Community discussions

MikroTik App
 
Kataius
newbie
Topic Author
Posts: 33
Joined: Sun Feb 05, 2023 4:38 pm
Location: Italy

Broken dns responses

Sun Mar 19, 2023 10:31 pm

Hi, I have the following problem: With DIG it gives me the DNS name of different devices. For example 192.168.0.19 is a ROG Phone and it gives me this:
dig @192.168.0.1 -x 192.168.0.19 +short
Shelly-Taverna.
ROG-Phone-5.home.
ROG-Phone-5.
Phone\032ROG5.home.
Phone\032ROG5.
Shelly-Taverna.casa.
I just want the output:
ROG-Phone-5.home.
and not:
Shelly-Taverna.casa.
or
Shelly-Taverna.
That is another device with another ip
how can I do?

I'm using this script in DNS:
# When "1" all DNS entries with IP address of DHCP lease are removed
:local dnsRemoveAllByIp "1"
# When "1" all DNS entries with hostname of DHCP lease are removed
:local dnsRemoveAllByName "1"
# When "1" addition and removal of DNS entries is always done also for non-FQDN hostname
:local dnsAlwaysNonfqdn "1"
# DNS domain to add after DHCP client hostname
:local dnsDomain "home"
# DNS TTL to set for DNS entries
:local dnsTtl "00:15:00"
# Source of DHCP client hostname, can be "lease-hostname" or any other lease attribute, like "host-name" or "comment"
:local leaseClientHostnameSource "comment"

:local leaseComment "dhcp-lease-script_$leaseServerName_$leaseClientHostnameSource"
:local leaseClientHostname
:if ($leaseClientHostnameSource = "lease-hostname") do={
  :set leaseClientHostname $"lease-hostname"
} else={
  :set leaseClientHostname ([:pick \
    [/ip dhcp-server lease print as-value where server="$leaseServerName" address="$leaseActIP" mac-address="$leaseActMAC"] \
    0]->"$leaseClientHostnameSource")
}
:local leaseClientHostnameShort "$leaseClientHostname"
:local leaseClientHostnames "$leaseClientHostname"
:if ([:len [$dnsDomain]] > 0) do={
  :set leaseClientHostname "$leaseClientHostname.$dnsDomain"
  :if ($dnsAlwaysNonfqdn = "1") do={
    :set leaseClientHostnames "$leaseClientHostname,$leaseClientHostnameShort"
  }
}
:if ($dnsRemoveAllByIp = "1") do={
  /ip dns static remove [/ip dns static find comment="$leaseComment" and address="$leaseActIP"]
}
:foreach h in=[:toarray value="$leaseClientHostnames"] do={
  :if ($dnsRemoveAllByName = "1") do={
    /ip dns static remove [/ip dns static find comment="$leaseComment" and name="$h"]
  }
  /ip dns static remove [/ip dns static find comment="$leaseComment" and address="$leaseActIP" and name="$h"]
  :if ($leaseBound = "1") do={
    :delay 1
    /ip dns static add comment="$leaseComment" address="$leaseActIP" name="$h" ttl="$dnsTtl"
  }
}
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Broken dns responses

Sun Mar 19, 2023 11:13 pm

You're adding/removing the "A" records in the script. That is the name to hostnames lookup part.

But in dig you're using an IP address to doing "reverse DNS" lookups, these look for "PTR" records that do IP address to hostname lookups.

And in Mikrotik DNS, "reverse DNS" is generated automatically and cached. Exactly under what conditions, I don't know but suspect that part of the answer here:
- are the reverse lookups done by adding A record, or simply reversing doing a lookup by IP from the cache – the later be cause your problem
- importantly, for the reverse lookups (PTRs), is it using the TTL of from A (name to IP lookup) your adding via the script's TTL (15 minutes), OR, it's using max-ttl from the main DNS setting (e.g. 7 days by default) – even 15 minutes may be too long & may be longer than that even before it rolls from the cache.

The docs are silent on how these automatic PTRs works (reverse DNS, IP to name lookups), other than they do exist in the cache and may need to be cleared ;). So hard to know what's "right" here.

Regardless, the DNS will use the cache to resolve both A and PTR. So clearly by removing the "A" record from in "DNS statics" in the DHCP script isn't removing the automatically generated PTR in the "DNS cache".

You should be able to adapt the script to look in cache for the IP and removed the PTR for the IP address as well. Or just clear the cache if something is updated by the DHCP script is more blunt, but simplistic solution too. You can use the minimum cache in /ip/dns, which has the same effect of causing the cache to empty more frequently without doing much - at the expense of more outbound DNS requests, but less stale results possible....
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Broken dns responses

Sun Mar 19, 2023 11:19 pm

 
optio
Long time Member
Long time Member
Posts: 655
Joined: Mon Dec 26, 2022 2:57 pm

Re: Broken dns responses

Mon Mar 20, 2023 12:22 am

At least it is not from ChatGPT :)

@Kataius
As Amm0 pointed out, you have same multiple DNS PTR records pointing to different A records, in your case it is:
S 19.0.168.192.in-addr.arpa PTR Shelly-Taverna
S 19.0.168.192.in-addr.arpa PTR ROG-Phone-5.home
S 19.0.168.192.in-addr.arpa PTR ROG-Phone-5
S 19.0.168.192.in-addr.arpa PTR Phone ROG5.home
S 19.0.168.192.in-addr.arpa PTR Phone ROG5
S 19.0.168.192.in-addr.arpa PTR Shelly-Taverna.casa
Reverse dns lookup seeks out all PTR records related to IP and returns all A records (in record data) associated with, I guess this is optimization on DNS server side to always traverse record names names not data.

But something is not right here, maybe script is broken or not used properly (did not anaized it), because when A record is removed from DNS it is also removed from cache along with it's PTR record.

Other anomalies you can have with this approach of resolving hostnames over DNS when you are changing device names (hostnames) and/or when you have enabled "Private IP address" feature for network connections (it's default on some OS-es like iOS and MacOS) when OS changes MAC address for each connection which leads that DHCP is assigning different IP for same device (hostname), not sure if this script is covering all this cases.

Who is online

Users browsing this forum: Google [Bot] and 36 guests