Update DNS configuration to favor Cisco AnyConnect adapters when connected and routeable adapters when not

[Omegaice]

The current code looks for networks that have a route to 0.0.0.0/0 or ::/0 which only works if the vpn routes all traffic. This change updates the DNS selection code to always pick the DNS servers from the AnyConnect interface when it connects and any routeable adapters when not.

This works for the VPN setup that I have access to but I am not sure if it breaks anything outside of that.

[jacob-pro]

I only learnt the other day that I need to click the "finish review" button for these comments to show up!
i actually wrote these ages ago - sorry!

[jacob-pro]

Please can you use this helper function I have already written here (from win32_utils)
https://github.com/jacob-pro/win32-utils/blob/master/src/str.rs#L19
I realise this isn't well documented (yet)

String::from_pwstr_lossy(adapter.Description)

[jacob-pro]

could this whole thing be simplified, so instead of making all the above changes, just changing this filter?

.filter(|adapter| {
    let is_internet = internet_routes
        .iter()
        .any(|route| match route.destination_prefix_ip {
            IpAddr::V4(_) => route.interface_index == adapter.ipv4_interface_index,
            IpAddr::V6(_) => route.interface_index == adapter.ipv6_interface_index,
        });
    return is_internet || adapter.description.contains("Cisco AnyConnect")
})

It would mean that the AnyConnect adapter is not excluded from the list if it is not an internet route. I would like the behaviour of this tool to remain as close as possible to the way that windows chooses DNS servers, which is based on interface metrics:

https://github.com/jacob-pro/wsl2-dns-agent/blob/master/docs/ROUTING.md#step-3---working-windows-dns

i.e. if your AnyConnect adapter is not the highest metric then Windows won't use it as the first DNS choice, and neither should WSL

[wp4nuv]

I found this project while researching a connectivity issue with WSL in Windows 11 where the WSL vEthernet adapter is hidden. I also use a VPN for work, but it's not Cisco-based. I would like to know if this change can be worked, so it uses ANY adapter with the lowest metric. Considering that VPNs usually want to be the default adapter, this change would make sense instead of looking for a particular adapter name.

[jacob-pro]

Hi @wp4nuv

Considering that VPNs usually want to be the default adapter, this change would make sense instead of looking for a particular adapter name.

I'm a bit confused, the existing code already just chooses the adapter with the lowest metric, like you are asking for?

wsl2-dns-agent/src/dns.rs

Line 188 in 1d83b43

.sorted_by_key(Adapter::interface_metric)

[wp4nuv]

I was referring to the Pull Request (Omegaice:split-vpn), which asks for a specific configuration for a Cisco VPN. If your code already does this, then it is no problem. From: Jacob Halsey ***@***.***> Date: Tuesday, January 31, 2023 at 11:25 To: jacob-pro/wsl2-dns-agent ***@***.***> Cc: Pedro J Maldonado ***@***.***>, Mention ***@***.***> Subject: Re: [jacob-pro/wsl2-dns-agent] Update DNS configuration to favor Cisco AnyConnect adapters when connected and routeable adapters when not (PR #2) Hi @wp4nuv<https://github.com/wp4nuv> Considering that VPNs usually want to be the default adapter, this change would make sense instead of looking for a particular adapter name. I'm a bit confused, the existing code already just chooses the adapter with the lowest metric, like you are asking for? https://github.com/jacob-pro/wsl2-dns-agent/blob/1d83b43f479ed01a68b181c5f6d93fbbbec6d49f/src/dns.rs#L188 — Reply to this email directly, view it on GitHub<#2 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAEMLQORQVD4YKOM3B3RP5LWVE4HPANCNFSM54XIICQQ>. You are receiving this because you were mentioned.Message ID: ***@***.***>