Using hostnames in whole network

What I just figured out:
When I change the VPN policy from “defined by MAC address” to “global proxy” it is also working.
But actually I don’t want to route every traffic via VPN but just defined devices.

Network1 ( Internet - GL iNet Router - LAN
VPN: GL-iNet Router - Any OpenVPN Endpoint
Network2: Any OpenVPN Endpoint

I know OpenWrt could do this by manual configuration of the routes, but I am not sure if GL-iNet is the right choice here.
My GL-iNet travel router providing a secure route for all clients to a defined VPN Endpoint. As the Endpoint is at my home and I am allowing the VPN to access the LAN, the DNS (not on the router, it is a bigger solution in a VM) within my LAN can handle all requests.

The difference is, that all DNS and networking is handled at the VPN server side. As far as I can read, you want to make a VPN client as server. Not impossible, but I am out here.

You may have stumbled on a bug. Post your device model, firmware version & ping @hansome .

GL GUI → System → Upgrade → Local Upgrade

Device: GL-AX1800
Firmware: 4.4.6, release 1

This is indeed an issue, the dns traffic for devices not using VPN will be redirected to upstream DNS server which will not know what the local domain is like.
We need to implement a new method for DNS traffic separation.

OK … thanks for the feedback.
If you have a fix to test just let me know.
Would really love to be able to use this functionality


Have you just considered updating the DNS side of the GL GUI to all handle it all by dnscrypt-proxy2? It plays very nicely w/ dnsmasq-full… & will allow you to finally dump stubby. It’d be nice to have the GUI handle user-defined .toml confs too (eg: Quad9).

Here’s the HOW-TO I followed on a Flint (GL-AX1800) w/ f/w 4.4.6-release1 & a Certa (GL-AR750), f/w 4.3.7-release4:

1 Like

dnscrypt-proxy2 is relatively big. We have it builtin if the device storage and RAM are enough.

We’ll check if it’s possible.

1 Like

Yeah, I could see that being an issue. I happen to run extroot on my Certa (GL-AR750). One LAN client w/ dnscrypt-proxy2 takes 15.6 MB RAM. The Flint (GL-AX1800) in the same scenario is 13.5 MB. Both device’s firmware are current stable builds.