21 May

Unblock-US and Mikrotik RB2011UAS-2HnD-IN

If you live somewhere out of the way, like New Zealand, sometimes it pays to use a DNS-proxying service like Unblock-US. Reasons for this are circumventing some draconian geo-blocking rules, but I won’t go into that here.

Anyway – if you want to setup your Mikrotik router to use DNS addresses other than your ISPs provided ones (and make use of the DNS cache offered by the router) – follow these steps:

First, SSH into your router (something like admin@routerIP). I use Putty to do this in Windows. Then enter the following lines:

That adds the 3 Unblock-US DNS addresses they specify to be the router’s DNS servers. You can check it worked by the following command:

Now, the DNS is set, but nothing on your home LAN is going to be interested until you either statically point each device to use the DNS address of your router ( by default), or tell the router’s DHCP server where to get its DNS info from. The latter is the most elegant option. Do it by:

Here, we go into the DHCP server config and set up a DHCP pool on the local bridged interfaces (the locally connected devices, including wifi hosts). Then, we tell the DHCP server to use the router’s IP as its DNS source. Quite often this is already set by default.

Now, you can browse around a bit, using the Unblock-US DNS servers to get to where you want to go. You can check on the DNS Cache by entering:

It should have a few hundred entries after a minute or so of cruising around the internet.

The final (and crucial) step, is to disable ‘Peer DNS’ on your WAN interface. I did this by disabling the option on my pppoe-out1 interface

Some info from here.

One thought on “Unblock-US and Mikrotik RB2011UAS-2HnD-IN

  1. Pingback: How to reach PPPoE bridge from Mikrotik | blog.dical.org

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.