14ccb804f84a3a7c4cf5d8635434b67bb8beff49
howto/mikrotik.md
| ... | ... | @@ -133,4 +133,17 @@ You want to advertise your allocated network (most likely), it's very simple: |
| 133 | 133 | /routing bgp network |
| 134 | 134 | add network=YOUR_ALLOCATED_SUBNET synchronize=no |
| 135 | 135 | ``` |
| 136 | -You can repeat that with as much IPv4 and IPv6 networks which you own. |
|
| ... | ... | \ No newline at end of file |
| 0 | +You can repeat that with as much IPv4 and IPv6 networks which you own. |
|
| 1 | + |
|
| 2 | +## Split DNS |
|
| 3 | +Separate dns requests for dn42 tld from your default dns traffic with L7 filter in Mikrotik. |
|
| 4 | +Change network and LAN GW to mach your network configuration. |
|
| 5 | + |
|
| 6 | +``` |
|
| 7 | +/ip firewall layer7-protocol |
|
| 8 | +add name=DN42-DNS regexp="^(.*).dn42" |
|
| 9 | +/ip firewall nat |
|
| 10 | +add action=src-nat chain=srcnat comment="NAT to DN42 DNS" dst-address=172.23.0.53 dst-port=53 protocol=udp src-address=192.168.0.0/24 to-addresses=192.168.0.1 |
|
| 11 | +add action=dst-nat chain=dstnat dst-address-type=local dst-port=53 layer7-protocol=DN42-DNS protocol=udp src-address=192.168.0.0/24 to-addresses=172.23.0.53 to-ports=53 |
|
| 12 | + |
|
| 13 | +``` |
|
| ... | ... | \ No newline at end of file |