Business Community > Switches > SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
< Switches

SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!

123

SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!

27 Reply
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

  @Clive_A I rebooted it, when coming up, it connects to pool[dot]ntp[dot]org (must be hard coded?) and then as soon as it is up it returns to querying my configured cloudflare ntp server every 8 seconds:

  0  
  0  
#22
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

Hi @daubstep 

Thanks for posting in our business forum.

daubstep wrote

  @Clive_A I rebooted it, when coming up, it connects to pool[dot]ntp[dot]org (must be hard coded?) and then as soon as it is up it returns to querying my configured cloudflare ntp server every 8 seconds:

 

Noted. Sent an email to the dev and see what they need or should review on the code level. Let's see. Will update you soon as I am updated.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#23
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

Hi @daubstep 

Thanks for posting in our business forum.

daubstep wrote

  @Clive_A I rebooted it, when coming up, it connects to pool[dot]ntp[dot]org (must be hard coded?) and then as soon as it is up it returns to querying my configured cloudflare ntp server every 8 seconds:

It replies with IPv6?

If the reply is an IPv6 address, the switch will not think it has a proper NTP IP, so it will send again because it fails to get an IPv4 NTP.

 

Consider disabling the IPv6 reply on your DNS server. The dev confirmed the issue is fixed. IPv6 is the problem you have after the update.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#24
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago - last edited a week ago

  @Clive_A This goes back to the tcpdump - the switch queries for both A and AAAA records, and the DNS server responds with both

https://community.tp-link.com/en/business/forum/topic/708010?replyId=1490000

 

The pattern hasn't changed at all and it is the switch that requests both ipv4 and ipv6 resolution of the ntp hostname:

 

Is it possible the firmware update for the sg2008p got packaged without the fix accidentally?

  0  
  0  
#25
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

Hi @daubstep 

Thanks for posting in our business forum.

daubstep wrote

  @Clive_A This goes back to the tcpdump - the switch queries for both A and AAAA records, and the DNS server responds with both

https://community.tp-link.com/en/business/forum/topic/708010?replyId=1490000

 

 

The pattern hasn't changed at all and it is the switch that requests both ipv4 and ipv6 resolution of the ntp hostname:

 

 

Is it possible the firmware update for the sg2008p got packaged without the fix accidentally?

Disable V6 and see if that works out or not. The first reply from the NTP has to be v4.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#26
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

  @Clive_A Disabling IPv6 DNS did indeed fix this issue - as soon as the switch received *just* the A response and not the AAAA it stopped making further requests. I guess this explains the intermittency sometimes, as often AAAA would resolve first, but I guess sometimes the A would, and that would cause things to work normally for a while.

 

I can leave IPv6 off for a while, but this still feels like a bug in need of fixing, especially given I will be running IPv6 (or rather, dual-stack) in production soon, and so will need to resolve AAAA DNS. If the switch can't handle AAAA DNS, it should stop requesting it, right?

  0  
  0  
#27
Options
Re:SG2005P-PD Switch is the top (by >3x) DNS querier in the entire network!
a week ago

Hi @daubstep 

Thanks for posting in our business forum.

daubstep wrote

  @Clive_A Disabling IPv6 DNS did indeed fix this issue - as soon as the switch received *just* the A response and not the AAAA it stopped making further requests. I guess this explains the intermittency sometimes, as often AAAA would resolve first, but I guess sometimes the A would, and that would cause things to work normally for a while.

 

I can leave IPv6 off for a while, but this still feels like a bug in need of fixing, especially given I will be running IPv6 (or rather, dual-stack) in production soon, and so will need to resolve AAAA DNS. If the switch can't handle AAAA DNS, it should stop requesting it, right?

If you enable NTP, it will request. As long as the first reply is not replied to properly, it will keep asking for this.

We suspect that your IPv6 is not working properly. If it can give a proper v6 address, it should stop.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#28
Options
123
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.