There is RouterOS 5.25, with DNS server enabled.
All clients are confugured to use ROS DNS only.
When "www.microsoft.com" is added to IP/DNS/Static as 10.20.30.40,
网路资讯查询在客户机工作站s returns multiple values - 10.20.30.40 and external ones.
How to suppress external DNS resolution for names presented in static DNS list?
I want to get 10.20.30.40 only.
Re: Static DNS record does not suppress external one?
Hi,
Please check your work stations DNS entry. There should be only your router's IP.
Please check your work stations DNS entry. There should be only your router's IP.
-
-
SpaceCommander
Frequent Visitor
- Posts: 50
- 加入:
Re: Static DNS record does not suppress external one?
Yes, it is so, of course.Hi,
Please check your work stations DNS entry. There should be only your router's IP.
Re: Static DNS record does not suppress external one?
Please provide your DNS configuration.
-
-
SpaceCommander
Frequent Visitor
- Posts: 50
- 加入:
Re: Static DNS record does not suppress external one?
Mikrotik Settings:Please provide your DNS configuration.
Code:Select all
[admin@MikroTik] > /ip dns ex # sep/20/2013 23:17:15 by RouterOS 5.25 # software id = N69E-277L # /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB max-udp-packet-size=4096 \ servers="" /ip dns static add address=192.168.88.1 disabled=no name=router ttl=1d add address=10.20.30.40 disabled=no name=microsoft.com ttl=1d [admin@MikroTik] > /ip dns pr servers: dynamic-servers: 8.8.8.8, 8.8.4.4 allow-remote-requests: yes max-udp-packet-size: 4096 cache-size: 2048KiB cache-max-ttl: 1w cache-used: 452KiB
Code:Select all
$ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 $ pgrep -fl dns 801 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/sendsigs.omit.d/network-manager.dnsmasq.pid --listen-address=127.0.0.1 --conf-file=/var/run/nm-dns-dnsmasq.conf --cache-size=0 --proxy-dnssec $ cat /var/run/nm-dns-dnsmasq.conf server=192.168.88.1
Code:Select all
$ host microsoft.com microsoft.com has address 64.4.11.37 microsoft.com has address 65.55.58.201 microsoft.com has address 10.20.30.40 microsoft.com mail is handled by 10 microsoft-com.mail.protection.outlook.com. $ host microsoft.com 192.168.88.1 Using domain server: Name: 192.168.88.1 Address: 192.168.88.1#53 Aliases: microsoft.com has address 65.55.58.201 microsoft.com has address 64.4.11.37 microsoft.com has address 10.20.30.40 microsoft.com mail is handled by 10 microsoft-com.mail.protection.outlook.com.Re: Static DNS record does not suppress external one?
Hi,
I tested it on my network & working fine. Please try to redirect all dns traffic to router itself.
I tested it on my network & working fine. Please try to redirect all dns traffic to router itself.
Code:Select all
/ip firewall nat add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp src-address=192.168.88.0/24 to-ports=53-
-
SpaceCommander
Frequent Visitor
- Posts: 50
- 加入:
Re: Static DNS record does not suppress external one?
Hmmm...Hi,
I tested it on my network & working fine. Please try to redirect all dns traffic to router itself.Code:Select all/ip firewall nat add action=redirect chain=dstnat disabled=no dst-port=53 protocol=udp src-address=192.168.88.0/24 to-ports=53
It is very-very strange, but after adding this rule all works fine, as it should be.
And even after disabling this rule, all still works.
Re: Static DNS record does not suppress external one?
Good LuckIt is very-very strange, but after adding this rule all works fine, as it should be.
And even after disabling this rule, all still works.
Re: Static DNS record does not suppress external one?
Client devices tend to have a DNS cache... Be sure in the future to clear the MikroTik's cache as well as the computer you're running the test on.
Who is online
Users browsing this forum:AlexDerkachev,Bing [Bot],Markinson,rajx2,Semrush [Bot],thomasand 78 guests