<div dir="ltr"><div style="font-size:small" class="gmail_default">Thanks Chris, that is very helpful.</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">It seems there is a way to do per interface DNS (split DNS) using systemd.</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">Like this:</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default"><span style="font-family:monospace"><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">cat /etc/systemd/network/wg0.network
</span><br>[Match]
<br>Name=wg0
<br>
<br>[Network]
<br>DNS=10.10.0.1
<br>Domains=priv<br></span></div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">Then restart systemd-networkd, then wg-quick</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">When I do this, resolvectl shows:</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default"><span style="font-family:monospace"><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">Global
</span><br> Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
<br> resolv.conf mode: stub
<br>
<br>Link 3 (enp3s0)
<br> Current Scopes: DNS
<br> Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
<br>Current DNS Server: 192.168.0.1
<br> DNS Servers: 192.168.0.1
<br> DNS Domain: lan
<br><br>Link 15 (wg0)
<br> Current Scopes: none
<br> Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
<br> DNS Servers: 10.10.0.1
<br> DNS Domain: priv<br></span></div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">Which shows that 10.10.0.1 will be the DNS server for domain suffix .priv</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">No idea why DNS Domain is "lan" for the main ethernet connection.</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">But after doing all that, I cannot ping the 10.10.0.1 gateway, nor does name lookup work on .priv hosts.</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">So I went back to your idea of adding PostUp, and completed it with PostDown</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">It looks like this:</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default"><span style="font-family:monospace"><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">PostUp = resolvectl dns %i 10.10.0.1
</span><br>PostUp = resolvectl domain %i priv <br>PostDown = resolvectl revert %i<br></span><br></div><div style="font-size:small" class="gmail_default">It seems to work so far. </div><div style="font-size:small" class="gmail_default">I can ping and resolve everything (private and global)</div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default"><span style="font-family:monospace"><span style="color:rgb(0,0,0);background-color:rgb(255,255,255)">Link 3 (enp3s0)
</span><br> Current Scopes: DNS
<br> Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
<br>Current DNS Server: 192.168.0.1
<br> DNS Servers: 192.168.0.1
<br> DNS Domain: lan
<br><br>Link 16 (wg0)
<br> Current Scopes: DNS
<br> Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
<br>Current DNS Server: 10.10.0.1
<br> DNS Servers: 10.10.0.1
<br> DNS Domain: priv<br></span></div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">But there is +DefaultRoute on both interfaces ... </div><div style="font-size:small" class="gmail_default"><br></div><div style="font-size:small" class="gmail_default">Many thanks Chris.</div></div>