<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><div class=""><span></span>
</div>
<br class=""><div><blockquote type="cite" class=""><div class="">Am 06.05.2019 um 22:39 schrieb <a href="mailto:wireguard-request@lists.zx2c4.com" class="">wireguard-request@lists.zx2c4.com</a>:</div><br class="Apple-interchange-newline"><div class=""><div class="">Send WireGuard mailing list submissions to<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><a href="mailto:wireguard@lists.zx2c4.com" class="">wireguard@lists.zx2c4.com</a><br class=""><br class="">To subscribe or unsubscribe via the World Wide Web, visit<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>https://lists.zx2c4.com/mailman/listinfo/wireguard<br class="">or, via email, send a message with subject or body 'help' to<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>wireguard-request@lists.zx2c4.com<br class=""><br class="">You can reach the person managing the list at<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>wireguard-owner@lists.zx2c4.com<br class=""><br class="">When replying, please edit your Subject line so it is more specific<br class="">than "Re: Contents of WireGuard digest..."<br class=""><br class=""><br class="">Today's Topics:<br class=""><br class=""> 1. MacOS client with local DNS resolver (Peter Baumgartner)<br class=""> 2. Request to change IPv4 preference - mobile apps (Will Tisdale)<br class=""> 3. WireGuard Android kernel module+gnirehtet? (steamport)<br class=""> 4. DNS on macos (Illule)<br class=""> 5. Deploy a wireguard on 2 raspberry pi to connect 2 remote lan<br class=""> - Lan2Lan (Paulo Lopes)<br class=""><br class=""><br class="">----------------------------------------------------------------------<br class=""><br class="">Message: 1<br class="">Date: Fri, 12 Apr 2019 12:07:28 -0600<br class="">From: Peter Baumgartner <pete@lincolnloop.com><br class="">To: wireguard@lists.zx2c4.com<br class="">Subject: MacOS client with local DNS resolver<br class="">Message-ID:<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><CAC6K9z=3D=xMwTBRf3sA_5=OKR2R8o6aRa3JedGxzxVEzn-+Bw@mail.gmail.com><br class="">Content-Type: text/plain; charset="UTF-8"<br class=""><br class="">I'm using the official Mac GUI client (version 0.0.20190409) and am<br class="">having troubles with DNS after connection. I use a local DNS resolver,<br class="">so I have my DNS manually set to 127.0.0.1 on the network interface:<br class=""><br class=""> $ scutil --dns | grep scoped -A50<br class=""> DNS configuration (for scoped queries)<br class=""><br class=""> resolver #1<br class=""> nameserver[0] : 127.0.0.1<br class=""> if_index : 8 (en0)<br class=""> flags : Scoped, Request A records, Request AAAA records<br class=""> reach : 0x00030002 (Reachable,Local Address,Directly Reachable Address)<br class=""><br class="">Once I activate a Wireguard tunnel, the resolvers are updated to the<br class="">IP of my Wireguard server:<br class=""><br class=""> $ scutil --dns | grep scoped -A50<br class=""> DNS configuration (for scoped queries)<br class=""><br class=""> resolver #1<br class=""> nameserver[0] : 10.0.77.1<br class=""> if_index : 8 (en0)<br class=""> flags : Scoped, Request A records<br class=""> reach : 0x00000002 (Reachable)<br class=""><br class=""> resolver #2<br class=""> nameserver[0] : 10.0.77.1<br class=""> if_index : 19 (utun2)<br class=""> flags : Scoped, Request A records<br class=""> reach : 0x00000003 (Reachable,Transient Connection)<br class=""><br class="">Setting `DNS = 127.0.0.1` on the [Interface] section for my client has<br class="">no effect.<br class=""><br class="">How can I activate the tunnel, but keep my DNS resolver as 127.0.0.1?<br class=""><br class=""><br class="">------------------------------<br class=""><br class="">Message: 2<br class="">Date: Sun, 14 Apr 2019 18:17:04 +0100<br class="">From: Will Tisdale <will@z3n.uk><br class="">To: wireguard@lists.zx2c4.com<br class="">Subject: Request to change IPv4 preference - mobile apps<br class="">Message-ID:<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><CAFWLA-XbDKtYHib8G2ujk7E+fsuPco9uX9NvPsu35Dd_HxVGyA@mail.gmail.com><br class="">Content-Type: text/plain; charset="UTF-8"<br class=""><br class="">Hello,<br class=""><br class="">I sent a message to the list about weirdness with IPv4 being preferred<br class="">over IPv6 in the iOS app a few days ago, but it didn't get there for<br class="">whatever reason.<br class=""><br class="">I've since done a bit of digging through the code and found that<br class="">preferring IPv4 is intentional, and it's also implemented that way on<br class="">the Android app too.<br class=""><br class="">It seems a shame to hobble native IPv6 support for everyone just to<br class="">work around some peoples misconfigured setups.<br class=""><br class="">My suggestion/request would be to change the apps to prefer IPv6 as<br class="">default, but add a switch to the apps to disable IPv6 or prefer IPv4<br class="">for those with broken setups.<br class=""><br class="">Does that seem reasonable?<br class=""><br class=""><br class="">Cheers,<br class=""><br class=""><br class="">-Will<br class=""><br class=""><br class="">------------------------------<br class=""><br class="">Message: 3<br class="">Date: Thu, 18 Apr 2019 09:47:23 +0000<br class="">From: steamport <steamport@protonmail.com><br class="">To: "wireguard@lists.zx2c4.com" <wireguard@lists.zx2c4.com><br class="">Subject: WireGuard Android kernel module+gnirehtet?