Community discussions

MikroTik App
 
dboillot
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu May 06, 2010 12:04 am

redirect traffic (DNS) via L7?

Fri Jun 01, 2012 11:58 pm

Hello, I'm wondering if it is possible to redirect protocols like DNS based on the L7 protocol filter that mikrotik has. what i'm wanting to do is match all DNS traffic coming from my network and redirect to a local DNS server. I've tried this w/ nat rules but for some reason I can't get it to work if the client is behind another router.
 
Devil
Member Candidate
Member Candidate
Posts: 170
Joined: Thu Jul 21, 2011 9:13 am

Re: redirect traffic (DNS) via L7?

Sat Jun 02, 2012 5:21 pm

There is absolutely no need to use L7 for forwarding dns requests. it might be possible, but unnecessary. a simple dstnat on udp port 53, would do the trick. if you post your config, someone might be able to spot the problem that why you couldn't make it work.
 
User avatar
Caci99
Forum Guru
Forum Guru
Posts: 1075
Joined: Wed Feb 21, 2007 2:26 pm
Location: Tirane
Contact:

Re: redirect traffic (DNS) via L7?

Sun Jun 03, 2012 2:55 pm

As devil said (the forum member :) ) no need for Layer7
/ip firewall nat
add chain=dstnat action=redirect to-ports=53 protocol=udp 
     dst-address-type=!local dst-port=53
 
User avatar
cbrown
Trainer
Trainer
Posts: 1839
Joined: Thu Oct 14, 2010 8:57 pm
Contact:

redirect traffic (DNS) via L7?

Sun Jun 03, 2012 4:11 pm

Also be sure "allow remote requests" is enabled in /ip dns
 
dboillot
Member Candidate
Member Candidate
Topic Author
Posts: 123
Joined: Thu May 06, 2010 12:04 am

Re: redirect traffic (DNS) via L7?

Tue Jun 12, 2012 12:01 am

I totally forgot I put up this post (wondering why I wasn't notified of replies either)
anyway I'll take another crack at it and let you all know.

Who is online

Users browsing this forum: aarntesla, Ahrefs [Bot], Amazon [Bot], gigabyte091, Google [Bot], hanzaw and 69 guests