When I upgraded my router from 19.07.2 to 19.07.3, and then recently from 19.07.3 to 19.07.4 a handful of IoT devices (Wyze brand bulbs and smart plugs) can connect to the local network just fine, but it seems they can not reach the internet. They get issued an IP address, they have great reception, my bandwidth is adequate (300/300), and I can ping them internally but I do get some high latency times reaching a max of around 200ms. Other IoT devices (Wyze and other brands) connect to the internet without issue, and when I jump from my IoT, Guest, and LAN virtual WLANs with my phone, the phone has no issue connecting. Trying to reinitialize the plagued IoT devices to any of my WLANs also fails yielding the same results described above. Any ideas what could be cause some devices to connect and other not to?
Lastly, this was accidentally fixed during my 19.07.2 to 19.07.3 upgrade when I attempted THIS article on DNSSEC and installed dnsmasq-full. My understanding is still that of a beginner, and I don't know if there is anything inherent to dnsmasq-full that could have solved this in its vanilla installation.
Validating DNSSEC locally is known to be problematic due to latency, timeouts, errors.
It's best to rely on the upstream DNS provider that already supports DNSSEC.
Use DNS encryption and/or VPN if you want to protect DNS and other traffic.
I'm actually not doing that at all this time @vgaetera and instead just using stubby according to this setup which has alwasy worked well for me.
Last time I got as far as replacing dnsmasq with dnsmasq-full and the original post's problems went away. Before I tried that again this time and just hoped for the best, I was hoping to do some more targeted problem solving.
@lleachii I have not installed dnsmasq-full yet because I don't know that the problem resolved last time because of taking that action, or if it was just coincidence. Furthermore, I'm hoping someone might be able to enlighten me as to what the difference in the two packages might be that could potentially solve a scenario like this. If the answer is both packages are essentially the same and the full version shouldn't have resolved anything, well then I'd rather explore this more now and work to identify the actual problem before applying a solution that may not be optimal.
@lleachii sorry if anything was unclear in my post. I don't need assistance with DNSSEC. I was fooling around with that as I attempt to learn more about OpenWRT through experimentation. Turns out, because of things @vgaetera pointed out I'm just sticking with a stubby setup. That part of things is all fine.
The problem I'm trying to solve is:
why some IOT devices are unable to reach the internet after router upgrades
if and why installing dnsmasq-full may solve that.
I read the differences in the packages, is there something different in their default setups that could resolve the issue I'm having?
Installing dnsmasq-full didn't resolve the issue. @vgaetera i do not have shell access to the IoT devices unfortunately. At this point I'm prone to think it's something wrong with the devices and not the network. Other-brand devices appear to be connecting just fine.
For anyone stumbling through, this thread was about WYZE brand devices not being able to connect. I was using stubby and its default Cloudflare DNS servers. When I uninstalled stubby and set my DNS servers manually to Google's all of my devices instantly worked again. There is something wrong with the Wyze devices here. @vgaetera and @lleachii thank you for patiently trying to work through this with me.
Here is the thread over on Wyze that somone else started.