Hey there!
I try to understand, if I can make my connection a little bit better.
So the 1. step, to check the DNS resolving.
If I give no setting for DNS on the wireguard client, I get the DNS of my IPS. The setting within Brume2 for DNS doesn’t take effect. Why?
Cheers
glineter
So it sounds like you’re using ‘Classic DNS’ (read: unencrypted, insecure, subject to MITM attacks like TunnelCrack). Try DoH or DoT; that’ll push all DNS thru the WG tunnel. DoH is preferable if you know you’re going to be using hostile networks (eg: hotel/coffee shop wifi) as DoT requires port 853 to be open… which may/may not be blocked.
Define ‘better.’ Cloudflare is damn fast but is USA-based. They state they hold logs for 25 hrs per their TOS. That may be important to you given one’s comfort with a corpo & privacy.
that’s another topic.
Do somebody has an answer to my question?
I am not sure if I understand your question at all.
Maybe you can clarify what you think the problem is?
VPN-DNS will always be prioritized. So no given DNS means that the default ISP DNS should be used.
I set my internal pihole as DNS in Brume2, but it doesn’t take effect, if I just connect with wireguard without setting DNS. In that case it takes just the ISP DNS, although the pihole-DNS is set within Brume2.