why is this not a src-nat, or a forward rule? the request goes from the client to the server back
my understanding is the request goes out the standard dns server, whatever is set, but on reply is when it get modified and sent to another dns server with the reply, how does the original client even get the request?
i don’t understand how this rule works at all. any help??? i don’t like blindly installing rules i don’t understand
i always used dstnat to do port forwarding. i don’t understand at all
These two rules (one for TCP and one for UDP) are redirecting any traffic to port 53 to port 53 at 192.168.88.1 which is presumably the DNS service on the routeros system.
I need a more technical answer. I understand how dst Nat works. I don’t understand the traffic flow at all, port forward redirects to another server on an in coming request
This rules seems to do the same. I’m sorry I need. A better answer
I get that it is redirecting, but how the hell is the client getting a reply from the dns server. I could understand if it was a forward which pointed the request to a different server. But we are not doing that
Those rules force all DNS requests to use the routers DNS server.
The rules read: for any any specified destination address with destination port 53 (DNS) either TCP or UDP redirect the request to 192.168.88.1 port 53 (DNS)
Since 192.168.88.1 is the routers default internal LAN address (vs. the external one it gets from the upstream feed via DHCP or static config) this is probably just intended for requests from the LAN side.
You just answered your own question. you need to take a look at Packet Flow . in short, destination nat, is being applied before routing decision. routing facility or firewall, get the packets after destination nat has been applied. as far as they concern, they are getting the original packets. so they act accordingly.