• catloaf@lemm.eeEnglish
    2 years

    In what way is it not working?

    I suppose you could create a stub zone in unbound with the NS record set to the home DNS server. As long as routing is working correctly, you shouldn’t need to specify an interface.

    If that doesn’t work, maybe try a different DNS server with more powerful configuration.

    • Prison Mike@links.hackliberty.orgEnglish
      2 years

      The problem is I need Unbound to send queries via one network interface (the VPN) while the specific zone needs to be routed through another.

      • catloaf@lemm.eeEnglish
        2 years

        Is this a response to my question or suggestions, or are you just restating your original post? I understood your scenario just fine.

  • just_another_person@lemmy.worldBanned from communityEnglish
    2 years

    This is a very confusing setup, and I’m not sure what the intent or end goal is here, but it sounds like you just want split-tunneling for a specific subnet that puts traffic where you want it to go.

    The problem with this is that you need something specific to differentiate traffic because source won’t be enough: DNS, IP subnet, origin port…etc. VLANs won’t work with Wireguard, and I’m not sure you want to go down the rabbit hole of trying to tag other traffic if youre not sure what it is.

    • Prison Mike@links.hackliberty.orgEnglish
      2 years

      I’m almost at the point where I want to create a virtual interface that just has rules that say “if going to 192.168.143.1 use /dev/tailscale0” and then have a default route to /dev/wg0.

      I’m not a professional but my current Tailscale + VPN setup has been extremely nice for the past year.

      • just_another_person@lemmy.worldBanned from communityEnglish
        2 years

        You’re describing split tunneling. If you’re unfamiliar, just look it up. It’s how most VPNs in workplaces are deployed when you only want specific access to specific things. Just need to change the route rules in your Wireguard config, and set the correct forwarding.

        • Prison Mike@links.hackliberty.orgEnglish
          2 years

          I know what split tunneling is, but I have my routing set up exactly as I’d like.

          The issue here is that Unbound seems unable to send queries to one forwarding zone using a specific interface/IP address and sending queries to a second forwarding zone using a completely different interface/IP address.

          • just_another_person@lemmy.worldBanned from communityEnglish
            2 years

            How would it know what to send? Why are you bothering if Unbound if you know how all the networking works?