Re: Rdomains

Sun, 22 Feb 2026 04:50:53 -0800 

Hey John,

On Sun, Feb 22, 2026 at 03:54:55AM +0000, bios_23498234908 wrote:
> Warning: `/home/xyz/Public/wg-NL-FREE-127.conf' is world accessible
> [#] ifconfig wg0 create description wg-quick: wg-NL-FREE-127
> [#] wg setconf wg0 /dev/fd/63
> [#] ifconfig wg0 inet 10.2.0.2/32 alias
> [#] ifconfig wg0 mtu 1420
> [#] ifconfig wg0 up
> [!] WARNING: resolvd may leak DNS queries
> [#] cp /etc/resolv.conf /etc/resolv.conf.wg-quick-backup.wg-NL-FREE-127
> [#] route -q -n add -inet 0.0.0.0/1 -iface 10.2.0.2
> [#] route -q -n add -inet 128.0.0.0/1 -iface 10.2.0.2
> [#] route -q -n delete -inet 185.107.56.75
> [#] route -q -n add -inet 185.107.56.75 -gateway 192.168.1.1
> [+] Backgrounding route monitor
> 
> ifconfig iwm0 rdomain 1
> ifconfig lo1 inet 127.0.0.1/8
> ifconfig iwm0 192.168.1.100/24
> route -T1 -qn add -net 127 127.0.0.1 -reject
> route -T1 -n add default 192.168.1.1
> 
> iwm0 rdomain 1
> wg0 rdomain 0
> 
> route -T1 exec chrome works with openvpn
> but I cannot get any internet connectivity on rdomain 0 using wireguard.
> I was hoping for your help.
> 
> Grateful for any help
> John

I don't use wg-quick, but plain /etc/hostname.wgN files. In my
particular setup, wg2 is in rdomain 2, and rdomain 1 is the one where I
have clearnet connectivity. My rdomain 1 device is iwx0, which is
configured like this:

        $ cat /etc/hostname.iwx0
        rdomain 1
        inet autoconf
        inet6 autoconf
        up

        # [...wireless credentials...]

My wg2 is configured like this:

        $ cat /etc/hostname.wg2
        rdomain 2
        up

        inet 192.168.10.1/24
        inet6 fdd2:1c5e:2308:ea00:fce1:baff:fed1:3494/56
        wgrtable 1
        wgkey eBWxR4/pJSdgi1y2RY/B8jOeg/AjzSSkdMcyhV1FiUs= wgport 3846

        !route -q -T2 add default 192.168.10.1
        !route -q -T2 add -inet6 default fdd2:1c5e:2308:ea00:fce1:baff:fed0:9803

        wgpeer 7DHbEYMg3Hmwvm0gFM9TX4YLgQc8tCe19iflgRO30qY= wgaip 0.0.0.0/0 
wgaip ::/0 wgendpoint 192.0.2.1 14314 wgpsk 
UiavXS2yoVUtD2j73mg15TBipamADpwUFHmuBoZZVRw= wgpka 25

I believe the important part you're missing is having something similar
to "wgrtable 1" in the file for wg-quick. That tells the wireguard stack
which rdomain to use to negotiate the encrypted traffic.

        Lucas
  • Rdomains bios_23498234908
    • Re: Rdomains Lucas Gabriel Vuotto

Reply via email to