- This topic has 1 reply, 2 voices, and was last updated 3 days, 8 hours ago by
.
Viewing 2 posts - 1 through 2 (of 2 total)
-
Posts
-
Hey, I’m newb here!
I’m using WireSock and set it up to tunnel only one application through the VPN, which works great. However, I’ve noticed that my DNS is now being routed through the VPN for all applications, not just the one I tunneled.
Is there a way to configure it so that only the tunneled app uses the VPN DNS, and the rest of the system uses the regular DNS?
Thanks in advance!
Hey! Great to hear you’ve got WireSock working for per-app tunneling!
What you’re seeing with DNS is actually expected behavior on Windows due to how the system handles DNS resolution. Here’s a quick breakdown:
How DNS works on Windows:
- Windows uses a system service called DNS Client Service (also known as
dnscache), which acts as a central resolver. - All applications send their DNS queries to this service, which performs the actual DNS resolution on behalf of all apps.
- Because of this, the DNS request isn’t directly tied to the application that originally needed it — once it’s handed off to
dnscache, the link to the original app is lost.
Why it’s hard to isolate DNS per app:
- Since
dnscacheis the one making the DNS queries, any per-app VPN filtering based on the source application doesn’t apply to those DNS packets — they all appear to come from the system service. - That’s why, even if you route only one app through the VPN, its DNS request (handled by
dnscache) might still go through the VPN if the system DNS is set to use the VPN interface.
- Windows uses a system service called DNS Client Service (also known as
Viewing 2 posts - 1 through 2 (of 2 total)
- You must be logged in to reply to this topic.