Complete newb to Routerboard/RouterOS here. Today I was able to deploy a RouterBoard 750G as an emergency replacement in a church network that went down, which led me to some questions.
In Winbox when I configure the DHCP Server, I have public DNS addresses listed (obviously). However, it pushes these to all the computers in the building. I’d rather it push out it’s own internal IP as the DNS server and forward the DNS requests on behalf of the clients.
If possible, I would also like to set it to be authoritative so even if a client changes their DNS it still winds up hitting our DNS instead.
I’m assuming the second part could be done as a firewall rule (all outbound requests for port 53 that do not match our internal DNS redirect to the local IP of the DNS). However the first part I’m still unsure of. If I’m wrong on the 2nd or if there’s a better way feel free to inform.
You have full control over what DNS server you hand out. Turn on the DNS server under IP > DNS, then edit the IP > DHCP-Server > Network settings and set the router IP address as the DNS server.
Yes, you can enforce usage of that DNS server via a NAT rule. Assuming a WAN interface name of “WAN” it would look something like this:
Under some circumstances DNS can use TCP, might as well cover it. On a side note, that isn’t called being authoritative in the context of DNS: being authoritative refers to being recognized as the official entity in control of a domain or IP block, you’re just forcing use of your resolver.