Community discussions

MikroTik App
 
User avatar
Xtreme512
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sun Jun 08, 2014 2:43 pm
Location: Nicosia, CY
Contact:

DNS Forwarding is not working anymore

Sat Jun 05, 2021 12:28 am

Hey guys, I don't know when or how it happened but as I was trying to use my own DNS server on IPSEC VPN to my guest VLAN with no-responder DNS, I saw that guest devices cant resolve names, even the local ones.

Anyways, I managed to reduce the circle with trouble-shooting and found the culprit. It's the dst-nat DNS forwarder not working, well it still forwards and forwarded DNS server resolves the name but does not return it to the device. My firewall doesnt get a hit from it, I looked all the other settings as well, no luck.

When I change the forwarded DNS IP other than local like 9.9.9.9, device gets the resolved name as returned. When I set it to my local DNS server, as I said above, it doesn't get the resolved name.

Also, when I set the local DNS server IP to my device manually or let it get from DHCP, it works OK. So nothing wrong with my DNS server.

What is the problem here? Is anyone here have a clue or educated guess? It drove me crazy last two days because it doesn't make any sense.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11434
Joined: Thu Mar 03, 2016 10:23 pm

Re: DNS Forwarding is not working anymore

Sat Jun 05, 2021 10:37 am

My guess: you need properly configured hair-pin NAT for DNS resolver.

To give you better advice, post output of at least /ip firewall nat export hide-sensitive ... complete config would be better.
 
User avatar
Xtreme512
Member Candidate
Member Candidate
Topic Author
Posts: 119
Joined: Sun Jun 08, 2014 2:43 pm
Location: Nicosia, CY
Contact:

Re: DNS Forwarding is not working anymore

Sat Jun 05, 2021 8:41 pm

I searched a bit and found the same issue occurred to some people. No solution yet.

https://www.reddit.com/r/mikrotik/comme ... truggling/
viewtopic.php?t=146915
viewtopic.php?f=2&t=142235

Maybe its the way I implemented VLAN (straight way, no bridge vlan etc. and there's no packet error), but everything is working as it should, so I really am confused.

edit: My NAT config is no special, nothing out of the ordinary; masq. for WAN, upnp stuff and dst-nat for dns.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: DNS Forwarding is not working anymore

Sun Jun 06, 2021 12:58 am

My NAT config is no special, nothing out of the ordinary; masq. for WAN, upnp stuff and dst-nat for dns.
Ah, so if it's all in the ordinary and you've decided that you config is so perfect than no one need to look,
then it's so simple that you can do it yourself without wasting other people's time on the forum
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19101
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: DNS Forwarding is not working anymore

Sun Jun 06, 2021 3:26 am

The point being get out of your own way, and post your complete config.
/export hide-sensitive file=anynameyouwish

Who is online

Users browsing this forum: Amazon [Bot], bananaboy1101, dido1236, Google [Bot], jamesperks, xristostsilis and 76 guests