Troubleshooting DNS Leak: Running Out of Options

h2oboy

Hi Everyone,

I configured Wireguard as a client and have been trying to send the DNS traffic through the VPN tunnel, with zero success :-/.

I need to use the Custom Options in the DNS Resolver since I use multiple DNS for other interfaces. It seems that once I use the Custom Options in the DNS, it’s not possible to enable forwarding mode, so foward mode is not an option.
The following configuration can select the expected DNS, but when the view is set to "wgvpn," the DNS goes down.

I tried using NAT forwarding to forward ports 53 and 853 with no luck. I’m not sure what else to try.

Thank you for your help

server:
  verbosity: 3
  # Use specific DNS servers
  access-control-view: 10.25.25.0/24 firstdns
  access-control-view: 10.2.0.2/32 wgvpn

view:
  name: "firstdns"
  # local-zone: "internal.local." static
  forward-zone:
    name: "."
    forward-tls-upstream: yes
    forward-addr: 45.90.33.0

view:
  name: "wgvpn"
  forward-zone:
    name: "."
    forward-tls-upstream: yes
    # Wireguard DNS
    forward-addr: 10.2.0.1

server:include: /var/unbound/pfb_dnsbl.*conf

h2oboy

I forgot to mention that I used https://dnsleaktest.com to test for DNS leaks and configured the browser to use my default resolver.