My Firewall has two gateways. WAN_Wireguard going out in Sweden, and my native WAN. I’ve Unbound setup to ahead particular queries to DNSMasq, which then populates an alias of ips for these websites. Normally, it really works completely wonderful, and thru my firewall guidelines routes these websites out by means of my WAN, whereas the whole lot else defaults to going out by means of WAN_Wireguard. However, occasionally it doesn’t.
I would nonetheless be going out by means of WAN, however I am going out with the ip for the international website occasionally. If I do a tracepath I am going to sometimes get the route originating in Sweden, and never the US. Normally, ready a couple of minutes or disconnecting and reconnecting my laptop to the community fixes the problem. I may even go to the identical website in numerous browsers, and I am going to get the American website on Mozilla, and the international website on Courageous. As soon as I get the American website it by no means switches again till I reboot the firewall.
What I am doing relies on this. I am doing this by saving a config to /usr/native/and so on/dnsmasq.conf.d/dnsmasq-ipset.conf
ipset=/example-USA.com/clearnet
no-resolv
server=1.1.1.1
After getting the ip I take advantage of a rule on my lan to ship all ips in that alias out by means of the WAN, and something not in there goes out by means of WAN_Wireguard.
I’ve two DoT DNSes setup with one used completely for queries routed to dnsmasq, whereas the opposite is simply utilized by Unbound. Anybody know what is likely to be inflicting the firewall to attach me to the fallacious website occasionally? How may I’m going about making this extra constant.
I suppose I may override the the international websites to level to the US equal. However, I am not all the time getting redirected to a unique area identify. How may I make the habits extra constant?