Messing with Mikrotik — Part I

Configuring Custom DNS and Domains

Equipment:
- Raspberry Pi 3b+ running PiHole
- Mikrotik hEX S Gigabit Router

After a fresh installation of routerOS, I’ve configured my basics, setting my router’s IP address, DHCP Server (turned on), DHCP Server Range (a simple /24), router identity, and password.
Make sure you set your router’s IP address to a valid IP within the DHCP server range. Examples:

The Range extends from 85.10 through 85.254

With that done, I’ve plugged in and activated my PiHole.
Instructions for PiHole: https://pi-hole.net/
For those that haven’t worked with it, PiHole, it’s a custom DNS and Advertisement blocking distribution. It helps to minimize the annoyances while browsing at home, and acts as my home repository for my .home domain.

I’ll check my ARP table and DHCP lease tables for my PiHole, locating it at 192.168.85.244. Now I need to let my router know that it is the authoritative source of DNS information. First we head to the IP tab → DHCP Server → Networks → the network we are configuring (192.168.85.0/24)
Set your DNS server, and domain options here first. I use .home, so instead of remembering what my IP is for my router, I can just browse to http://router.home instead.

Next we’ll head over to the router’s interface via command line. Use your favorite terminal (like iterm2 on Mac, PowerShell on Windows, terminal on Linux)

ssh admin@192.168.85.1

This will be your password you set earlier during initial router setup. You should be presented a screen like this:

Like a nice Linux terminal, you’ll have tab completion capabilities. If you don’t know what the options are just hit the tab key. To set the first portion of DNS, type:

/ip dns set servers=192.168.85.244

This will set your router’s configuration to utilize the PiHole as your DNS server. However, depending on location you may still see entries in the “Dynamic Servers” section of the DNS page. This comes from advertised DNS servers provided by your ISP. To remove these, use the following command:

/ip dhcp-client set use-peer-dns=no numbers=0

The numbers=0 refers to the default interface that Mikrotik uses for the established ISP connection. If you get an error, or think you might be running a different number of interfaces, use this to see and establish which number to use:

/ip dhcp-client print

That does it for the router. You can log out by typing

/quit

Now it’s time to enter a few things in your PiHole. This assumes you’ve already set up the PiHole, and now you are just adding to the local domain entries.

ssh pi@192.168.85.244
--After Login--
vim /etc/pihole/lan.list

I like to arrange my entries in groups for easier documentation:

You don’t need the last column entry, you can just use IP, and FQDN. After your entries are complete, save the file and restart PiHole’s DNS:

sudo pihole restartdns

Now you should be able to run an nslookup command from a system, and get back a response, or better yet, use an FQDN in a browser to navigate to somewhere like https://splunk.home

I hope that this has been helpful. I’ve been through a few router reboots messing about with Mikrotik, and thought it would help myself and others to have a guide on how to do a few things. Next up, sending Mikrotik logs to a syslog collector, and utilizing Splunk to get those logs.

A data loving dinosaur, usually found on http://splk.it/slack Trust Cohort 2018,2019,2020,2021; Amateur Cook, (he/him)