Bug Report: Deco BE25 — Rogue DHCP Server Activation in AP Mode (Firmware 1.1.7)

Product: TP-Link Deco BE25  
Hardware Version: V8
Firmware Version: 1.1.7 Build 20260114 (latest as of submission date)  
Operating Mode: Access Point (AP) Mode  
Severity: High — causes intermittent total loss of internet connectivity for all wireless clients  

---

Summary

When operating in Access Point (AP) mode, the Deco BE25 intermittently activates its internal DHCP server and begins assigning IP addresses in the `192.168.0.x` subnet to wireless clients. Since no device on the network occupies the `192.168.0.1` gateway address advertised in these leases, affected clients lose internet connectivity entirely. The problem is reproducible across two independent, identical installations running the same firmware.

---

Network Configuration

Both installations share the following identical setup:

---

Observed Behavior

After a variable amount of time (ranging from hours to days), wireless clients connected to either Deco node begin receiving IP addresses in the `192.168.0.x` range instead of the expected `192.168.1.x` range.

The assigned lease includes:

• IP address: 192.168.0.x
• Gateway: 192.168.0.1
• DNS: values consistent with the Deco's internal DHCP profile

Critical observation: 192.168.0.1 does not respond to ping, does not serve any web interface (HTTP), and does not appear in ARP tables. No physical device on the network holds this address. The Deco nodes themselves do not respond at this address in AP mode. As a result, all affected wireless clients lose internet access immediately upon receiving a 192.168.0.x lease.

The Deco app continues to display both nodes as operating correctly in **AP mode** throughout the entire incident — no mode change is reported.

---

Reproduction

The issue occurs on two geographically separate, independently configured installations using identical hardware and firmware. This rules out environment-specific causes such as upstream router configuration, ISP behaviour, or physical interference.

Trigger pattern: The rogue DHCP activation appears to correlate with brief backhaul instability events between the main and satellite nodes (LED flashes red for approximately 10–15 seconds, then returns to green). It is consistent with the known TP-Link firmware behaviour where the Deco activates its internal DHCP temporarily when the upstream connection is lost, intended to preserve app manageability. However, the DHCP server **does not deactivate** once the connection is restored, and continues serving leases indefinitely.

---

Troubleshooting Steps Performed (All Ineffective)

The following settings were toggled individually and in combination. None resolved the issue:

• Smart DHCP — disabled → problem persists
• Ultra Speed Mode (Network Ultra Speed) — disabled → problem persists
• Fast Roaming — disabled → problem persists
• Beamforming — disabled → problem persists
• IoT / Guest network — completely disabled → problem persists
• Firmware — already on the latest available version (1.1.7 Build 20260114)

The issue was verified to exist on both installations independently before any of the above toggles were attempted, and after all were disabled simultaneously.

---

Impact

• All wireless clients that renew their DHCP lease during an active rogue DHCP window receive `192.168.0.x` addresses.
• Because `192.168.0.1` (the advertised gateway) does not exist, these clients have **no internet connectivity**.
• Wired clients connected directly to the upstream router are not affected.
• The only recovery path is to manually force a DHCP release/renew on each affected client after the rogue DHCP server deactivates, or to reboot the Deco nodes.
• The issue recurs after an unpredictable interval, making it impractical to manage in a home environment.

---

Root Cause Hypothesis

The Deco BE25 firmware, as documented in TP-Link's own community responses, is designed to activate an internal DHCP server in AP mode when the upstream connection drops, to allow continued management via the Deco app. The DHCP fallback subnet used is `192.168.0.x` — the Deco's default router-mode subnet.

The bug is that the internal DHCP server **fails to shut down** after the upstream connection is restored. It continues to respond to DHCP Discover broadcasts and wins the race against the legitimate upstream DHCP server for clients that are renewing or newly connecting. Since the advertised gateway (`192.168.0.1`) is never active in AP mode, all clients receiving these leases are left without internet.

This behaviour has been reported across multiple Deco generations (M5, M9 Plus, M4) over several years. It does not appear to have been fully resolved in the BE25 firmware series, including the latest 1.1.7 release.

---

Expected Behavior

In AP mode, the Deco's internal DHCP server should either:

1. Never activate, regardless of upstream connectivity status; or  
2. Activate only briefly during an upstream outage and **unconditionally deactivate** within a short, bounded timeout once upstream DHCP responses are detected again — regardless of whether any clients were served during the outage window.
3. Under no circumstances should the internal DHCP server continue operating after the upstream router's DHCP is available and responsive.

---

Requested Actions

1. Investigate and fix the condition under which the internal fallback DHCP server fails to deactivate after upstream restoration.
2. Consider adding an explicit option in the Deco app to **permanently disable** the fallback DHCP server in AP mode for users with reliable upstream infrastructure.
3. Provide a hotfix or beta firmware addressing this specific regression on the BE25 V8 platform.

---

Additional Notes

- The `192.168.0.x` range used by the rogue DHCP server matches the Deco's default router-mode LAN subnet exactly, confirming the fallback DHCP is the router-mode server being activated in error.
- The issue is not related to double NAT, ISP configuration, or any upstream device, as both affected installations use different upstream routers from different ISPs and the behaviour is identical.