Domain Name Server (DNS) is an essential part in a computer network. Today web communication cannot imagine without DNS. DNS is a client server protocol where DNS Client requests for the domain name resolution and DNS Server response on it. MikroTik Router has both DNS Client and DNS Server features. The DNS Client is used to resolve domain name to IP address from a DNS Server. On the other hand, the DNS Server feature provides domain name resolution for the clients connected to it. In this article, we will know how to configure MikroTik DNS to provide domain name resolution for the router itself as well as for the clients connected to it.

Domain Name Server (DNS) and How It Works

Communication between a workstation (PC) and a Server are always done by the IP address. But remembering a huge number of public IP addresses is almost impossible for the human being. To solve this issue, DNS technique is introduced in computer networking. The DNS technique can be best compared to a phone book where a user finds a phone number listed by the easier-to-remember name. So, the DNS can be defined as a mapper between human readable names (such as mikrotik.com) and their associated IP Addresses (such as 159.148.147.196). A DNS Server listens on port 53 on both UDP and TCP connection.

When a user types a domain name (such as www.mikrottik.com) in his browser’s navigation bar, the browser first sends a request to the DNS server to get the IP Address of that domain name. The DNS Server replies with the associated IP address of the domain. Getting IP address, the browser is now able to communicate with the Web Server to get requested information.

Now if we use a public DNS server, every time a user request for any domain; the request goes through your WAN connection using paid bandwidth as well as it will make latency. On the other hand, if we use DNS feature of MikroTik Router, MikroTik will cache the DNS information from the root DNS Server and reply DNS query to the connected clients. This is faster and save paid bandwidth.

Caching DNS Configuration in MikroTik Router

MikroTik caching DNS feature provides domain name resolution for the clients connected to it. But before using caching DNS facility, we have to configure DNS feature in MikroTik Router. The following steps will show how to configure DNS service in MikroTik Router.

• From Winbox, go to IP > DNS menu item. DNS Settings window will appear.
• Put your ISP provided DNS Server IP (or use Google public DNS server IP: 8.8.8.8 and .8.8.4.4) in Servers input box.
• Click on Allow Remote Requests checkbox. It will enable caching DNS feature of MikroTik Router.
• Optionally, you can change cache size by putting custom size in Cache Size input box. Default cache size is 2048 KiB or 2MB.
• Click Apply and OK button.

MikroTik Caching DNS is now enabled and you can use any of your MikroTik IP as DNS IP for your network client. If everything is OK, your client will get response from MikroTik cache DNS Server. To check your DNS cache, go to IP > DNS menu item and click on Cache button. You will find cached domain name in DNS Cache window. If you wish you can flush cached object by clicking Flush Cache button.

Putting Static DNS Entry in MikroTik Cache DNS

MikroTik cache DNS stores DNS entry dynamically whenever it gets a new domain. But sometimes you may need to put static host entry such as your local servers or printers. MikroTik cache DNS is capable to get static host entry. The following steps will show how to put static host entry in MikroTik DNS Server.

• From DNS Settings window, click on Static button. DNS Static window will appear.
• Click on PLUS SIGN (+). New DNS Static Entry window will appear.
• Put your host name (such as ftp) in Name input field and put the IP Address of the host in Address input field.
• Click Apply and OK button.

Similarly, you can put as many host entries as you want following the above steps.

Blocking DNS Request from WAN Interface

If you turn your MikroTik router into a DNS server, all your MikroTik IP address can be used as DNS Server IP including WAN IP which is a public IP and problem will arise here. If anyone outside of your LAN uses your WAN IP as a DNS IP, your MikroTik will be happy by serving him/her DNS solution consuming your paid bandwidth. So, you must stop DNS request from outside of your LAN. For stopping DNS request from outside of your LAN, you should apply firewall rules which will drop all DNS requests coming from your WAN interface. The following steps will show how to block DNS request from WAN interface.

• Go to IP > Firewallmenu and click on PLUS SIGN (+). New Firewall Rule window will appear.
• From General tab, choose input from Chain drop down menu and choose udp from Protocol dropdown menu and put 53 in Dst. Port input box and then choose your WAN Interface (such as ether1) from In. Interface dropdown menu.
• Click on Action tab and choose drop option from Action dropdown menu.
• Click Apply and OK button.
• Similarly, click on PLUS SIGN (+) again and choose input from Chain dropdown menu and choose tcp from Protocol dropdown menu and put 53 in Dst. Port input box and then choose your WAN Interface from In. Interface dropdown menu.
• Click Apply and OK button.

If you face any confusion to follow the above steps properly, watch the below video about MikroTik Caching DNS Server Configuration. I hope it will reduce your any confusion.