S
S
snowymanul2018-05-06 01:35:44
Domain Name System
snowymanul, 2018-05-06 01:35:44

Setting up OpenNIC on a mikrotik router?

Help with setting up OpenNic on Mikrotik.
In simpler firmware from Padavan, it is enough to register in dnsmasq.servers to access the lib zones

spoiler
dnsmasq.servers из падавана:
server=/lib/*.*.*.*
server=/bit/*.*.*.*
server=/free/*.*.*.*
server=/emc/*.*.*.*
server=/coin/*.*.*.*
server=/bazar/*.*.*.*

Answer the question

In order to leave comments, you need to log in

2 answer(s)
D
Dmitry Shitskov, 2018-05-06
@Zarom

As far as I understand the question, it is enough to disable DNS receiving via DHCP from the provider and install the OpenNIC server in / ip dns

A
Anton Teremshonok, 2018-10-27
@TerAnYu

Current solution for today.
Since version 6.47, the split-dns function has been added to DNS , so the new config looks like this:

/ip dns static add comment="OpenNIC - dns relay" forward-to=185.121.177.177,51.15.98.97,2a01:4f8:1c0c:80c9::1 regexp=".*(\\.bbs|\\.chan|\\.cyb|\\.dyn|\\.geek|\\.gopher|\\.indy|\\.libre|\\.neo|\\.null|\\.o)\$" type=FWD
/ip dns static add comment="OpenNIC - dns relay" forward-to=185.121.177.177,51.15.98.97,2a01:4f8:1c0c:80c9::1 regexp=".*(\\.oss|\\.oz|\\.parody|\\.pirate|\\.opennic.glue|\\.dns\\.opennic\\.glue)\$" type=FWD
/ip dns static add comment="OpenNIC - dns relay" forward-to=185.121.177.177,51.15.98.97,2a01:4f8:1c0c:80c9::1 regexp=".*(\\.bazar|\\.coin|\\.emc|\\.lib|\\.fur1|\\.bit|\\.ku|\\.te|\\.ti|\\.uu)\$" type=FWD

where 185.121.177.177 ,
51.15.98.97 ,
2a01:4f8:1c0c:80c9::1 are the
addresses of the OpenNIC servers.
old decision

Делал так:
/ip firewall layer7-protocol add comment="OpenNIC - dns relay" name=OpenNIC regexp="^.+(.bbs|.chan|.cyb|.dyn|.geek|.gopher|.indy|.libre|.neo|.null|.o|.oss|.oz|.parody|.pirate|.opennic.glue|.dns.opennic.glue).*\$"
/ip firewall nat add action=dst-nat chain=dstnat comment="OpenNIC - dns relay" connection-mark=OpenNIC-forward to-addresses=185.121.177.177
/ip firewall nat add action=masquerade chain=srcnat comment="OpenNIC - dns relay" connection-mark=OpenNIC-forward
/ip firewall mangle add action=mark-connection chain=prerouting comment="OpenNIC - dns relay" dst-address=192.168.254.1 dst-port=53 layer7-protocol=OpenNIC new-connection-mark=OpenNIC-forward passthrough=yes protocol=tcp
/ip firewall mangle add action=mark-connection chain=prerouting comment="OpenNIC - dns relay" dst-address=192.168.254.1 dst-port=53 layer7-protocol=OpenNIC new-connection-mark=OpenNIC-forward passthrough=yes protocol=udp

192.168.254.1 - адрес своего роутера, который указан в качестве DNS на клиенте.
185.121.177.177 - адрес резолвера ( https://wiki.opennic.org/doku.php#anycast_tier_2_d... )
P.S.
Возможно RegExp написан неправильно, ибо делал методом тыка.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question