DPI not functioning
I am having issues with DPI not detecting anything. What OSI model does your DPI sniff at? I am now using an Ubuntu controller not in standalone mode anymore.
Here is the network diagram:
The last message I got from TP Link support was they recommended two things:
1. It is recommended to check off all Facebook-related.
2. There is only one VLAN interface on the gateway, but the clients should not be on this subnet. So the DPI data cannot be detected. That's why it's not in effect.
Even though I set up TWO DPI filter, one for Facebook and another for TikTok. TikTok only has one, but even when I put all the facebook application into the filter it does nothing.
Point 2, I am not even sure what that even means.
So my question is, is DPI sniffing at layer 2? The only thing I can think of is that, I am not using the ER8411 as a RoaS. I am routing between the ER8411 and my L3 switch (DX010). So any VLAN information is going to be dropped at the interface..
Anyone want to chime in?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
I have a ER8411 and use DPI, only app I block is tiktok, but I do a test with facebook to and it block right away.
Are you sure you have it set up correctly? it can be a bit fiddly to set up.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Seems pretty straight forward to me....
For TikTok on the ER8411 there is only one, but as I have said before. adding all Facebook does nothing... I can get to Facebook and use Messenger
- Copy Link
- Report Inappropriate Content
Ok, I use only one application filter and add blocked app to one group in roules management.
I have testet with many app now and it work every time. facebook and messenger stop working and my straming services stop working when I block Netflix.
- Copy Link
- Report Inappropriate Content
But I try to create a facebook only filter and assigned this to lan and everyting from facebook stop working on my computer.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
MY time range is set the same.
Are you using your ER8411 Router on a Stick on your network?.. meaning all your inter-vlan are on your router (if you have multiple vlans)
- Copy Link
- Report Inappropriate Content
Yes i have many VLAN, and it work on all as I know, my straming device is on its own vlan and netflix stop working and my computer is on another vlan and netflix dosent work on this either.
so your problem is strange. I have the latest firmware on my ER8411 but i run the latest controller beta my bee this is why this work. I use controller version 5.14.20.8
- Copy Link
- Report Inappropriate Content
Hi @mbze430
What about this guide? How to Set Up Deep Packet Inspection(DPI) on Omada Router
If you follow this and do soem tests with your application.
If you are blocking a vendor like Google, make sure you block several sites that Google owned.
- Copy Link
- Report Inappropriate Content
So Support reply,
They wanted me to expand my routing interface from 192.168.1.0/30 to /24 but I have NOTHING other than two interfaces talking to each other.
Here is my reply... and I don't understand why they keep talking about the VLAN, since my interface is routed....
I changed it to 192.168.1.1/24 and nothing has changed. Because as I have told your support that I am NOT using the ER8411 in a Router as a Stick configuration. My network is setup as multilayer.
My layer 3 switch connecting to the ER8411 is using a routed interface. 192.168.1.2. There are ZERO other devices on my network are on the 192.168.1.1/24 or 192.168.1.1/30 subnet. only two devices, ER8411 (192.168.1.1) and DX010 (192.168.1.2)
this is the route on my DX010 running Microsoft SONiC
admin@sonic:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
S>*0.0.0.0/0 [1/0] via 192.168.1.1, Ethernet0, 05:01:22
C>*10.0.80.224/27 is directly connected, Vlan80, 05:01:22
C>*10.0.90.224/27 is directly connected, Vlan90, 05:01:22
C>*10.0.100.96/27 is directly connected, Vlan1000, 05:01:22
C>*10.0.253.0/24 is directly connected, Vlan253, 05:01:22
C>*10.0.254.0/24 is directly connected, Vlan254, 05:01:22
C>*10.1.0.1/32 is directly connected, Loopback0, 05:01:27
C>*10.1.100.176/28 is directly connected, Vlan100, 05:01:22
C>*10.1.110.144/28 is directly connected, Vlan110, 05:01:22
C>*10.3.52.0/26 is directly connected, Vlan52, 05:01:22
C>*10.3.68.0/24 is directly connected, Vlan268, 05:01:22
C>*10.3.128.64/26 is directly connected, Vlan1128, 05:01:22
C>*172.17.170.0/26 is directly connected, Vlan170, 05:01:22
C>*172.18.7.32/28 is directly connected, Vlan740, 05:01:22
C>*192.168.1.0/30 is directly connected, Ethernet0, 05:01:22
as you can see NO VLAN 2. because the interfaces are routed. I don't know why you keep talking about VLAN2 on the ER8411, because any routed interface it doesn't care about VLAN.
admin@sonic:~$ show vlan brief +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | VLAN ID | IP Address | Ports | Port Tagging | Proxy ARP | DHCP Helper Address | +===========+=================+===============+================+=============+=======================+ | 10 | | Ethernet115 | untagged | disabled | | | | | Ethernet119 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 52 | 10.3.52.1/26 | Ethernet125 | tagged | disabled | 10.0.253.254 | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 80 | 10.0.80.225/27 | Ethernet113 | tagged | disabled | | | | | Ethernet116 | tagged | | | | | | Ethernet125 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 90 | 10.0.90.225/27 | Ethernet116 | tagged | disabled | | | | | Ethernet125 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 100 | 10.1.100.177/28 | Ethernet125 | tagged | disabled | 10.0.253.254 | | | | Ethernet126 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 110 | 10.1.110.145/28 | Ethernet124 | tagged | disabled | 10.0.253.254 | | | | Ethernet125 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 170 | 172.17.170.1/26 | Ethernet116 | tagged | disabled | 10.0.253.254 | | | | Ethernet124 | tagged | | | | | | Ethernet125 | tagged | | | | | | Ethernet126 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 252 | | Ethernet117 | tagged | disabled | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 253 | 10.0.253.1/24 | Ethernet112 | untagged | disabled | | | | | Ethernet116 | tagged | | | | | | Ethernet125 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 254 | 10.0.254.1/24 | Ethernet116 | tagged | disabled | | | | | Ethernet124 | tagged | | | | | | Ethernet125 | tagged | | | | | | Ethernet126 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 268 | 10.3.68.1/24 | Ethernet125 | tagged | disabled | 10.0.253.254 | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 740 | 172.18.7.33/28 | Ethernet124 | tagged | disabled | 10.0.253.254 | | | | Ethernet125 | tagged | | | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 1000 | 10.0.100.97/27 | Ethernet125 | tagged | disabled | 10.0.253.254 | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 1128 | 10.3.128.65/26 | Ethernet125 | tagged | disabled | 10.0.253.254 | | | | PortChannel01 | tagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+ | 4000 | | Ethernet124 | untagged | disabled | | | | | Ethernet125 | untagged | | | | | | Ethernet126 | untagged | | | | | | PortChannel01 | untagged | | | +-----------+-----------------+---------------+----------------+-------------+-----------------------+
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1953
Replies: 23
Voters 0
No one has voted for it yet.