Solved: Re: mDNS config trouble on 9800 - Page 2

Jeff A. · ‎07-28-2021

I’ve got a tricky one which I’m trying to diagnose, but so far have had no luck.

I’ve ended up with a couple spare 9120AXI AP’s from a completed temporary project and decided on setting them up at my home to replace the Wi-Fi portion of my ISP supplied hardware.

Everything works well, except a couple IoT devices relying on mDNS multi-casting (specifically Tado AC controllers over HomeKit). Every so often I will get a No Response message in the Apple Home app indicating that the device is not responding, however the device is online and I can send it commands from the Tado web console or their dedicated cloud app. It’s just not updating over HomeKit.

This behaviour is new with the Cisco network configuration on a fairly vanilla config using the Embedded Wireless Controller software. My relevant config changes from vanilla is as follows:

mDNS set to Bridged
WMM set to Required
PMF set to Optional
Default RF Tag set to High Client Density
Rogue Detection Security Level set to Low
Event Driven RRM including Rogue Contribution set to default values on both bands
DCA Interval set to 4 Hours

From the above config, the only setting which I think could be relevant is the RF Tag, but I wanted to run this past the community first and get some thoughts before diving further down this rabbit hole.

The reason I believe I’ve narrowed it down to mDNS is that while on one of the AP’s I was getting the error, then I roamed to another AP, the error went away, so I roamed back to the original al AP where I was having the issue and the error remained away. I could ping the Tado throughout the entire process.

Any thoughts or advice is appreciated.

Jeff A. · ‎08-29-2022

We had IGMP snooping enabled and it made no difference for us. It could be as simple as an incompatibility between our switching infrastructure but we did not have the time to invest further into it.

Dennis Heim · ‎08-29-2022

A follow up in case anyone else runs into this problem. Many of the articles and videos talk about enabling mdns gateway on the wlan's (Configuration->tags & profiles -> Policy -> Advanced ->mDNS Service Policy) and configuring the mdns mode on the wlan under the Advanced tab. When I did that I got printing and other mdns sevices to work, but not our good friend homekit.

In my setup I have SVI's created on each of the VLANs because my 4500 switch and serving up DHCP. Without the SVI's I was not getting DHCP addresses. I am new to the 9800 controller, so maybe I had something wrong going on. Under the SVI (Configuration -> Layer 2 -> VLAN -> SVI -> Advanced) there is an option for mDNS Gateway, I set that to enable along with specifying my mDNS Service policy. I did that for all my SVI's that needed mDNS gateway routing functionality. Once I did that and rebooted, homekit started to work.

One of the challenges from going through creating a custom mDNS service policy, was what to include in it. Under monitoring -> services -> mdns, it shows you the controller's mdns cache. However, if the entry is blocked based on the service policy that doesn't help tell you what to add. I found this document (https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/215352-configure-and-troubleshoot-mdns-on-catal.html), at the end there is a small troubleshooting section, and that tells you some good debug to turn on. That allowed me to see the mdns entries that were being blocked from other apps. This wasn't really related to homekit, but just a good thing to know. For example, I found an entry for discovery of my axis camera's (_axis-vdieo._tcp.local).

I hope this helps and saves some people some time.