I’ve used this same setup ever since the FWD option was added to RouterOS. I swear I’ve tested this in the past and failover worked just fine between multiple FWD / forward-to static entries, but this morning a customer’s primary DNS server went offline and remote sites that were configured to use their local Mikrotik DNS proxy, with static FWD entries configured for internal name resolution, ceased to be able to resolve internal DNS queries.
I did further testing and simulated outages using filter rules to DROP packets to primary DNS servers and found that on routers running RouterOS 6.49.7, 7.6, 7.7 there was no failover to secondary FWD / forward-to static rules.
I’m still in the process of doing additional testing to see if this has always been the behavior and I just somehow missed it, or if this was introduced somewhere along the line. Once I’m done testing I’ll report back and submit a support request to Mikrotik.
It’s far from perfect, because it’s dumb round robin. First query goes to x.x.x.x, second to y.y.y.y, third to x.x.x.x, and so on. If current target server doesn’t respond, query fails. But next query will be sent to the other server and response will get cached, so subsequent queries from other clients will get that. It’s better than nothing.
Multiple FWD records don’t do anything, router will always use the first one. If it’s dead, too bad.