Alta Help Center

DNS Queries and Fallback Upon Failure

Matt Baer
Matt Baer
  • Updated

We decided to combine these two articles into one in an effort to provide a better understanding of how the Alta failover works, which happens to explain why you may see a high number of DNS queries coming from Alta devices.

 

Once Set Up on a site, the Alta devices will send a ping to ping.alta.inc every 30 seconds per device to ensure they have a valid Internet connection.  They will additionally send a ping to their gateway, and if both of these pings fail, then the "Fallback Upon Failure" mode will be triggered if enabled.  "Fallback Upon Failure" will disregard any static IP addressing and management VLAN settings, reverting to its default of attempting to pull DHCP on VLAN 1.  If the device is an AP, it will attempt to mesh to another Alta device.

DNS queries are high because ping.alta.inc is a CNAME for dl.alta.inc, which has a low TTL, which will reduce the odds of a cached DNS query being returned. Additionally, there are 2 requests from each device; one for an A record (for IPv4) and a AAAA (for IPv6) every 30 seconds, or a total of 480 queries per device per hour.

We are working on reducing the number of overall queries, but it's a bit of a balancing act.  We want to provide quick failover, of course, in the event of a misconfiguration or legitimate connectivity loss, but the cost of that is to verify the gateway and internet connectivity frequently.  However, if you would like to reduce the number of queries, you are free to disable the Fallback Upon Failure feature and/or Mesh features.  In doing so, you are disabling the ability/abilities for the Alta devices to self-heal network connectivity should the desired method of connectivity fail or if you accidentally misconfigure something which may result in the need to physically access the AP or switch to recover.

 

Requirements for local controllers

The Alta devices also need to be able to look up local controller dynamic DNS hostnames, regardless of whether the local router has DNS rebinding protection active (the local controller will not work if those queries are dropped). That is why they all employ secure DNS in addition to the local DNS server supplied by DHCP.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.