Hello. Since some services available only in USA (for example - pandora), i want to use VPN tunnel with USA IP address.
The problem is i can't find any way to do DNS-based routing (example - *.pandora.com via ovpn-out-usa).
I can setup ip-based routing, but pandora uses many IPs - some for website, and some for media servers, and they changing.
Any way to do that?
UPD: Oh, pandora owns a netblock, so i can route some.net/24 via my vpn. But i still interested if it possible to do dns-based routing.
Re: DNS-based routing?
You can't do DNS based routing on RouterOS.
Re: DNS-based routing?
I would imagine that scripting would cover this easily.
Create a script that pulls the A records of the domain you want and puts them into the appropriate routes.
You can schedule the script to run every 12 hours, so it will be semi-dynamic.
Create a script that pulls the A records of the domain you want and puts them into the appropriate routes.
You can schedule the script to run every 12 hours, so it will be semi-dynamic.
Re: DNS-based routing?
The built in resolver only returns one A record.
You could do this with an external box checking IP space and making API calls. If you're using NAND based routers keep in mind that this could cause a huge amount of write cycles to NAND depending on how many API calls you make to update address lists (that's the primary reason many people have asked for truly dynamic address lists you can manually add to).
You could do this with an external box checking IP space and making API calls. If you're using NAND based routers keep in mind that this could cause a huge amount of write cycles to NAND depending on how many API calls you make to update address lists (that's the primary reason many people have asked for truly dynamic address lists you can manually add to).
-
-
cieplik206
Trainer
- Posts: 290
- Joined:
- Contact:
Re: DNS-based routing?
root@alpha:/var/log/apache2# dig www.pandora.com
; <<>> DiG 9.7.3 <<>> www.pandora.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49685
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;www.pandora.com. IN A
;; ANSWER SECTION:
www.pandora.com. 2250 IN A 208.85.40.80
www.pandora.com. 2250 IN A 208.85.40.20
www.pandora.com. 2250 IN A 208.85.40.50
and you have all addresses
; <<>> DiG 9.7.3 <<>> www.pandora.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49685
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;www.pandora.com. IN A
;; ANSWER SECTION:
www.pandora.com. 2250 IN A 208.85.40.80
www.pandora.com. 2250 IN A 208.85.40.20
www.pandora.com. 2250 IN A 208.85.40.50
and you have all addresses
Re: DNS-based routing?
NetRange: 208.85.40.0 - 208.85.47.255
CIDR: 208.85.40.0/21
OriginAS: AS40428
I know i can do ip routes, my question was about DNS-based routing.
CIDR: 208.85.40.0/21
OriginAS: AS40428
I know i can do ip routes, my question was about DNS-based routing.
Re: DNS-based routing?
..., but in round-robin mannerThe built in resolver only returns one A record.
not possible. many hundreds (thousands?) DNS queries per second will kill either your router or your DNS serverI know i can do ip routes, my question was about DNS-based routing.
the rest can be solved by scripting and address-listsRe: DNS-based routing?
I also have this request
For example, nadin-co.ir or youtube.com and many other domain access is due to restrictions through the US Tunnel
For example, nadin-co.ir or youtube.com and many other domain access is due to restrictions through the US Tunnel
Re: DNS-based routing?
Just add necessary FQDNs to Firewall Address List and use that address list for policy routing.
Who is online
Users browsing this forum: Bing [Bot], Google [Bot] and 207 guests