A brief description

We decided to combine these two articles into one in an effort to provide a better understanding of how the Alta failover on WiFi works, which happens to explain why you may see a high number of DNS queries coming from Alta devices.

Once Set Up on a site, the Alta devices will send a ping to ping.alta.inc every 30 seconds per device to ensure they have a valid Internet connection.  They will additionally send a ping to their gateway, and if both of these pings fail, then the "Fallback Upon Failure" mode will be triggered if enabled.  "Fallback Upon Failure" will disregard any static IP addressing and management VLAN settings, reverting to the default DHCP request on VLAN 1.

Consider your AP is mounted on a light pole in a parking lot and the only way to physically access the device is to rent a scissor lift or some other machinery as a ladder is simply not possible. Now consider you accidentally provided the wrong static IP address to that AP. With other vendors, you have to figure out how to get access to the physical reset button on the AP itself. However, with Fallback Upon Failure, the device will revert its settings, allowing access again so you can correct the mistaken static IP (or VLAN or any other setting that may inadvertently knock the device off of the network).

The mesh feature also relies on these tests along with the absence of a L1 link on the Ethernet interface. Mesh activates as a self-healing mechanism to try to restore communication with the gateway.

DNS queries are high because ping.alta.inc is a CNAME for dl.alta.inc, which has a low TTL, which will reduce the odds of a cached DNS query being returned. Additionally, there are 2 requests from each device; one for an A record (for IPv4) and a AAAA (for IPv6) every 30 seconds, or a total of 480 queries per device per hour.

We are working on reducing the number of overall queries, but it's a bit of a balancing act.  We want to provide quick failover, of course, in the event of a misconfiguration or legitimate connectivity loss, but the cost of that is to verify the gateway and internet connectivity frequently.  However, if you would like to reduce the number of queries, you are free to disable the Fallback Upon Failure feature and/or Mesh features.  In doing so, you are disabling the ability/abilities for the Alta devices to self-heal network connectivity should the desired method of connectivity fail or if you accidentally misconfigure something which may result in the need to physically access the AP or switch to recover.

Requirements for local controllers

The Alta devices also need to be able to look up local controller dynamic DNS hostnames, regardless of whether the local router has DNS rebinding protection active (the local controller will not work if those queries are dropped). That is why they all employ secure DNS in addition to the local DNS server supplied by DHCP.

Identifying Fallback Upon Failure

For Alta devices themselves, the easiest way to determine that this feature has been tripped is that it no longer has the assigned static IP and/or the assigned management VLAN.

For clients, it's all in the IP address they obtain. By default, the backup network is 10.188.0.0/16. If you see a device with this IP, then you know the Fallback Upon Failure feature has been triggered.  This backup network setting can be modified by going to Settings > System > Advanced > Backup Network.

Additionally, if you would like to disable this feature, simply delete all characters out of the Backup Network field. However, we advise extreme caution in doing so.