Community discussions

MikroTik App
 
myousefblue
just joined
Topic Author
Posts: 1
Joined: Sun Feb 26, 2023 12:56 am

RouterOS as DNS ONLY SERVER

Sun Feb 26, 2023 1:11 am

Hello,

I have a small network managed by a main router from another brand that does not support static dns and dns caching.

I have an rb3011 Mikrotik that I want to configure as DNS ONLY SERVER for my local network, I had connected it to my network and set as the primary DNS server for clients and its working fine.

The issue is that it still working as a Router not only a DNS server even its connected to my network through its WAN interface.

For example, I can see the IPs of the clients in the ARP list that are assigned by the main router, plus when I do a Torch to the connected interface, I can see the traffic of the clients that should be managed by the main router not the Mikrotik one.

I hope I have explained well, all I need is to enable the DNS server (caching and static dns) on this Mikrotik router and disable all othe services and features.

Thanks in advance.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: RouterOS as DNS ONLY SERVER

Sun Feb 26, 2023 11:05 am

What you observe doesn't necessarily mean that all traffic of those clients is actually routed by Mikrotik. It's possible you only see DNS traffic. But it's also possible that MT draws traffic towards itself.

But if you want to make a step forward in direction of making sure your Mikrotik does only what it's supposed to do, post Mikrotik's configuration. In terminal window execute command /export hide-sensitive file=anynameyouwish. Then fetch resulting file, ooen it in your favourite text editor, obfuscate any remaining sensitive infornation (such as device serial number, any passwords, any public IP addresses). Note tgat non-routable IP addresses (i.e. 192.168.x.y) are not sensitive information. Then copy-paste the configuration in [code] [/code] block. Also do tell which physical interfacrs of MT are used to connect to the rest of your network (and which part). After that we'll be able to advise you how to proceed.

Who is online

Users browsing this forum: Bing [Bot] and 39 guests