NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Orbi RBR50 + Circle frequent DNS failures
I've spent the better part of the past two weeks troubleshooting some DNS issues. They are similar to those reported recently here and probably here and related to similar reports as long as a year ...
I've already given up trying to get Orbi to function as a proper Router + Disney + Armor, because it's nothing but trouble. To get Orbi to a stable state, I have to disable practically everything that I could disable, including its internal DNS and DHCP client. I'm currently keeping Orbi for its WiFi capability and delegate all other router functions to DIY pfSense Router Firewall.
I went through a similar pain before I settled on the current setup, which has been holding up quite well during Stay-At-Home order.
- SB8200 -> pfSense -> Orbi AP Mode with static DNS servers and IP address
I settled on pfSense because I need a reliable Gigabit Router with enterprise class DNS resolver, DHCP, Firewall, DNS Filtering, VPN, plus a whole bunch of other features that I don't really need. If you're comfortable with installing pfSense, it's worth a shot.
kgividen wrote:
One thing I noticed last time it froze up was I set the dns servers on one of my computers to point to google (tried open dns too) and it still didn’t work. I’m not sure if that’s a fluke or not.
With Circle or Armor enabled, the Orbi will intercept all DNS requests (port 53) regardless of where you point them to. For Circle, you can set a monitoring level of "none" or move your computer to "unmonitored devices" to use other DNS services... but it will still intercept DNS for any profile that is "managed".
Ok. That makes sense. I don’t have armor installed/enabled so I think the culprit is Circle. I’m guessing something changed with the service a couple of weeks ago. I’ve enabled telnet on the router and debug logs so I can check a few things when it freezes. But for now I’ve disabled Circle so we will see if that prevents another dns freeze.
I believe I'm having this same issue, posted here. A couple questions for the group:
1. By any chance would this DNS issue cause a modem to reboot randomly? With my issue, I swapped out my modem with the Netgear CM1000 but then noticed it was flaky, so I went to a new modem from Xfinity (using in bridge mode).
2. SW_ I like your idea of separating the firewall from Orbi. Not sure I want to spin-up my own pfSense setup, but do you think I could accomplish the same decoupling of wifi and firewall with an old Asus RT-AC66U router?
Thanks.
enewbauer wrote:...
2. SW_ I like your idea of separating the firewall from Orbi. Not sure I want to spin-up my own pfSense setup, but do you think I could accomplish the same decoupling of wifi and firewall with an old Asus RT-AC66U router?
...
Absolutely.
I had been running a similar setup with ASUS RT-AC87U as my upstream router until recently when I swapped it with DIY pfSense. I did the switch because the ASUS router was struggling with gigabit throughput when Parental Control is enabled, which disabled NAT HW Flow Control. The ASUS dual 1GHz CPUs were not able to keep up and would hit 100%. My new DIY pfSense with 3.2GHz CPU has no trouble with gigabit routing + NAT + Firewall + Parental Control, etc.,
Getting work/school/homework done are far more important than peak throughput at the moment. Good luck!
Here is another example from SymonB, check out this post.
SymonB wrote:Hi all,
So having spent several days on this problem I've got further forward with this problem.
I dug out my ISP router and my old ASUS router and connected them up. 100% connectivity works fine i.e. no DNS hangs or error messages from devices saying no internet. The only problem is both units the wifi isn't great hence the purchase of the Orbi system.
I reconnected the Netgear Orbi unit and the two satellite units and lo and behold the DNS issue came came even after a full factory reset.
I've managed to setup PI-hole and use that as a DNS server bypassing the Orbi as a DNS server. Eveything on the network is working flawlessly no more DNS hangs and in fact webpages loads very quickly.
The issue I now face is:
(a) Do I keep the setup as it even though I spend hundreds on the Orbi and using pi-hole for DNS which the Orbi should hve ben doing in the first place or
(b) Dump the Orbi kit and get a full refund as its not performing as it should and use back my ASUS router and get another Wireless mesh system such at the BT system which works with any router.
Having setup PI-hole, I like the system and it handles DNS very well. nice to surf the internet without the endless ads' Example IGN website runs a lot cleaner!!!
The Orbi wifi is one of the best system I've used. I have no dead spots around the house, garden etc and can pick up my wifi down the road. WIFI is very fast. I was initialy concerned connecting up my Xbox X via wifi (due to constriants of where the nearest ethernet port is in the house) but the Xbox downloads are at full speed and the laterncy is very low. Only issues I've had with the xbox was the DNS problem and the system coming up no internet available.
I guess for now I'll keep the current setup going and make a decision in a week or two.
In the meantime I have a support ticket with Netgear to see what they say.
enewbauer wrote:1. By any chance would this DNS issue cause a modem to reboot randomly? With my issue, I swapped out my modem with the Netgear CM1000 but then noticed it was flaky, so I went to a new modem from Xfinity (using in bridge mode).
