Page 1 of 1

Feature Request: Conditional DNS Forwarding

Posted: Thu Sep 13, 2018 11:03 pm
by adamgardner2
It would be brilliant to add conditional DNS forwarding to the Caching DNS Forwarder in RouterOS. That is, the ability to specify "if a request comes in for a record under suffix foo.bar, forward it to 172.16.0.2 rather than the normal DNS server". This is particularly helpful for allowing private DNS zones to be resolved across a VPN link while still allowing public DNS zones to be resolved by some local public DNS server (especially useful so that you don't lose DNS when the VPN link goes down!).

I'm fully aware of the trick to implementing this using NAT, Mangle, and Layer7 Protocol rules in the firewall. However, that solution has various problems, including one huge one.
  • The big one is that it only works for DNS queries over UDP; any DNS query over TCP will just fail if this method is attempted. Obviously DNS mostly uses UDP, but it'll fall back to TCP and break at surprising times.
  • A smaller issue, but a real one, is that implementing this method requires understanding the details of UDP DNS packet structure. Most of the tutorials on these forums and elsewhere get the regular expressions wrong.
  • Requests that get handled by the Layer7 NAT trick don't get their results cached by the Mikrotik, so they have to be forwarded every time.

If Mikrotik doesn't want to add this as a core feature of the RouterOS DNS Forwarder, I'd love to see a more fully-featured DNS forwarder added as a separate package, the way the fully-featured NTP client and server are.

Re: Feature Request: Conditional DNS Forwarding

Posted: Fri Sep 14, 2018 3:31 am
by Sob
Yes please. I really want to do something like:
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip dns forwarders
add domain=company1.lan servers=10.11.12.13
add domain=company2.lan servers=192.168.89.10,192.168.89.11
and have all queries to <anything>.company1.lan go to 10.11.12.13, etc. It can't be difficult to implement, can it?

Re: Feature Request: Conditional DNS Forwarding

Posted: Fri Sep 14, 2018 5:42 am
by Paternot
That would be great. The number of static entries I have...

Re: Feature Request: Conditional DNS Forwarding

Posted: Sat Sep 22, 2018 4:34 pm
by KnechtRootrecht
Indeed it would be great!
For reasons, I use an internal DNS server for my local computers domain. At this point, my two MikroTik routers have two home servers as DNS backend which run dnsmasq with conditional forwarding. It would be really nice to shutdown the home servers and only use the MikroTik resolvers.

Re: Feature Request: Conditional DNS Forwarding

Posted: Mon Sep 24, 2018 11:20 pm
by czb123
This feature will be very helpful

Re: Feature Request: Conditional DNS Forwarding

Posted: Thu Sep 26, 2019 7:46 am
by TerAnYu
A very useful feature.
Still, add srv (and other) entries, at least through the console.