Community discussions

MikroTik App
 
oharahay
just joined
Topic Author
Posts: 2
Joined: Thu Jan 20, 2022 11:50 am

DOH server connection error: Network is unreachable

Thu Jan 20, 2022 12:08 pm

Dear Friends!
I try to configure DOH server usage on my Mikrotik RB2011UiAS-2HnD.
When I reboot my router I have error message - DOH server connection error: Network is unreachable
Снимок экрана 2022-01-20 в 11.46.31.png
Route have static IP address.
Router have network access.
Ping to cloudflare-dns.com ( 1.1.1.1 ) reached.


Please help me understand what is my mistake.

Thank you!

This is my configs

/system resource print
uptime: 12m
version: 6.49.2 (stable)
build-time: Dec/03/2021 14:53:53
free-memory: 100.3MiB
total-memory: 128.0MiB
cpu: MIPS 74Kc V4.12
cpu-count: 1
cpu-frequency: 600MHz
cpu-load: 12%
free-hdd-space: 107.2MiB
total-hdd-space: 128.0MiB
write-sect-since-reboot: 203
write-sect-total: 3273918
bad-blocks: 0%
architecture-name: mipsbe
board-name: RB2011UiAS-2HnD
platform: MikroTik

/ip dns print
servers: 1.1.1.1,1.0.0.1
dynamic-servers:
use-doh-server: https://cloudflare-dns.com/dns-query
verify-doh-cert: yes
allow-remote-requests: yes
max-udp-packet-size: 4096
query-server-timeout: 2s
query-total-timeout: 10s
max-concurrent-queries: 500
max-concurrent-tcp-sessions: 40
cache-size: 4096KiB
cache-max-ttl: 1w
cache-used: 50KiB

/ip dns static print
Flags: D - dynamic, X - disabled
# NAME REGEXP TYPE ADDRESS TTL
0 router.lan 192.168.0.1 1d
1 dns.google 8.8.8.8 1d
2 dns.google 8.8.4.4 1d
3 cloudflare-dns.com 1.1.1.1 1d


/certificate print
Flags: K - private-key, L - crl, C - smart-card-key, A - authority, I - issued, R - revoked, E - expired, T - trusted
# NAME COMMON-NAME SUBJECT-ALT-NAME FINGERPRINT
0 T DigiCertGlobalRootCA.... DigiCert Global Root CA 4348a0e9444c78cb265e058d5.


IP -> DHCP Client -> Use peer DNS - off
You do not have the required permissions to view the files attached to this post.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 681
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: DOH server connection error: Network is unreachable

Thu Jan 20, 2022 3:14 pm

Hello
Is your routeros using any pppoe for internet connection ?
When dose this error will happen before the pppoe get connected ?
Do you have NTP client to time.cloudflare.com
Did you import the full certificate chain i only see one cert but i don't think this is the issue
Your static dns is also wrong cloudflare-dns.com wont resolve on 1.1.1.1
Last edited by own3r1138 on Thu Jan 20, 2022 3:22 pm, edited 1 time in total.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: DOH server connection error: Network is unreachable

Thu Jan 20, 2022 3:18 pm

If your ether1 is WAN I don't see the problem, only two seconds later after those error messages you get an IP on ether1 via DHCP, there is no WAN until then, message is correct.
What is the problem?
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1070
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: DOH server connection error: Network is unreachable

Thu Jan 20, 2022 3:22 pm

The screenshots gives a hint: The device has a dhcp client configured to get connection settings. I guess doH works from the moment the dhcp client add an address and default route.

Who is online

Users browsing this forum: 4l4R1, NetHorror and 90 guests