It's possible depending on how the router is configured to detect and/or recover from errors. I haven't dug into the Orbi's code enough to know whether it does this, though.
enewbauer wrote:2. SW_ I like your idea of separating the firewall from Orbi. Not sure I want to spin-up my own pfSense setup, but do you think I could accomplish the same decoupling of wifi and firewall with an old Asus RT-AC66U router?
I'm not SW_ but they give good advice! I had no problems for a while putting my older Netgear R8500 upstream of the Orbi to handle all the DHCP and DNS, and just put the Orbi in access point mode. This is generally the best approach right now. Unfortunately for me, this was not a long term sustainable solution because I desire some site blocking for kids in my house. But I have now installed a pfSense router/firewall upstream to handle all the load and gained a whole lot more benefits... wish I had done this sooner!
SW_ wrote:Here is another example from SymonB, check out this post.
SymonB wrote:I've managed to setup PI-hole and use that as a DNS server bypassing the Orbi as a DNS server. Eveything on the network is working flawlessly no more DNS hangs and in fact webpages loads very quickly.
This is honestly no surprise. The problem we're experiencing with the Orbi is that we're making it "do it all". It's a firewall. It's a DHCP server/DNS server. It does parental controls (which forces more DNS load on the system than normal). And oh, by the way, it's a mesh router system.
Anything that tries to do everything is not going to do it well.
The Orbi's mesh routing is fantastic and the best whole-house high speed internet system I've ever found. I love it. And now that that's all my Orbi is doing, it's awesome. As is my pfSense firewall doing the firewall things without having to deal with wifi mesh routing tech.
Check out this link where I think we are talking about simliar things.
My situation is that I have the RB50 kit and all was fine for a year. Then I moved the main router unit, added satellites, then I started having drop outs which I have identified as DNS issue despite pointing DNS to 8.8.8.8.
The issue it seems is Circle. Circle sux. Deco's system, from which I came, has a much better parent management system and it is free! ... I wonder if I can add Deco as the router and shut off its wifi and use its parent app. Hmmm. something to try.
Anyway, I am almost in day 2 of stable wifi since I shut off Circle. I had previously removed my added satellites, so next test will be to add those back.
I concur that the wifi is the best I have used. I do wonder if the M9 would have been a better replacement to the Deco M5. It too uses triband and frankly has a better interface.
Seems that Circle is causing problems. Please post about this in the Circle app forum:
https://community.netgear.com/t5/Circle-Smart-Parental-Controls/bd-p/en-home-circleThank you for letting us know.
Smge1lc wrote:Check out this link where I think we are talking about simliar things.
My situation is that I have the RB50 kit and all was fine for a year. Then I moved the main router unit, added satellites, then I started having drop outs which I have identified as DNS issue despite pointing DNS to 8.8.8.8.
The issue it seems is Circle. Circle sux. Deco's system, from which I came, has a much better parent management system and it is free! ... I wonder if I can add Deco as the router and shut off its wifi and use its parent app. Hmmm. something to try.
Anyway, I am almost in day 2 of stable wifi since I shut off Circle. I had previously removed my added satellites, so next test will be to add those back.
I concur that the wifi is the best I have used. I do wonder if the M9 would have been a better replacement to the Deco M5. It too uses triband and frankly has a better interface.
dbwiddis wrote:
SW_ wrote:Here is another example from SymonB, check out this post.
SymonB wrote:I've managed to setup PI-hole and use that as a DNS server bypassing the Orbi as a DNS server. Eveything on the network is working flawlessly no more DNS hangs and in fact webpages loads very quickly.
This is honestly no surprise. The problem we're experiencing with the Orbi is that we're making it "do it all". It's a firewall. It's a DHCP server/DNS server. It does parental controls (which forces more DNS load on the system than normal). And oh, by the way, it's a mesh router system.
Anything that tries to do everything is not going to do it well.
The Orbi's mesh routing is fantastic and the best whole-house high speed internet system I've ever found. I love it. And now that that's all my Orbi is doing, it's awesome. As is my pfSense firewall doing the firewall things without having to deal with wifi mesh routing tech.
It's lightning fast to spin-up pfSense in such a short time!
Just wait for a couple days for pfSense to populate its DNS cache, you'll realize the difference for your daily web surfing. Have fun with "Snort" and "pfBlockerNG-Devel".
Smge1lc wrote:The issue it seems is Circle. Circle sux. Deco's system, from which I came, has a much better parent management system and it is free! ... I wonder if I can add Deco as the router and shut off its wifi and use its parent app. Hmmm. something to try.
It's worth a try until the Circle + DNS fix is available unless you can live without Circle.
