Fingbox issue: floating local network with mDNS packets

mspinolo
mspinolo Member, Beta Tester Posts: 4
First Comment Photogenic
Hi all,
I have an home network setup with quite a lot of clients (mainly IoT gears).
My router are sinology 2600AC + MR220AC in mesh setup. Recently I had a lot of network issues (high ping time, disconnections, etc...) which with the help of synology support came out to be due to fingbox flooding the local network with mDNS packets (this even if fingbox was set in "slow discovery mode").
Turned off fingbox as all is fine now but obviously..i can't use my fingbox now.
I was wondering if this is an expected behavior, is it due to buggy behavior of sinology router, is it an avoidable consequence of the network scan fingbox needs to carry out?

Kind regards,
Michele
Tagged:

Comments

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Hi @mspinolo
    Welcome and thanks for your question. Could you try these steps and see if it helps fix things?
    There are a few things you can do:
    Turn off Reverse DNS lookups:

    Try slower network discovery:
    If you experience issues with network speed or specific devices, you can you use the feature of ‘Slower network discovery’.

    To do this:
    • Open the Fing app, ensure that you are on the Network associated with your Fingbox
    • Tap on the Avatar icon in the top-right corner
    • Choose ‘Settings of (network/Fingbox name)’
    • Scroll down and enable the “Slower Network Discovery” setting: Fingbox will run a lighter version of the network scanner that should not interfere with your devices.

    Let me know about the screenshots and if the above steps help you.

    Community Manager at Fing

  • mspinolo
    mspinolo Member, Beta Tester Posts: 4
    First Comment Photogenic

    Hi Violet,

    thank you very much for your answer.

    could you please better explain why disabling DNS reverse lookup should help and which features I will lose disabling it?

    kind regards,

    michele

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Slower network discovery would mean less checking in on devices.
    I'll inquire more on the reverse DNS requests and revert soon. 

    Community Manager at Fing

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Hi @mspinolo
    Here is some more information on Reverse DNS requests below. I don't believe it would have any impact on features, but would reduce some of the requests which you are having trouble with.

    "a reverse DNS lookup or reverse DNS resolution (rDNS) is the querying technique of the Domain Name System (DNS) to determine the domain name associated with an IP address – the reverse of the usual "forward" DNS lookup of an IP address from a domain name."

    Community Manager at Fing

  • mspinolo
    mspinolo Member, Beta Tester Posts: 4
    First Comment Photogenic

    Ok, done so why this should reduce mDNS packets usage by fingbox?

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Thanks @mspinolo I've had advice from colleagues and reverse DNS and mDNS are not the same. So the disabling of reverse DNS requests would not help with your issue. 

    This would be pin-pointed down to mesh network or incompatibility of the system. 

    With Mesh networks, almost all the features of the Fingbox will work except for Wifi Intrusion Protection, Bandwidth Analysis, Internet Speed Test and Vulnerability test for open ports. Fingbox is compatible with both a single and two Wi-Fi mesh networks. With three or more than three Wifi Network, there might be some errors in using the above-mentioned features. 


    Do you know how many mesh WiFi networks you have? 


    Community Manager at Fing

  • mspinolo
    mspinolo Member, Beta Tester Posts: 4
    First Comment Photogenic
    Hi Violet,
    thanks again for the quick answer.
    So my network is made by a main router (synology RT2600AC):
    • a synology MR2200AC (configured in mesh and cable connected to RT2600AC as backhaul connection) --> meshing both 2.4G and 5G network
    • DodoCool AC750 as additional wireless AP (creating a different SSID)
    • XiaomiMi Repeater as Wifi repeater (creating a different SSID)
    now my issue is that when I connect and turn on fingbox this floods my network with mDNS packets at the point some devices with not great band capabilities (typically IoT devices first) are saturated and start to have high ping times (above 1s) and lose wifi connection.
    I can notice wifi network performance is reduced also on my iPhone for example although this does not lose connection.

    Now the interesting point you make about "fingbox do not work with 3 or more wifi networks" I think also explains why I do not have this issue on Dodocool and Xiaomi SSID (is that correct?).
    Anyway the mainpoint is why fingbox is flooding so many mDNS packets to compromise network performance and stability?
  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    hi @mspinolo
    That seems to be correct. For the additional information, I'm sure it is required for the performance of the device (checking status of all devices constantly for network monitoring). I am seeing if there are any more details possible to share on this and I'll revert when I get feedback from other team members. 
    We don't see this issue so often, but sometimes we do have incompatible routers or mesh systems coming up. 

    Community Manager at Fing

  • VioletChepil
    VioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Hi @mspinolo
    A few more details on this. 
    The way that the Fingbox works is by spoofing the Router and/or DHCP/DNS servers IP address and redirecting the targets internet request to it and then ignoring them.This will produce duplicate IP address warnings from other devices on your network if they have the ability to detect things.If you have blocking enabled, it will take all the IP addresses for itself that are not assigned in the DHCP pool to keep other devices from joining the network.

    When you grant a device access, it will release one IP address from that pool to allow that device to join.

    I hope this helps. 

    Community Manager at Fing