Hairpin nat should handle that as long as the core can still get to the
new DNS servers.
On 06/19/2015 10:15 AM, Josh Luthman wrote:
Well the traffic to the upstream, yes, but the DNS servers are in a
different port of the BMU.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne
I'd rather avoid using IPs that don't belong to me if at all possible, but
I can do that if it comes to that =)
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Fri, Jun 19, 2015 at 2:25 PM, Scott Lambert
wrote:
> Leave both old and new IPs on t
Leave both old and new IPs on the name servers. Add /32 routes for the old
IPs. Next project. No NAT required.
On June 19, 2015 10:15:41 AM CDT, Josh Luthman
wrote:
>Well the traffic to the upstream, yes, but the DNS servers are in a
>different port of the BMU.
>
>
>Josh Luthman
>Office: 93
Well the traffic to the upstream, yes, but the DNS servers are in a
different port of the BMU.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Fri, Jun 19, 2015 at 11:08 AM, Sam Tetherow wrote:
> So not all traffic goes out through the mikrotik
So not all traffic goes out through the mikrotik core? Must have read
the diagram wrong.
On 06/19/2015 09:49 AM, Josh Luthman wrote:
That won't work in my situation.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Jun 19, 2015 10:48 AM, "Sam T
That won't work in my situation.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Jun 19, 2015 10:48 AM, "Sam Tetherow" wrote:
> I wouldn't blanket rewrite everyone's DNS traffic, there are legitimate
> reasons to use external DNS servers.
>
> Yes
I wouldn't blanket rewrite everyone's DNS traffic, there are legitimate
reasons to use external DNS servers.
Yes you can rewrite the DNS traffic with a simple NAT rule
/ip firewall nat add chain=dst-nat to-addresses=
dst-ports=53 protocol=udp dst-address=
/ip firewall nat add chain=dst-nat to-
The old ones are nothing more than caching servers for customers.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Fri, Jun 19, 2015 at 10:14 AM, Terri Kelley
wrote:
> You would have to consider the domain names and reverse lookups also.
>
> Ter
That rule would never be used. That matching traffic wouldn't be seen by
the Core.
Customers would go to eth4 of the BMU to eth2 of the BMU.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Fri, Jun 19, 2015 at 10:13 AM, Micah Miller wrote:
>
You would have to consider the domain names and reverse lookups also.
Terri Kelley
Network Engineer
Farm to Market Broadband
> On Jun 19, 2015, at 9:13 AM, Micah Miller wrote:
>
> Why use the ip's from the old DNS servers at all? Couldn't you simply
> redirect all DNS traffic from your custo
Why use the ip's from the old DNS servers at all? Couldn't you simply
redirect all DNS traffic from your customers to your new DNS?
Somthing like this possibly:
/ip firewall nat chain=dst-nat to-addresses=
to-ports=53 protocol=udp src-address= dst-port=53
On Fri, Jun 19, 2015 at 8:55 AM, Josh Lu
Here's my network from a high level:
Customers -> Powercode BMU (router) -> Mikrotik Core -> Upstreams
Powercode BMU (router) <- DNS servers
Is it possible to redirect the traffic in this case? I'm kind of thinking
on paper here, but what if I took the IPs of the old DNS ser
12 matches
Mail list logo
