Defaultroutepiercing
M. Dietrich
mdt at emdete.de
Thu Jan 18 15:44:38 CET 2018
Quotation from Jason A. Donenfeld at Januar 18, 2018 15:20:
> On Thu, Jan 18, 2018 at 3:11 PM, M. Dietrich <mdt at emdete.de> wrote:
>> why is "tun." prepended?
> To hack around incompetence on the part of Debian. They order entries
> based on the device prefix.
that is what i wanted to work around with my script. it just
checks if the given nameserver is current and applies it. i
found my script called even when in a vpn for the outer
network - that nameserver should never applied.
my check is if the interface is the one of the default route.
only in that case the nameserver will be applied.
> If you have something custom going on, use PostUp/PostDown or
> PreUp/PreDown to call your custom script, instead of using DNS=.
ok. probably the most pragmatic thing to do.
>> the command is issued before the routing is configured.
>> shouldnt the DNS configuration be applied after routing
>> changes?
> I can reason about it in both directions. What's your intuition lead
> you to the _after_ choice?
the defaultroutecheck will fail anyway with your suggestion so
it's not that important anyore. i just thought it's the
natural flow as you need a route to use dns (and i still would
prefere to use DNS= instead of PreUp ;) ).
M. Dietrich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20180118/86311cf5/attachment.asc>
More information about the WireGuard
mailing list