This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

DNS lookups and outbound HTTP to Apple from Ruckus AP

Go to solution
ctay
New Contributor III

‎04-04-2023 09:04 AM - edited ‎04-04-2023 09:27 AM

Hello.  R610 AP on Unleashed 200.13.6.1.319. 

TLDR: Unleashed doing DNS lookups and outbound HTTP to Apple (and others), part of Internet Checking functionality, can be disabled in limited fashion, but prefer to completely disable.

Logging devices in same environment have been recording excessive DNS lookups and outbound HTTP to captive.apple.com from the AP. After some topic searching here and elsewhere it appears to be a function of the Internet Connectivity checking with Unleashed.  I see outbound traffic every 65 seconds initially caught in Suricata IDS logs (outbound HTTP, curl User-Agent), but also seen in Unbound DNS logs.

Using the Internet-check CLI command via SSH I managed to disable the checks.  The functionality appears to contact captive.apple.com, but falls back to www.microsoft.com and then support.ruckuswireless.com if unable to reach first.  All three were disabled, but now every 35 seconds I'm seeing DNS lookups to www.apple.com , along with IPv4 and IPv6 Reverse DNS lookups for same domain. Obviously the prior attempt to disable the Internet Checking is limited and actually creates more log spam than before.

Are there possibly any undocumented CLI commands to disable the remaining attempts? 

While this is not a large issue by any means, I prefer to not have the AP reach out if not necessary and create log spam.  For the time being, I left support.ruckwireless.com check enabled reducing lookups to 65 seconds and have a host override in Unbound to blackhole the request.  Still creates some log spam which can't be filtered, though I can purge ever so often when needed.   Thanks.

CLI command reference:

https://docs.commscope.com/en-US/bundle/unleashed-200.13-commandref/page/GUID-B6343A24-59CA-4711-815...

Previous mention of issue within this forum: 

https://community.ruckuswireless.com/t5/Access-Points-Indoor-and-Outdoor/DNS-Requests-to-baidu-com-f...

 

0 Kudos
2 ACCEPTED SOLUTIONS

Go to solution
sanjay_kumar
RUCKUS Team Member
In response to ctay

‎04-07-2023 08:05 PM

Hi @ctay 
The command is as below from CLI :

ruckus> en
ruckus# config
You have all rights in this mode.
ruckus(config)# system

ruckus(config-sys)# show internet-check
Internet Check:
Company = apple, Enable = 1

Internet Check:
Company = microsoft, Enable = 1

Internet Check:
Company = ruckus, Enable = 1

Now to disable this use the below command:

ruckus(config-sys)# no internet-check all
The internet check settings have been updated.
ruckus(config-sys)# end
Your changes have been saved.

To cross check:
ruckus(config)# system
ruckus(config-sys)# show internet-check
Internet Check:
Company = apple, Enable = 0

Internet Check:
Company = microsoft, Enable = 0

Internet Check:
Company = ruckus, Enable = 0

I would recommend using this function in 200.14, which is about to release in next week.

View solution in original post

0 Kudos

Go to solution
ctay
New Contributor III
In response to sanjay_kumar

‎04-20-2023 04:36 AM

I can confirm the fix appears to be working in this update.  After upgrade to 200.14 and resetting Internet Checking, the AP would start its cycle of 65 sec DNS lookups to captive.apple.com, but after disabling Internet Checking via CLI, all further DNS traffic ceased.  Thanks Sanjay.

View solution in original post

0 Kudos
13 REPLIES 13

Go to solution
ctay
New Contributor III
In response to sanjay_kumar

‎04-19-2023 06:20 AM

Thanks, I'm aware of the release, have the download and related documents in my possession, but need to schedule a time for upgrade.  I did note there was no mention within the 200.14 Release Notes of anything related to a bug and subsequent fix in Internet-Check behavior.

0 Kudos

Go to solution
sanjay_kumar
RUCKUS Team Member
In response to ctay

‎04-19-2023 08:33 PM

Hi @ctay 
As it was a last minute update, the document was not updated but I tested myself on this and it is working.

0 Kudos

Go to solution
ctay
New Contributor III
In response to sanjay_kumar

‎04-20-2023 04:36 AM

I can confirm the fix appears to be working in this update.  After upgrade to 200.14 and resetting Internet Checking, the AP would start its cycle of 65 sec DNS lookups to captive.apple.com, but after disabling Internet Checking via CLI, all further DNS traffic ceased.  Thanks Sanjay.

0 Kudos

Go to solution
sanjay_kumar
RUCKUS Team Member
In response to ctay

‎04-20-2023 07:41 PM

Hi @ctay 

Thank you for the update and I'm glad to hear that the issue is resolved.
It would be great if you can mark my response (On ‎04-07-2023as "Solution" so that other can review it directly for complete steps and information.

0 Kudos
Copyright © 2024 Khoros, LLC