Static DNS Forwarding Help

gfunkdave · Wed May 24, 2023 10:24 pm

I have a few Wireguard tunnels set up to other remote LANs. Connectivity works fine bidirectionally. I am trying to be able to resolve DNS names on a remote LAN locally. As an example, one of the Wireguard peers uses the domain ".rena" on its LAN and is in the address space 192.168.35.0/24. I can't get regexp forwarding to work, and I don't know why. Running ROS 7.9.1 on a RB5009.

Relevant config on 192.168.4.1 is:

/ip dns static
add forward-to=192.168.35.1 regexp=".*\\.rena\$" type=FWD

And yet it can't do the lookup:

C:\Users\david>nslookup stereo.rena 192.168.4.1
Server:  router.elbonia
Address:  192.168.4.1

*** router.elbonia can't find stereo.rena: Non-existent domain

But there is connectivity between the Pihole and if I query the remote router directly:

C:\Users\david>nslookup stereo.rena 192.168.4.10
Server:  pi.hole
Address:  192.168.4.10

Non-authoritative answer:
Name:    stereo.rena
Address:  192.168.35.15

C:\Users\david>nslookup stereo.rena 192.168.35.1
Server:  rena-rtr.rena
Address:  192.168.35.1

Name:    stereo.rena
Address:  192.168.35.15

All I can think of is that the regexp is wrong, but I copied Mikrotik's example exactly and verified that it's correct with an online regexp tester. Thanks for any ideas.

gfunkdave · Thu May 25, 2023 9:57 pm

The issue is that ROS won't do regexp forwarding to other DNS servers if DoH is on. Apparently this has been an issue for quite some time.

Static DNS Forwarding Help [SOLVED]

Static DNS Forwarding Help

Re: Static DNS Forwarding Help [SOLVED]