Community discussions

MikroTik App
 
godjira
just joined
Topic Author
Posts: 6
Joined: Tue Mar 17, 2020 4:33 pm

Can't update - could not resolve DNS name error

Thu Apr 30, 2020 12:05 pm

Greetings!

A have a pair of Mikrotik devices - RB2011UiAS working as router and switch, and RBcAPGi-5acD2nD (cAP ac) working as access point in WISP AP mode.
The second one is not accessible via web interface, configuring with Winbox.
When trying to check for updates in System - Packages tab it returns 'ERROR: could not resolve DNS name'. Pinging 8.8.8.8 in CLI returns 'no route to host'.
But AP is working - all devices connected on both frequencies get internet connection. What should I do to get updates?

Thank you in advance.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 1:51 pm

Two things to be done on cAP ac:
  1. Configure default route in /ip route using main router's LAN IP address as gateway
  2. Configure DNS servers in /ip dns ... use same IP addresses as usual LAN clients use
 
erlinden
Forum Guru
Forum Guru
Posts: 1900
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 2:26 pm

Other option (don't know if the above will work) is to add a DHCP client. Or add an IP address manually (and set the gateway/DNS servers)). Think is required to make the update work.
 
godjira
just joined
Topic Author
Posts: 6
Joined: Tue Mar 17, 2020 4:33 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 2:29 pm

  1. Configure default route in /ip route using main router's LAN IP address as gateway
I've tried to set router adress as default route with checking, and it's marked as unreachable. AP is also unable to ping router with 'no route to host'.
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 3:13 pm

On both devices, get to command line (in Winbox, it's the [Terminal] button), export the configuration to a file using /export hide-sensitive file=device_name, download the files, anonymise them following the hint in my automatic signature right below, and post both. Your cAP may have no IP address at all.

Off-topic, if your uplink bandwidth is more than 100 Mbit/s, it may be useful to make the cAP ac a router, because its CPU is much more powerful than the one of the 2011.
 
godjira
just joined
Topic Author
Posts: 6
Joined: Tue Mar 17, 2020 4:33 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 7:15 pm

@sindy
# apr/30/2020 15:19:02 by RouterOS 6.44.6
# software id = D5BB-D9D8
#
# model = RBcAPGi-5acD2nD
# serial number = B9320A226766
/interface bridge
add admin-mac=74:4D:28:C1:28:DD auto-mac=no comment=defconf name=bridge
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
    country=russia2 disabled=no distance=indoors frequency=auto installation=\
    indoor mode=ap-bridge ssid=MT24 wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-n/ac channel-width=20/40/80mhz-XXXX \
    country=russia2 disabled=no distance=indoors frequency=auto installation=\
    indoor mode=ap-bridge ssid=MT51 wireless-protocol=802.11
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \
    supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge filter
add action=drop chain=input dst-port=68 in-interface=ether1 ip-protocol=udp \
    mac-protocol=ip
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=wlan2 list=LAN
add interface=wlan1 list=LAN
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    bridge
/ip dns
set servers=8.8.8.8,1.1.1.1
/ip route
add check-gateway=ping distance=1 gateway=192.168.1.1
/system clock
set time-zone-name=Europe/Moscow
/system routerboard mode-button
set enabled=yes on-event=dark-mode
/system script
add comment=defconf dont-require-permissions=no name=dark-mode owner=*sys \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    source="\r\
    \n   :if ([system leds settings get all-leds-off] = \"never\") do={\r\
    \n     /system leds settings set all-leds-off=immediate \r\
    \n   } else={\r\
    \n     /system leds settings set all-leds-off=never \r\
    \n   }\r\
    \n "

# apr/30/2020 15:51:17 by RouterOS 6.45.8
# software id = JICK-DSXG
#
# model = 2011UiAS
# serial number = 762E073AC762
/caps-man channel
add band=2ghz-b/g/n frequency=2412 name=channel24 tx-power=20
add band=5ghz-a/n/ac frequency=5180 name=channel51 tx-power=20
/interface bridge
add admin-mac=64:D1:54:13:34:32 auto-mac=no comment=defconf fast-forward=no \
    name=bridge
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] name=ether2-master speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
    ether6-master
set [ find default-name=ether7 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether8 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether9 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether10 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/caps-man datapath
add bridge=bridge client-to-client-forwarding=yes name=datapath1
/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm \
    group-encryption=aes-ccm name=security1
/caps-man configuration
add channel=channel24 country=russia datapath=datapath1 name=cfg24 security=\
    security1 ssid=MT24
add channel=channel51 country=russia datapath=datapath1 mode=ap name=cfg51 \
    rx-chains=0,1,2,3 security=security1 ssid=MT51 tx-chains=0,1,2,3
/caps-man interface
add channel=channel24 configuration=cfg24 datapath=datapath1 disabled=no \
    mac-address=00:00:00:00:00:00 master-interface=none name=cap24 radio-mac=\
    00:00:00:00:00:00 radio-name="" security=security1
add channel=channel51 configuration=cfg51 datapath=datapath1 disabled=no \
    mac-address=02:00:00:00:00:00 master-interface=cap24 name=cap51 \
    radio-mac=00:00:00:00:00:00 radio-name="" security=security1
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.1.10-192.168.1.244
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=\
    bridge name=defconf
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=b,gn \
    master-configuration=cfg24
add action=create-dynamic-enabled hw-supported-modes=an,ac \
    master-configuration=cfg51
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=ether6-master
add bridge=bridge comment=defconf hw=no interface=sfp1
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
add bridge=bridge interface=ether7
add bridge=bridge interface=ether8
add bridge=bridge interface=ether9
add bridge=bridge interface=ether10
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=sfp1 list=discover
add interface=ether2-master list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=ether6-master list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=ether9 list=discover
add interface=ether10 list=discover
add interface=bridge list=discover
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2-master network=\
    192.168.1.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
    ether1
/ip dhcp-server lease
add address=192.168.1.11 client-id=1:b8:27:eb:fa:f9:ae mac-address=\
    B8:27:EB:FA:F9:AE server=defconf
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
/ip dns static
add address=192.168.1.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" \
    in-interface=ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
    connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    out-interface=ether1
/system clock
set time-zone-name=Europe/Moscow
/system ntp client
set enabled=yes primary-ntp=23.105.225.212 secondary-ntp=23.105.225.212
/system package update
set channel=long-term
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox 
And thank you for advice.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 7:24 pm

