Hi!
Few days ago, I setup a Mesh Wifi System for a customer with this configuration:
"Router ISP" ---- WAN PORT ----> RT6600ax (working in Wireless AP mode).
And from RT6600ax I use this LAN Ports:
Port 1: Goes to an unmanaged switch.
Port 2: Goes to an WRX560.
Port 3: Goes to TV.
And from unmanaged Switch:
Port 1: comes from RT6600ax
Port 2: Goes to an WRX560
Port 3: Goes to an WRX560
Port 4. Goes to an WRX560
Port 5: Goes to an WRX560
Port 6: Goes to an WRX560
On RT6600ax, there two netkworks: main and guest with their respective wifis.
People can navigate and use guest wifi without problem over all the mesh wifi.
But people can only navigate over the main wifi if they connect using RT6600ax as an access point.
They cannot if they use another accesspoint (any of the WRX560).
After this, I try to test the wired connections, with these results:
we cannot navigate if we use any of the lan ports of any device.
The first question that I think it was a network basic problem, but not.
After a lot of checks, and ticket opened in Synology support I found the main issue.
Note: Synology Support Level is very bad. Only I receive response like this: try to change router mode, .....
It is a DNS resolution problem.
We can only navigate to Google services!
I check this:
1) Check connection and DNS resolution when I connect direct to ISP router:
Works as expected.
2) Check connection and DNS resolution from wired connection or from router directly (SSH):
It fails.
Some examples:
root@Restaurant:~# more /etc/resolv.conf <---- DO NOT WORRY ABOUT THIS: I TRY A LOT OF COMBINATIONS OF DNS SERVERS ....
nameserver 192.168.1.230 <---- DNS SERVER IN ROUTER (I TRY TO UNINSTALL AND IT DOES NOT WORK)
nameserver 1.1.1.1
root@Restaurant:~# traceroute google.com
traceroute to google.com (142.250.200.110), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 0.924 ms 0.861 ms 0.752 ms
2 100.64.254.254 (100.64.254.254) 16.930 ms 19.782 ms 16.975 ms
3 10.7.8.37 (10.7.8.37) 40.234 ms 38.906 ms 39.015 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 33.679 ms 37.498 ms 42.247 ms
5 google.baja.espanix.net (193.149.1.94) 41.830 ms 37.132 ms 40.897 ms
6 108.170.253.241 (108.170.253.241) 44.002 ms 108.170.253.225 (108.170.253.225) 40.616 ms 108.170.253.241 (108.170.253.241) 41.023 ms
7 142.251.60.115 (142.251.60.115) 36.827 ms 36.627 ms 209.85.247.245 (209.85.247.245) 39.820 ms
8 mad41s13-in-f14.1e100.net (142.250.200.110) 34.955 ms 45.757 ms 40.304 ms
root@Restaurant:~# traceroute youtube.com
traceroute to youtube.com (142.250.184.174), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 1.919 ms 1.263 ms 0.686 ms
2 100.64.254.254 (100.64.254.254) 17.697 ms 18.299 ms 17.175 ms
3 10.7.8.37 (10.7.8.37) 33.023 ms 38.197 ms 39.455 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 33.071 ms 96.813 ms 63.964 ms
5 213.249.106.41 (213.249.106.41) 37.821 ms 33.246 ms 52.918 ms
6 72.14.203.172 (72.14.203.172) 42.426 ms 38.829 ms 39.348 ms
7 74.125.242.177 (74.125.242.177) 43.084 ms 36.667 ms 40.380 ms
8 142.250.213.125 (142.250.213.125) 39.430 ms 39.031 ms 37.909 ms
9 mad07s23-in-f14.1e100.net (142.250.184.174) 32.958 ms 39.235 ms 38.926 ms
root@Restaurant:~# traceroute elpais.com
traceroute to elpais.com (96.16.88.134), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 0.961 ms 1.292 ms 2.293 ms
2 100.64.254.254 (100.64.254.254) 18.809 ms 16.850 ms 18.192 ms
3 10.7.8.37 (10.7.8.37) 38.193 ms 38.153 ms 41.769 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 38.898 ms 38.169 ms 39.573 ms
5 213.249.106.41 (213.249.106.41) 41.754 ms 68.663 ms 43.786 ms
6 213.249.120.94 (213.249.120.94) 65.674 ms 42.936 ms 36.786 ms
7 195.10.46.201 (195.10.46.201) 38.351 ms 35.619 ms 41.099 ms
8^C
Looking at another threat, It seems that can be related to NTP config.
I try to use diferent servers, but it does not work.
Any idea?
