All I can say for sure with the information given is that the reply came from a cache or a recursive query because the answer was non-authoritative. I would suspect that your localy-configured address would generate an authoritative response…
Perhaps the host the Mikrotik is configured to use for DNS resolver has the wrong information cached as well?
Do you get the same result when querying via other DNS servers?
Non-authoritative answer is correct, static addresses in ROS DNS are simple overrides, setting them does not turn router into authoritative server for them.
Check the resolvers configured in router and ask them all directly (dig, nslookup) for that record. If at least one of them gives you the wrong address too, then the problem is elsewhere. If not, then perhaps something is stuck in RouterOS. Restart might help in that case.
When I ping from the RB, it returns me the ‘real IP’.
But if I do nslookup from computer that behind this RB, it still gives me the local IP which I configured as static DNS previously in this RB.
At the time I created this thread, I’ve already removed the local IP from the config and do flush DNS, so it should ask from the internet DNS which is I configured 8.8.8.8 and 8.8.4.4 in my RB.
It’s either the Mikrotik itself or else the Mikrotik is redirecting port 53 to a device that is also giving that same address.
(or option 3, the host has the wrong info in hosts file, but nslookup does not use the local resolver, so this isn’t likely)
A packet capture might be required to get to the bottom of this if following the trail through iptables and IP > DNS > Static is not leading to the answer.
My takeaway from this is that putting static hostnames in a proxy-resolver generates non-authoritative replies. I would’ve thought “it’s authoritative because it’s in my configuration” would be the order of the day.
