Hello all
i have two different dns google and opendns how to redirect lan to specific dns example 192.168.1.x/24 to google dns and 192.168.2.x/24 to opendns come you give some tutorial examples please
thanks
yeah i have multiple vlans as describe or do i leave ip/dns black and set remote request? im on xxx.xxx.108.x rightnow which these dchp give 8.8.8.8 google dns but i tried browse pornsite but still block is there anything to tweak the scenario?You have 2 subnets, so you probably have 2 dhcp servers? The DHCP server tells clients which DNS to use.
IP > DHCP Server > Networks
You should have two Lans defined in there. Edit the records, that's where the DNS settings are that the DHCP server will tell clients to use.
add action=dst-nat chain=dstnat comment="DNS redirect .1.x to GoogleDNS" src-address=192.168.1.0/24 dst-port=53 in-interface=your_LAN protocol=udp to-addresses=8.8.8.8 to-ports=53
add action=dst-nat chain=dstnat comment="DNS redirect .2.x to OpenDNS" src-address=192.168.2.0/24 dst-port=53 in-interface=your_LAN protocol=udp to-addresses=208.67.222.222 to-ports=53
Check you don't have a ip > firewall > nat redirect "catch all" rule to your DNS cache, as it seems you set it up for OpenDNS, that's why is blocking you; modify it so that it only redirects traffic from hosts not in .1.0 or .2.0, and change ip > dns so that it uses 8.8.8.8 as DNS resolver.Code: Select all[myron@Fairways Boracay] /ip dns> print servers: 208.67.220.123,208.67.222.123
hello sirI'd use a different approach, I'd "catch" all outgoing DNS connections and redirect them accordingly depending on source network; assuming google dns is 8.8.8.8 and opendns is 208.67.222.222:
That way it doesn't matter which DNS is configured on hosts either by DHCP or statically, they'll be redirected to proper DNS.Code: Select alladd action=dst-nat chain=dstnat comment="DNS redirect .1.x to GoogleDNS" src-address=192.168.1.0/24 dst-port=53 in-interface=your_LAN protocol=udp to-addresses=8.8.8.8 to-ports=53 add action=dst-nat chain=dstnat comment="DNS redirect .2.x to OpenDNS" src-address=192.168.2.0/24 dst-port=53 in-interface=your_LAN protocol=udp to-addresses=208.67.222.222 to-ports=53
Check you don't have a ip > firewall > nat redirect "catch all" rule to your DNS cache, as it seems you set it up for OpenDNS, that's why is blocking you; modify it so that it only redirect traffic from other hosts not in .1.0 or .2.0, and change ip > dns so that it uses 8.8.8.8 as DNS resolver.Code: Select all[myron@Fairways Boracay] /ip dns> print servers: 208.67.220.123,208.67.222.123