I tested VPN DNS is working for 4.7.2-0308, can you check by command if dnsmasq bootstrap correctly?
root@GL-SFT1200:~# ps w|grep dnsmasq
14990 dnsmasq 2936 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
14999 root 2864 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
15031 root 2844 S /usr/sbin/dnsmasq -C /etc/dnsmasq.conf.vpn -x /var/run/dnsmasq/dnsmasq.vpn.pid --server=209.244.0.3 --ser
15032 root 2840 S /usr/sbin/dnsmasq -C /etc/dnsmasq.conf.vpn -x /var/run/dnsmasq/dnsmasq.vpn.pid --server=209.244.0.3 --ser
20854 root 1352 S grep dnsmasq
root@GL-SFT1200:~#
root@GL-SFT1200:~#
root@GL-SFT1200:~# cat /etc/version.date
2025-03-08 17:53:01
root@GL-SFT1200:~#
root@GL-SFT1200:~# cat /etc/glversion
4.7.2
root@GL-SFT1200:~#
4.3.24:
root@GL-SFT1200:~# ps w|grep dnsmasq
5171 dnsmasq 2936 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
5176 root 2864 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
14712 root 1352 S grep dnsmasq
root@GL-SFT1200:~# cat /etc/version.date
2025-01-15 21:27:24
root@GL-SFT1200:~# cat /etc/glversion
4.3.24
4.7.2 0308
root@GL-SFT1200:~# ps w|grep dnsmasq
4141 root 2844 S /usr/sbin/dnsmasq -C /etc/dnsmasq.conf.vpn -x /var/run/dnsmasq/dnsmasq.vpn.pid --server=10.243.153.1 --no
4143 root 2840 S /usr/sbin/dnsmasq -C /etc/dnsmasq.conf.vpn -x /var/run/dnsmasq/dnsmasq.vpn.pid --server=10.243.153.1 --no
5897 dnsmasq 2936 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
5901 root 2864 S /usr/sbin/dnsmasq -C /var/etc/dnsmasq.conf.cfg01411c -k -x /var/run/dnsmasq/dnsmasq.cfg01411c.pid
7709 root 1352 S grep dnsmasq
root@GL-SFT1200:~# cat /etc/version.date
2025-03-08 17:53:01
root@GL-SFT1200:~# cat /etc/glversion
4.7.2
Downgrading back to 4.3.24 as all DNS traffic is not routing over the VPN
@hansome I run a pivpn pihole over on a racknerd server, so I have full query logs from the dns server end.
When the sft1200 is running 4.7.2 I never see a single dns entry.
When the sft1200 is running 4.3.24, I see every dns entry.
Same OpenVPN configuration on both firmwares.
you must cancel 6th line and it works
i've the same problem on marble
but is that not crackers, to have to remove something from stock firmware that GL have tested before release?
The log looks okay. I don't know what caused the issue. Do you use adguardhome or encrypt DNS?
I confirmed again the vpn dns is working.
@hansome AGH does not work on the Opal, I do not use encrypt DNS.
This is not a wireguard vpn, this is an OpenVPN connection.
let me know if you want a client configuration to test with
@hansome do you want me to send if to the support email address or over the discord?
Meanwhile 4.3.25 is out:
https://dl.gl-inet.com/release/router/release/sft1200/4.3.25
Moving to 4.3.25 as security issues have been fixed, shall await a new 4.7 release with the security issues fixed.