Hello, I’m wondering if it is possible to redirect protocols like DNS based on the L7 protocol filter that mikrotik has. what i’m wanting to do is match all DNS traffic coming from my network and redirect to a local DNS server. I’ve tried this w/ nat rules but for some reason I can’t get it to work if the client is behind another router.
There is absolutely no need to use L7 for forwarding dns requests. it might be possible, but unnecessary. a simple dstnat on udp port 53, would do the trick. if you post your config, someone might be able to spot the problem that why you couldn’t make it work.
As devil said (the forum member 
) no need for Layer7
/ip firewall nat
add chain=dstnat action=redirect to-ports=53 protocol=udp
dst-address-type=!local dst-port=53
Also be sure “allow remote requests” is enabled in /ip dns
I totally forgot I put up this post (wondering why I wasn’t notified of replies either)
anyway I’ll take another crack at it and let you all know.