He iti ake i te 10 tau kua pahemo mai i nga kaiwhakawhanake o RoS (i roto i te stable 6.47) kua taapirihia nga mahi ka taea e koe te huri i nga tono DNS i runga i nga ture motuhake. Mena i mua atu he mea tika ki te karo i nga ture Layer-7 i roto i te papangaahi, inaianei ka mahia tenei ma te ngawari me te huatau:
/ip dns static
add forward-to=192.168.88.3 regexp=".*\.test1\.localdomain" type=FWD
add forward-to=192.168.88.56 regexp=".*\.test2\.localdomain" type=FWD
Ko taku koa kaore he rohe!
He aha tenei e whakawehi ana ia tatou?
I te iti rawa, ka whakakorehia e matou nga hanga NAT rereke penei:
/ip firewall layer7-protocol
add comment="DNS Nat contoso.com" name=contoso.com regexp="\x07contoso\x03com"
/ip firewall mangle
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="mark dns contoso.com" dst-address-type=local dst-port=53 in-interface-list=DNSMASQ layer7-protocol=contoso.com new-packet-mark=dns-contoso.com passthrough=yes protocol=tcp
/ip firewall nat
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=udp to-addresses=192.0.2.15
add action=dst-nat chain=dstnat comment="DST-NAT dns contoso.com" dst-port=53 in-interface-list=DNSMASQ packet-mark=dns-contoso.com protocol=tcp to-addresses=192.0.2.15
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=udp
add action=masquerade chain=srcnat comment="mask dns contoso.com" dst-port=53 packet-mark=dns-contoso.com protocol=tcp
A ehara i te mea katoa, inaianei ka taea e koe te rehita i etahi o nga kaikawe whakamua, ka awhina i a koe ki te mahi dns failover.
Ko te tukatuka DNS mohio ka taea ki te timata ki te whakauru ipv6 ki te whatunga o te kamupene. I mua i tera, kaore au i mahi i tenei, ko te take me whakatau e au etahi ingoa dns ki nga wahitau o te rohe, a i te ipv6 kaore e taea te mahi me te kore he tootoo nui.
Source: will.com