Meant no disrespect nor to lecture. When you stated “After some time on my iPhone XS I can see two IPv6 addresses assigned with one IPv6 gateway - which I have no clue where they come from..” I took it as you did not understand how IPv6 worked on the iPhone. I apologise if I misunderstood what you were saying.
I tried your IP address and did get the “:)”. It seems to also work consistently as you stated. I don’t have good access to a simple website…I have a lot of cPanel based VPS servers and using a FQDN is pretty much a requirement when hosting multiple sub/add-on domains using a shared address… and I don’t have the time to tweak the Apache configs to force using an IP for children domains.
I am still not totally convinced it is DNS related. Can you explain to me why DNS would break while using 5GHz AC configurations, but work on all other non-AC 5GHz (and 2.5Ghz) configurations? Maybe something is messed up when using AC in combination with NAT/Masquerade (as was mentioned by @uldis) , causing what appears to be DNS issues. And why does it it appear to work on AC configurations when using L2TP and other UDP heavy applications? And why on just these new iPhones? My general intuition would suggest that it is a layer [1-3] issue and not service orientated; however I am 100% okay with being wrong in this assumption and would be happy to hear that DNS (any anything else) was the cause. We just need this fixed!
First of all, my MikroTik cAP AC is working in pure bridge mode, zero NAT, zero firewall rules so I don’t believe it is NAT related.
I’m suspecting the new iPhone XS is sending DNS requests in different manner - maybe the L2 frame has some extra fields for DNS requests and MikroTik has a bug in processing that particular type of frames when in AC mode - not sure. When using VPN, the DNS requests are encapsulated packets so these are different than the one when you’re not using VPN.
To confirm my theory that it is DNS related issue, install some ping tools on your iPhone XS, like Ping lite, move to AC mode and try to ping FQDN that you didn’t visit before on the iPhone XS. In my case I don’t get the IP address from the DNS server or I get it after very very long time - which seems too long for iOS http protocol to wait and it times out before any browser or app can get the response from DNS. Meanwhile try to ping any public IP address that is replying to ICMP. It should always work for you when in AC mode.
Regarding IPv6,
My iPhone XS and other apple devices are getting non link local IPv6 addresses assigned, that’s why I have zero clue where are they coming from as I don’t have IPv6 enabled router in my network. Also all these devices have exactly same link local IPv6 gateway IP address. I guess one of my CPE devices is giving IPv6 address but I didn’t have time to nail down which one is it.
unfortunately we are still unable to reproduce it locally.
Maybe you could disable the encryption - use the wireless connection without encryption.
Use 20mhz channel width.
Then use another AC router and start the wireless sniffer on that channel.
Connect with iphone xs to the AP using AC and then try to reproduce the problem. Write down at what time the problem happened or what you were trying to open so we could see that later in the sniffer file. Stop the sniffer and then send that sniffer file to support@mikrotik.com
I do have PingLite on my iPhone and verified what you are saying. I am always able to ping external hosts using direct IP addresses when in AC mode (while sites requiring DNS are not responding correctly.)
I agree with your IPv6 assessment. There must be another device configured for IPv6 that is doing ND or something.
With so many people seeing this issue, I am surprised that MT is unable to simulate the problem. I do not have time at the moment to do any additional testing as requested by MT; however seeing that MT is unable to verify that there is even an issue, I am pessimistic that we will see a solution anytime soon. With the problem being so obvious under what I would consider a basic ap-bridge configuration, I don’t understand why they don’t immediatly see it? All I know is that these new “s” devices are showing up more and more. That being said, we have ordered a few Ubiquity devices to see how well they integrate into our framework. We will continue to use our MT core router (at least for now).
One more thing, a lot of folks around here use “wifi” calling on the iPhones. For a long time, I have had complaints that the connections would “drop out” from briefly to over 15 seconds. Basically, you hear silence like the other side went away…then they would return. I have experienced this issue myself and always pointed blame at our carrier (AT&T); however, since we disabled AC and went to A/N, this issue has 100% gone away. Just an observation…
Observing the same issue on hap ac. It is configured as wisp ap, wlan is set to use a/n/ac, 80mhz eCee 5280 channel. IPv6 is configured on another mikrotik device.
So iphone xs connected to 802.11ac network can’t even ping external resources using their FQDN, due to failed name resolution. My DNS servers are located on the same L2 segment as iphone, both available via ipv6/ipv4, so this does not look like nat/routing/etc issue. At the same time, ping by ip works fine as well as ping by FQDN when connected to 2.4ghz network on the same AP. Moreover, ipad, macbook, etc. work without any issues.
I tried to disable ipv6 in the network it does not help: ipv4 only setup has the same issues.
I also tried to capture all traffic that is related to mac address of the iphone (via Tools/Packet sniffer), and I can’t even see DNS requests: name resolution silently fails without any packets captured by AP.
So looks like next step is try to capture packets via wireless sniffer, to see if something interesting there.
Yes, any helpful data would be beneficial, since we cannot repeat any of the described issues. I also have an Xs and some other people here do, none of us have seen any issues with hAPac, wAPac or other routers, we have done extensive testing here in the office and also use these devices at home.
The only possibility is that this is region related (iPhones are different), config related or … I don’t even know what else.
I have a couple of XS units that were bought in the US and an three units of international HAP AC and I’m seeing these issues with all the routers
Once I modified the wireless parameters to exclude AC everything went away but AFAIK iPhones do not have a region variance other than China models
The only variance is cellular/wireless/bluetooth firmware that is loaded by the region of the Phone as defined in Settings->General->Language & Region->Region
if I can provide any additional details please let me know.
We want to understand if this happens with particular iPhone models. Could you please send us the iPhone model and part numbers on which you experience the issue? You can also do it privately by sending it to support@mikrotik.com.
The strings should be something like this:
MT9H2ET/A
A2097
This particular device performs as expected, no issues seen.
It looks like the problem is happening on more than just US phones. At least two on the forum with A2097 are seeing the issue.
The model numbers “Axxx” differ in cellular technologies (e.g. CDMA, GSM, etc), LTE Bands and SIM card architecture. The part numbers (e.g. MTxxxxx/A) specify carrier, color and memory configurations.
iPhone XS:
A1920: US, Canada, Hong Kong and Puerto Rico
A2097: Europe and Asian markets (United Kingdom, Spain, Russia, Italy, France, Singapore, Taiwan, etc.)
A2098: Japan
A2100: China
iPhone XSMAX:
A1921: US, Canada and Puerto Rico
A2101: Europe and Asia
A2102: Japan
A2104: China and Hong Kong
Since we are unable to repeat the issue with any new iPhones, I would like to ask everyone to describe the issue (what is happening) in more words, than just “SAME ISSUE”, since many of you might have other issues. Please descibe in more detail, especially, how often does it happen and how you observe the problem.