MikroTik OpenDNS with DoH

OpenDNS is my preferred DNS service. This is how you can configure a MikroTik router for OpenDNS using DoH or DNS over HTTPS.

[user@RB760iGS] > ip dns set use-doh-server=https://doh.opendns.com/dns-query
[user@RB760iGS] > ip dns print 
                      servers: 
              dynamic-servers: 
               use-doh-server: https://doh.opendns.com/dns-query
              verify-doh-cert: yes
        allow-remote-requests: yes
          max-udp-packet-size: 4096
         query-server-timeout: 2s
          query-total-timeout: 10s
       max-concurrent-queries: 200
  max-concurrent-tcp-sessions: 40
                   cache-size: 4096KiB
                cache-max-ttl: 1d
                   cache-used: 4096KiB
[user@RB760iGS] > ip dns static add address=146.112.41.2 name=doh.opendns.com
[user@RB760iGS] > ip dns static export 
/ip dns static
add address=146.112.41.2 name=doh.opendns.com

Athe actual URL of the server, then, because you have no other servers resolving DNS using the regular udp/53 you need to tell to your device what’s the IP behind the hostname, see the second part of the command.

Note: this IP might change, keep that in mind, if it changes you must update your configuration otherwise your DNS resolution will fail.

For regular DNS settings see my older post: https://blog.danielisz.org/2019/12/15/mikrotik-dns-client/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.