Hey all!
I’m going mad here.
I don’t have any issues with dns requests on clients or any real issues other than the fact that mikrotik keeps sending out packets to request dns from OpenDNS (which is the dns I stipulated to use in the DNS settings of mikrotik).
I am getting a never ending stream of requests to opendns from mikrotik when looking at the “dns” in the log, as follows:
— got answer from 208.67.220.220:53:
id:cd5d rd:1 tc:0 aa:0 qr:1 ra:1 QUERY ‘server failure’
question: 10.0.0.0-10.10.09.255:A:IN
— sending udp query to 208.67.222.222:53:
id:c712 rd:1 tc:0 aa:0 qr:0 ra:0 QUERY ‘no error’
question: 10.0.0.0-10.10.09.255:A:IN
done query: #590 dns server failure
… endless repeating over and over etc…
I don’t use the 10.0.0.0-10.10.09.255 range on my network. The only place I have that range as a stipulated list is as and address list entry which is part of a larger list of bogons. I have clients use my mikrotik IP as the dns via dhcp not the opendns IP (so clients have the mikrotik IP listed as the DNS) they pull dns entries from mikrotik then mikrotik pulls dns from opendns.
Questions:
- Why is that IP range requesting dns?
- How is it possible for an address range to request a dns in the first place?
Any clues would be appreciated!
UPDATED
I removed the bogon from the list and it stopped. so i assume as it is a valid ip range and not really a “bogon” (as i was dumping various ranges in to the list) opendns was trying to reply with an ip address inside that range, but did not understand what was going on as that ip range was being blocked in my firewall range. Guess that’s what was going on.
I should stop messing with RouterOS in the early hours 