Say, I’m very confused and having strange DNS issues.
I’ve 2 routes to internet via 2 lan ports on RB750
port 1 uses pppoe over dsl with DNS assigned by provider and “remote DNS requests allowed”
port 2 is connected to a RB411U. Its USB port has 3G modem plugged in.
DNS lookup works from the RB411U.
On RB750 DNS Look ups work perfectly for ip’s within the country(South Africa) but fail for abroad from the router itself.
If I attach pc to the LAN port and set GW and DNS ip to that of the router - same thing.
If I assign DNS manually on PC - International DNS look ups work!
I’ve tried several ISP’s for the pppoe.
I’ve tried assigniing the same DNS on the router and disbaling pppoe providing DNS. Same problem.
Any ideas please?
Tx
Shaun
If you are using dhcp to issue that stuff, Go to “/ip dhcp-server network” and set the dns server ips that you want the dhcp server to issue.
Tx. This helped the PC, but I still can’t get dns lookup on the route board to work..
If it is the dns server ips that your ISP issues, you can override that also.
/ip dhcp-client
set X use-peer-dns=no
Then put your good dns server ips in “/ip dns”.
Tx, I’ve tried that, but same issue…
Can you be more specific about the “issue”? How are you testing the dns with the router? I use
:put [:resolve www.google.com];
BTW, I do not use the router ip for dns on client computers. I use the dns server ips my ISP issued me.
I ping www.co.za and get a lookup and reply
ping www.google.com - no lookup !
:put … resolve times out!
I’m using ISP’s DNS’s or my own!
Sounds like your ISP may be the challenge. I would contact them and see if everything is ok.
Tx, I have…
If that meant “I checked with them and still have a problem”, then check your settings in “/ip route” and “/ip firewall nat” to insure everything is going out the correct interface. If you post both, maybe that will help.
EDIT That was “nat”, not “masquerade”. My bad.
ADD: If this is a RB750, insure there is only one ip address assigned to port 2. That is normally where 192.168.88.1/24 is assigned by default. That, along with a masquerade on port 2, would cause some real problems!
Excuse me if I get too basic, but you removed port 2 from the switch, correct?
/interface ethernet
To prevent a major conflict with your ISP, you also disabled the dhcp server on port 2, right?
/ip dhcp-server
Yes I did check with ISP.
You wrote:
“ADD: If this is a RB750, insure there is only one ip address assigned to port 2. That is normally where 192.168.88.1/24 is assigned by default. That, along with a masquerade on port 2, would cause some real problems!”
This could be the problem:
LAN is on port 1 and there are TWO local ip ranges assigned to it and DHCP. Masquarade is setup as srcnat and action masquarade in NAT. No other settings.
port 1 , should be port 2: uses pppoe over dsl with DNS assigned by provider and “remote DNS requests allowed”
port 2, should be port 5: is connected to a RB411U. Its USB port has 3G modem plugged in.
Port3,4 unplugged and unconfigured.
NB: I removed the default config on boot up.
How do you have the default routes set in “/ip route”? What do you use to determine which port to use?
Two subnets on the lan should not be a problem. Two subnets on a wan interface is not a problem either, but you must use “action=src-nat”, and not “action=masquerade”.
EDIT: I think this should work if you set the “/ip dhcp-client use-peer-dns=no”, then put the correct dns server settings in “/ip dns”. Insure you force your localnet (the one you are testing with) computer to renew the dhcp lease after doing the change. That is the “repair” button on Windows network settings.
I’ve attached the full export of the router -perhaps you can see where the issue lies please.
PeechRB750.rsc (17.7 KB)
There is no default route for the DSL connection. Everything is going over the 3G, including dns requests. You will need to use some type of routing-mark to separate traffic to each default gateway.
/ip route
add check-gateway=ping comment=“” disabled=no distance=2 dst-address=
0.0.0.0/0 gateway=192.168.2.1 scope=30 target-scope=10
As a test, change the gateway to the DSL gateway (192.168.0.1?) and try the dns request again.
The ADSL route is added on dial up as per below:
/interface pppoe-client
add ac-name=“” add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=
“” dial-on-demand=no disabled=no interface=ether2-ADSL max-mru=1480
max-mtu=1480 mrru=disabled name=pppoe-out1 password=cativafo93 profile=
default service-name=“” use-peer-dns=yes user=tru284@wadsl
The 3G route has a distance weight of 2 and should be used if the ADSL drops.
I see now. You are getting the other route from dhcp. But that is where you are also getting your dns servers. On that pppoe setting, change “use-peer-dns=no”. Then set the dns to what you want.
Correct. I’ve tried that and issue persists…
Is there any way to see the dns connection and see what is actually taking place?
Yes, kinda. sniffer will show what ip is actually getting the request.
/tool sniffer
set interface=ether1
set filter-address1=0.0.0.0/0:53
start
(do dns request)
stop
/tool sniffer packet print
Here is mine. It will look like this:
68.1.18.229:53 (dns)
You might need to sniff both interfaces to find the request.
EDIT: I added a filter address above to drop all but dns. If you want to see dns on all interfaces, since you are not certain which is getting the request, use “set interface=all”.
Tx.
This will tell us which ip is getting it.
Can we see the actual data exchange and what the dns server replies with?
The closest thing I have found is
/tool sniffer packet print raw
but it doesn’t display text, but rather the hex code. I have not tried it, but you might save the output to a file and use a converter on it.