Add local DNS forwarder to Windows client

Matthias Urlichs matthias at
Sun Nov 15 22:10:34 CET 2020

On 15.11.20 19:42, Yves Goergen wrote:
> This reality includes host names like "pc1" and "pc2" in one LAN and
> "pc3" and "pc4" in the other LAN.

So you need a DNS proxy that knows about stripping .one.lan and .two.lan 
suffixes from your host names before forwarding the request to the 
requisite DNS server. Or one that asks both and merges the replies. None 
of this is in any way difficult to code, or indeed specific to Wireguard.

Also, why would you want to reconfigure your DNS proxy whenever the 
tunnel state changes? The proxy either gets an answer or it doesn't (or 
it gets a ICMP Unreachable back). If not, the tunnel is down, either 
because the other end is temporarily unreachable or because you tore 
down the tunnel. No reconfiguration required, simply react to timeouts 
and ICMPs / EHOSTUNREACH (or whatever the Windows equivalent is) as 

-- Matthias Urlichs

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x72CF8E5E25B4C293_and_old_rev.asc
Type: application/pgp-keys
Size: 47791 bytes
Desc: not available
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the WireGuard mailing list