What ROS Version your 2011 has?
Your router has its LAN IP address configured on a slave Interface, which is wrong... :D
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Can't update - could not resolve DNS name error  [SOLVED]

Thu Apr 30, 2020 7:36 pm

You haven't configured any IP address on the /interface bridge named bridge on the cAP ac manually, and the /interface bridge filter rule action=drop chain=input dst-port=68 in-interface=ether1 ip-protocol=udp mac-protocol=ip prevents responses from the DHCP server running at the 2011 from reaching the client on the cAP ac. Has this rule been added by Quickset or have you added it yourself with something particular in mind?

Depending on what you choose (to set an IP address manually or to remove the bridge filter rule to allow the DHCP to work), you may remove the static default route as the DHCP client will get it from the 2011's DHCP server; however, the DHCP server doesn't indicate any DNS, so again, either keep it set manually on the cAP ac, or set dns-server=192.168.1.1 at the only row of /ip dhcp-server network on the 2011.
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 7:56 pm

Your router has its LAN IP address configured on a slave Interface, which is wrong... :D
There are two funny points related to this:
  • RouterOS upgrade from pre-6.41 to 6.41+ does this (the pre-6.41 "master port" configuration is converted to the "hw-accelerated bridge" one, but the IP address remains attached to the ex master port)
  • although the official documentation states that it is wrong and we all keep recommending other forum users to change it to the right setup, I've never found any issue to be actually fixed by moving the IP settings from the slave port to the bridge.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 8:40 pm

I've never found any issue to be actually fixed by moving the IP settings from the slave port to the bridge.
Wrong is only something that makes our configuration not to work ?
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Can't update - could not resolve DNS name error

Thu Apr 30, 2020 8:58 pm

Wrong is only something that makes our configuration not to work ?
Definitely not. I'm just saying that I haven't seen yet that doing this right would alone be sufficient to solve any issue. I.e. it needs to be done right, but it's not the solution of the OP's issue.
 
godjira
just joined
Topic Author
Posts: 6
Joined: Tue Mar 17, 2020 4:33 pm

Re: Can't update - could not resolve DNS name error

Fri May 01, 2020 10:47 am

You haven't configured any IP address on the /interface bridge named bridge on the cAP ac manually, and the /interface bridge filter rule action=drop chain=input dst-port=68 in-interface=ether1 ip-protocol=udp mac-protocol=ip prevents responses from the DHCP server running at the 2011 from reaching the client on the cAP ac. Has this rule been added by Quickset or have you added it yourself with something particular in mind?
I've decided to disable the rule in filter, and everything became responsive. I've successifully updated the OS to 6.45.8 LT. The rule has been added by Quickset.
Thank you very much for your help, gentlemen. How do I mark the topic as solved?
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Can't update - could not resolve DNS name error

Fri May 01, 2020 11:31 am

How do I mark the topic as solved?
It the upper right corner of each post, there is a set of icons:
icons.png
Use the checkmark one (птичка).
You do not have the required permissions to view the files attached to this post.
 
yairtroncoso123
just joined
Posts: 1
Joined: Mon Sep 28, 2020 8:04 pm

Re: Can't update - could not resolve DNS name error

Mon Sep 28, 2020 8:12 pm

hi, solution is static dns:

IP ---> DNS--> STATIC --> new (+) -->

name: upgrade.mikrotik.com
adress: 159.148.172.226

then press "ok"

this works for me.
You do not have the required permissions to view the files attached to this post.
 
gmeden
Member Candidate
Member Candidate
Posts: 149
Joined: Mon Aug 06, 2007 5:07 am
Location: Indiana, US

Re: Can't update - could not resolve DNS name error

Sun Nov 01, 2020 4:38 pm

This worked for me also , thanks..
 
hrv3e
just joined
Posts: 3
Joined: Tue Nov 10, 2020 8:35 am

Re: Can't update - could not resolve DNS name error

Tue Nov 10, 2020 8:40 am

In my case it was something else.
Someone has disabled one defconf rule
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
I enabled it back and all work OK now.
 
Palash
just joined
Posts: 3
Joined: Wed Apr 29, 2020 3:53 pm
Location: South Africa

[SOLVED] Can't update - could not resolve DNS name error 📡 Error could not connect no internet host

Fri Dec 02, 2022 2:21 pm

[SOLVED] Can't update - could not resolve DNS name error 📡 Error could not connect no internet host

Here is the correct and simple solution, https://www.youtube.com/watch?v=Qy-IAuesjRM

Who is online

Users browsing this forum: DanMos79, EsaqzpHot, icemending and 82 guests