MikroTik Policy Routing

This page explains how ForgeDNS can coordinate with MikroTik route rules.

Purpose

The mikrotik executor uses DNS results to drive route policy updates on MikroTik devices. This is useful when domain resolution is part of the decision for policy routing or traffic steering.

Typical Flow

Common Deployment Pattern

Match a domain group with domain_set.
Resolve with forward.
Pass the response through the mikrotik executor.
Push address information into the MikroTik side.

Notes

Keep the DNS response path reliable even if MikroTik updates fail.
Prefer bounded retries and observability around synchronization.
Verify TTL behavior so route state does not drift too far from DNS truth.

Minimal Example

- tag: seq_main
  type: sequence
  args:
    - matches: "$streaming_domains"
      exec: "$forward_main"
    - matches: "$has_resp"
      exec: "$mikrotik_main"

Operational Advice

Isolate MikroTik credentials and management endpoints.
Measure sync latency separately from DNS latency.
Keep route sync side effects observable and debuggable.

Purpose​

Typical Flow​

Common Deployment Pattern​

Notes​

Minimal Example​

Operational Advice​