Few days ago, I setup a Mesh Wifi System for a customer with this configuration:
"Router ISP" ---- WAN PORT ----> RT6600ax (working in Wireless AP mode).
And from RT6600ax I use this LAN Ports:
Port 1: Goes to an unmanaged switch.
Port 2: Goes to an WRX560.
Port 3: Goes to TV.
And from unmanaged Switch:
Port 1: comes from RT6600ax
Port 2: Goes to an WRX560
Port 3: Goes to an WRX560
Port 4. Goes to an WRX560
Port 5: Goes to an WRX560
Port 6: Goes to an WRX560
On RT6600ax, there two netkworks: main and guest with their respective wifis.
People can navigate and use guest wifi without problem over all the mesh wifi.
But people can only navigate over the main wifi if they connect using RT6600ax as an access point.
They cannot if they use another accesspoint (any of the WRX560).
After this, I try to test the wired connections, with these results:
we cannot navigate if we use any of the lan ports of any device.
The first question that I think it was a network basic problem, but not.
After a lot of checks, and ticket opened in Synology support I found the main issue.
Note: Synology Support Level is very bad. Only I receive response like this: try to change router mode, .....
It is a DNS resolution problem.
We can only navigate to Google services!
I check this:
1) Check connection and DNS resolution when I connect direct to ISP router:
Works as expected.
2) Check connection and DNS resolution from wired connection or from router directly (SSH):
It fails.
Some examples:
root@Restaurant:~# more /etc/resolv.conf <---- DO NOT WORRY ABOUT THIS: I TRY A LOT OF COMBINATIONS OF DNS SERVERS ....
nameserver 192.168.1.230 <---- DNS SERVER IN ROUTER (I TRY TO UNINSTALL AND IT DOES NOT WORK)
nameserver 1.1.1.1
root@Restaurant:~# traceroute google.com
traceroute to google.com (142.250.200.110), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 0.924 ms 0.861 ms 0.752 ms
2 100.64.254.254 (100.64.254.254) 16.930 ms 19.782 ms 16.975 ms
3 10.7.8.37 (10.7.8.37) 40.234 ms 38.906 ms 39.015 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 33.679 ms 37.498 ms 42.247 ms
5 google.baja.espanix.net (193.149.1.94) 41.830 ms 37.132 ms 40.897 ms
6 108.170.253.241 (108.170.253.241) 44.002 ms 108.170.253.225 (108.170.253.225) 40.616 ms 108.170.253.241 (108.170.253.241) 41.023 ms
7 142.251.60.115 (142.251.60.115) 36.827 ms 36.627 ms 209.85.247.245 (209.85.247.245) 39.820 ms
8 mad41s13-in-f14.1e100.net (142.250.200.110) 34.955 ms 45.757 ms 40.304 ms
root@Restaurant:~# traceroute youtube.com
traceroute to youtube.com (142.250.184.174), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 1.919 ms 1.263 ms 0.686 ms
2 100.64.254.254 (100.64.254.254) 17.697 ms 18.299 ms 17.175 ms
3 10.7.8.37 (10.7.8.37) 33.023 ms 38.197 ms 39.455 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 33.071 ms 96.813 ms 63.964 ms
5 213.249.106.41 (213.249.106.41) 37.821 ms 33.246 ms 52.918 ms
6 72.14.203.172 (72.14.203.172) 42.426 ms 38.829 ms 39.348 ms
7 74.125.242.177 (74.125.242.177) 43.084 ms 36.667 ms 40.380 ms
8 142.250.213.125 (142.250.213.125) 39.430 ms 39.031 ms 37.909 ms
9 mad07s23-in-f14.1e100.net (142.250.184.174) 32.958 ms 39.235 ms 38.926 ms
root@Restaurant:~# traceroute elpais.com
traceroute to elpais.com (96.16.88.134), 30 hops max, 46 byte packets
1 192.168.1.1 (192.168.1.1) 0.961 ms 1.292 ms 2.293 ms
2 100.64.254.254 (100.64.254.254) 18.809 ms 16.850 ms 18.192 ms
3 10.7.8.37 (10.7.8.37) 38.193 ms 38.153 ms 41.769 ms
4 37.red-215-142-78.static.citelia.es (78.142.215.37) 38.898 ms 38.169 ms 39.573 ms
5 213.249.106.41 (213.249.106.41) 41.754 ms 68.663 ms 43.786 ms
6 213.249.120.94 (213.249.120.94) 65.674 ms 42.936 ms 36.786 ms
7 195.10.46.201 (195.10.46.201) 38.351 ms 35.619 ms 41.099 ms
8^C
Looking at another threat, It seems that can be related to NTP config.
I try to use diferent servers, but it does not work.
Any idea?