4/2/2023 0 Comments Mikrotik address list![]() So, how these firewalls can discriminate if there is no such info at IP layer? A very ugly hack that works It might be useful in many situations: a fast TTL (for example, NTP Pool project hostnames, ""), a dynamic IP address associated to the hostname, a round-robin record with many IPs that might change often (CDN, load balancers, etc). Original postĪlthrough the IP layer doesn't carry the hostname used to send that packet (in fact, may not exists, because DNS is higher in ISO/OSI stack), some firewall allows DNS hostnames in "Source" or "Destination" fields. So this article is superseeded (just add an hostname in the address list to have it resolved dinamically). Apparently now Mikrotik supports hostnames in address lists (tested in 6.49.2). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |