DNS Allow Remote Requests
RouterOS general discussion

hci
Long time Member
Long time Member
Posts: 537
Joined: Fri May 28, 2004 5:10 pm
Reputation: 0

DNS Allow Remote Requests

by hci » Mon Dec 03, 2012 7:50 pm

If under DNS cache you do not have "Allow Remote Requests" checked, and the router LAN is assigned 192.168.1.1, dhcp clients to the router are assigned out of 192.168.1.0/24 and router receives DNS servers from PPPoE will the clients be able to use the DNS cache on 192.168.1.1?

I do see the docs but still am not sure.

http://wiki.mikrotik.com/wiki/Manual:IP/DNS

What does "Allow Remote Requests" exactly change?

BinaryCrash
newbie
Posts: 36
Joined: Thu Apr 28, 2011 11:20 pm
Reputation: 0
First RouterOS version: 4.16

Re: DNS Allow Remote Requests

by BinaryCrash » Mon Dec 03, 2012 8:07 pm

Allow Remote Requests:

enabled = Will be a DNS Server, responding to dns requests.
disabled = Will be a DNS Client, not responding to dns request. Used only for local dns resolve. (the mikrotik itself)

hci
Long time Member
Long time Member
Posts: 537
Joined: Fri May 28, 2004 5:10 pm
Reputation: 0

Re: DNS Allow Remote Requests

by hci » Mon Dec 03, 2012 8:20 pm

So it would likely be a good idea to do this to protect the DNS cache if "Allow Remote Requests" is enabled?

/ip firewall filter
add action=drop chain=input dst-port=53 protocol=udp src-address=!192.168.1.0/24

or

/ip firewall filter
add action=drop chain=input dst-port=53 in-interface=pppoe-out1 protocol=udp

BinaryCrash
newbie
Posts: 36
Joined: Thu Apr 28, 2011 11:20 pm
Reputation: 0
First RouterOS version: 4.16

Re: DNS Allow Remote Requests

by BinaryCrash » Fri Dec 07, 2012 1:12 am

Yes, you should block others from using your DNS Server and enable only your network to use it. Using filters, like you said.

Who is online

Users browsing this forum: allure, Bing [Bot], toddfraser88, Trackboy and 9 guests

It is currently Thu Jul 30, 2015 7:07 pm