Name: What is mDNS and should you use it?
Uploaded: 2026-01-16T12:06:30.000Z
Duration: 8 min 12 s
Description: Have a quick look at how the Multicast Domain Name System works and decide if you want to enable an mDNS repeater or, to the contrary, add firewall rules that block this protocol. https://help.mikrotik.com/docs/spaces/ROS/pages/37748767/DNS#DNS-mDNS

What is mDNS and should you use it?

Multicast DNS (mDNS) Overview

What is mDNS?

Multicast DNS (mDNS) is an evolution of traditional DNS designed for local networks, enabling devices to perform DNS queries among themselves without a central server.

Each device can create its own .local domain name and advertise the services it offers.

How mDNS Works

When a new device joins the network, it uses IPv4 and IPv6 multicast addresses to announce its presence and check if its chosen domain name is available.

Devices listen for and respond to mDNS queries via multicast addresses, allowing users to query by domain name instead of needing the IP address.

Service Discovery with mDNS

Through DNS Service Discovery (DNS-SD), mDNS allows querying for specific services across the network, such as printers or storage locations.

Devices respond with their domain names, IP addresses, and necessary details for interaction.

Security Considerations in Using mDNS

Risks of IoT Devices

Many smart/IoT products using mDNS are often untrustworthy; thus, it's advisable to isolate them on separate networks or VLANs.

This separation helps prevent potential security risks like brute-force attacks on NAS passwords or participation in botnets.

Managing Security Measures

Implementing security measures may disrupt standard mDNS functionality; however, RouterOS provides solutions like an mDNS repeater.

Implementing an mDNS Repeater

Functionality of an mDNS Repeater

An mDNS repeater retransmits multicast messages from one network/broadcast domain to another, facilitating communication between separated devices.

Configuration Steps

To enable this feature in RouterOS:

Navigate to DNS settings,

Locate ‘mDNS Repeater Interfaces’,

Add physical ports or routed VLAN interfaces as needed.

Challenges with Using mDNS in Enterprise Environments

Potential Issues

In enterprise settings, extensive use of multicast can generate excessive traffic noise leading to congestion issues.

Security Vulnerabilities

The ability for any device to create a domain name poses risks; malicious devices could impersonate legitimate ones (e.g., a lightbulb posing as a printer).

Mitigation Strategies

To prevent unauthorized use of mDNS:

Implement firewall rules targeting port 5353,

Block associated IPv4 and IPv6 addresses.