So not all traffic goes out through the mikrotik core? Must have read
the diagram wrong.
On 06/19/2015 09:49 AM, Josh Luthman wrote:
That won't work in my situation.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Jun 19, 2015 10:48 AM, "Sam Tetherow" <[email protected]> wrote:
I wouldn't blanket rewrite everyone's DNS traffic, there are legitimate
reasons to use external DNS servers.
Yes you can rewrite the DNS traffic with a simple NAT rule
/ip firewall nat add chain=dst-nat to-addresses=<new-dns-server>
dst-ports=53 protocol=udp dst-address=<old-dns-server>
/ip firewall nat add chain=dst-nat to-addresses=<new-dns-server>
dst-ports=53 protocol=tcp dst-address=<old-dns-server>
/ip firewall nat add chain=src-nat to-addresses=<old-dns-server>
src-ports=53 protocol=udp src-address=<new-dns-server>
/ip firewall nat add chain=src-nat to-addresses=<old-dns-server>
src-ports=53 protocol=tcp src-address=<new-dns-server>
I think I still have customers with routers that use my old AT&T DNS IPs
from 9 years ago.
On 06/19/2015 09:13 AM, Micah Miller wrote:
Why use the ip's from the old DNS servers at all? Couldn't you simply
redirect all DNS traffic from your customers to your new DNS?
Somthing like this possibly:
/ip firewall nat chain=dst-nat to-addresses=<new-dns-server>
to-ports=53 protocol=udp src-address=<customer-subnet> dst-port=53
On Fri, Jun 19, 2015 at 8:55 AM, Josh Luthman
<[email protected]> wrote:
Here's my network from a high level:
Customers -> Powercode BMU (router) -> Mikrotik Core -> Upstreams
Powercode BMU (router) <- DNS servers
Is it possible to redirect the traffic in this case? I'm kind of
thinking
on paper here, but what if I took the IPs of the old DNS servers, put
them
on the MT core and then did a dstnat to the new IPs?
The reasoning behind this is the public IPs of the old servers are TWC
addresses and I am moving to my own ARIN (portable) IPs.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://mail.butchevans.com/pipermail/mikrotik/attachments/20150619/34446796/attachment.html
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://mail.butchevans.com/pipermail/mikrotik/attachments/20150619/0c03b632/attachment.html>
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
_______________________________________________
Mikrotik mailing list
[email protected]
http://mail.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
