Android doesn’t let me add an IP address under private DNS, it needs to be a domain (like dns.quad9.net rather than 9.9.9.9).
I tried adding a quick DuckDNS domain to my reverse proxy towards port 53, where Unbound is listening. It works, as in I can nslookup using the DuckDNS domain on my desktop (or on my phone when not connected to Wireguard) but if I try to set that domain as my private DNS on Android it says it can’t connect, whether or not I’m on my VPN.
Okay, let me just clarify some stuff here because your language has been confusing.
You’re using a “VPN”, but on a local network. When you say “VPN”, people assume mean you’re using a client to a remote location. That’s super confusing.
For what you’re trying to do you don’t even need WG unless you mean to use your DNS server from elsewhere.
Please clarify these two things, but I think you’re just complicating a simple setup for an ad blocking DNS server somehow, right?
The reason for the VPN is to have access to my Unbound DNS on my phone from anywhere, not only my local network. If I just wanted to configure the DNS on my local network, I’d set up static IP for my network in Android’s settings and input the DNS server manually. This works fine when I set it up, but like I said I want to use Unbound on my phone anywhere via Wireguard.
I’m not sure what’s the second thing you want me to clarify! Sorry for the confusion, I appreciate you trying to help out :)
I could do that, but I want to avoid opening ports on my router’s firewall apart from the one necessary for Wireguard. I can access all my other stuff through Wireguard, but I can’t wrap my head around why it seemingly can’t access Unbound on the local host.
Well that’s how the Internet works, bud. You’re opening a port for WG to start. Either make that work and correct your routing, or find another solution.
You’re not going to be stealthy by making this overcomplicated. You’re just adding extra steps. You don’t want to use DHCP to its benefits locally, and you don’t wantbto open ports…what magic do you want to happen here?
I’d rather not open ports I don’t have to. I don’t see why I’d have to open a port when Unbound works on my local network and I have access to my local network via Wireguard. I can access a whole slew of services through that one Wireguard port, why wouldn’t Unbound work?
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
Android doesn’t let me add an IP address under private DNS, it needs to be a domain (like dns.quad9.net rather than 9.9.9.9).
I tried adding a quick DuckDNS domain to my reverse proxy towards port 53, where Unbound is listening. It works, as in I can nslookup using the DuckDNS domain on my desktop (or on my phone when not connected to Wireguard) but if I try to set that domain as my private DNS on Android it says it can’t connect, whether or not I’m on my VPN.
Okay, let me just clarify some stuff here because your language has been confusing.
You’re using a “VPN”, but on a local network. When you say “VPN”, people assume mean you’re using a client to a remote location. That’s super confusing.
For what you’re trying to do you don’t even need WG unless you mean to use your DNS server from elsewhere.
Please clarify these two things, but I think you’re just complicating a simple setup for an ad blocking DNS server somehow, right?
The reason for the VPN is to have access to my Unbound DNS on my phone from anywhere, not only my local network. If I just wanted to configure the DNS on my local network, I’d set up static IP for my network in Android’s settings and input the DNS server manually. This works fine when I set it up, but like I said I want to use Unbound on my phone anywhere via Wireguard.
I’m not sure what’s the second thing you want me to clarify! Sorry for the confusion, I appreciate you trying to help out :)
So then just open the Unbound server to the internet, assign a hostname to it, and use it. Simple.
I could do that, but I want to avoid opening ports on my router’s firewall apart from the one necessary for Wireguard. I can access all my other stuff through Wireguard, but I can’t wrap my head around why it seemingly can’t access Unbound on the local host.
Well that’s how the Internet works, bud. You’re opening a port for WG to start. Either make that work and correct your routing, or find another solution.
You’re not going to be stealthy by making this overcomplicated. You’re just adding extra steps. You don’t want to use DHCP to its benefits locally, and you don’t wantbto open ports…what magic do you want to happen here?
I’d rather not open ports I don’t have to. I don’t see why I’d have to open a port when Unbound works on my local network and I have access to my local network via Wireguard. I can access a whole slew of services through that one Wireguard port, why wouldn’t Unbound work?
Thanks anyway for trying to help, bud.
Well again, that’s not how the Internet works.