<br class="">Message-ID:<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><EwYrrc-xpesfT0VwXUQnoXU-HHmFugo8Pj3MZu7o6nDNgazeJIegFKwyCNXABg4fBvsuTbTwAnEy52gaBLbzckHhOwUaFEFXOQggOQwGYPM=@protonmail.com><br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><br class="">Content-Type: text/plain; charset="utf-8"<br class=""><br class="">Hey, it appears the WireGuard kernel module doesn't work on top of an Android VPN, even if it's a reverse tethering thing like?gnirehtet.<br class=""><br class="">Also sorry if this isn't the proper place to report/say this.<br class=""><br class="">Sent with ProtonMail Secure Email.<br class="">-------------- next part --------------<br class="">An HTML attachment was scrubbed...<br class="">URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.html><br class="">-------------- next part --------------<br class="">A non-text attachment was scrubbed...<br class="">Name: publickey - steamport@protonmail.com - 0x170EF114.asc<br class="">Type: application/pgp-keys<br class="">Size: 678 bytes<br class="">Desc: not available<br class="">URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.key><br class="">-------------- next part --------------<br class="">A non-text attachment was scrubbed...<br class="">Name: signature.asc<br class="">Type: application/pgp-signature<br class="">Size: 249 bytes<br class="">Desc: OpenPGP digital signature<br class="">URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190418/edd46c99/attachment.asc><br class=""><br class="">------------------------------<br class=""><br class="">Message: 4<br class="">Date: Tue, 30 Apr 2019 00:41:14 +0200<br class="">From: Illule <illule@ubstee.fr><br class="">To: wireguard@lists.zx2c4.com<br class="">Subject: DNS on macos<br class="">Message-ID: <8D6A8B89-F86B-4899-92FB-BCA9D455D79C@ubstee.fr><br class="">Content-Type: text/plain;<span class="Apple-tab-span" style="white-space:pre"> </span>charset=utf-8<br class=""><br class="">Hi,<br class=""><br class="">On macos the DNS set by wireguard is used as secondary DNS :<br class="">sudo scutil ?dns returns :<br class="">```<br class="">DNS configuration (for scoped queries)<br class=""><br class="">resolver #1<br class=""> search domain[0] : home<br class=""> nameserver[0] : fe80::924d:4aff:feeb:2eb0%en0<br class=""> nameserver[1] : 192.168.137.1<br class=""> if_index : 8 (en0)<br class=""> flags : Scoped, Request A records, Request AAAA records<br class=""> reach : 0x00020002 (Reachable,Directly Reachable Address)<br class=""><br class="">resolver #2<br class=""> nameserver[0] : 10.137.3.3<br class=""> if_index : 17 (utun1)<br class=""> flags : Scoped, Request A records<br class=""> reach : 0x00000003 (Reachable,Transient Connection)<br class="">```<br class=""><br class="">Is it wanted ? I?d prefer use my personnal DNS as main resolver. Moreover safari seems to being able to use it when a domain is not public but not command like dig.<br class=""><br class="">Best regards,<br class=""><br class="">Illule<br class=""><br class="">------------------------------<br class=""><br class="">Message: 5<br class="">Date: Wed, 1 May 2019 15:19:08 +0000<br class="">From: Paulo Lopes <plopes1960@hotmail.com><br class="">To: "wireguard@lists.zx2c4.com" <wireguard@lists.zx2c4.com><br class="">Subject: Deploy a wireguard on 2 raspberry pi to connect 2 remote lan<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span>- Lan2Lan<br class="">Message-ID:<br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><AM0PR08MB3522DC4AA812C933D8285AFCD43B0@AM0PR08MB3522.eurprd08.prod.outlook.com><br class=""><span class="Apple-tab-span" style="white-space:pre"> </span><br class="">Content-Type: text/plain; charset="utf-8"<br class=""><br class="">Hi all!!!<br class=""><br class="">First, let me thank for the amazing vpn protocol that Wireguard is!!!!<br class=""><br class="">I need your advise. As you can see on the picture attach, I have 2 raspberry pi. One as a vpn server and the other as a vpn client to connect 2 remote Lan.<br class=""><br class="">Can you point me what I need to do, if I want to replace the openvpn for the wireguard?<br class=""><br class="">I can connect 2 rpi with wireguard, but, the others ip machinies on the server and client side can?t see each other.<br class=""><br class="">With openvpn I needed to inser iroute and add a static route on both routers. What I need to with the wireguard?<br class=""><br class="">Once again many tahnks for all the help you can give me?<br class=""><br class="">-------------- next part --------------<br class="">An HTML attachment was scrubbed...<br class="">URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190501/43336e96/attachment.html><br class="">-------------- next part --------------<br class="">A non-text attachment was scrubbed...<br class="">Name: 43065884_1892102284211888_2227626938879442944_n.jpg<br class="">Type: image/jpeg<br class="">Size: 46732 bytes<br class="">Desc: 43065884_1892102284211888_2227626938879442944_n.jpg<br class="">URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190501/43336e96/attachment.jpg><br class=""><br class="">------------------------------<br class=""><br class="">Subject: Digest Footer<br class=""><br class="">_______________________________________________<br class="">WireGuard mailing list<br class="">WireGuard@lists.zx2c4.com<br class="">https://lists.zx2c4.com/mailman/listinfo/wireguard<br class=""><br class=""><br class="">------------------------------<br class=""><br class="">End of WireGuard Digest, Vol 38, Issue 5<br class="">****************************************<br class=""></div></div></blockquote></div><br class=""></div></body></html>