M. Dietrich mdt at
Thu Jan 18 15:44:38 CET 2018

Quotation from Jason A. Donenfeld at Januar 18, 2018 15:20:
> On Thu, Jan 18, 2018 at 3:11 PM, M. Dietrich <mdt at> wrote:
>> why is "tun." prepended?
> To hack around incompetence on the part of Debian. They order entries
> based on the device prefix.

that is what i wanted to work around with my script. it just
checks if the given nameserver is current and applies it. i
found my script called even when in a vpn for the outer
network - that nameserver should never applied.

my check is if the interface is the one of the default route.
only in that case the nameserver will be applied.

> If you have something custom going on, use PostUp/PostDown or
> PreUp/PreDown to call your custom script, instead of using DNS=.

ok. probably the most pragmatic thing to do.

>> the command is issued before the routing is configured.
>> shouldnt the DNS configuration be applied after routing
>> changes?
> I can reason about it in both directions. What's your intuition lead
> you to the _after_ choice?

the defaultroutecheck will fail anyway with your suggestion so
it's not that important anyore. i just thought it's the
natural flow as you need a route to use dns (and i still would
prefere to use DNS= instead of PreUp ;) ).

M. Dietrich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <>

More information about the WireGuard mailing list