Community discussions

MikroTik App
 
Emeran
just joined
Topic Author
Posts: 4
Joined: Thu Jul 23, 2020 7:30 pm

doh server connect error network is unreachable

Thu Jul 23, 2020 7:54 pm

I tried to add a doh server and i found this error

DoH server connection error: network is unreachable
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24941
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: doh server connect error network is unreachable

Fri Jul 24, 2020 10:31 am

You must use a DOH server that the router can reach :)
Ping from the router, see if the DOH address is available, or if the router actually has internet.
No answer to your question? How to write posts
 
Emeran
just joined
Topic Author
Posts: 4
Joined: Thu Jul 23, 2020 7:30 pm

Re: doh server connect error network is unreachable

Fri Jul 24, 2020 11:12 am

The router has internet so i can ping 8.8.8.8 and different dns but this doh when i ping https://cloudflare-dns.com/dns-query says " error ping to -ip address expected "
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24941
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: doh server connect error network is unreachable

Fri Jul 24, 2020 11:15 am

post full dns config please
No answer to your question? How to write posts
 
User avatar
eworm
Forum Veteran
Forum Veteran
Posts: 801
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: doh server connect error network is unreachable

Fri Jul 24, 2020 6:06 pm

You should ping the host cloudflare-dns.com, not the url.
Manage RouterOS scripts and extend your devices' functionality: RouterOS Scripts
For contact join the RouterOS-Scripts Telegram group!
 
Emeran
just joined
Topic Author
Posts: 4
Joined: Thu Jul 23, 2020 7:30 pm

Re: doh server connect error network is unreachable

Sat Jul 25, 2020 3:42 pm

/ip dns
set allow-remote-requests=yes cache-size=8128KiB max-udp-packet-size=350 \
use-doh-server=https://dns.google/dns-query verify-doh-cert=yes
/ip dns static
add address=8.8.8.8 name=dns.google type=A
add address=8.8.4.4 name=dns.google type=A


and i did ping dns.google and it's working
 
shafiqrahman
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Wed Apr 12, 2017 1:42 am

Re: doh server connect error network is unreachable

Sun Aug 16, 2020 2:46 pm

I have the same problem, specially after a power failure or a reboot. Sometimes its even preventing pppoe connection. My isp provides internet through pppoe. But, if I disbale to regular dns it starts working.
/ip dns
set allow-remote-requests=yes cache-max-ttl=2d use-doh-server=\
    https://dns.google/dns-query verify-doh-cert=yes
/ip dns static
add address=xxx.xxx.xx.x name=router.lan type=A
add address=8.8.8.8 name=dns.google type=A
add address=8.8.4.4 name=dns.google type=A
 
DarkNate
Member
Member
Posts: 357
Joined: Fri Jun 26, 2020 4:37 pm

Re: doh server connect error network is unreachable

Wed Aug 19, 2020 5:09 pm

I found a solution for the "doh server connect error network is unreachable" problem. I tested with both Google and Cloudflare DoH for over a month and this works well even with unstable PPPoE links.

Note 1: I have both IPv4 and IPv6 from my ISP1, so just remove the AAAA entry and IPv6 servers if you don't have IPv6 connectivity.
Note 2: Theoretically, ROS is supposed to use the regular servers as the fallback if the DoH fails, but that never happens, you can use invalid DoH URL to test this, and ROS will never use the regular DNS servers as fallback.


Below is the solution
/ip dns
set allow-remote-requests=yes query-server-timeout=100ms query-total-timeout=5s
servers=8.8.8.8,1.1.1.1,2001:4860:4860::8888,2606:4700:4700::1111
use-doh-server=https://cloudflare-dns.com/dns-query verify-doh-cert=yes

/ip dns static
add address=104.16.248.249 name=cloudflare-dns.com type=A
add address=104.16.249.249 name=cloudflare-dns.com type=A
add address=2606:4700:4700::1001 name=ipv6a.cloudflare-dns.com type=AAAA
add address=2606:4700:4700::1111 name=ipv6b.cloudflare-dns.com type=AAAA
This is for recursive routing failover. This will help ROS know if a link is truly dead or not.
Simply remove the second gateway and ISP2 marking add route if you have only a single ISP.
/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_ISP2 check-gateway=ping

add dst-address=104.16.248.249 gateway=pppoe-out1 scope=10
add dst-address=8.8.8.8 gateway=pppoe-out2 scope=10

add distance=1 gateway=104.16.248.249 routing-mark=to_ISP1 check-gateway=ping
add distance=2 gateway=8.8.8.8 routing-mark=to_ISP1 check-gateway=ping

add distance=1 gateway=8.8.8.8 routing-mark=to_ISP2 check-gateway=ping
add distance=2 gateway=104.16.248.249 routing-mark=to_ISP2 check-gateway=ping
###Don't forget to add regular default routes to each ISP###
However, these errors still show up when my ISP1 dies and ROS tries to switch over to ISP2. But the somehow, despite the errors, I could still surf the web etc without any problems through ISP2 with failover.
Image
 
patrickmkt
Member Candidate
Member Candidate
Posts: 178
Joined: Sat Jul 28, 2012 5:21 pm

Re: doh server connect error network is unreachable

Sun Aug 30, 2020 6:27 pm

It would be nice to have the following backup when "DoH server connection error" is encountered:

- secondary DoH server entry
- revert to regular DNS server

The major internet outage this morning had my connection failed on cloudflare DoH. When I manually changed it to google DoH I got connectivity back. Same without DoH on my ISP DNS.
 
shafiqrahman
Frequent Visitor
Frequent Visitor
Posts: 71
Joined: Wed Apr 12, 2017 1:42 am

Re: doh server connect error network is unreachable

Mon Sep 21, 2020 10:23 pm

@DarkNate , sorry for replying late, how do I find those expanded ip's which are near me (lowest ping). For single isp with google server is the below example work?
/ip dns
set allow-remote-requests=yes query-server-timeout=100ms query-total-timeout=5s
servers=8.8.8.8,8.8.4.4,2001:4860:4860::8888,????:????:????::8844
use-doh-server=https://dns.google/dns-query verify-doh-cert=yes

/ip dns static
add address=104.16.248.249 name=cloudflare-dns.com type=A
add address=104.16.249.249 name=cloudflare-dns.com type=A


/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=8.8.8.8 gateway=pppoe-out1 scope=10
add distance=1 gateway=8.8.8.8 routing-mark=to_ISP1 check-gateway=ping
add distance=2 gateway=8.8.4.4 routing-mark=to_ISP1 check-gateway=ping

Who is online

Users browsing this forum: GiovanniG and 122 guests