Feature Request: DNS Fowarder

littlebill · December 4, 2013, 12:48am

would like DNS Forwarding for DNS server. ran into this wall for months till i realized this is what i needed

samsung172 · December 4, 2013, 3:22am

just set “allow remote request” in dns, and it will forward.

littlebill · December 4, 2013, 3:26am

http://forum.mikrotik.com/t/dns-failing-over-vpn-tunnel/72106/1

samsung172 · December 4, 2013, 3:40am

As i read that post, and hav watched one of the video - The problem is in your setup. You want to have the mikrotik to resolve Local addresses from the 10.x.x.x DNS and the rest from “another” DNS.

To solve this, its your 10.x.x.x server that needs to forward non authorative requests to a internett DNS. There is no such thing like. If DNS1 is reached, but cant reply, try server 2 etc. I dont know of any DNS client working like this. The first server have to reply to both internet and local.

littlebill · December 4, 2013, 3:45am

it needs a forwarder like listed later in the post. i setup the config via win08 r2 dns server and it worked flawless with forwarders.

andriys · December 4, 2013, 8:14am

What littlebill wants is the ability to specify different forwarders for different DNS zones. Something similar to the following zone definitions in BIND:

zone "myzone.intra" {
        type forward;
        forward only;
        forwarders { 10.0.0.1; 10.0.0.2; 10.0.0.3; };
};

zone "yourzone.intra" {
        type forward;
        forward only;
        forwarders { 10.1.0.1; 10.1.0.2; 10.1.0.3; };
};

While not critical, would have been nice feature if supported.

shiny · December 4, 2013, 12:46pm

Split DNS in powerdns does exactly that :

if it has a local record for

xxxhost A → 10.10.10.1

it replies with that, if not it does a recursive query to his recursor and answer with the ip he received from whoever is the authorative server for the zone. This way you can, inside your office, have hostnames mapped to internal ip’s for your zone and resolve the rest from your external dns server.

littlebill · December 4, 2013, 2:53pm

shiny:

samsung172:

As i read that post, and hav watched one of the video - The problem is in your setup. You want to have the mikrotik to resolve Local addresses from the 10.x.x.x DNS and the rest from “another” DNS.

To solve this, its your 10.x.x.x server that needs to forward non authorative requests to a internett DNS. There is no such thing like. If DNS1 is reached, but cant reply, try server 2 etc. I dont know of any DNS client working like this. The first server have to reply to both internet and local.

Split DNS in powerdns does exactly that :

if it has a local record for

xxxhost A → 10.10.10.1

it replies with that, if not it does a recursive query to his recursor and answer with the ip he received from whoever is the authorative server for the zone. This way you can, inside your office, have hostnames mapped to internal ip’s for your zone and resolve the rest from your external dns server.

windows dns server also does it, after andriys explained dns better to me, i set it up within minutes in a vm on windows 08 server.

ayufan · December 4, 2013, 8:53pm

For long time I were using layer 7 filter which pretty nice handles dns-over-udp.

LinFor · December 5, 2013, 5:15am

Yes, but this method does not allow to specify multiple DNS for redirection. Single point of failure.

Sob · December 5, 2013, 11:53am

Also don’t forget L7 filter is just an ugly hack. Well, maybe not exactly ugly, in fact it’s pretty clever, but still a hack with significant disadvantages.

LinFor · December 5, 2013, 4:52pm

Yes, another disadvantage is caching bypass for those requests. We want native dns zone forward support! )

JunoBox · December 6, 2013, 11:28am

I completely agree with that! This feature request exist already for many years. When is Mikrotik going to implement this feature???