Dear forum members!

Usually I use DOH but yesterday I switched to regular DNS so I can use FWD entries in ROS.

Now I have a behaviour I do not understand and I could not find any information regarding this in MT docs (DNS and DHCP-SERVER docs).

I have a single dhcp-server configured and added 2 DNS resolvers.
No dynamic servers, just the static ones.
But DNS clients apparently also receive these 2 DNS servers that I configured under "/ip/dns".

On one of my Linux clients, resolvectl shows:
I can observe this behaviour on multiple clients. Over time it happens that the client suddenly switches to the second/third DNS and all my local DNS resolution stops working (as it relies on ROS DNS service).

I already tried:
But then there is not any DNS server promoted at clients anymore - even though docs just say: "If set, then DHCP Server will not pass dynamic DNS servers configured on the router to the DHCP clients if no DNS Server in DNS-server is set. By default, if there are no DNS servers configured, then the dynamic DNS Servers will be passed to DHCP clients."

I understand in simple words: if there aren't any dynamic servers, then I just pass the explicitely configured DNS server to the client. And I do have that explicit configuration of "dns-server". So I am confused why not even the DNS at 192.168.0.254 is passed to the clients anymore.

What I'd like to achieve is, that DHCP clients only get a single DNS: 192.168.0.254 (mikrotik router). I don't think I need to use FWD entries for these additional servers - that would be super odd.

Thanks for listening! I would be glad for any hint.

?

is empty.

But there is a default configuration:
So "advertise-dns=yes" is the suspect? This could really be the reason. I watched the output of "resolvectl" right on bringing the wlan0 link up, I first saw just the single DNS server listed - and only after a few seconds the other addresses appeared. They come from IPV6 neighbor discovery?

Indeed! If I use IPv4 DNS servers for "/ip/dns/servers", these are not promoted to clients. So it is IPv6 ND.

But then Mikrotik docs are wrong. It states "advertise-dns" is "no" by default. But on ROS 7.13.5 it is "advertise-dns=yes".

https://help.mikrotik.com/docs/display/ ... +Discovery

they are definetely comes from ipv6 nd, but you haven't set any dns servers here, looks abnormal.
Try to unmark DNS in the nd and see what's happends

I found in changelog of ROS 6.46:

*) ipv6 - changed "advertise-dns" default value to "yes";

Mikrotik, well played. Your docs are always on the bleeding edge.

When I set advertise-dns=no, the I dont receive these IPv6 DNS servers anymore.
But as pointed out by you, I would expect that only DNS servers listed at "/ipv6/nd/dns-servers" are being advertised? Not the ones from "/ip/dns/servers".

Mikrotik, well played. Your docs are always on the bleeding edge.

they are definetely comes from ipv6 nd, but you haven't set any dns servers here, looks abnormal.

Just found an example in the old wiki. IPv6 DNS servers configured under "/ip/dns/server" are advertised when "advertise-dns=yes" is set.
https://wiki.mikrotik.com/wiki/Manual:I ... on_example