WinGate Forums

[aeau2080]

hi, I just got an additional wireless connections with a different ISP (along with my old wired connection) and was trying to figure out how to use both of them with different applications, I found a post on some forums that the only way to use multiple connections simultaneously is using wingate as a proxy and to assign proxy services to the wireless adapter's gateway.

the setup is like this...

-------most applications-------LAN----------ISP1
My Computer ( Windows 7 )----- |
-------proxied application-----Wingate-----WLAN--------ISP2



I tried it and it has been working like a charm for almost 4 days...

however this morning the wired connection was down for a couple of hours because my first ISP had technical issues in my neighborhood... strangely the wireless connection (through wingate and different ISP) was down too ... although I tested it with me cell phone and it was working properly....

I starting playing around with network connections in control panel when I realized that wingate is only using the first ISP's DNS to resolve the proxied applications requests...I only got it to use the second ISP DNS when i disabled the LAN NIC...


did i mess up the settings or is there something that need to be configured to bind proxy service to the same DNS of the bound gateway... is it even possible...

any help, please...

[adrien]

Hi

WinGate's DNS resolver will try a bunch of different DNS servers. So even if one becomes unavailable, it should start trying the others it knows about.

It knows about DNS servers from the DNS settings in your network adapters. So, if you had a DNS server set on your wireless connection (how is this physically connected to the computer - is it USB or plug-in card or some other ethernet-connected device?) it should have started using it already.

Regards

Adrien

[aeau2080]

First of all, Thanks for the quick reply...

for some reason wingate didn't use the wireless DNS at all when the other was not available , actually it never even try use it (checked with wireshark) weather the LAN DNS is available or not...

Now, even if it used the WLAN DNS when the LAN DNS is absent... would be OK but.... that means that the application proxied to use ISP2 connection will always use ISP1 to resolve DNS requests and ISP2 DNS will only be a failsafe... I guess the problem now is in the routing of the DNS requests...

So, I see this as a kind of DNS leak from ISP2 to ISP1...

The question is, Is there a way to keep the 2 connection completely separated... eg. configure wingate to always use ISP2 DNS... and completely ignore the wired connection...

btw, it's a USB wireless dongle, also I am using OpenDNS for both connections...

Sincerely,

aeau

[adrien]

Hi

Depending on how the LAN-based internet connection fails, if the OS thinks it's still available, it will still maintain the routes for it, and if the default route out that connection has a lower metric than the other one, then the DNS lookup (even to the second one's DNS server IP) will still go out the first connection and therefore fail.

I'll have to think this one through what may be able to be done. Ideally the metric for the default route on the backup connection would be promoted by something when the first connection is found to be unavailable. I don't think you can get the OS to do this, so this would need to be a new feature in WinGate.

Adrien

[aeau2080]

I guess it would be great to have a "Gateway" option along with "Bindings" in the system services just like in user services... I hope it's an easy job if even possible...

regards,

aeau

[logan]

I assume you've got a couple of different openDNS servers with different IP addresses in use? I would try using the windows route table to make DNS requests to each of the openDNS servers go out the Wired and Wireless LANs respectively. This way, if the internet connection of either LAN goes down and DNS stops resolving through the failed LANs gateway, when WinGate fails over to another DNS server it will also use the other LAN (which we can assume is still working).

To add the routes, open a command prompt and enter the following commands, where:
A.A.A.A = the IP address of the first openDNS server
B.B.B.B = the IP address of the second openDNS server
X.X.X.X = the gateway of the wired LAN
Y.Y.Y.Y = the gateway of the wireless LAN

> route add -p A.A.A.A mask 255.255.255.255 X.X.X.X
> route add -p B.B.B.B mask 255.255.255.255 Y.Y.Y.Y

[adrien]

ah.. good point Logan, no need to rely on the default gateway at all.

[aeau2080]

Thanks logan, finally got DNS request to go through Wireless gateway... but i still have a question...

first, I don't want DNS requests to leak from WLAN to LAN or the other way around... so, for the wireless card I will be using OpenDNS (208.67.220.220 & 208.68.222.222) while using google DNS (8.8.8.8 & 8.8.4.4) for the wired card...

the config.

LAN NIC
IP 10.0.0.x
subnet 255.255.255.0
gateway/dhcp 10.0.0.1
DNS 8.8.8.8 & 8.8.4.4

WLAN NIC
IP 192.168.1.x
subnet 255.255.255.0
gateway/dhcp 192.168.1.1
DNS 208.67.220.220 & 208.68.222.222

I added (208.67.220.220 & 208.68.222.222) in the wingate DNS/WINS resolver cofiguration
Wingate DNS service Is enabled and bound to 127.0.0.1

I added routes
route add -p 208.67.220.220 mask 255.255.255.255 192.168.1.1
route add -p 208.68.222.222 mask 255.255.255.255 192.168.1.1

Now I did some testing, i set firefox to use wingate socks proxy, I confirmed that "network.proxy.socks_remote_dns" is set to true in "about:config" to make sure that firefox is only resolving hostnames through the proxy...

in wireshark I finally see that DNS requests are going to 208.67.220.220 & 208.68.222.222 through WLAN card... I thought Finally it works... but...

I checked the wired card and found our that some proxied requests are going to 8.8.8.8 & 8.8.4.4 through wired card as well... and most non- proxied requests are going to 208.67.220.220 & 208.68.222.222 through WLAN card !


is there a way to fix that leak and completely separate the 2 connections ?

[adrien]

Hi

Most non-proxy / NAT requests will go to the default gateway with the smaller metric. Did the metrics change?

Also, what sort of requests are leaking? If DNS requests, it could be retries, since on second try we try more DNS servers.

Adrien