Community discussions

MikroTik App
 
xphyr
just joined
Topic Author
Posts: 2
Joined: Mon May 10, 2021 6:23 pm

DNS forwarding - multiple DNS servers?

Fri Jan 13, 2023 6:01 pm

I am trying out the DNS forwarding configuration and have created a regexp for an internal domain "example.net"

```
ip dns static add regexp=".*\\.example\\.net\$" forward-to=192.168.5.31
```

and this works, but what if we want to specify two DNS server IPs (primary/failover)... I have tried:

```
ip dns static add regexp=".*\\.example\\.net\$" forward-to=192.168.5.31,192.168.5.30
```

but that seems to fail. Should I create two regexp entires like so:

```
ip dns static add regexp=".*\\.example\\.net\$" forward-to=192.168.5.31
ip dns static add regexp=".*\\.example\\.net\$" forward-to=192.168.5.30
```

or is this scenario not supported?
 
User avatar
BrateloSlava
Member Candidate
Member Candidate
Posts: 175
Joined: Mon Aug 09, 2021 10:33 am
Location: Ukraine, Kharkiv

Re: DNS forwarding - multiple DNS servers?

Fri Jan 13, 2023 7:18 pm

I have like this:
/ip dns static add forward-to=172.22.1.3 regexp=".*duos\\.loc" type=FWD
/ip dns static add forward-to=172.22.1.2 regexp=".*duos\\.loc" type=FWD
 
User avatar
bluecrow76
newbie
Posts: 34
Joined: Wed Sep 13, 2006 11:55 pm

Re: DNS forwarding - multiple DNS servers?

Fri Jan 20, 2023 7:19 pm

I've used this same setup ever since the FWD option was added to RouterOS. I swear I've tested this in the past and failover worked just fine between multiple FWD / forward-to static entries, but this morning a customer's primary DNS server went offline and remote sites that were configured to use their local Mikrotik DNS proxy, with static FWD entries configured for internal name resolution, ceased to be able to resolve internal DNS queries.

I did further testing and simulated outages using filter rules to DROP packets to primary DNS servers and found that on routers running RouterOS 6.49.7, 7.6, 7.7 there was no failover to secondary FWD / forward-to static rules.

I'm still in the process of doing additional testing to see if this has always been the behavior and I just somehow missed it, or if this was introduced somewhere along the line. Once I'm done testing I'll report back and submit a support request to Mikrotik.
 
Sob
Forum Guru
Forum Guru
Posts: 9188
Joined: Mon Apr 20, 2009 9:11 pm

Re: DNS forwarding - multiple DNS servers?

Thu Feb 09, 2023 5:01 am

AFAIK the only failover for FWD that ever sort of worked is:
/ip dns static
add type=A name=myns.tld address=x.x.x.x
add type=A name=myns.tld address=y.y.y.y
add type=FWD name=example.net match-subdomain=yes forward-to=myns.tld
It's far from perfect, because it's dumb round robin. First query goes to x.x.x.x, second to y.y.y.y, third to x.x.x.x, and so on. If current target server doesn't respond, query fails. But next query will be sent to the other server and response will get cached, so subsequent queries from other clients will get that. It's better than nothing.

Multiple FWD records don't do anything, router will always use the first one. If it's dead, too bad.

Who is online

Users browsing this forum: Bing [Bot], sasutenabeshon, zhouck and 25 guests