NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Orbi RBR50 + Circle frequent DNS failures
I've spent the better part of the past two weeks troubleshooting some DNS issues. They are similar to those reported recently here and probably here and related to similar reports as long as a year ...
I've already given up trying to get Orbi to function as a proper Router + Disney + Armor, because it's nothing but trouble. To get Orbi to a stable state, I have to disable practically everything that I could disable, including its internal DNS and DHCP client. I'm currently keeping Orbi for its WiFi capability and delegate all other router functions to DIY pfSense Router Firewall.
I went through a similar pain before I settled on the current setup, which has been holding up quite well during Stay-At-Home order.
- SB8200 -> pfSense -> Orbi AP Mode with static DNS servers and IP address
I settled on pfSense because I need a reliable Gigabit Router with enterprise class DNS resolver, DHCP, Firewall, DNS Filtering, VPN, plus a whole bunch of other features that I don't really need. If you're comfortable with installing pfSense, it's worth a shot.
This is the link that the Netgear support rep sent me: https://kb.netgear.com/19957/What-does-Disable-Port-Scan-and-DoS-Protection-do. Not sure what's going on with my router, the past 3 weeks or so, have been having daily issues with my connection, it's been very frustrating.
Shahab
Shahab, I shared your frustration because I had been through that rollercoaster rides. If you have an old router lying around, dust it off and switch Orbi to AP mode, decouple Orbi from routing chores. You could switch it back once this lockdown/COVID-19 ordeal is over.
So by shutting off Circle and setting the DNS to 1.1.1.1 and 8.8.8.8, up time for the Orbi router has been nearly 95%, with the remaining 5% a combo of things I could think of other reasons for the issue, .ie changes I may have made on the router setup.
I am having a strange issue in that my chrome browsers largely on Windows 10 devices are failing to recognize a site and give me an illegal name error (clearly a DNS issues), but a reload of the page will send me back to where I was navigating. This includes chrome on my Samsung phone.
Strangely, the computers that are setup where the DNS is set to my pi-hole have not given me this issue.
I don't know what to think. I was going to install Vexel's firmware, but I'll take the 95% uptime over unknown issues anyday, at least in these times where I have 5 family members screaming if the "stupid wi-fi sucks" is down.
You might try Voxels FW. It's stable and I have not seen any DNS issues on his FW. Ever.
Someting to consider.
At least your system seems working better now.
Smge1lc wrote:So by shutting off Circle and setting the DNS to 1.1.1.1 and 8.8.8.8, up time for the Orbi router has been nearly 95%, with the remaining 5% a combo of things I could think of other reasons for the issue, .ie changes I may have made on the router setup.
I am having a strange issue in that my chrome browsers largely on Windows 10 devices are failing to recognize a site and give me an illegal name error (clearly a DNS issues), but a reload of the page will send me back to where I was navigating. This includes chrome on my Samsung phone.
Strangely, the computers that are setup where the DNS is set to my pi-hole have not given me this issue.
I don't know what to think. I was going to install Vexel's firmware, but I'll take the 95% uptime over unknown issues anyday, at least in these times where I have 5 family members screaming if the "stupid wi-fi sucks" is down.
- The lockup is an underlying problem with dnsmasq, which freezes under high load, not perticularly the Orbi or Circle per se.
The problem here is that using Circle forces all DNS through dnsmasq, increasing the load. Any solution redirecting a lot of DNS traffic away from dnsmasq on the Orbi helps.
The problem with the firmware is that it fails to recognize the problem and self-heal. Easier to point fingers.
Ultimately getting DNS off the Orbi onto an upstream router or firewall or external DNS resolver like the circle hardware or a PiHole, should work. Have you tried Voxels FW by chance yet?
dbwiddis wrote:
The lockup is an underlying problem with dnsmasq, which freezes under high load, not perticularly the Orbi or Circle per se.
The problem here is that using Circle forces all DNS through dnsmasq, increasing the load. Any solution redirecting a lot of DNS traffic away from dnsmasq on the Orbi helps.
The problem with the firmware is that it fails to recognize the problem and self-heal. Easier to point fingers.
Ultimately getting DNS off the Orbi onto an upstream router or firewall or external DNS resolver like the circle hardware or a PiHole, should work.My issues have changed ever since I got the replacement Orbi router and didn't enable Circle. Multiple times a day my connection will drop all together. Every day I call Netgear support and ask for my ticket to be escalated to Level 2 support and I just have the Level 1 guys make incremental changes to a setting or 2 which don't end up making any difference. Yesterday, they had me call Charter and ask them to reset my cable modem/clear the IP pool to address the DoS/Ack scans showing up in the logs, after the reset, don't see those entries anymore.
Some of the changes made yesterday:
Changed MTU size to 1472 from 1500
Enabled IPv6, set to AutoPrevious changes:
Disable SIP ALG
Disable Port Scan and DoS Protection
I really hate to spend money to go out and buy a new router, but it seems that's the best option at this time. Any ideas on how to escalate to higher level support @ Netgear?
So when this happens do you see the top ring LED on the RBR turn PINK?
Do both wired and wireless connections stop at the same time when this happens?
IPv6 should be disabled if you don't have native IPv6 support from your ISP.
SIP ALG should be enabled.
Be sure your using good quality LAN cable between the ISP Modem and RBR. CAT 6 is recommended. Swap out.
Have the ISP check the signal and line quality UP to the modem.
Be sure there are not coax cable line splitters in the between the modem and ISP service box.
Be sure your using good quality RG6 coax cable up to the modem.Try downgrading the FW to v30 on the RBR as a last resort as well.
All this might be an indication that your ISP modem could be faulty as well. If two different Orbi systems are experiencing the same problem. Something to consider asking the ISP to change out for something newer if possible.
I would post a new post since this thread is in regards to Circle causing problems which seems to be temporarily fixed if users disable Circle. Which you have done and still continue to see problems which seem to point to something else.
Shahab wrote:My issues have changed ever since I got the replacement Orbi router and didn't enable Circle. Multiple times a day my connection will drop all together. Every day I call Netgear support and ask for my ticket to be escalated to Level 2 support and I just have the Level 1 guys make incremental changes to a setting or 2 which don't end up making any difference. Yesterday, they had me call Charter and ask them to reset my cable modem/clear the IP pool to address the DoS/Ack scans showing up in the logs, after the reset, don't see those entries anymore.
Some of the changes made yesterday:
Changed MTU size to 1472 from 1500
Enabled IPv6, set to AutoPrevious changes:
Disable SIP ALG
Disable Port Scan and DoS Protection
I really hate to spend money to go out and buy a new router, but it seems that's the best option at this time. Any ideas on how to escalate to higher level support @ Netgear?
