Community discussions

MikroTik App
 
bematft
just joined
Topic Author
Posts: 22
Joined: Mon Mar 04, 2013 9:17 am
Location: Hungary

Public DNS

Thu Nov 17, 2022 2:14 pm

Hi experts,

I have a problem. I'd like to let in to the Mikrotik from public side any web requests, exactly behind the Mikrotik.
If I make a dst-nat to server (port TCP80), works fine. But I'd like to work with two different servers via DNS...

In my example (above) is an Asure VMS architect (its work fine, now is out of scope).

My problem it is not working. If i set-up into the local users to MT the firs DNS its work fine from static DNS settins (in MT).
I tried to let in the port 53 (UDP/TCP) in the firewall rules. Tried loop back src-nat.
When I enabled in the ip services the www (80), the (any) public URL request response is the MT webmin login site. Thats prove the DNS request from internet side found the MT.

Anyone has any use-case for resolve this problem?
MT_DNS.jpg
You do not have the required permissions to view the files attached to this post.
 
Sob
Forum Guru
Forum Guru
Posts: 9049
Joined: Mon Apr 20, 2009 9:11 pm

Re: Public DNS

Thu Nov 17, 2022 3:21 pm

In short, no.

The thing you're doing with DNS on router is nonsense, it just doesn't work that way. Nothing from internet will use it for what you want. You just made your router an open resolver and it's not good thing. All you need with DNS for outside access is both records in public DNS pointing to router's public address.

As for sending requests to two different internal servers, it's not possible on a level that router works with packets. The thing that can do it is called reverse proxy, it's another server that accepts all requests and sends them to different backend servers based on requested hostname. If it's only plain HTTP (no encrypted HTTPS), web proxy in RouterOS can be misused for this, but it's better to get something proper.

Who is online

Users browsing this forum: Bing [Bot] and 3 guests