NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi RBS50 lag spikes
Hi community,
I'm struggling since few days on my Orbi RBR50 + RBS50 setup.
I'm having a lot of lag spikes with a very hig latency (more than 1000ms) on my satellite, but not on my router.
Here's some information about the setup:
- RBR50 (AP mode) wired to my ISP modem, no lag seen there.
- RBS50 connected to RBR50 with 5G, big latency seen here, using wifi or wired.
Configuration:
Daisy Chain Topology: Disabled
MU-MIMO: Enabled
Implicit Beam-forming: Enabled
Fast Roaming: Disabled
WMM (WiFi Multimedia): Enabled
Enable 20/40Mhz Coexistence: Enabled
Firmware: 2.7.5.4 for both router and satellite.
How I did my test: My iPhone was pinging 8.8.8.8, and switched between router and satellite in the house. While being on the router, no ping issue, under 12ms. While being on the satellite, pings dropped and going more than 1000ms. Sometimes it's going back to <10ms, and then going up again.
I tried to blacklist all devices (using Access Control on Orbi) connected to the satellite: Nothing changed.
I did a factory reset on the router and the satellite, the issue came back very fast.
I upgraded the firmware for the router and the sateliite, the issue is still there.
I'm kind of done there, thinking that the satellite is kind of malfunctioning or something, but I would like some external views on this topic.
Any idea or thing that I can do to solve the situation? Any comment would be very helpful.
Thanks in advance.
Regards.
8 Replies
How does the web interface Attached Devices screen show the satellite connection? (Good? Fair?)
- Hi,
Thanks for your reply!
It’s showing as “Good”.This seems to indicating that the WiFi connection between router and satellite is not operating at full capacity.
This 5G WiFi link uses channel 157 in North America and channel 108 in the rest of the world. (Europe, Japan, etc.)
One test would be to temporarily change the connection between router and satellite to an Ethernet 'wired' connection.
I keep a 100ft. Ethernet cable (under $20 on Amazon) in a drawer for just this purpose. When I get a chance, I string the cable through the house, down the stairs, etc. from one place to another. Perform the test, and then wind it back up. If the system performs as expected with a wired connection, then there is clearly something amiss with the WiFi connection.
One obvious step is to restart everything (not reset, just restart)
Having same issue since med januari. And I am using a wired backhaul. Unable to get 1Gbps anymore over the Orbi Satelite switch ports. From one moment to another it failed.
And when i wanted to look at the Orbi management pages, Edge, Firefox, Chrome, Safari don't work. had to hack register to get in. So have to make my browser unsafe to be able to work with my Orbi system. This cannot be true that i have to throw away my 3,5 year old system what is technical suitable. With current global warming and envirnmental questions, it cannot be true that Netgear is having products what are not supported after 3,5 years of use.
Provide us with a new working firmware.
wim-bart wrote:
And when i wanted to look at the Orbi management pages, Edge, Firefox, Chrome, Safari don't work. had to hack register to get in. So have to make my browser unsafe to be able to work with my Orbi system.
It would help to know more about browsers that "don't work".
Modern browsers have become almost paranoid in warning users about potential security issues.
Nearly every residential WiFi router (from everyone) uses a non-encrypted (http) web connection to access the management web site on the WiFi router. By definition, a connection that is not encrypted is vulnerable. Anyone who can capture the communication between web browser and web server can record all sorts of sensitive data. So, the newest web browsers proclaim, in BIG BOLD type, "Not Secure. Go Back! Go Back!". When a device on the local network (LAN) opens a connection to the router web server, all of the data communication takes place over the LAN. Zero data packets go out of the router to the internet. Evil doers may have compromised every network device in the entire internet, but they cannot capture this traffic because it never leaves the LAN. Thus the common sense thing to do is say, "Thank you for the paranoia. Please open the web site like I asked." and go on with life.
But... wait! Suppose some "Mission Impossible" hacker has cracked my WiFi system. (Out of all the WiFi systems in the world, they want to spy on ME!) WiFi communication is encrypted, so even those http packets going between web browser and web server are encrypted. But.. aha! It is technically possible to break that WiFi encryption! Well, the Orbi WiFi router provides an encrypted version of the web interface (https). So now all that communication is doubly encrypted. But.... modern web browsers notice that the SSL certificate used to encrypt the communication is self-signed. It is not validated by an accepted certificate authority. "Unsafe! Go Back! Go Back!". Once again, I decided to open a web server on my own LAN. I am not trusting that some server claiming to be "Gold Lovers Paradise" is actually who they say they are. I am trusting that MY Orbi is really "my Orbi". I simply want the communication to be encrypted. So I tell the web browser, "Thank you for the paranoia. Please open the web site like I asked."
Once the web browser has accepted my instructions to "open this site", it quits complaining.
I use a PC that is wired to the Orbi router. It is physically impossible to intercept the web connection between my PC and the Orbi. Even if someone has snuck into my house and attached some gizmo to the network, this communication goes only between the PC and the router. It cannot be hacked.
Sorry for the rant, but this business of web browser paranoia is just ridiculous.
It ain't that simple. To solve the issue with the Orbi RBK50/RBS50 the following policy needs to be set in the registry.
Edge:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\EdgeValue: RSAKeyUsageForLocalAnchorsEnabled
data 0x0
Chrome:
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\ChromeValue: RSAKeyUsageForLocalAnchorsEnabled
data 0x0
So the issue is that this forces browsers to ignore that the Orbi (and other systems) accept RSA key exchange with TLS 1.2.
As TLS 1.3 is not very wide spread, it will become the future and when I want to use my employers VPN (i need to make money) i have to remove the registry setting because our SSL VPN portal requires 1.3 with RSA KE disabled.... Nice....
So in my opinion, the Orbi does do something not very well with its admin pages and the certifdicates. But you can work around it. But never take shortcuts on security.
