Manual:IP/DNS: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
Line 73: Line 73:

====Property Description====
====Property Description====
{| cellpadding="2"
* '''address''' (read-only: IP address) - IP address of the host
!width="300px" style="background:#cccccc; border-bottom:1px solid gray;"| Property
* '''name''' (read-only: name) - DNS name of the host
!width="450px" style="background:#cccccc; border-bottom:1px solid gray;"| Desciption
* '''ttl''' (read-only: time) - remaining time-to-live for the record
|style="border-bottom:1px solid gray;" valign="top"|'''address''' (read-only: IP address)
|style="border-bottom:1px solid gray;" valign="top"|IP address of the host
|style="border-bottom:1px solid gray;" valign="top"|'''name''' (read-only: name)
|style="border-bottom:1px solid gray;" valign="top"|DNS name of the host
|style="border-bottom:1px solid gray;" valign="top"|'''ttl''' (read-only: time)
|style="border-bottom:1px solid gray;" valign="top"|remaining time-to-live for the record

==All DNS Entries==
==All DNS Entries==

Revision as of 08:29, 11 March 2010


Applies to RouterOS: v4.6

DNS cache is used to minimize DNS requests to an external DNS server as well as to minimize DNS resolution time. This is a simple recursive DNS server with local items.


  • Packages required: system
  • License required: Level1
  • Submenu level: /ip dns
  • Standards and Technologies: DNS
  • Hardware usage: Not significant


A MikroTik router with DNS feature enabled can be set as a DNS server for any DNS-compliant client. Moreover, MikroTik router can be specified as a primary DNS server under its dhcp-server settings. When the remote requests are enabled, the MikroTik router responds to TCP and UDP DNS requests on port 53.

DNS Cache Setup

  • Submenu level: /ip dns


DNS facility is used to provide domain name resolution for router itself as well as for the clients connected to it.

Property Description

Property Desciption
allow-remote-requests (yes | no; default: no) specifies whether to allow network requests
cache-max-ttl (time; default: 1w) specifies maximum time-to-live for cache records. In other words, cache records will expire unconditionally after cache-max-ttl time. Shorter TTL received from DNS servers are respected
cache-size (integer: 512..10240; default: 2048KiB) specifies the size of DNS cache in KiB
cache-used (read-only: integer) displays the current cache size in KiB
servers (IP address list; default: comma seperated list of DNS server IP addresses


Note: Prior RouterOS v4.6 DNS servers in CLI was set up using fields primary-dns and secondary-dns starting from mentioned version these two fields are replaced with one field servers where all DNS server IP addresses should be listed


Note: If the property use-peer-dns under /ip dhcp-client is set to yes then primary-dns under /ip dns will change to a DNS address given by DHCP Server.


To set as the primary DNS server and allow the router to be used as a DNS server, do the following:

[admin@MikroTik] ip dns> set servers= \
\... allow-remote-requests=yes
[admin@MikroTik] ip dns> print
  allow-remote-requests: yes
             cache-size: 2048KiB
          cache-max-ttl: 1w
             cache-used: 7KiB
[admin@MikroTik] ip dns>

Cache Monitoring

  • Submenu level: /ip dns cache


This menu provides a list with all address (DNS type "A") records stored on the server

Property Description

Property Desciption
address (read-only: IP address) IP address of the host
name (read-only: name) DNS name of the host
ttl (read-only: time) remaining time-to-live for the record

All DNS Entries

  • Submenu level: /ip dns cache all


This menu provides a complete list with all DNS records stored on the server

Property Description

  • data (read-only: text) - DNS data field. IP address for type "A" records. Other record types may have different contents of the data field (like hostname or arbitrary text)
  • name (read-only: name) - DNS name of the host
  • ttl (read-only: time) - remaining time-to-live for the record
  • type (read-only: text) - DNS record type

Static DNS Entries

  • Submenu level: /ip dns static


The MikroTik RouterOS has an embedded DNS server feature in DNS cache. It allows you to link the particular domain names with the respective IP addresses and advertize these links to the DNS clients using the router as their DNS server. This feature can also be used to provide fake DNS information to your network clients. For example, resolving any DNS request for a certain set of domains (or for the whole Internet) to your own page.

The server is capable of resolving DNS requests based on POSIX basic regular expressions, so that multiple requets can be matched with the same entry. In case an entry does not conform with DNS naming standards, it is considered a regular expression and marked with ‘R’ flag. The list is ordered and is checked from top to bottom. Regular expressions are checked first, then the plain records.

Property Description

  • address (IP address) - IP address to resolve domain name with
  • name (text) - DNS name to be resolved to a given IP address. May be a regular expression
  • ttl (time) - time-to-live of the DNS record


Reverse DNS lookup (Address to Name) of the regular expression entries is not possible. You can, however, add an additional plain record with the same IP address and specify some name for it.

Remember that the meaning of a dot (.) in regular expressions is any character, so the expression should be escaped properly. For example, if you need to match anything within domain but not all the domains that just end with, like, use name=".*\\.example\\.com"

Regular expression matching is significantly slower than of the plain entries, so it is advised to minimize the number of regular expression rules and optimize the expressions themselves. Example

To add a static DNS entry for to be resolved to IP address:

[admin@MikroTik] ip dns static> add name address=
[admin@MikroTik] ip dns static> print
Flags: D - dynamic, X - disabled, R - regexp
 #     NAME               ADDRESS                                 TTL
 0                                1d
[admin@MikroTik] ip dns static>

Flushing DNS cache

  • Command name: /ip dns cache flush

Command Description

  • flush - clears internal DNS cache


[admin@MikroTik] ip dns> cache flush
[admin@MikroTik] ip dns> print
    allow-remote-requests: yes
               cache-size: 2048 KiB
            cache-max-ttl: 1w
               cache-used: 10 KiB
[admin@MikroTik] ip dns>

See Also