Creating static DNS A records with v7.7

RouterOS General
1

I’ve noticed that /ip/dns/static/add takes an address-list option. I’ve tried using it but it doesn’t seem to work. If I create a record:

/ip/dns/static/add name=“spaghetti.lan” address-list=k8s-v4-ingress

The address-list looks like this:

/ip firewall address-list
add address=192.168.7.11 list=k8s-v4-ingress
add address=192.168.7.12 list=k8s-v4-ingress
add address=192.168.7.13 list=k8s-v4-ingress
add address=192.168.7.14 list=k8s-v4-ingress

If I print the static entry it shows up as:

9 name=“spaghetti.lan” type=(unknown) ttl=1d address-list=“k8s-ingress”

If I try to set a type of “A” I get an error;

failure: bad A data: IPv4 address expected

And a dns lookup for spaghetti.lan fails with an NXDOMAIN response.

Am I trying to use the wrong thing? Does anyone have an example of an static dns entry pointing to an address-list? I know I could use multiple static DNS entries, but it would be nice to point to an address-list.

2

From your example you are pointing to the wrong list.
Your list is k8s-v4-ingress, but you are pointing to another value k8s-ingress in the DNS entry.

3

Thanks for pointing that out - I’ve corrected the typo in my example. However, the result is still the same.

4

You are right, it does not seem to work, neither with 7.8beta2.
Probably broken during the extensive DNS changes in 7.7 that also caused the memory leak?

5

So you think it should work as I expect, but it’s a bug in 7.7 onwards?

6

Unfortunately, “/ip dns static” is almost completely undocumented in the new help system, and the old version (in the wiki) did not yet have it, so we don’t know if and how it should work…

7

I see in my 7.7 that DNS static has new feature address list, but I dont understand from where this list ill be populated?
in my config there are more than 7 lists, but they don’t want to appear in DNS static.

I want to use this type of list to block some sites.

8

That’s not what it’s for. It doesn’t get addresses from list, it adds addresses to list. For more details see: http://forum.mikrotik.com/t/v7-5beta-testing-is-released/159724/119

9

The root problem is that the feature is not documented. People claim “it does not work”, but it is not specified how it should work, so for all we know it may be doing what it is supposed to do (which could be doing nothing).

10

Perhaps it’s a puzzle for fans, to let them discover new features in some more exciting way than just reading the docs. Or it’s some cunning plan how to discover what people want, by watching what they try to do with it, without asking them directly. Or just whoever is in charge of documentation is lagging behind. :slight_smile: