I’ve been using pfSense for years and have recently started moving to MikroTik.
One of the things that I really miss is being able to override the DNS responder for specific subnets or domains.
And?
What you want do exactly?
I want to specify which DNS server a request should go to.
Example: I want lookups for “hostname.cfwmg.local” to go to 10.103.71.1.
I want lookups for “hastname.obcc.local” to go to 10.70.33.1
I want lookups for “33.70.10.in-addr.arpa” to go to 10.70.33.1
Currently, I do this by running dnsmasq on a separate server. It would simplify things if I could do overrides on the my CCRs.
I fully support this request.
Adding domain-based conditional DNS forwarding would be awesome.
For forward and reverse lookups, just like requested here.
why don’t you create a metarouter+busybox ?
Because this is absolutelly basic dns feature that I should not have to create a second virtual router for (not to mention manage 2 devices instead of one) for.
I know it is a popular technique, but it is also evil on so many levels..
The way I’d work around this though, would be to run a separate DNS server somewhere as I’m not convinced a router is the right place for it.
Sure, if it was some large network, then separate DNS server is way to go. But for all kinds of home/hobby/small business networks, if they need this functionality, the router is perfect place for it, because anything else is overkill. And that goes for MetaRouter too. It may not be too bad resource-wise (for current RouterBoards), but the administrative burden associated with another whole (virtual) machine is simply too big to make it practical.
My reasoning is that if you have a reason to have an internal DNS server, you probably already have some other server you can run it on.
I run my own internal DNS on a small VM on one of my hosts in the basement. Small business can easily do the same thing - you don’t even need a VM… Extra admin for it is virtually nil as it is internal and well protected by my firewall. Home users could probably do just fine with free online DNS services in most cases.
But why go through any of those hassels, when this should be a basic functionality of the DNS server inside the router.
Why setup a VM, why install OpenWRT in metarouter, WHY rely on external DNS server… this is all 2 clicks and typing a domain name if the build-in DNS server has this simple basic functionality.
For one thing - I like my internal network to keep on working even if the router goes down for some reason…
If we are talking about smaller networks where this is required, those use mostly NetBIOS name discovery anyway.
DNS will also be cached for a while.
And again, if we are talking about the networks this is required for, if internet is down, the fact that internal DNS is not working is less important.
Also, this debate goes both ways, if you external DNS server dies, its the same deal, and that also potentially influences you internet connectivity, etc.
And making a router redundant is MUCH cheaper then making a server redundant.
Do you actually want to have a serious discussion or are you here just to nitpick and troll?
Don’t get me wrong here - I don’t do trolling. I still believe that it is better in every case to have a proper DNS server. We could probably argue 'till we die about it.
In my network, the cost of another VM for whatever service I need, is virtually nil. Adding more hardware to make my network fully redundant is not. Thus it is an easy choice for me.
+1 for me.
We need this for small satellite offices connected via VPN to large main office.
You need this kind of DNS lookup in case of Active Directory login.
Now we ‘solve’ this with adding the main office DNS servers in de DHCP options as primary DNS.
But this also give a lot of DNS traffic for standard internet DNS lookups over the VPN.
When we use a Microsoft Server on a satellite office a DNS loopkup for a specific domein is called a stub DNS zone.
I have two reasons for this.. I am an IT manager for several (currently 9) businesses. I work from my home office, and I use IPSec to connect to each of my clients.
Reason 1:
When configuring a new PC for a client, I would like that PC to have access to the DNS for that clients LAN. I want to add it to a Windows domain without having to statically set the DNS.
Reason 2: When I use my remote management systems, they scan the client’s subnet. I would like the system to be able to do a reverse lookup to get the hostname.
I moved from pfSense at each of the 9 sites and my home office to CCR1016-12G’s at each site. The only features that I really miss are the DNS override, port lists (like Address Lists, just for ports) and Link Quality (Latency, Jitter, & Dropped Packets) graphs. Yes, I could run a DNS server at home, but that is yet another device that needs to be powered on all the time. I went with a CCR 1016-12G at home because I was also to dump my 1U pfSense box AND dump my 16 port HP switch. My goal was to simplify the network, not add more too it.
As stated in a few other posts, this is really a basic feature of any DNS resolver.
I agree that, even RouterOS being a router, it should have a well-featured DNS server (not like BIND9 or MS-DNS).
It should have a better integration with DHCP for hostnames too.
+1 for this request. I miss the feature from pfsense as well.
Also agree with tighter DNS DHCP integration as well. That said the new lease script helps a bunch. I modified a script here that works well for me.
+1 for better DNS server support.
+100500 for DNS upgrade!
I am totally +1 on this one. DNS stub zones please.