Another DNS problem

robotul · September 10, 2006, 10:54pm

Hello, new here!

I have a problem. Curently one of my ISP changed the Primary DNS service. The problems began.

All my clients have on their computers the DNS set to the internal addres of the router’s ISP. I cannot make changes in that router to set up the new DNS. Temporarly the ISP told me to put to all my clients the DNS addres manually (that means that I have to go to all my clients to change the DNS and they are a few).

The really question is, can I make a firewall rule to redirect all the requests made to 10.0.0.138 (my DNS server on all my clients and also the internal addres of the router from my ISP) on port 53 and redirect it to the working DNS server I have(80.97.255.66)?

If the answer is a yes, how can I do this?!
If the answer is no, wish me good luck on ringing on all my clients door.

Thank you!

bjohns · September 11, 2006, 1:13am

Easy - this is similar to how the hotspot function does things.

In dst-nat set a rule to NAT (not redirect) connections on port 53 (tcp and udp) to the correct DNS server. Turn off the local DNS server.

/ip firewall nat
add chain=dstnat protocol=udp dst-port=53 action=dst-nat to-addresses=<dns ip> to-ports=53
add chain=dstnat protocol=tcp dst-port=53 action=dst-nat to-addresses=<dns ip> to-ports=53

Based upon 2.9.29. Substitute with that of the ISPs

Something like that anyway.

robotul · September 11, 2006, 7:12am

Thank you!