How to configure Lumiun DNS on Mikrotik router with DoH
This configuration, using DoH, is the most recommended for using LumiunDNS on your MikroTik router. It will make the router forward DNS requests to Lumiun DNS using the secure DNS-over-HTTPS protocol.
All devices on the local network that use this router as their DNS server will observe the rules defined in the Policy assigned to the Site used in the configuration.
Access the web management interface of your MikroTik router, for example 'http://192.168.88.1', and log in. After that, click on the WebFig button at the top of the page.
Access the IP → DNS menu.
Fill in the Servers field with 8.8.8.8
Fill in the Use DoH Server field with 'https://doh.ldns.io/abcd1234' (Replacing abcd1234 with the DoH address available on the Lumiun DNS configuration panel)
Keep the Allow Remote Requests option enabled.
Fill in the Max. Concurrent Queries field with the value 1000
Fill in the Max. Concurrent TCP Sessions field with the value 200
Click on Apply.
Important: Make sure your router only receives DNS queries from your local network. If the router is exposed to the internet, configure firewall rules to allow access to your port 53 (tcp and udp) only from the local network.
Still in the IP → DNS menu, click on Cache and then on Flush Cache.
Access the IP → DHCP Server menu.
Click on the Networks tab. Click on your network that appears listed. For example, 192.168.88.0/24.
Fill in the DNS Servers option with the same address contained in the Gateway option located just above. Click OK.
Done! Now you can view the reports on your Lumiun DNS panel and also set the rules of the Policy.
To view the internal IP of the request in the reports, an additional configuration is required. See Configuring MikroTik and Lumiun DNS to display internal network IPs in access reports
The configurations in this article are valid for MikroTik routers with RouterOS version 6.47 or higher. If your router is running an older version, we recommend updating MikroTik. However, if it is not feasible to update the router, you can still use Lumiun DNS through DNS53 protocol configuration.
Your router does not have the Use DoH Server option? See the article Why doesn't the "Use DoH Server" option appear in my MikroTik DNS configuration?
All devices on the local network that use this router as their DNS server will observe the rules defined in the Policy assigned to the Site used in the configuration.
MikroTik Router Configuration to use Lumiun DNS via DNS-over-HTTPS
Access the web management interface of your MikroTik router, for example 'http://192.168.88.1', and log in. After that, click on the WebFig button at the top of the page.
Access the IP → DNS menu.
Fill in the Servers field with 8.8.8.8
Fill in the Use DoH Server field with 'https://doh.ldns.io/abcd1234' (Replacing abcd1234 with the DoH address available on the Lumiun DNS configuration panel)
Keep the Allow Remote Requests option enabled.
Fill in the Max. Concurrent Queries field with the value 1000
Fill in the Max. Concurrent TCP Sessions field with the value 200
Click on Apply.
Important: Make sure your router only receives DNS queries from your local network. If the router is exposed to the internet, configure firewall rules to allow access to your port 53 (tcp and udp) only from the local network.
Still in the IP → DNS menu, click on Cache and then on Flush Cache.
Access the IP → DHCP Server menu.
Click on the Networks tab. Click on your network that appears listed. For example, 192.168.88.0/24.
Fill in the DNS Servers option with the same address contained in the Gateway option located just above. Click OK.
Done! Now you can view the reports on your Lumiun DNS panel and also set the rules of the Policy.
Additional material
To view the internal IP of the request in the reports, an additional configuration is required. See Configuring MikroTik and Lumiun DNS to display internal network IPs in access reports
The configurations in this article are valid for MikroTik routers with RouterOS version 6.47 or higher. If your router is running an older version, we recommend updating MikroTik. However, if it is not feasible to update the router, you can still use Lumiun DNS through DNS53 protocol configuration.
Your router does not have the Use DoH Server option? See the article Why doesn't the "Use DoH Server" option appear in my MikroTik DNS configuration?
Updated on: 12/07/2024
Thank you!