Mikrotik and DNS server

Tenebres · August 17, 2020, 5:07pm

Hello there!
Situation as follows:
I have a Plesk installed on my server with dns server that comes in a package already. I know that DNS uses UDP and TCP port 53 as destination ports for requests.
How or what do I need to configure on my NAT for my local DNS server to respond the public queries. For example, if I check up on dns.google the reply on my public IP is: nameservers did not respond.

Here is my NAT export config so far:

/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN
add action=dst-nat chain=dstnat dst-address=<public IP> dst-port=53 protocol=tcp to-addresses=\
    192.168.1.10 to-ports=53
add action=dst-nat chain=dstnat dst-address=<public IP>  dst-port=53 protocol=udp to-addresses=\
    192.168.1.10 to-ports=53

Thanks in advance for your reply!

terraformer · August 19, 2020, 1:04pm

Hi, I’m a hobbyist but maybe I can help you find a solution.
I cannot see what’s wrong with your rules. On my RB4011, I’ve got some forwarding and dst-nat rules working.
Can you add log=yes log-prefix=“dns-redirect” to your NAT rules and tell me what the logs show when you try to access your DNS server from WAN?

Did you check that your DNS server is working from LAN? What does the following command, from a linux host on your LAN, return?

dig google.com @192.168.1.10

Do you have access to a server outside your LAN and can you issue the following command from there?

 
 dig google.com @<your public IP, where your DNS server resides>

Best