Using the ROS DNS caching server for IPv4 and 6 on chained/cascaded MT routers DdeC 13 Oct 2022 Prepared with RouterOS v6.49.6 stable. Uses 'Webfig' (could use command-line or Winbox). - - For two Mikrotik routers, in 'edge' and 'core' positions (one directly linked to the ISP and the other linked 'downstream' from the first one, respectively). Note that the page at IP>DNS controls a DNS server which functions for both IPv4 and IPv6. First, on the 'upstream' router, in IP>Firewall, make entries in the Input chain to Drop udp and tcp requests (two rules) from WAN ports to Destination Port 53. This is to stop public use and eventually flooding of the new local DNS cache. A similar pair of rules can be added to the IPv6 firewall (see ref. 1). In both firewalls, make sure that the upstream router can receive DNS requests (by udp) at port 53 on its input chain from the downstream router. Also on the upstream router, in IP>DNS, check 'Allow Remote Requests' and in 'Servers' enter your choice of upstream servers, such as those of your ISP or public ones. Entries may be present from your ISP in 'Dynamic Servers'. Static records can be added for your machines on your subnets. IP>DNS>Static Add New records, e.g. for a local device, Name, 'myserver.lan'; Type, 'A' (or 'AAAA' for IPv6); Address, an IPv4 or 6 address, or to derail queries to particular sites eg. Name, 'facebook.com'; Type, 'A'; Address, '127.0.0.1'. Flush the Cache at IP>DNS>Cache. On the downstream router, in IP>DNS, in 'Servers' enter the IPv4 and (link-local) IPv6 addresses of your upstream router. If you don't want separate DNS caching on this router, leave 'Allow Remote Requests' unchecked. In the firewalls, make sure that the downstream router can forward DNS requests (by udp) at port 53 on its input chain towards the upstream router. Confirmation. Go to some sites on a machine connected to the downstream router and watch the upstream server adding cache entries to its list. References 1. Hendriks 2017-On the Potential of IPv6 Open Resolvers for DDoS Attacks. DOI:10.1007/978-3-319-54328-4_2 Corrections, especially, and other comments to bmcp@pm.me. Thanks.