Community discussions

MikroTik App
 
User avatar
Jotne
Forum Guru
Forum Guru
Topic Author
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

DoH vs static DNS setup

Tue Aug 17, 2021 9:21 am

Yesterday my DoH provider stopped responding, so my clients did not get any DNS reply.

I do use https://dns.nextdns.io/dns-query as DoH server and Verify Certificate is on.
To find dns.nextdns.io I have a static dns entry.

My question is: What happens when I have both Static DNS entry and DoH configured?
Will RouterOS alwasy use DoH only, or fall back to static DNS when DoH stops respondig?
I can not see from DNS logging what server is used, if its 8.8.8.8, 1.1.1.1 or DoH. Log looks equal for all types.

From log when DoH failes:
server connection error idle timeout connecting
Before when I did have DoH on a separate server, I used this script:
:local currentDNS [/ip dns get server]
:local DoHDNS "10.22.10.140"
:local backupDNS "8.8.8.8,1.1.1.1"
:local testDomain "www.google.com"

:if ($currentDNS = $DoHDNS) do={
    :do {
        :resolve $testDomain server $DoHDNS
    } on-error={
        /ip dns set servers=$backupDNS
		:log info message="DNS_server=$backupDNS"
    }
} else={
    :do {
        :resolve $testDomain server $DoHDNS
        /ip dns set servers=$DoHDNS
		:log info message="DNS_server=$DoHDNS"
    } on-error={}
}
But when DoH server is on the same router as the script is, I do not see how I could setup a test failover.
Ok test
resolve www.cnn.com 8.8.8.8
Not Ok
resolve www.cnn.com https://dns.nextdns.io/dns-query
I can also lok for error message in the log and fail over to static DNS, but how to see that DoH server is up and running.

Who is online

Users browsing this forum: Ahrefs [Bot], BinaryTB, GoogleOther [Bot] and 64 guests