Is it possible to make forwarded DNS queries get into dns-cache mikrotik?

J

JC142018-09-06 13:41:43

Mikrotik

JC14, 2018-09-06 13:41:43

MikroTik hEX RB750Gr3, firmware 6.42.7.
ISP's DNS is disabled, IP - DNS is set to 8.8.8.8.
For internal resources, forwarding to the organization's DNS server (which is located behind the l2tp tunnel) is configured.
Forwarding is done through connection marking, following the example from here :

/ip firewall layer7-protocol add name=domain.local regexp=domain.local
/ip firewall mangle add chain=prerouting dst-address=192.168.15.1 layer7-protocol=domain.local action=mark-connection new-connection-mark=domain.local-fwd protocol=tcp dst-port=53
/ip firewall mangle add chain=prerouting dst-address=192.168.15.1 layer7-protocol=domain.local action=mark-connection new-connection-mark=domain.local-fwd protocol=udp dst-port=53
/ip firewall nat add action=dst-nat chain=dstnat connection-mark=domain.local-fwd to-addresses=192.168.55.2

Everything works, but forwarded requests do not get into the Mikrotik cache.
Is that how it should be? Can I make them cached too?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

P

poisons, 2018-09-07
@JC14

That's the way it should be. It is technically impossible to achieve what you want.
As an option - use the dns server of the organization as the main resolver for Mikrotik, the first hours can be quite blunt, then the cache will be filled.