I own 2 Mikrotik devices, one as switch (RB760iGS) and an router (RB4011iGS+5HacQ2HnD).
The switch is behind the router and serves client devices.
The switch is configured with a DNS client with it’s server the router.
In the Router I have created an firewall rule that drops traffic towards google DNS 8.8.8.8 and 8.8.4.4.
For some reason the switch is flooding my router with DNS requests towards Google DNS-A.
I did an export and I was unable to find the ‘8.8.8.8’ in the list.
Could someone clear this up, why the switch is using alternative DNS servers then configured?
Call me nuts but why do you have a switch involved in the DNS at all?
Let the router do the routing including DNS and the switch the switching.
Ensure the subnets aim their DNS at their own gateway and then ensure the MT is selecting the dynamic DNS servers you desire…
As for client devices.
Add two rules to NAT dstnat firewall… (Adjust the source to your config accordingly). add action=redirect chain=dstnat comment=
“Force Users to Router for DNS - TCP” dst-port=53 protocol=
tcp src-address-list=VLAN_Interfaces
add action=redirect chain=dstnat comment=
“Force Users to Router for DNS - UDP” dst-port=53 protocol=
udp src-address-list=VLAN_Interfaces
Thats obscure LOL. Glad you solved your issue. I am only a home user so not familiar with matching TIME and the other stuff.
Dont see why you just use switch setting for switch functionality and still keep all DNS for users through the router.
(in other words asking why does DNS settings for the switch have to have anything to do with DNS settings you want the users to use).