Community discussions

 
bkuhn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Fri Oct 15, 2010 12:17 am

Change DNS Servers When Tunnel Comes Up

Thu Oct 16, 2014 8:39 am

I am trying to configure a couple of PPTP dial on demand tunnels on my RB2011 at home.

Both tunnels come up via my mangle rule and they disconnect with my idle timeout which is nice.

My issue...how do I handle DNS resolution?

I would like to leave my DNS server set to my home 'Tik and be able to resolve "local" hosts for the VPN connected sites. I know I could change the DNS on my PC to make it work, but that defeats the PPTP client (I might as well dial the VPN connection from my laptop if I'm going to manually change DNS server IP address).

I thought I had the solution, add static NS records records for those domains pointed to the internal DNS server IP addresses, but can't add NS records.

What about scripting it? Is there a way I could script the 'Tik to change it's DNS servers (IP > DNS) when a tunnel is established and change it back when the tunnel is disconnected? I guess that might also prevent the idle timeout from taking effect.

Any ideas?
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 12:15 am

I am trying to configure a couple of PPTP dial on demand tunnels on my RB2011 at home.

Both tunnels come up via my mangle rule and they disconnect with my idle timeout which is nice.

My issue...how do I handle DNS resolution?

I would like to leave my DNS server set to my home 'Tik and be able to resolve "local" hosts for the VPN connected sites. I know I could change the DNS on my PC to make it work, but that defeats the PPTP client (I might as well dial the VPN connection from my laptop if I'm going to manually change DNS server IP address).

I thought I had the solution, add static NS records records for those domains pointed to the internal DNS server IP addresses, but can't add NS records.

What about scripting it? Is there a way I could script the 'Tik to change it's DNS servers (IP > DNS) when a tunnel is established and change it back when the tunnel is disconnected? I guess that might also prevent the idle timeout from taking effect.

Any ideas?
Oops - this was for PPPOE - sorry, needed to have a coffee before posting !!!
You do not have the required permissions to view the files attached to this post.
Last edited by scampbell on Fri Oct 17, 2014 12:40 am, edited 2 times in total.
 
bkuhn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Fri Oct 15, 2010 12:17 am

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 12:22 am

I will give that a try when I get home, don't know how I missed that option...

I'll update the post either way. Thanks for the idea!
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 12:36 am

I will give that a try when I get home, don't know how I missed that option...

I'll update the post either way. Thanks for the idea!
My bad - that was for pppoe :D .

For PPTP your remote server should be pushing the DNS to you. In Mikrotik PPTP server this is specified in the PPTP Profile. profile is determined by PPTP Server and/or Secret. The profile in secrets has priority

If that does not do the trick a script could check the pptp client is running then add a dns for you - that way it wont be pinging an address and bringing up the tunnel ?
 
bkuhn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Fri Oct 15, 2010 12:17 am

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 12:55 am

Well that makes sense why I missed it :)

Where would I see the information that is passed to my PPTP client from the server? I can see the IP address my looking at the interface, but where can I see if DNS is being advertised by the PPTP server?
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 1:43 am

If you look under IP DNS any Dynamically assigned DNS's should be listed there :-)
 
bkuhn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Fri Oct 15, 2010 12:17 am

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 1:50 am

I'm guessing that probably relies on the dhcp client to have use peer DNS checked?


EDIT:
Yeah, I don't know what my options are...I'm starting to think I might have to script it. One of the tunnels is connected to another RB2011, and I checked the PPTP server and it is handing me DNS server address, but it's not working for me. I even tried doing a "DNS redirect" using layer 7, but I can't get that to work correctly either. It was redirecting all DNS not just the domain I included in layer 7 config.

Any ideas on what to "trigger" the script with?
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 7:11 am

When you say hosts at the other end do you mean windows hosts ? If so you may need to specify a wins server too and use FQDN's ?
 
bkuhn
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Fri Oct 15, 2010 12:17 am

Re: Change DNS Servers When Tunnel Comes Up

Fri Oct 17, 2014 7:38 am

They are mainly windows hosts I am trying to resolve, but one of the networks is a small office and all PCs are part of a workgroup. Mikrotik is handling DNS for that office. I would like to be able to resolve computers by name on that network from my laptop connected over the PPTP tunnel.

I'm starting to think it's more work than it's worth.

I tried the scripting route this evening but will have to modify something, I think it's NAT related. I don't think the DNS traffic from the mikrotik at my house is going over the tunnel.
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: Change DNS Servers When Tunnel Comes Up

Tue Oct 21, 2014 3:23 am

Windows Host name resolution is generally done via a WINS server or LMHOSTS file on the PC. DNS only works for FGDN's such as host.domain.com

To resolve \\servename definitley requires WINS/LMHOSTS file.Alternatively you would need to setup static host entries like servername.sitename in Mikrotik DNS ?

Here is an interesting approach - https://www.dalemacartney.com/2012/12/2 ... -routeros/

Who is online

Users browsing this forum: No registered users and 96 guests