I connect to a WireGuard installed on my VPS. Then I go to a random VPN service marketing page on which I’ll discover that my DNS leaks. And which is correct because I’ve specified DNS = 1.1.1.1 in [Interface] for all the Peers.

In order to avoid DNS leakadge, do I have to a) run DNS server on the a VPS – along with WireGuard, and b) use this one and only it, instead of 1.1.1.1?


But if so, how will this possibly work?

[Peer]
PublicKey = [....;....]
PresharedKey = [......]
Endpoint = wg.my_domain123.com:51820

In order to resolve Endpoint of my VPS to begin with, other DNS server will have to be used – by IP. But there’ll be none because I’ll use a DNS on my VPS instead of 1.1.1.1. In other words, it’ll be a circular dependency.

    • @salvadorOP
      link
      -5
      edit-2
      1 year ago

      You’ve assumed that my VPS has a DNS server installed on it. Why?

      • @[email protected]
        link
        fedilink
        2
        edit-2
        1 year ago

        Use the IP address of your vps instead of a domain name for the wireguard config.

        Edit:
        Just to make this absolutely clear and remove all doubt.
        If wireguard is trying to connect using a domain name, the domain name will need to be resolved, which will likely require initial DNS queries to establish the IP address behind the domain name.

        If you configure wireguard to connect directly to the IP address of the VPS, there is no need for a DNS lookup.

        So no, I’m not assuming your VPS is running a DNS.
        Wind your neck in before you embarrass yourself.

        • @salvadorOP
          link
          01 year ago

          Even if I I used an IP of my VPS server to connect to it, how will a client be resolving websites afterwards? You idiot.

          • @[email protected]
            link
            fedilink
            2
            edit-2
            1 year ago

            Using a DNS server, somewhere. Unless you manually gather the required IP addresses of whatever services you want and build up a hosts file, like how the original ARPANET worked.

            The requests will come from somewhere and go somewhere. There is not magic “you don’t see me” domain resolution system. Even DoH or DoT, you have to trust the resolving server isn’t going to track you.
            Whether that request is to a DNS server you run on an IP linked to you (which will recursively resolve any uncached domains), or from the gateway of your VPN to a DNS server you do not run… It’s always going to come back to an IP address of a VPS that is linked to you.

            I don’t get what you are trying to do, you haven’t explained it well, and your being hostile as fuck all over the thread.

            If you really want anonymity, use TOR?
            Other than whatever-the-CIA/NSA/MI5/MI6/5-eyes is doing with timing attacks and their own relay/exit nodes, that’s about as anonymous as you can get

            • @salvadorOP
              link
              -31 year ago

              You’ll be learning soon what I’m up to, you stupid fuck. Soooooonnn. Ahhhaaahhhaaa

              • @[email protected]
                link
                fedilink
                2
                edit-2
                1 year ago

                Bruh after scrolling through your comments for entertainment value, I had to stop by and personally talk shit-

                You are by no means intelligent enough to be any kind of threatening. Stop making a fool of yourself.

                Or continue. It’s honestly funny.

                I will take no further questions.