Do not open local sites from the 1st time?

D

Diman892020-12-26 22:53:25

Domain Name System

Diman89, 2020-12-26 22:53:25

there is a LAN with Mikrotik as the main router with several subnets
in LAN there is also a windows server as a dns server
on Mikrotik (for example, one of the subnets) such a config:

/ip dhcp-server network
add address=192.168.25.0/24 comment=DHCP_eth5_1215_customers dns-server=192.168.25.4,192.168.25.1,8.8.8.8,1.1.1.1 gateway=192.168.25.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,1.1.1.1
/ip dns static
add address=192.168.25.1 name=gw.local
add address=192.168.25.4 name=winsrv.local

config on dns server:

Адаптер Ethernet 1215_customers:

   DNS-суффикс подключения . . . . . :
   Описание. . . . . . . . . . . . . : vmxnet3 Ethernet Adapter
   Физический адрес. . . . . . . . . : 00-0C-29-72-2D-00
   DHCP включен. . . . . . . . . . . : Да
   Автонастройка включена. . . . . . : Да
   Локальный IPv6-адрес канала . . . : 
   IPv4-адрес. . . . . . . . . . . . : 192.168.25.4(Основной)
   Маска подсети . . . . . . . . . . : 255.255.255.0
   Аренда получена. . . . . . . . . . : 25 декабря 2020 г. 19:05:36
   Срок аренды истекает. . . . . . . . . . : 27 декабря 2020 г. 21:49:59
   Основной шлюз. . . . . . . . . : 192.168.25.1
   DHCP-сервер. . . . . . . . . . . : 192.168.25.1
   IAID DHCPv6 . . . . . . . . . . . : 
   DUID клиента DHCPv6 . . . . . . . : 
   DNS-серверы. . . . . . . . . . . : 192.168.25.4
                                       192.168.25.1
                                       8.8.8.8
                                       1.1.1.1
   NetBios через TCP/IP. . . . . . . . : Включен

+ 192.168.25.1 (gw.local) is specified as the forwarding server
problem: when accessing a site located inside the network 192.168.25.0/24 from another local subnet (192.168.XX.0/24) in the browser every other time (permanently) I get error "Hmm. We can't find this site." or "Connection attempt failed" when accessing from "own" subnet, everything works the first time as it should
, what could be the problem?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

N

nApoBo3, 2020-12-26
@nApoBo3

A more detailed description is needed.
At least a network diagram with a description of the addresses of the sites you are trying to open.
Judging by the symptoms, not all DNS in your network know the address of this site. When the request goes to the DNS for which this address is not known, everything will look like this.
For example, this is a local resource and there is no entry for it in 8.8.8.8.

M

MaxKozlov, 2020-12-27
@MaxKozlov

For good, you need to leave one dns server on the network, and configure all sorts of 8.8.8.8 in it with forwarders. Clients (and network cards) should not know about their existence. Well, or two - Mikrotik and Windows. but they should be configured in the same way. Know about each other and locale. forward the rest out

R

RStarun, 2020-12-27
@RStarun

1. Your dns server receives an address via dhcp, is this normal?
2. The network adapter of the dns server must have only one dns entry - 127.0.0.1
3. In the settings of the dns server itself, configure forwarding addresses. And these should be normal provider addresses or decent dns servers, not Mikrotik.
4. for computers from another subnet, only one dns server should also be specified, only 192.168.25.4 Here you probably have a problem.
5. It is convenient to do all dns checks through nslookup. Although he also does not always show everything.