DNS Queries and Fallback Upon Failure

Modified on Fri, 23 Feb 2024 at 11:46 AM

We decided to combine these two articles into one in an effort to provide a better understand of how the Alta failover works, wich happens to explain why you may see a high number of DNS queries coming from Alta devices.

Once Set Up on a site, the Alta devices will send a ping to ping.alta.inc every 30 seconds per device to ensure they have a valid Internet connection.  The will additionally send a ping to their gateway, and if both of these pings fail, then the "Fallback Upon Failure" mode will be triggered if enabled.  "Fallback Upon Failure" will disregard any static IP addressing and management VLAN settings, reverting to its default of attempting to pull DHCP on VLAN 1.  If the device is an AP, it will attempt to mesh to another Alta device.

DNS queries are high because ping.alta.inc is a CNAME for dl.alta.inc, which has a low TTL, which will reduce the odds of a cached DNS query being returned. Additionally, there are 2 requests from each device; one for an A record (for IPv4) and a AAAA (for IPv6) every 30 seconds, or a total of 480 queries per device per hour.

We are working on reducing the number of overall queries, but it's a bit of a balancing act.  We want to provide quick failover, of course, in the event of a misconfiguration or legitimate connectivity loss, but the cost of that is to verify the gateway and internet connectivity frequently.  However, if you would like to reduce the number of queries, you are free to disable the Fallback Upon Failure feature and/or Mesh features.  In doing so, you are disabling the ability/abilities for the Alta devices to self-heal network connectivity should the desired method of connectivity fail or if you accidentally misconfigure something which may result in the need to physically access the AP or switch to recover.

Requirements for local controllers (Beta)

The Alta devices also need to be able to look up local controller dynamic DNS hostnames, regardless of whether the local router has DNS rebinding protection active (the local controller will not work if those queries are dropped). That is why they all employ secure DNS in addition to the local DNS server supplied by DHCP.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article