Please implement DNS forwarder (as an alternative to local DNS resolver as it is right now) in RouterOS as per https://tools.ietf.org/html/draft-tale-dnsop-edns0-clientid-01. It is already in dnsmasq (–add-mac) since 2015 and DNRD of Benjamin Petrin. the best implementation would be one to include hashing the actual MAC address with a key so end device privacy information (e.g. MAC-Address) will not be disclosed.
possible attributes to be set would be:
forward-only=yes/no : use integrated recursive resolver and static entries (no) or use forwarder with configured/dynamically acquired DNS servers (yes)
include-clientid=no/mac/base64/sha : whether end device (where the DNS lookup came from) L2 information (i.e. MAC address) shall be put into EDNS0 field in various ways
no: don’t enrich DNS query
mac: include MAC address as ASCII string
base64: include MAC address as base64 encoded ASCII string
sha: include MAC address as SHA hash in printable ASCII string
[admin@hgw] /ip dns> print
servers: 84.2.44.1,84.2.46.1,2001:4c48:1::1,
2001:4c48:2::1
dynamic-servers: 2001:4c48:1::1,2001:4c48:2::1,84.2.46.1,
84.2.44.1
allow-remote-requests: yes
--> forward-only: yes <--
--> include-clientid: sha <--
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 100
max-concurrent-tcp-sessions: 20
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 341KiB