Dear forum members!
Usually I use DOH but yesterday I switched to regular DNS so I can use FWD entries in ROS.
Now I have a behaviour I do not understand and I could not find any information regarding this in MT docs (DNS and DHCP-SERVER docs).
I have a single dhcp-server configured and added 2 DNS resolvers.
No dynamic servers, just the static ones.
But DNS clients apparently also receive these 2 DNS servers that I configured under "/ip/dns".
On one of my Linux clients, resolvectl shows:
I can observe this behaviour on multiple clients. Over time it happens that the client suddenly switches to the second/third DNS and all my local DNS resolution stops working (as it relies on ROS DNS service).
I already tried:
But then there is not any DNS server promoted at clients anymore - even though docs just say: "If set, then DHCP Server will not pass dynamic DNS servers configured on the router to the DHCP clients if no DNS Server in DNS-server is set. By default, if there are no DNS servers configured, then the dynamic DNS Servers will be passed to DHCP clients."
I understand in simple words: if there aren't any dynamic servers, then I just pass the explicitely configured DNS server to the client. And I do have that explicit configuration of "dns-server". So I am confused why not even the DNS at 192.168.0.254 is passed to the clients anymore.
What I'd like to achieve is, that DHCP clients only get a single DNS: 192.168.0.254 (mikrotik router). I don't think I need to use FWD entries for these additional servers - that would be super odd.
Thanks for listening! I would be glad for any hint.
Usually I use DOH but yesterday I switched to regular DNS so I can use FWD entries in ROS.
Now I have a behaviour I do not understand and I could not find any information regarding this in MT docs (DNS and DHCP-SERVER docs).
I have a single dhcp-server configured and added 2 DNS resolvers.
Code:
/ip dnsset allow-remote-requests=yes servers=2a07:a8c0::bc:79c1,2a07:a8c1::bc:79c1 verify-doh-cert=yes/ip dhcp-server networkadd address=192.168.0.0/24 comment=defconf dns-server=192.168.0.254 domain=home.arpa gateway=192.168.0.254 netmask=24Code:
[user@mikrotik] /ip/dns> pri servers: 2a07:a8c0::bc:79c1,2a07:a8c1::bc:79c1 dynamic-servers: use-doh-server: ...On one of my Linux clients, resolvectl shows:
Code:
Link 34 (wlan0) Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6 Protocols: +DefaultRoute +LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupportedCurrent DNS Server: 192.168.0.254 DNS Servers: 192.168.0.254 2a07:a8c0::bc:79c1 2a07:a8c1::bc:79c1I already tried:
Code:
/ip/dhcp-server/network/set dns-none=yes 0I understand in simple words: if there aren't any dynamic servers, then I just pass the explicitely configured DNS server to the client. And I do have that explicit configuration of "dns-server". So I am confused why not even the DNS at 192.168.0.254 is passed to the clients anymore.
What I'd like to achieve is, that DHCP clients only get a single DNS: 192.168.0.254 (mikrotik router). I don't think I need to use FWD entries for these additional servers - that would be super odd.
Thanks for listening! I would be glad for any hint.
Statistics: Posted by infabo — Tue Feb 27, 2024 10:35 am