Community discussions

 
MikroTikFan
Member Candidate
Member Candidate
Topic Author
Posts: 196
Joined: Sat Aug 02, 2014 1:13 am

How to redirect traffic from googledns to other dns provider

Tue Dec 09, 2014 12:29 am

Please help me to implement following iptables instruction which redirect LAN traffic from google dns to other dns provider (69.42.56.54).

iptables -I PREROUTING -t nat -p udp -d 8.8.4.4 --dport 53 -j DNAT --to-destination 69.42.56.54
iptables -I PREROUTING -t nat -p udp -d 8.8.8.8 --dport 53 -j DNAT --to-destination 69.42.56.54

Additionally this should work not for whole LAN just only for 3 internal (LAN) IP 192.168.10.40, 192.168.10.43, 192.168.10.50.
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: How to redirect traffic from googledns to other dns prov

Tue Dec 09, 2014 5:13 am

Use destination NAT rules in IP Firewall.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
MikroTikFan
Member Candidate
Member Candidate
Topic Author
Posts: 196
Joined: Sat Aug 02, 2014 1:13 am

Re: How to redirect traffic from googledns to other dns prov

Tue Dec 09, 2014 7:39 am

correct?
/ip firewall nat add chain=dstnat protocol=udp src-address=192.168.10.40 dst-address=8.8.8.8 src-port=53 action=dst-nat to-addresses=69.42.56.54 to-port=53

to make same as:
iptables -I PREROUTING -t nat -p udp -d 8.8.8.8 --dport 53 -j DNAT --to-destination 69.42.56.54 only for LAN IP-192.168.10.40 ?
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: How to redirect traffic from googledns to other dns prov

Tue Dec 09, 2014 4:00 pm

You have the src port in the rule - should be dst port. The client could use a variety of ports as the src port.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
MikroTikFan
Member Candidate
Member Candidate
Topic Author
Posts: 196
Joined: Sat Aug 02, 2014 1:13 am

Re: How to redirect traffic from googledns to other dns prov

Tue Dec 09, 2014 10:42 pm

/ip firewall nat add chain=dstnat protocol=udp src-address=192.168.10.40 dst-address=8.8.8.8 dst-port=53 action=dst-nat
to-addresses=69.42.56.54 to-port=53

???
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Re: How to redirect traffic from googledns to other dns prov

Tue Dec 09, 2014 11:49 pm

By using dst-address-list and src-address-list, you can accomplish your aim with only one rule.
/ip firewall nat 
add chain=dstnat protocol=udp dst-address-list=google_dns dst-port=53 action=dst-nat 
to-addresses=69.42.56.54 to-port=53 src-address-list=no_google_dns

/ip firewall address-list
add address=8.8.4.4 list=google_dns
add address=8.8.8.8 list=google_dns
add address=192.168.10.40 list=no_google_dns
add address=192.168.10.43 list=no_google_dns
add address=192.168.10.50 list=no_google_dns
 
MikroTikFan
Member Candidate
Member Candidate
Topic Author
Posts: 196
Joined: Sat Aug 02, 2014 1:13 am

Re: How to redirect traffic from googledns to other dns prov

Thu Dec 11, 2014 12:31 am

Thanks !!!

Who is online

Users browsing this forum: Petrw and 111 guests