SENSE does not always respond to DNS requests

Aspirant

SENSE does not always respond to DNS requests

It look like SENSE does not always respond to DNS requests. I believe this was what was causing issues with my Bosch dishwasher (https://community.f-secure.com/t5/F-Secure-SENSE/Bosch-dishwasher-with-Home/m-p/95771) and now seeing it with the Garming Fenix 5 watch as well.

 

I have debugged this by dumping all traffic on both sides (the LAN and the Internet) of the SENSE. My watch sends DNS qureies for time-c.nist.gov and gold.garmin.com to SENSE. SENSE sends these queries onward to my Internet router, the Internet router replies with the addreses to SENSE, but the reply is never sent back to my watch by SENSE.

 

However, the same lookups work from other devices. The root issue may be related to ARP requests sent by SENSE, as I have seen ARP requets from SENSE to the dishwasher and the watch that have gone unanswered. I have not yet investigated thoroughly,  but with a quick look at the ARP requets sent by  SENSE seem to differ somewhat from requests sent by other devices. Given time I will investigate more thoroughly.

1 ACCEPTED SOLUTION

Accepted Solutions
Aspirant

Re: SENSE does not always respond to DNS requests

I am happy to report that new software version (Security software 2017-09-13_01 - p-1.3.9.21) seems to have fixed my problem.

 

I did a factory reset two days ago and connected WAN port directly my cable modem.

 

Sense has been on line for two days, without any problems, including loss of DNS. Previously DNS functionality was lost after 10 to 20 minutes.

View solution in original post

26 REPLIES 26
LKo
Aspirant

Re: SENSE does not always respond to DNS requests

I can confirm that this is the case. SENSE does not always forward DNS replies. Happened three times today.
Highlighted
Aspirant

Re: SENSE does not always respond to DNS requests

I believe the root cause is the ARP requests that SENSE sends. This seems to be a problem for embedded devices, and less of a problem for more high end equipment like PCs, tables and phones. The problem has been with a Bosch dishwasher, Garmin Fenix 5 watch, and maybe once with a Withings scale. I've seen that there are no ARP replies with the dishwasher and the watch, but not confirmed it with the scale. The problems are not persistent, although right now I'm not able to get my watch to work no matter what. I have tried rebooting both SENSE and the watch. The watch has worked through the SENSE earlier, but also has had occational connection problems.

 

Here is as example of an ARP request sent by SENSE that the Fenix 5 does not respond to:

Ethernet II, Src: F-Secure_00:5e:71 (f0:27:45:00:5e:71), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Destination: Broadcast (ff:ff:ff:ff:ff:ff)
        Address: Broadcast (ff:ff:ff:ff:ff:ff)
        .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
        .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
    Source: F-Secure_00:5e:71 (f0:27:45:00:5e:71)
        Address: F-Secure_00:5e:71 (f0:27:45:00:5e:71)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: ARP (0x0806)
    Padding: 0000000000006cd400006cd4000000050001
Address Resolution Protocol (request)
    Hardware type: Ethernet (1)
    Protocol type: IPv4 (0x0800)
    Hardware size: 6
    Protocol size: 4
    Opcode: request (1)
    Sender MAC address: F-Secure_00:5e:71 (f0:27:45:00:5e:71)
    Sender IP address: 192.168.71.1
    Target MAC address: Broadcast (ff:ff:ff:ff:ff:ff)
    Target IP address: 192.168.71.110

Here's an example of an ARP request sent by a Linux box that the Fenix 5 does respond to:

Ethernet II, Src: AsustekC_78:ef:41 (2c:56:dc:78:ef:41), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
    Destination: Broadcast (ff:ff:ff:ff:ff:ff)
        Address: Broadcast (ff:ff:ff:ff:ff:ff)
        .... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
        .... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
    Source: AsustekC_78:ef:41 (2c:56:dc:78:ef:41)
        Address: AsustekC_78:ef:41 (2c:56:dc:78:ef:41)
        .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
        .... ...0 .... .... .... .... = IG bit: Individual address (unicast)
    Type: ARP (0x0806)
Address Resolution Protocol (request)
    Hardware type: Ethernet (1)
    Protocol type: IPv4 (0x0800)
    Hardware size: 6
    Protocol size: 4
    Opcode: request (1)
    Sender MAC address: AsustekC_78:ef:41 (2c:56:dc:78:ef:41)
    Sender IP address: 192.168.71.3
    Target MAC address: Broadcast (ff:ff:ff:ff:ff:ff)
    Target IP address: 192.168.71.110

The only difference I see is the padding in the ethernet frame sent by SENSE.

Aspirant

Re: SENSE does not always respond to DNS requests

Now I once saw an ARP reply from the watch, even though there was the padding in the SENSE's ARP request, so that is probably not the problem. The watch still does not get DNS replies from SENSE, though. The connection once worked this morning, but unfortunately I did not dump the traffic then.

LKo
Aspirant

Re: SENSE does not always respond to DNS requests

At least for me, I don't think it is related to ARP.

It is happening with all my devices: laptops, phones, tablets etc.

 

If I change the DNS server setting from using DHCP to static, let's say Google's 8.8.8.8, everything starts to work immediately.

