Internet fall

RouterOS Beginner Basics
1

Hi guys,

I have had problem in my network that sometimes it stops working and when checking in the log encounter this type of log:

11:02:56 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 208.67.222.123:53->10.1.0.8:60091, NAT (208.67.222.123:53->200.175.182.139:53)->(187.115.89.58:62646->10.1.0.8:60091), len 89
11:02:57 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 208.67.222.123:53->10.1.0.10:60286, NAT (208.67.222.123:53->200.175.182.139:53)->(187.115.89.58:62652->10.1.0.10:60286), len 86
11:02:57 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 208.67.222.123:53->10.1.0.11:54573, NAT (208.67.222.123:53->200.175.5.139:53)->(187.115.89.58:54573->10.1.0.11:54573), len 86

I use the redirection to the external dns server of OpenDNS, since we are a small company and use to block there are pornographic sites.
Does anyone here know what to do to stop this problem?
Thank you very much.

2

use the router’s built in DNS server, point it at OpenDNS and then block the LAN from using outside servers. I

3

In this case do I have to remove the OpenDNS redirect and create new DHCP servers for my internal network with the OpenDNS dns? For there is no way to edit them. So I created the redirect, because when they were created, the DNS that the operator provided was added.
Thank you for your help.

4

No need to update DHCP.
I can only guess, but are you giving out your router as DNS server and catch all this traffic to redirect it to OpenDNS?
If so, enable your local DNS server, add openDNS as its parents and redirect all forward traffic to udp/53 to your local DNS.
Done.
-Chris

5

Thanks

6

Hello,
I removed the redirect and removed the external DNS that was in my network (OpenDNS FamilyShield and Google) and left only the DNS provided by the operator. I have not checked the “Allow remote requests” option, but I still get requests on port 53 as below and the whole enterprise connection drops.

18:22:32 firewall,info forward: in:ether5-WAN_GVT02 out:Vlan3, src-mac 74:a0:2f:b6:26:41, proto UDP, 200.175.182.139:53->10.3.0.66:4265, NAT 200.175.182.139:53->(187.115.89.114:4265->10.3.0.66:4265), len 108
18:22:32 firewall,info forward: in:ether5-WAN_GVT02 out:Vlan3, src-mac 74:a0:2f:b6:26:41, proto UDP, 200.175.5.139:53->10.3.0.66:18333, NAT 200.175.5.139:53->(187.115.89.114:18333->10.3.0.66:18333), len 116
18:22:32 firewall,info forward: in:ether5-WAN_GVT02 out:Vlan3, src-mac 74:a0:2f:b6:26:41, proto UDP, 200.175.182.139:53->10.3.0.66:18333, NAT 200.175.182.139:53->(187.115.89.114:18333->10.3.0.66:18333), len 116
18:22:32 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 200.175.5.139:53->10.1.0.30:50502, NAT 200.175.5.139:53->(187.115.89.58:50502->10.1.0.30:50502), len 98
18:22:32 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 200.175.182.139:53->10.1.0.60:54320, NAT 200.175.182.139:53->(187.115.89.58:54320->10.1.0.60:54320), len 98
18:22:32 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 200.175.182.139:53->10.1.0.60:62861, NAT 200.175.182.139:53->(187.115.89.58:62861->10.1.0.60:62861), len 77
18:22:32 firewall,info forward: in:ether4-WAN_GVT01 out:ether9-Rede_ADM, src-mac 78:ba:f9:8f:ae:a1, proto UDP, 200.175.182.139:53->10.1.0.60:62636, NAT 200.175.182.139:53->(187.115.89.58:62636->10.1.0.60:62636), len 79
18:22:32 firewall,info forward: in:ether5-WAN_GVT02 out:Vlan3, src-mac 74:a0:2f:b6:26:41, proto UDP, 200.175.5.139:53->10.3.0.65:16055, NAT 200.175.5.139:53->(187.115.89.114:16055->10.3.0.65:16055), len 115
18:22:32 firewall,info forward: in:ether5-WAN_GVT02 out:Vlan3, src-mac 74:a0:2f:b6:26:41, proto UDP, 200.175.182.139:53->10.3.0.65:16055, NAT 200.175.182.139:53->(187.115.89.114:16055->10.3.0.65:16055), len 115

I used this site http://openresolver.com to check the DNS provided by the carrier and it is OK (green).
Could someone give me an idea? Since I do not have DNS server internally, but I use the RB1100 as router and DHCP server by separating ADM networks and network students.

Thanks.