Answer the question
In order to leave comments, you need to log in
Routing by domain name how to do?
Actually, how to direct traffic when accessing a domain or when this domain is on the exclusion list. For example, when accessing the xxx.yyy domain, go to such and such a route.
Answer the question
In order to leave comments, you need to log in
Now, if you answer your question head-on, then no way. Routing knows nothing about domain names, it works with addresses.
The first option is dig xxx.yyy, get the domain address and then build routing to this address. Minus - you need to ensure the correctness of the address yourself. For example, generate rules once a day. Or once an hour. Or once a month. It all depends on the "stability" of the address associated with the domain.
Second option. Most likely you need to bypass the blocking of the site. Or vice versa to block. Set a transparent proxy and already on it drive the traffic for the necessary sites. This option also includes all sorts of L7 filters, smart pieces of iron, etc.
Directly - no way.
And Layer7 is not a helper here, because. The DNS request is sent only the first time the resource is accessed, the rest of the time (while the DNS cache is alive) the software works with ip.
You can only try to make a list of domain names, periodically update their ip-addresses on the router, compiling lists, and work with these lists. For clients on the local network, intercept DNS requests via L7 and replace them with the addresses that the router has. Although it should be borne in mind that if DNSCrypt is used by clients, it will not be possible to intercept.
On Mikrotik, it is feasible, although not trivial.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question