RB2011UiAS-RM - beginner questions

jladefoged · December 27, 2015, 10:22am

I’ve got my new RB2011UiAS-RM 6.33.3 up and running and have some questions.

1:
I have a domain. Lets call it “home.mydomain.dk”.
I can’t access this from my LAN and my Squeezebox Server (web interface) is running on this but if I use the LAN IP (10.0.1.2:9002) it works without issues. It works from the WAN side.

2:
I have a NAS. It’s called “nas” on my LAN.
I can ping this address from a Windows PC, but not my Linux PC (xubuntu). On my Linux PC I have to add “.local” to ping it. Ping “nas.local” works. I think it’s a Linux issue, but can I fix it from my Mikrotik router?

Regards,
Jeppe from Denmark

p3rad0x · December 29, 2015, 1:03pm

I Think you can create a static DNS entry on the 2011 called nas and point it to the ip address.

Do the same with the domain and it should work.

It seems like your current dns is resolving your domain to its public IP address and for some reason its not connecting from lan to the public ip

ZeroByte · December 29, 2015, 3:50pm

Problem 1: You need to configure hairpin NAT.

First, make your NAT pinhole configuration to be “hairpin friendly”

You probably have a dstnat rule that looks something like this:
chain=dstnat action=dst-nat to-addresses=10.0.1.2 protocol=tcp dst-port=9002 in-interface=ether1-gateway

If so, then remove the in-interface criteria, and add dst-address=x.x.x.x (your public IP)

If your public IP is dynamic, then use dst-address-type=local dst-address=!10.0.0.0/8

Second, add the hairpin rule:
chain=srcnat action=masquerade out-interface=LAN src-address=10.0.1.0/24

Problem 2: DNS suffix

nas.local is a FQDN (fully-qualified domain name)
nas is just a hostname. When you type an unqualified hostname (doesn’t end with a full domain like mydomain.dk) then the computer is going to silently try using whatever it thinks the local domain is. So if you told your computer that the domain suffix is mydomain.dk, then if you type “ping nas” - the computer is going to try to look up the IP for “nas.mydomain.dk” - and any other domain suffixes you may specify…

Your NAS is in your local DNS as the FQDN: nas.local

You have two ways to fix this:

tell the linux box that the domain suffix is “local”
tell the NAS that the local domain suffix is “mydomain.dk”

The reason it’s working on the Windows box is that Windows will try .local as a possible domain suffix, in addition to the domain it’s been told to use.

satman1w · December 29, 2015, 3:55pm

You need to setup HairPin NAT or Split Horizon DNS.
Using first solution is simpler but generates traffic and uses router CPU.
The second is more complicated but better if you expect large traffic from local network to your servers

http://wiki.mikrotik.com/wiki/Hairpin_NAT

https://en.wikipedia.org/wiki/Split-horizon_DNS

Good luck

jladefoged · January 2, 2016, 3:06pm

I’ve got Hairpin NAT up and running and are using static DNS for now.
I’ll see if I can cheat my Linux to look for .local domains.

Any recommendation for VPN? I’ll like my Linux laptop to be able to access my home network.

guy100 · January 15, 2016, 5:01pm

Some friend need a help with reconfiguration of this rooter RB2011UiAS-RM.

He has 2 ADSL lines connected already from before, is there any guide for setup 2 ADSL lines together?

Also i want to ask, this router make a merge-bondind of the 2 ADSL? Or i need some other ADSL-ROUTER for this?