07-19-2021 12:48 PM
Hi there!
Since we updated HiveOS to V10.3 there are some strange DNS-Queries log entries in the Firewall.
We do not use Cloud-Services, we are working with APs on hivemanager Classic.
The APs do not have connections to the Internet.
The Problem: from V10.3 on there are strange DNS-Requests to www.google.com from the AP directly, not to the local DNS, but to a DNS-Server which we use in our Guest-WLAN => open to the internet, but it’s not accessible from the AP management-VLAN (tagged Port). The AP uses a DNS-Server which is not configured on them; they get the local DNS-Server, which is seen by “show dns”. But the request is send to the DNS-Server in the Guest-WLAN, which will be given via DHCP ONLY to Clients in a tagged VLAN (same Eth-Port like the AP).
I have found some things like “ping 8.8.8.8” and Client-Tracking via DNS/Google. But this way is not working and I have a firewall, which is actually blocking this traffic. But the Logs are full! See: there are up to 3 Requests from one AP, together we have about 250 APs Aerohive AP 130 running.
Can anybody help to stop these requests???
Hope, my words are not confusing…
Thanks
Frank from Münster, Germany.
07-22-2021 11:24 AM
Question this issue on another way…
Why is the Management IP (untagged VLAN) ot the AP using a DNS-Server-IP (!) from the Client-VLAN, which the AP is seeing (perhaps) via a DHCP-Reply on a separated (tagged) VLAN? The IP is not accessible via Management-VLAN…
Strange...
07-20-2021 05:32 AM
Yes, I tried to.
But this was not ping, it is DNS-Request to a Server, which never will be reachable from this VLAN! Also: why will the management of the AP use a DNS-Server from a totally independent/autonomous VLAN?
Tried, but doesn’t help. Because there are no pings!
Regards.
07-19-2021 03:43 PM
Have you tried disabling IP Tracking? Option 1 of this guide reviews how to do this: https://extremeportal.force.com/ExtrArticleDetail?an=000065955&q=Why%20do%20APs%20ping%208.8.8.8