Yesterday my DoH provider stopped responding, so my clients did not get any DNS reply.
I do use https://dns.nextdns.io/dns-query as DoH server and Verify Certificate is on.
To find dns.nextdns.io I have a static dns entry.
My question is: What happens when I have both Static DNS entry and DoH configured?
Will RouterOS alwasy use DoH only, or fall back to static DNS when DoH stops respondig?
I can not see from DNS logging what server is used, if its 8.8.8.8, 1.1.1.1 or DoH. Log looks equal for all types.
From log when DoH failes:
server connection error idle timeout connecting
Before when I did have DoH on a separate server, I used this script:
:local currentDNS [/ip dns get server]
:local DoHDNS "10.22.10.140"
:local backupDNS "8.8.8.8,1.1.1.1"
:local testDomain "www.google.com"
:if ($currentDNS = $DoHDNS) do={
:do {
:resolve $testDomain server $DoHDNS
} on-error={
/ip dns set servers=$backupDNS
:log info message="DNS_server=$backupDNS"
}
} else={
:do {
:resolve $testDomain server $DoHDNS
/ip dns set servers=$DoHDNS
:log info message="DNS_server=$DoHDNS"
} on-error={}
}
But when DoH server is on the same router as the script is, I do not see how I could setup a test failover.
Ok test
resolve www.cnn.com 8.8.8.8
Not Ok
resolve www.cnn.com https://dns.nextdns.io/dns-query
I can also lok for error message in the log and fail over to static DNS, but how to see that DoH server is up and running.