Jo Junior Shabadoo
johndoe85
VPN site to site with additional VPN client to hide IP
Replies
14
Views
1K
johndoe85
johndoe85
V
Local system fails to register address with DNS server
Replies
5
Views
436
RMerlin
RMerlin
hedeon
change .local domain to something else
Replies
7
Views
1K
sfx2000
sfx2000
Similar threads
Thread starter Title Forum Replies Date
V Local system fails to register address with DNS server Asuswrt-Merlin 5
U Solved Reverse DNS for local IP's. Asuswrt-Merlin 2
L Local domain queries are still forwarded to upstream DNS even though the setting is No Asuswrt-Merlin 5
icanfly DNS fails for local devices when there is no WAN! Asuswrt-Merlin 2
D Solved Local DNS and VPN Clients Asuswrt-Merlin 1
J pros and cons for the two common DNS setups for a local adblocker - adguard home Asuswrt-Merlin 25
E PSA: Check your local DST settings for accuracy Asuswrt-Merlin 0
N OpenVPN - Local Access on a DDNS to forwarded ports. Asuswrt-Merlin 1
postoronnim-v How to prevent WireGuard VPN server clients from accessing the local network (allow only Internet access)? Asuswrt-Merlin 18
XxUnkn0wnxX Proper dnsmasq config for local resolver? Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 670 (members: 28, guests: 642)
Top