Offload dns with hotspot.
Essentially I want to offload the dns to another sever so that the router isn't handling dns requests. How can this be done? I've seen it mentioned a couple of times, but have seen no examples if how to do it.
Re: Offload dns with hotspot.
Last time I checked, the hotspot walled garden depends on the dns cache to allow access to domains in the walled garden. If you managed to bypass the dns service of the router, the hotspot walled garden would not function. Just a FYI.
Re: Offload dns with hotspot.
According to this mum it can be done.
http://mum.mikrotik.com/presentations/U ... xWindt.pdf
I'm sure it can be done with authorized users, but I've no idea how.
It also says it's possible in the official documentation. We are utilizing mac authentication for our clients as it is.
http://wiki.mikrotik.com/wiki/Manual:Ho ... troduction
http://mum.mikrotik.com/presentations/U ... xWindt.pdf
I'm sure it can be done with authorized users, but I've no idea how.
It also says it's possible in the official documentation. We are utilizing mac authentication for our clients as it is.
http://wiki.mikrotik.com/wiki/Manual:Ho ... troduction
Re: Offload dns with hotspot.
I did a bit of experimenting and maybe found a way. Print the dynamic rules and set the redirect for tcp and udp dst-port=53 to "hotspot=!auth". Mine were rules 2 and 3.
Note it added "hotspot=!auth" to rules 2 and 3.
Code: Select all
/ip firewall nat
print dynamic
set 2 hotspot=!auth
set 3 hotspot=!auth
No guarantees.[admin@test] /ip firewall nat> print dynamic
Flags: X - disabled, I - invalid, D - dynamic
0 D chain=dstnat action=jump jump-target=hotspot hotspot=from-client
1 D chain=hotspot action=jump jump-target=pre-hotspot
2 D chain=hotspot action=redirect to-ports=64872 protocol=udp hotspot=!auth dst-port=53
3 D chain=hotspot action=redirect to-ports=64872 protocol=tcp hotspot=!auth dst-port=53
4 D chain=hotspot action=redirect to-ports=64873 protocol=tcp hotspot=local-dst dst-port=80
5 D chain=hotspot action=redirect to-ports=64875 protocol=tcp hotspot=local-dst dst-port=443
6 D chain=hotspot action=jump jump-target=hs-unauth protocol=tcp hotspot=!auth
7 D chain=hotspot action=jump jump-target=hs-auth protocol=tcp hotspot=auth
8 D chain=hs-unauth action=return dst-address=192.168.0.1
9 D chain=hs-unauth action=return dst-address=68.99.58.119
10 D ;;; currentIP
chain=hs-unauth action=return dst-address=68.99.58.116
11 D ;;; oldIP
chain=hs-unauth action=return dst-address=68.99.58.115
12 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=80
13 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=3128
14 D chain=hs-unauth action=redirect to-ports=64874 protocol=tcp dst-port=8080
15 D chain=hs-unauth action=redirect to-ports=64875 protocol=tcp dst-port=443
16 D chain=hs-unauth action=jump jump-target=hs-smtp protocol=tcp dst-port=25
17 D chain=hs-auth action=redirect to-ports=64874 protocol=tcp hotspot=http
18 D chain=hs-auth action=jump jump-target=hs-smtp protocol=tcp dst-port=25
Re: Offload dns with hotspot.
Thank you, I'll give it a shot Monday
Re: Offload dns with hotspot.
this method seems to have worked with both simple queues and PCQ queuing. I appreciate it.
Who is online
Users browsing this forum: Bing [Bot], Google [Bot] and 112 guests