NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

billie_a's avatar
billie_a
Aspirant
Oct 04, 2023

RBRE960: DNS problems

I'm having periodic issues with DNS. This issue has occurred twice this year. The symptom is that multiple iOS apps would hang, fail, or say they need upgrading. App store would simply fail to connect...
FURRYe38's avatar
FURRYe38
Guru - Experienced User
Oct 04, 2023

What Firmware version is currently loaded?
What is the Mfr and model# of the Internet Service Providers modem/ONT the NG router is connected too?
Be sure your using a good quality LAN cable between the modem and router. CAT6A STP is recommended. 

 

Are you using Auto Detected DNS on the RBR or a custom DNS configuration?

 

Are you using the RBR DHCP IP address default of 192.168.1.1 or something different. Default DNS on any device connected to the system should be 192.168.1.1. 

 

 

billie_a's avatar
billie_a
Aspirant
Oct 04, 2023

Firmware V6.3.7.10

It's connected to a Starlink router Model: Gen 2 running 2023.43.0.

 

There isn't a cable issue.  

 

When this problem occurs, anything behind the Orbi is affected.  Anything directly using the Starlink is unaffected.

 

The internet port DNS server is 192.168.1.1 (which is the Starlink), as the gateway IP address is 192.168.1.1 and the external IP address (the Orbi address) is 192.168.1.2.

 

The DNS address given out by the Orbi is 192.168.64.1 as expected.  That is the internal IP address of the Orbi router (192.168.64.1/26, mask is 255.255.192.0).  Note that the Orbi software isn't smart enough concerning the net mask and only gives out addresses as I it were a /24 net mask (192.168.64.start through 192.168.64.end)

 

When the problem occurs, any DNS request results in an answer of 192.168.64.1, which results in Safari popping up a dialogue about site impersonation (the certificate in question is always the Orbi certificate default.example.com which is a self-signed certificate, just as is returned when connecting directly to the router through safari).  For apps, they simply fail to connect to the sites they are requesting.  For example, App Store will ask you to Retry connection (and never succeed), News will say there is a problem with the feed, etc.

 

 

 

  • FURRYe38's avatar
    FURRYe38
    Guru - Experienced User
    Oct 05, 2023

    Your ISP Modem already has a built in router and wifi. This would be a double NAT (two router) condition which isn't recommended. This would be a double NAT condition which isn't recommended. https://kb.netgear.com/30186/What-is-Double-NAT
    https://kb.netgear.com/30187/How-to-fix-issues-with-Double-NAT
    Couple of options,
    1. Configure the modem for transparent bridge or modem only mode. Then use the NG router in router mode. You'll need to contact the ISP for help and information in regards to the modem being bridged correctly.
    2. If you can't bridge the modem, disable ALL wifi radios on the modem, configure the modems DMZ/ExposedHost or IP Pass-Through for the IP address the NG router gets from the modem. https://kb.netgear.com/25891/DMZ-on-NETGEAR-routers
    https://kb.netgear.com/24086/How-do-I-set-up-a-default-DMZ-server-on-my-Nighthawk-router
    3. Or disable all wifi radios on the modem and connect the NG router to the modem, LAN to LAN configure AP mode on the NG router.
    https://kb.netgear.com/20927/How-do-I-change-my-NETGEAR-router-to-AP-mode
    Try option #2 first...

     

    Also try updating FW as well. 

    • billie_a's avatar
      billie_a
      Aspirant
      Oct 21, 2023

      I realize this is a double-nat, but what does that have to do with my DNS issue?   This is a problem every couple of months, so it seems there is simply some bug on the Netgear side, and the router needs to be rebooted more often to work around the issue.  Changing the Starlink router to bridge mode, without wi-fi, would mean I completely lose internet access when the problem occurs, and I don't have any alternative means of definitely saying this is an Orbi issue.  As it stands, I have another VPN  router for work (also double-NAT'd into the Starlink router) independent of the Orbi mesh.  When I have this Orbi problem, I can connect to the VPN router and have no issues, and I can connect directly to the Starlink Wi-Fi and have no issues.  I have also previously had an EERO mesh powered on (again double-NAT'd to Starlink) that didn't experience these problems (the ORBI mesh was meant to replace the EERO mesh).  Most of my ORBI nodes are hardwired, so I don't think the Starlink wi-fi is interfering (the Starlink router is about 120 meters away from the house where most of the ORBI nodes reside).  I have a fiber connection to cover that distance, and cat5e/cat6 within the house to connect most of the ORBI nodes.  Two nodes are not hardwired (need to run some cable between buildings).  total of 7 nodes, primary router and 6 satellites.

      • FURRYe38's avatar
        FURRYe38
        Guru - Experienced User
        Oct 21, 2023

        Instead of using ISP DNS try setting some Cloudfare or Google DNS manually on the RBR and see if it still happens. 

        Its not NG issue. Most likely a ISP side DNS issue in there services that happen to maybe go down every so often. Double NAT is not recommended as it can cause problems like this. Nobody else is seeing this. Have seen DNS issues on Orbi systems in a very long time. 

         

        Try option #2 as suggested. 

        Or try the Orbi in AP mode with your ISP modem in router mode.