Hello everyone
I have problem when i tried to apply static dns
My step
Ip, dns, static, add
For example block website
Name :*facebook.com
Address:127.0.0.1
Timeout :1d 00:00:00
Apply ok
Going to Nat
Add chain dstnat, protocol 17udp,dst port 53
Action redirect
When i test if website of Facebook was block
Now the facebook was block
But my problem some time the all Internet was drop it? Where the problem
Regards
Maybe you’re redirecting your own DNS queries back to you? Try specifying src-adress= customers blocked from facebook and dst-address != Your_DNS_Server_ip in the dstnat redirection rule.
Thank you for replying
In dst-address! =have two dns like 8.8.8.8
And dns for isp
I try to putting two dns?
All of step applying in Nat rule?
No,
You need to set two specific conditions to avoid “loops”:
1.- DNS query isn’t targeted at your DNS,
dst-address != the mikrotik router IP
and
2.- It wasn’t originated by your DNS,
either src-address = Your customer range, if the mikrotik IP isn’t in that range, or
src-address != mikrotik router IP
then and only then, redirect to mikrotik DNS, so that facebook.com is resolved to 127.0.0.1 for all your clients.