Is there DNS Issue in Microtik ?

RouterOS General
1

I use a Microtik CCR1009 in my access layer for PPPoE authentication and hotspot both in the same router.
I have my own DNS server.

So, I have defined the DNS entries in 3 areas :

IP > DNS Server
PPP > Profile > DNS Server
DHCP Server > Networks > DNS Server


I have defined this,

My DNS IP A
My DNS IP B
8.8.8.8
8.8.4.4

Which means, if my DNS server is down, then all customers should automatically start working from 8.8.8.8.
Is that right ?

but I figured out, when my DNS server is off, whole network is down, customers start calling, telling they are getting error of DNS server not found.


How do we fix this ?
Or is this a microtik bug ?

2

There may be a limit on the number of DNS servers your clients are taking from the DHCP reply.
Some OS may have a limit of 2 DNS servers.

So when you list 4 DNS servers, the clients make take only the first two and when they are both down they
never see your other two (google) servers.

3

PPP profile shows 2 only :frowning:

But DHCP shows 4.

So, in PPP, shall I define 1 of my DNS and 1 of Google to solve such situations ?

4

Sure DHCP can serve many DNS addresses, but the question is: how many will your clients pick up from that.
Try connecting a computer like your typical client uses, and look in the network information to see what it has done.

Sure it would be an idea to try to reduce the list in DHCP to 2 servers, or to order them differently.
(your dns 1, google dns 1, your dns 2, google dns 2)

Depending on your config it may be possible to send some part of the clients a different order:
(your dns 2, google dns 2, your dns 1, google dns1)

… so not all clients use only your first DNS.

5

Shall I simply define 2 in both DHCP and PPP profile ?
My DNS and Google DNS.
Thats all ?
Solves it ?

6

Maybe. You need to try and test that.

7

The only way to know is to test it. There is no reason to test on your live system either, as there are plenty of ways you can mock up a config in a virtual lab.

Assign a test client with a selection of DNS servers, then create ACLs to block access to each DNS server in turn, and see how the client behaves.