Community discussions

MikroTik App
 
p3ter
just joined
Topic Author
Posts: 19
Joined: Fri Jul 16, 2021 3:17 pm

DNS Relay?

Sat Jul 17, 2021 3:42 pm

Hi, first post and first day with a Mikrotik Router exposed to the Internet, please be gentle!

I have spent a week playing around with a CCR1009 before finally today setting it up as my primary home router. I started by configuring in it's default 192.168.88.0/24 network below my normal home 192.168.0.0/24 network (Asus Router). In that configuration DNS 'just worked', and I didn't pay to much attention to how. Once I was happy it was set up and working, I prepared to move it 'up' to the main router, by changing the DCHP Server 'Networks' address block and 'IP', 'Addresses' Address list block from 192.168.88.0/24 to 192.168.0.0/24 , then plugging it in to the incoming fiber...

...and it 'almost' worked 100% first time - apart from DNS. :-) The Router itself had name resolution (could ping external websites in terminal), but connected DHCP clients did not. I resolved this temporarily by adding '8.8.8.8' to my 'DNS Settings' - 'Servers' entry, and also adding 8.8.8.8 to 'DHCP Server',' Networks', 'DNS Servers' entry for the 192.168.0.0/24 address range, but I would appreciate a quick pointer on
1) why it 'just worked' before? (maybe because in my previous temporary setup, my gateway address 192.168.0.1 was also serving as DNS Server, but now I am on the public internet, my Gateway IP is no longer also a DNS server?)
2) how to set up a DNS relay? - Do I just need to change the 2 DNS entries I mentioned above to 192.168.0.1?

My ISP supplies 2 DNS Servers via DHCP, and I can see those 2 servers already listed correctly in 'DNS Settings' - 'Dynamic Servers'. What I'm hoping for is that my router will pass on any requests to those 2 dynamic servers for unknown addresses, but would first look in 'DNS Settings' - 'Static', 'Cache' etc.

Thanks for the pointers!

p.s. for others on the same journey, I mostly followed this excellent (and very short!) video: https://www.youtube.com/watch?v=Q3N6CDB9yho and then double checked the Mikrotik help 'Securing your router' https://wiki.mikrotik.com/wiki/Manual:S ... our_Router documentation.
 
p3ter
just joined
Topic Author
Posts: 19
Joined: Fri Jul 16, 2021 3:17 pm

Re: DNS Relay?  [SOLVED]

Thu Jul 22, 2021 10:13 am

Just following up on unanswered post.
Why did it work before?
...still don't know.
How to set up DNS relay?
...IP-->DNS-->DNS Settings-->Allow Remote Requests = YES
...IP-->DHCP Server-->Networks-->Open your DCHP Address Pool-->DNS Servers-->add the address of your Router
BUT - depending on your current rules, your Router may now be a DNS server for the whole internet, so you need may need some new firewall rules to drop DNS requests from WAN. However if you have set up recommended firewall filters here: https://wiki.mikrotik.com/wiki/Manual:S ... our_Router you should be OK. (can anyone confirm?)

More: https://billysoftacademy.com/how-to-use ... n-network/

Who is online

Users browsing this forum: No registered users and 16 guests