Community discussions

MUM Europe 2020
 
rogerking1
just joined
Topic Author
Posts: 21
Joined: Wed Jan 08, 2014 4:44 pm

Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Thu Jan 16, 2020 4:34 am

I have a RB2011, and a month or so ago, it stopped being able to do anything DNS related. I've had it on a shelf and pull it down to tinker with every once in a while, but can't get it working. Just pulled 6.46.1, updated and reset the config to default, and still can't get a DNS resolve.

I have it behind my ISP's router, but set into DMZ, and I can see the Mikrotik getting the external facing IP as its own. DNS servers are default what the ISP sends down, but I've tried in the past with google DNS as well, and that doesn't seem to do anything.

Where's a good place to start troubleshooting this problem?
 
Sob
Forum Guru
Forum Guru
Posts: 5026
Joined: Mon Apr 20, 2009 9:11 pm

Re: Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Thu Jan 16, 2020 6:58 am

Tools->Torch or logging:
/ip firewall mangle
add action=log chain=output dst-port=53 log-prefix=dns-query protocol=udp
add action=log chain=input log-prefix=dns-response protocol=udp src-port=53
Then make the router resolve something, e.g. with ping in Terminal:
/ping forum.mikrotik.com
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.
 
rogerking1
just joined
Topic Author
Posts: 21
Joined: Wed Jan 08, 2014 4:44 pm

Re: Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Sat Jan 18, 2020 3:09 pm

Did the logging. I have a bunch of entries that all look the same, starting with dns-query, but it looks like I never receive a response. I then added Google DNS servers, and I see the out queries to them as well, but no apparent in responses.

What's the next debug?
 
pe1chl
Forum Guru
Forum Guru
Posts: 6173
Joined: Mon Jun 08, 2015 12:09 pm

Re: Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Sat Jan 18, 2020 3:23 pm

You are sure you have the default firewall and not some extra or other rules?
Also sure that the network is confgured correctly? Did you set ether1 as a DHCP client of your ISP router and does it set a correct internal address and default gateway? Did it automatically set the DNS server addresses?
 
Sob
Forum Guru
Forum Guru
Posts: 5026
Joined: Mon Apr 20, 2009 9:11 pm

Re: Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Sat Jan 18, 2020 9:17 pm

If router is sending queries but gets no responses, it looks like it's blocked by something else, ISP's router, further in ISP's network, ... But it doesn't make sense why would it happen.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.
 
User avatar
macsrwe
Forum Veteran
Forum Veteran
Posts: 725
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: Default Config Will Not Resolve Any DNS Queries (Bell Fibe)

Sat Jan 18, 2020 11:04 pm

Did you perhaps attempt to harden your router against being used in a DDNS attack shortly before this problem started? If you do this incorrectly, you can get this behavior.

Requests for DNS service from outside your network (bad) look very similar to responses to DNS queries from inside your network (good).

You must block only NEW traffic to DNS port from outside your network, using connection-state parameter. If NEW is not set, traffic is a DNS response and should be allowed.

Who is online

Users browsing this forum: No registered users and 46 guests