Feature Request: Tunnels with DNS names

user12 · January 11, 2012, 2:27pm

Currently all tunnel options I see use IP’s only for endpoints,
any possibility that we can create tunnels with dns names also?
GRE/IPIP etc..etc

mrz · January 11, 2012, 2:28pm

It is possible using scripts.
http://wiki.mikrotik.com/wiki/Manual:Scripting-examples#Resolve_host-name

Sanity · January 11, 2012, 2:57pm

A lot is possible using scripts. Does not mean the feature is useless.

LetMeRepair · January 12, 2012, 2:11pm

For example if you want to keep flash writes to a minimum, it would be good to have only DNS names stored in config, and have the resolved IPs in memory.

user12 · January 12, 2012, 6:24pm

I agree… scripts are an option. although I was hoping just to setup a tunnel to a dns name. to alleviate an additional step.
is this something that could be added in future releases?

stmx38 · April 3, 2012, 8:42pm

+1 for this feature

wpeople · April 4, 2012, 8:32am

+1
also welcome using DNS names in firewall rules (where DNS name is resolved on boot - or reset counter)

mattsawatzky · April 17, 2012, 9:28pm

1,000,000 This REALLY needs to be added.

wpeople · November 17, 2012, 7:14pm

mrz: you said, it can be done with script. yes. but.
Tunnels can connect to IP address only (at least if configuring with WinBox - it allows only IP, and not FQDN)
when i change the ip to the same it will restarts the vpn. yes, i can store the old value and compare. As i know the VPN client asks the libc for resolving, so why do you deny us to FQDN?

kurtkraut · November 18, 2012, 3:34am

In the internet, dynamic IPs are the majority, not the exception. This is a very basic, easy to implement and reasonable feature.

hel · November 18, 2012, 5:28am

+1 on this must have feature.
Need this especially in firewall.

wpeople · November 18, 2012, 10:04am

kurtkraut: name lookup is already in the libc (the library what’s used for many things) unless it’s taken away. (since it’s also in ulibc, i think it’s not taken away in a need of space at least). So, it’s should be inside, just the lookup call is not implemented at those places.

I see no reason for disabling this in tunnel, but enabling it on other places like ntp…

hel: that’s totally another story. firewall SHOULD work with IP addresses. Imagine, what would happen when every single firewall rule asking for a DNS resolution when executed. That would be slow as hell. If you have a proper caching mechanism with a local (inside the box) DNS server, cached every IP you have in the firewall, it would just be simply very slow.