Page 1 of 1

/ip dns static not work

Posted: Wed Mar 15, 2006 10:08 pm
by bes
Hi,not work dns static
[admin@juri] ip dns> pri
allow-remote-requests: yes
cache-size: 10240KiB
cache-max-ttl: 1w
cache-used: 20KiB
[admin@juri] ip dns static> pri
Flags: D - dynamic
0 1d
Opening and not works forward to

Posted: Thu Mar 16, 2006 8:28 am
by sergejs
you have to be sure, that router client uses Router DNS as primary dns server configuration,

Redirect NAT rules might be added to forward DNS requests from clients directly to the router, than router DNS cache will be used despite of client PC configuration .

Posted: Thu Mar 16, 2006 8:18 pm
by mag
i am trying to use this, but to no success. maybe someone could correct me.

using this rule:
add chain=dstnat in-interface=lan dst-port=53 action=redirect to-ports=53
Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; redirect DNS-requests
     chain=dstnat in-interface=lan dst-port=53 action=redirect to-ports=53 
dig gives me, for example:
dig @

; <<>> DiG 9.2.2 <<>> @
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43368
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;              IN      A

;; ANSWER SECTION:       1428    IN      CNAME           1428    IN      A           1428    IN      A
which is ok, but in a web-browser i can't open any page on the internet.

Posted: Thu Mar 16, 2006 11:30 pm
by sergejs
Protocols have to be specified for NAT rules too, protocol=tcp and second for protocol=udp.

Posted: Fri Mar 17, 2006 9:24 am
by mag
thx. this one makes it:
add chain=dstnat in-interface=lan protocol=tcp dst-port=53 action=redirect to-ports=53 
add chain=dstnat in-interface=lan protocol=udp dst-port=53 action=redirect to-ports=53