Yup, I am dropping tcp and udp port 53 on the input chain from outside.
Mike what do you use for a resolver? From: [email protected] [mailto:[email protected]] On Behalf Of Christian Palecek Sent: Thursday, November 13, 2014 10:32 PM To: Mikrotik Users Subject: Re: [Mikrotik Users] DNS caching on PPPoE concentrator I block dns on the input chain so it only works on the local address which is a private/loopback ip. Sent from my Verizon Wireless 4G LTE smartphone -------- Original message -------- From: Mike Hammett <[email protected]> Date:11/13/2014 8:14 PM (GMT-07:00) To: Mikrotik Users <[email protected]> Subject: Re: [Mikrotik Users] DNS caching on PPPoE concentrator Mine are open, but my border stops DNS that isn't otherwise allowed. ----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com _____ From: "Chuck Breitkreutz" <[email protected]> To: "Mikrotik Users" <[email protected]> Sent: Thursday, November 13, 2014 9:13:57 PM Subject: Re: [Mikrotik Users] DNS caching on PPPoE concentrator No disrespect, but you are asking for a dns attack _____ From: [email protected] [mailto:[email protected]] On Behalf Of Christian Palecek Sent: Thursday, November 13, 2014 8:26 PM To: Mikrotik Users Subject: Re: [Mikrotik Users] DNS caching on PPPoE concentrator Allow remote requests under the dns settings. Whatever the local address on your pppoe connection should be handed out as the primary dns. Sent from my Verizon Wireless 4G LTE smartphone -------- Original message -------- From: Jeremy Grip <[email protected]> Date:11/13/2014 7:14 PM (GMT-07:00) To: 'Mikrotik Users' <[email protected]> Subject: [Mikrotik Users] DNS caching on PPPoE concentrator I hand out IPs to client routers from 450G gateways via PPPoE. The 450s are configured for DNS caching with remote requests enabled, but the PPPoE servers configured on the LAN interfaces specify my upstream provider and Google DNS nameservers. Do DNS requests from PPPoE clients use the cache, or do I need to specify the router itself as a DNS server in the PPPoE server/s? _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
