I have a routerboard set up as a VPN client connected to a third party VPN service. I have everything configured so that a couple of hosts always route their traffic down the VPN tunnel. Everything is working fine.
The hosts utilizing the VPN are resolving DNS outside of the VPN tunnel. Is there a way to force these hosts to resolve DNS through the VPN tunnel?
Maybe in these two steps:
Create a mangle rule for each host,
chain=pre-routing, src.address=host-ip, protocol=udp, dst.port = 53 (Dns), Action = mark-routing, new-mark: DNS_VPN
Then in IP > Routes, create a route.
dst-address: 0.0.0.0/0, routing-mark: DNS_VPN, Gateway: vpn-interface
This may not work if your hosts are using the Mikrotik as your DNS server.
This may also not work if your hosts are using ISP DNS servers and the ISP blocks requests not originating from their network.