I configured manually my DNS’s servers in my clients, so now I’m about to change the TELECOM company so I need to change the DNS servers configuration in all my clients. I’w like to know if there is another way to avoid doing all this job. I’m not using HotSpot.
Why not use the DNS feature of RouterOS and point your clients to the IP address of the RB, that way, when you change DNS for any reason, you only have to change it there, and not on every client.
Jimbo
Okay Jimbo, for sure that’s a good suggestion but I understand that still been necessary to change the client’s DNS IPs, so do you know if is possible to leave the currents DNS’s adresses in my clients and put a rule in the NAT to redirect all the traffic coming from port (53-DNS) to point to the DNS feature of RouterOS ?
If the answer is YES, I have a more basic question for you. When you say that I can point my clients to the IP address of the RB, you mean that I need to have something like Bind from Linux as DNS’s Server configured in any interface ethernet of the RouterBoard and the DNS’s feature of the RouterOS should be point to it ? Is that correct or I missed up ?
Thanks in advance, Rogerio
Firstly you don’t need Bind or similar unless you are actually hosting domain names. If all you’re after is a DNS resolver type of server then yes you need to use the Mikrotik as your primary DNS server.
Basic steps.
/ip dns set primary-dns=208.67.222.222 secondary-dns=208.67.222.220 allow-remote-requests=yes
These are the OpenDNS servers, you don’t necessarily need your own ISP servers for DNS to work unless they specifically block/throttle 53 requests.
Then create this type of rule;
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=192.168.1.1 to-ports=53 in-interface=lan dst-port=53 protocol=tcp
and
/ip firewall nat add chain=dstnat action=dst-nat to-addresses=192.168.1.1 to-ports=53 in-interface=lan dst-port=53 protocol=udp
Note that
to-addresses=192.168.1.1
represents the internal IP address of your router and that
in-interface=lan
represents your local ethernet interface on your router.
This should work. Let me know if you need more help.
I simulated the environment and it worked fine, so tomorrow I’ll put in production and let see if it will work well.
Thank you so much for your time and attention.
My regards, Rogerio
Hilton, I just put in production and everything worked fine. There were minor adjustments regarding the NAT.
Thank you so much for your support.
My best regards, Rogerio
Great that you came right!
Just wanted to say thx for posting this. Helped me out TREMENDOUSLY!!!
Look up DHCP next time. It will save you the trouble of reconfiguring users computer manually.
Eh?
In a similar sutuation with several hundred wireless clients and a dns server needs to be changed. only, instead of redirecting ALL port 53 traffic to the 192.168.1.1 is there anything wrong with something like this?
add action=dst-nat chain=dstnat comment=“” disabled=no dst-address=
8.8.8.8 dst-port=53 protocol=udp to-addresses=208.67.222.222
to-ports=53
8.8.8.8 being an example of the old dns ip.
It’s more common to just redirect all DNS requests to the router itself.
# Send all DNS requests to the router
/ip firewall nat
add chain=dstnat protocol=udp dst-port=53 action=redirect
add chain=dstnat protocol=tcp dst-port=53 action=redirect