Aspirant

Re: SENSE does not always respond to DNS requests

For reference, here is the sequence of events, from staring to sync with the Garmin watch when it powers up the WiFi, to when it fails and then shuts down WiFi:

09:44:44.534582 14:8f:21:d8:0a:b6 (oui Unknown) > Broadcast Null Unnumbered, xid, Flags [Response], length 42: 01 00
09:44:44.600589 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 14:8f:21:d8:0a:b6 (oui Unknown), length 261
09:44:44.616790 IP 192.168.71.1.bootps > 192.168.71.110.bootpc: BOOTP/DHCP, Reply, length 300
09:44:44.628486 ARP, Request who-has 192.168.71.1 tell 192.168.71.110, length 28
09:44:44.629365 ARP, Reply 192.168.71.1 is-at f0:27:45:00:5e:71 (oui Unknown), length 46
09:44:44.631492 ARP, Request who-has 192.168.71.1 tell 192.168.71.110, length 28
09:44:44.632042 ARP, Reply 192.168.71.1 is-at f0:27:45:00:5e:71 (oui Unknown), length 46
09:44:44.633193 IP 192.168.71.110.50731 > 192.168.71.1.domain: 16275+ A? time-c.nist.gov. (33)
09:44:44.958584 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:44:45.055437 ARP, Reply 192.168.71.110 is-at 14:8f:21:d8:0a:b6 (oui Unknown), length 28
09:44:45.060443 IP 192.168.71.110.50731 > 192.168.71.1.domain: 45441+ A? gold.garmin.com. (33)
09:44:45.560852 IP 192.168.71.110.50731 > 192.168.71.1.domain: 16275+ A? time-c.nist.gov. (33)
09:44:46.061041 IP 192.168.71.110.50731 > 192.168.71.1.domain: 45441+ A? gold.garmin.com. (33)
09:44:46.560446 IP 192.168.71.110.50731 > 192.168.71.1.domain: 45441+ A? gold.garmin.com. (33)
09:44:47.063427 IP 192.168.71.110.50731 > 192.168.71.1.domain: 16275+ A? time-c.nist.gov. (33)
09:44:48.061436 IP 192.168.71.110.50731 > 192.168.71.1.domain: 45441+ A? gold.garmin.com. (33)
09:44:49.061430 IP 192.168.71.110.50731 > 192.168.71.1.domain: 16275+ A? time-c.nist.gov. (33)
09:45:06.669908 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:45:29.163847 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:45:49.797675 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:46:12.221250 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:46:34.651646 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:46:53.551692 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:47:16.053499 ARP, Request who-has 192.168.71.110 (Broadcast) tell 192.168.71.1, length 46
09:47:20.666520 ARP, Request who-has 192.168.71.110 tell 192.168.71.1, length 46
09:47:21.666509 ARP, Request who-has 192.168.71.110 tell 192.168.71.1, length 46
09:47:22.666650 ARP, Request who-has 192.168.71.110 tell 192.168.71.1, length 46

ARPs work, but there are no DNS replies. It could still be that the ARPs, since the SENSE continues to request the MAC address of the watch. At this point the watch has however given up and shut down the WiFi.

Aspirant

Re: SENSE does not always respond to DNS requests

When doing a DNS lookup with my iPad, I get a DNS reply:

10:10:59.038488 IP 192.168.71.109.62834 > 192.168.71.1.domain: 423+ A? gold.garmin.com. (33)
10:10:59.101232 IP 192.168.71.1.domain > 192.168.71.109.62834: 423 3/9/9 CNAME gold.garmin.com.edgekey.net., CNAME e8867.b.akama                                   iedge.net., A 104.75.82.229 (441)

So it's not only a DNS problem. Got to figure out the difference between the iPad and the Garming watch. One is that the Garmin is only briefly connected to the WLAN.

 

In both cases, the iPad and the Garmin watch, they are connected via another WLAN AP that has a wired connection to the SENSE. I'm dumping data on both the wire between the WLAN AP and SENSE, and the WLAN of the WLAN AP. I.e., none of the devices (either working or not working) are using the SENSE's WLAN.

Community Manager

Re: SENSE does not always respond to DNS requests

Hello Ozone and LKo,

 

I have forwarded this post to the SENSE team's notice. They are investigating more on this.

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Aspirant

Re: SENSE does not always respond to DNS requests

Sounds similar to the problem I have with Sense.

 

First I thought that Sense was really dropping WAN connection (my phone kept telling me 'no Internet connectivity'), but today I figured out that it was a DNS problem.

 

In my case, DNS stops working after 10 - 20 minutes. I can ping and access Internet IP addresses.

 

DNS functionality is restored by:

 

- booting Sense

- disconnecting and reconnecting WAN cable

- changing Sense DNS address manually (from default to 8.8.8.8)

- changing Sense IP address

 

My Sense is connected to Cisco EPC3825 (bridged mode) with CAT 5 cable.

 

 

FormerMember
Not applicable

Re: SENSE does not always respond to DNS requests

I also sometimes experience that some services or websites don't load while all others work. Example email sync didn't work but surfing web and WhatsApp worked just fine.

I'll now test with google dns server to see if I experience that behavior again, thanks for the info.