Deco M9 stops working when no DNS is available
I have a pair of Deco M9 plus units which operate in AP mode.
DNS for the network they operate on is provided by a local server, so the network looks like this (= is ethernet, - is wifi)
[MODEM]
=
=
=
[ROUTER]
=
=
=
[MAIN M9+] --- [SLAVE M9+]
=
=
=
[SERVER WITH DNS]
However I find that if the DNS service goes down that the M9+ units just give up, which is to say that they go solid red and stop relaying ethernet traffic. That means the DNS server can no longer be reached, for example by VNC or SSH in order to restart the service or indeed the whole machine.
Is this the expected behaviour? Shouldn't ethernet traffic be relayed even if there is no DNS service available to the M9?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
With Deco, this behavior is by design. Deco uses DNS queries for Internet health check, if DNS queries fail Deco assumes Internet is down.
You need to figure how to improve your DNS server or service uptime, and how to bounce it automatically when it fails.
- Copy Link
- Report Inappropriate Content
But "internet down" doesn't mean "network down".
Why should Deco not relay ethernet traffic on the local network just because DNS fails?
Moreover, in AP mode, it's none of Deco's business whether internet is up or not, it's just supposed to give wifi access to the LAN.
- Copy Link
- Report Inappropriate Content
You are correct, and I think I made a mistake in assuming how Deco will behave when DNS service is down. When I tested Deco in AP mode behaviour, I turned off ISP Router which on my network is DNS/DHCP/Router. I haven't tried turning DNS service off alone.
Can you clarify one thing for me: when DNS service down, how are you trying to reach DNS server to bounce it? Meaning: do you attempt to SSH to it from computer connected by Ethernet cable to router or from device connected to Deco wirelessly?
- Copy Link
- Report Inappropriate Content
The DNS server is a VM running on a host on the LAN. I should have a number of ways to restart the service or the whole thing, eg:
1) Using the web management console of the host to access the console of the VM (fails, because the host is connected via the Deco which refuses/is unable to relay the traffic)
2) Using ssh from a remote location, through a NAT rule on the router direct to the VM (fails, for the same reason)
3) As for 2, but ssh into the host to reboot the whole thing (fails, for the same reason)
4) Using ssh on the LAN, direct to the VM (fails, for the same reason)
5) As for 4 but ssh into the host (fails for the same reason)
ROUTER === [PORT1] DECO [PORT2] === VM HOST
I can set it up a different way, but it seems like a design flaw that Deco gives up as soon as there is no DNS resolution if indeed that's what is happening.
- Copy Link
- Report Inappropriate Content
For #2 to #5 I have plausible explanation and general expectation it will fail, based on my tests with Deco mesh failing its Internet health checks.
I am not sure why #1 fails (accessing VM from its own host server by IP address), and I may have asked you to run more tests for me, but I have a solution for you for about $20, so why bother with anything else?
As long as you are willing to spend $20 for no frills 5-port gigabit networking switch, or have one to spare, this should work for Deco running in AP more:
[MODEM]
=
=
=
[ROUTER]
=
=
=
[SWITCH] = = = [MAIN M9+] --- [SLAVE M9+]
=
=
=
[SERVER WITH DNS]
You'll be able to access DNS server from remote location through NAT rule on a Router.
You can put switch side by side with Main Deco, making solution not dependent on Ethernet wiring and hardware placement considerations. Yes, I know, perhaps not the most elegant solution, but it should work.
This is, of course, if you can't just bring [SERVER WITH DNS] to where [ROUTER] is and wire DNS server directly to one of free Ethernet ports on Router.
---------------------------
Unless you've figured something like this already and only brought issue to that forum to get TP-Link Support attention as a software feature request or bug report.
---------------------------
- Copy Link
- Report Inappropriate Content
#1 fails because the vm host is headless - the gpu is passed through to a VM for hardware transcoding. The only way to drive the host is via ssh, or using the web management console for the hypervisor. Both fail because Deco cannot reach the internet and stops relaying ethernet traffic.
"This is, of course, if you can't just bring [SERVER WITH DNS] to where [ROUTER] is and wire DNS server directly to one of free Ethernet ports on Router."
The network topology is beyond the context of this discussion, but yes - I want the DNS server and the Deco-provided wifi connected to the same port on the router. Deco should be able to act as a switch in AP mode with or without DNS resolution.
"Unless you've figured something like this already and only brought issue to that forum to get TP-Link Support attention as a software feature request or bug report."
Yes.
- Copy Link
- Report Inappropriate Content
Hi, thanks for the feedback.
It indeed catches our attention and please wait for a moment and I was checking with our senior engineers.
Thank you very much.
- Copy Link
- Report Inappropriate Content
Mihu wrote
The DNS server is a VM running on a host on the LAN. I should have a number of ways to restart the service or the whole thing, eg:
1) Using the web management console of the host to access the console of the VM (fails, because the host is connected via the Deco which refuses/is unable to relay the traffic)
2) Using ssh from a remote location, through a NAT rule on the router direct to the VM (fails, for the same reason)
3) As for 2, but ssh into the host to reboot the whole thing (fails, for the same reason)
4) Using ssh on the LAN, direct to the VM (fails, for the same reason)
May I know where the LAN SSH client is? connecting to the Deco, or the main DHCP router?
5) As for 4 but ssh into the host (fails for the same reason)
- Copy Link
- Report Inappropriate Content
TP-Link wrote
Mihu wrote
The DNS server is a VM running on a host on the LAN. I should have a number of ways to restart the service or the whole thing, eg:
1) Using the web management console of the host to access the console of the VM (fails, because the host is connected via the Deco which refuses/is unable to relay the traffic)
2) Using ssh from a remote location, through a NAT rule on the router direct to the VM (fails, for the same reason)
3) As for 2, but ssh into the host to reboot the whole thing (fails, for the same reason)
4) Using ssh on the LAN, direct to the VM (fails, for the same reason)
May I know where the LAN SSH client is? connecting to the Deco, or the main DHCP router?
5) As for 4 but ssh into the host (fails for the same reason)
In that situation, the ssh client could be:
a) The router itself (ssh to the underlying OS, and from there ssh out to the DNS VM, via the Deco's ethernet ports)
b) A client connected to a second wifi network using a separate port on the router. This uses a second pair of Deco M9+ and works perfectly well since the DNS on that network is more robust.
In all situations however, the Deco pair that experiences DNS failure goes solid red and will no longer relay ethernet traffic, so ssh cannot work.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 2
Views: 999
Replies: 9