What's new

Goodwe inverter and issue with DoT and DNSFilter

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bits

Regular Contributor
For a few weeks my Goodwe solar inverter has stopped logging to its online portal. It was working fine for months.
Today I got around to trying to prove what the problem is.

My setup:
Asus RT-AC68U (it has has been rebooted several times and actually just yesterday went to 384.15 firmware)
Goodwe 5000D-NS inverter 1.0.3.8. Has been rebooted and wifi settings factory defaulted numerous times.
Asus has Guest wifi 3 setup using WPA2 psk for the inverter to connect to. Guest 3 wifi has intranet access blocked and is mac address restricted to the inverter only.
Goodwe inverter connects to wifi fine.
The Goodwe inverter is set to use DHCP and it appears to respect the DHCP DNS server offer.

Asus has:
DNS Privacy Protocol - > DNS over TLS
DNS Rebind protection no
DNSSEC support no
DNS-over-TLS Profile strict
DNS over TLS server list
1.1.1.1 cloudflare-dns.com
1.0.0.1 cloudflare-dns.com


DNSFilter
DNS-based Filtering on
Global Filter Mode router


With this setup the Goodwe inverter connects to wifi but fails to log. If I enable intranet access on the guest wifi I can ping the inverter from within my network.

I can see the Goodwe inverter quickly sends 3x DNS A record queries for tcp.goodwe-power.com from 3 different source ports and I currently get a response of 47.91.170.155 (10min expire?). I get that exact same response from every DNS server I test.

Things that make the inverter online logging work:
DNSFilter DNS-based Filtering to off
or
If I add the Goodwe inverter to DNSFilter client list with filter mode to No filtering
or
If I set DNS over TLS server list to use Googles 8.8.8.8 and 8.8.4.4


Noteworthy if I add the Goodwe inverter to DNSFilter client list with filter mode to Custom 3 and have custom 3 set as 8.8.8.8 the inverter logging does not work.

Reverting settings to the initial settings at the top always returns to broken logging state.

Inbetween setting changes I force the Asus guest network to kick the Goodwe inverter off/on by changing the guest networks intranet access setting. This appears to help force the updated settings immediately.



And now I am confused what the problem is.
I do not understand the difference between DNSFilter being on but then an exceptional to say that the client has no filtering when the client respected DHCP and is using the router as its DNS server.
I do not understand why this only occurs with the Cloudflare DNS servers but not the Google servers.
I do not understand why it appears to be some issue with Cloudflare DNS servers via DNSFilter but overriding that in DNSFilter and forcing the inverter to Google servers doesn't work.


What is special and wrong about DNSFilter mode as router and Cloudflare DoT?
I have a packet capture of it working but failed to get anything useful when it didn't work. I actually never saw any DNS requests at all the time I was trying to capture what it was doing. But I blame that on me, there must have been DNS requests? Right? I also have done 99% of the above testing with no packet captures running unfortunately.
 
Last edited:

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top