DNS data corruption
I just got this extender a couple of days ago, I'm having serious problems making it pass traffic correctly, and I'm wondering if anybody else has seen similar issues, or if I got massively bad hardware somehow.
As soon as I started using the extender, DNS lookups from my Mac started either failing or returning 10.0.0.1, depending on the site. This happened for both internal (intranet) and external (public) sites.
When I disabled the range extender, everything works again.
According to tcpdump, the DNS requests do not reach my internal DNS server at all.
This failure occurs regardless of my Mac's DNS settings; DNS requests all get lost, even with 8.8.8.8. I have verified that nothing in the Mac UI is lying to me by using dig on the command line, and the above observations are still 100% reproducible.
When the extender is configured to use my internal DNS server (which I have verified is working correctly), it can't connect to the cloud server to check for firmware updates.
If I change the extender to use 8.8.8.8 as its DNS server, it is able to check for updates and says that none are available. Even with that setting, I still get corrupted/no DNS responses on downstream clients.
Troubleshooting steps performed:
1. Noticed that DHCP server on the extender was set to auto, which could potentially compromise my wired network by having multiple DHCP servers. Turned that off.
2. Tried pointing the Mac client at a different DNS server.
3. Noticed that the extender was forcibly inserting 192.168.1.1 as a secondary DNS server if I left it blank, so inserted my own DNS server in both slots to force it to provide the right one to clients, just in case the upstream router was providing bad DNS responses. This appeared to fix the problem for about 24 hours, or maybe those sites just got cached on my laptop while it was connected to the other router, but the fix didn't hold. (I later determined that this was a red herring, as 192.168.1.1 does not respond to DNS requests.)
4. Added debugging to my DNS server to see what was actually coming through.
5. Ran tcpdump when the DNS server's debugging didn't show even a single incoming request.
6. Tried checking for firmware updates.
7. Tried configuring the extender in standalone router mode to see if that fixed the inability to check for firmware updates. (It did not.) Note that I did not actually try connecting to it over WI-Fi while it was in that mode; I operated the web interface via the wired Ethernet side while connected to the upstream router.
8. Reconfigured the extender with 8.8.8.8 as its resolver. This fixed the inability to check for updates, but none were available.
9. Switched back to extender mode.
10.. Determined that having the extender set to use 8.8.8.8 as its resolver did not fix the downstream clients' inability to perform DNS lookups (as expected, but worth verifying).
11. Checked for updates on the mesh controller Wi-Fi router. (None were available.)
12. Verified that the web UI has no port blocking support that could somehow be misconfigured.
13. Turning off stateful packet inspection on the upstream firewall.
14. Power-cycling the repeater again.
At that point, I gave up and unplugged it from the wall so that I actually have a usable network again.
It is worth noting that ONLY DNS traffic is affected, as far as I can tell. I can ping other hosts on the network, and can SSH to internal sites by mDNS while connected through the extender. I have experienced zero problems while doing so. So the router is passing traffic, but it is corrupting or dropping DNS packets — and only DNS packets. (To be fair, I have not tried any other UDP traffic, so it could be corrupting or dropping all UDP traffic, and I would have no idea.)
Configuration:
This is with EasyMesh, configured with an Ethernet backhaul. The extender has a static IP address at the top of the 192.168.1.x range. The internal DNS server also has a static IP address near the top of that range. The main Wi-Fi access point is at 192.168.1.1 an AX73/AX5400 Wi-Fi 6 router running firmware version 1.3.6 Build 20240325 rel.39241(5553).
The network switch providing the backhaul is a Cisco SG200-26.
Any thoughts before I box this thing up and ship it back to Best Buy as defective hardware?