Community discussions

MikroTik App
 
carrotrelative
just joined
Topic Author
Posts: 6
Joined: Mon Sep 19, 2022 3:19 pm

Dynamic address list from DNS timeouts

Mon Sep 19, 2022 4:04 pm

I'm trying to setup policy based routing with VPN for multiple domains. As usual, those domains have multiple servers, so its not that straightforward to detect all IPs that are supposed to go through the VPN.
On my current setup, where I use small Debian machine all works nicely with dsmasq and ipset. Now I'm trying to switch Mikrotik. I got all of it working with 7.5 feature
*) dns - added "address-list" parameter for static DNS entries (CLI only);
*) dns - added "match-subdomain" option for static entries (CLI only);
this is nicely populating my address list, however it makes the list dynamic, and also with a timeout (one IP has the timeout of 1 minute even, others 3 hours). Is there a way to actually change the timeouts to something longer?

In the end Ideally I would want to convert this dynamic list to static, so all ips in the list are persistent.
I had found a script for that, but as far I can see there is no event I can hook to, so whenever the dynamic list is changed, it would immediately update the static list? Having the sync in some scheduled script, wouldn't probably work as the static list would be behind current requests.
Or maybe actually using both dynamic and static lists for the connection/routing marking together with the dyn to static list copy every 30 seconds would work? (the periodicity of the copy could be prolonged, but I would need to find a way to change the timeout on the dyn list entries)

Who is online

Users browsing this forum: patrikg, UkRainUa and 20 guests