Hi dkg, Sorry for the long delay.
Case: Clients that I have (laptops, routers) which connects with the main site needs a DNS. To resolv centra servers the clients must access the central DNS (there is no distributed DNS). To accomplish this I add the "DNS = 192.168.4.1" option to the wg0.conf file. Running wq-quick results in 'resolvconf: command not found'. Installing resolvconf make things work. But ..... if wireguard is not started (laptops), resolvconf will bite me. DNS options received from DHCP-servers will not work in some cases. How did I resolv this? On laptops I imported the wg0.conf (with DNS) into Network-manager and start the VPN with 'nmcli'. This works ok. Agree that resolvconf is not working optimal in some cases. For now wq-quick cannot handle the DNS option (not tested is the last versions), but I have a workaround. If resolvectl is symlinked to resolvconf this also should work. But the symlinked is not on my system. Even with resolvectl available. Greetings, Willem > Hi Willem--On Wed 2019-06-19 15:01:53 +0200, Willem van den Akker > wrote: > > Add resolvconf as an optional dependency. > > If the DNS option is used in the config file and resolvconf is not > installed > > wg-quick will return an > > error and the interface is not created. > > > > [#] ip link add wg0 type wireguard > > [#] wg setconf wg0 /dev/fd/63 > > [#] ip -4 address add 192.168.3.21/32 dev wg0 > > [#] ip link set mtu 1420 up dev wg0 > > [#] resolvconf -a wg0 -m 0 -x > > /usr/bin/wg-quick: line 31: resolvconf: command not found > > [#] ip link delete dev wg0 > Thanks for this suggestion! I'm willing to update the Suggests: of > the > wireguard package if i understand more about what actually works in > this > case. > Are you certain that debian's resolvconf will work for > this? Upstream > has complained in the past about debian's implementation of > resolvconf > being broken (iirc, about the -x flag, but i'm not sure). Would > openresolv's resolvconf be better? > What about when resolvectl(1) from systemd is symlinked as resolvconf > (see the resolvectl man page for more details) -- would that be > preferable? according to its documentation, it has partial support > for > -x, plausible support for -a, and silently ignores -m. is that > sufficient? > If that's ok, maybe there are other adjustments we can make > so that it integrates nicely with systemd-resolved.More details about > what > > configurations you've tested and how well they > work to do what you expect from wg-quick would help me understand how > to > make this system integration work better for you.all the best, > --dkg
