DNS doesnt work propertly

RouterOS General
1

Hello,

I used to use IP/DNS feauture. but one week ago I couldnt resolve some web-pages. So I disabled IP/DNS feature and set dst-NAT of UDP 53 port. but it didnt work how it should.

when I set DNS of my ISP in computer, it works great, but i have no time to set if for 100 pcs.

Thansk a lot and excuse my english skills :slight_smile:

2

Greetings!

It may be the DNS servers, or the connections to them, were down when you had the challenge. I would enable your DNS again and insure it is set up correctly.
Insure you set these:

/ip dns
set primary-dns=xxx.xxx.xxx.xxx
set secondary-dns=yyy.yyy.yyy.yyy
set allow-remote-requests=yes
3

what about man-in-the-middle? is it possible, that somebody is probably poisoning network by bad resolves in udp 53 port?

4

That is possible. You might want to check that if you are concerned. If it is practical, disable your DHCP and DNS. Then connect to your net and see if some other server issues you an IP or DNS service.

5

Hello,

I’m with a similar problem using RB333, see here: http://forum.mikrotik.com/t/router-os-v3-dns-cache-server-problem/18602/1
It’s a bit weird actually, as sometimes the DNS has a very good response time (after a fresh restart per example), but others it’s just slowww… and the browser takes ages doing: “Looking up http://www.xxxxx.xxx”.

TL

6

hey, I determined problem:

After changing cache size used for DNS it works great, but only for few minutes. The cache is not full. I have tried max. limit and then decrease it / as I have said, DNS worked great but after few minutes som pages couldnt be loaded./

---packet analyser - WIRESHARK, only QUERIES---

REQUEST:
http://www.snph.sk: type A, class IN
Name: http://www.snph.sk
Type: A (Host address)
Class: IN (0x0001)

NO ANSWER, ONLY QUERY RETURNED:
http://www.snph.sk: type A, class IN
Name: http://www.snph.sk
Type: A (Host address)
Class: IN (0x0001)

Answer was returned in 8ms, but no page was loaded.

after i have change memory cache size of DNS, when page was loaded correctly, answer looks like:

Name: http://www.snph.sk
.
.
.
Data length: 4
Addr: 217.67.30.24
.
.
.
/and other ns records/



when I changed size again, page was loaded.


What would you say? Why Mikrotik returns no answer? or DNS server? could be bad RAM memory? it is only opinion, because I have tried everything

7

what version ?

8

v3.2 but, it was reason of upgrading. It was same in v2.9.50

9

Look here

http://forum.mikrotik.com/t/dns-problem/15495/1

10

excuse me, but very strange situation. What is the result of topic?

could you help me? 247-871-501