MikroTik community forum

Funny DNS issue..

RouterOS Beginner Basics

jeremyh September 18, 2012, 7:57am 1

Hello,

I had a funny issue today - A user reported that he couldn’t get to a website that he knew wasn’t malfunctioning.

Curious, I tried a nslookup from my machine:

# nslookup domain.com
Server:		192.168.1.1
Address:	192.168.1.1#53

** server can't find domain.com: NXDOMAIN

The next thing I tried was using Google’s DNS:

nslookup domain.com 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
Name:	domain.com
Address: 208.113.134.XXX

Uhoh.. A problem with our ISP’s DNS server? Nope - our ISP’s DNS (the same DNS that is set in the Mikrotik router) returned the correct IP.

Next thing I tried was logging into our router, to see if there is a problem with DNS:

[admin@router] > /ip dns print
                servers: 220.233.0.3,220.233.0.4
  allow-remote-requests: yes
    max-udp-packet-size: 4096
             cache-size: 2048KiB
          cache-max-ttl: 1w
             cache-used: 2048KiB

Ah.. DNS servers are set to our ISP’s, so that is OK. But what is this ‘cache-used’? Surely the router wouldn’t stop serving DNS requests because the cache is fulll?

[admin@router] > /ip dns cache flush

Oh - now I can resolve the website. The Mikrotik’s cache was filled and so it decided to just stop doing DNS lookups.

Is this normal/expected behaviour?
What is the recommended DNS cache size?

RouterOS 5.12 on RB1100AH.

Thanks
Jeremy

janisk September 18, 2012, 12:44pm 2

first of, try running 5.20

second, how many dns requests you have in minute/second?

DNS caache should clean it self as it gets used more and more. and more you fill it more stuff should have been thrown out to make sure that there is enough space for the next request.

Try to increase cache size to 10MB and see how it fills up.

jeremyh September 18, 2012, 2:48pm 3

Well this is a ‘production’ device so I am reluctant to upgrade it - unless this is a bug in 5.12?

Not too many I would have thought.. about 15 users in an office, all using web apps and browsing.

That’s what I would have thought/expected also - that it would drop the oldest entries once the cache is full. I will increase the cache size.

janisk September 21, 2012, 6:43am 4

when you encounter something similar again, please create support output file and send it to support@mikrotik.com