NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
RBR850 frequently issuing DNS REFUSED responses
Had the RBK852 now for just over a month, and have an issue I'll open a support ticket for. Wondered though if others have been experiencing anything similar. Basically and since day 1 after put...
Good Luck. This issue is resolved by the beta thats available.
Something like this will do:
copy /usr/sbin/dnsmasq to /overlay/upper/usr/sbin/orbi-dnsmasq
make a file called dnsmasq in /overlay/upper/usr/sbin (this will hide the original dnsmasq from the running os) with the following lines:
#!/bin/sh
mkdir /tmp/dns
echo "nameserver 8.8.8.8" > /tmp/dns/resolv.conf
echo "nameserver 8.8.4.4" >> /tmp/dns/resolv.conf
/usr/sbin/orbi-dnsmasq -h -n -c 0 -N -i br* -r /tmp/dns/resolv.conf -u root
Hi, I'm having this same problem, and am using the "workaround" for my Windows computer (bypassing the router's DNS service). I directed NG support to this forum thread so they could understand the problem. I asked for a projected resolution date for this bug, but cannot seem to get an answer. When you shared this problem with NG engineering, did they give any indication of where this bug is prioritized in their backlog? Thank you for digging into this problem!
I did not make any progress with my support case.
If you can, flip your ISP modem back to router mode and set your Orbi to AP mode. This completely fixed the issue for me for all devices.
5 months since this thread started and no resolution? just a workaround that only works for devices i can manually set DNS on? At least i know im not alone in this and was wondering what was the cause of all my random DNS issues. i suspected it was the router since its new but i did just move and while still google fiber, it is a new location. guess its the router. if i didnt need the coverage these 3 orbi's give, i'd go back to my trusty asus ax88u and merlin firmware
What Firmware version is currently loaded?
What is the Mfr and model# of the Internet Service Providers modem/ONT the NG router is connected too?Whos your provider?
Has a factory reset and setup from scratch been performed since last FW update?
I'm on Sparklith and using a CAX80 in modem mode and RBR850 in router mode and have not seen any problems in this regard...
Capt_Hellcat wrote:5 months since this thread started and no resolution? just a workaround that only works for devices i can manually set DNS on? At least i know im not alone in this and was wondering what was the cause of all my random DNS issues. i suspected it was the router since its new but i did just move and while still google fiber, it is a new location. guess its the router. if i didnt need the coverage these 3 orbi's give, i'd go back to my trusty asus ax88u and merlin firmware
FURRYe38, for what it’s worth, I have: Xfinity with a MB7621 cable modem, with the latest NG firmware (as of 11/6/20) on the Orbi ax 4200. I also have a support case open. The workaround of bypassing this router’s DNS resolution works for my Windows PCs. It also works to replace the router function altogether with a different router, but that defeats the purpose of buying this. I’ve had both my old ASUS and Google routers working with this modem/ISP and it works fine. Retired_Member has identified the bug, so it’s pretty frustrating that we can’t get a projected resolution date from NG support. If you have influence with NG, it would be great if we at least got a projected date for a bug fix.
wonky I have similar experience with NG support. Exhanged lot of emails, sent logs, phone calls with them. Finally NG support told me that they have forward to their engineering team. After that, all communication died from NG with no updates. Few days later, I received a pm from moderator of this thread. She (Bianca I beleive) was very helfull and pushed my ticket with NG support. NG support person (Sophia) called me right away who was working on my case earlier. I was in a meeting and missed her call. I informed her and even setup a time with her to talk. She claimed that she needs more information from me. She never called me during that scheduled time. Since then I am still waiting for a call from NG. Bottom line, NG is somehow refusing to acknowledge this issue.
I'm also seeing this on a RBK752/RBR750. Wired connection to PC and wireless to other devices. Webpass is my ISP. IPv6 disabled on the router. Latest firmware. Factory reset of the router. Still fails. All of my devices fail to make connections on a daily basis.
How is this not fixed after several months?
wwxxyyzz wrote:I'm also seeing this on a RBK752/RBR750. Wired connection to PC and wireless to other devices. Webpass is my ISP. IPv6 disabled on the router. Latest firmware. Factory reset of the router. Still fails. All of my devices fail to make connections on a daily basis.
How is this not fixed after several months?I believe this is an IPv6 issue, since most ISPs do not support IPv6 yet. The fix is as follows:
login to orbilogin.com / Advanced / Advanced / IPv6. I setup the following:
I chose 6to4 Tunnel on top right pull down, Remote 6to4 relay Router set to "Auto", IPv6 Domain Name Server (DNS) Address set to "Use These DNS Servers". I chose Google's public IPv6 DNS Servers (2001:4860:4860::8888 and 2001:4860:4860::8844, you can choose other public IPv6 DNS servers). IP Address Assignment set to "Auto". Tested using test-ipv6.com
As soon as I correctly setup IPv6, and passed the tests, I no longer see any DNS issues.
If you choose not to do this setup, and want to keep IPv6 disabled in your Orbi, you can go into your PC or laptop network settings and enter public IPv6 DNS servers. This also stops the errors on each individual PC or laptop.
wwxxyyzz wrote:I'm also seeing this on a RBK752/RBR750. Wired connection to PC and wireless to other devices. Webpass is my ISP. IPv6 disabled on the router. Latest firmware. Factory reset of the router. Still fails. All of my devices fail to make connections on a daily basis.
How is this not fixed after several months?i fixed this by returning it to best buy and going with the asus zenWiFi AX. not only was it cheaper but it doesnt have this DNS issue. i was having way too many of these DNS hiccups across many devices.
Let us know if MstrBigs suggestion helps.
wwxxyyzz wrote:I'm also seeing this on a RBK752/RBR750. Wired connection to PC and wireless to other devices. Webpass is my ISP. IPv6 disabled on the router. Latest firmware. Factory reset of the router. Still fails. All of my devices fail to make connections on a daily basis.
How is this not fixed after several months?Yeah, I'm fixing mine by returning to Costco as soon as the new Unifi 6 APs I ordered arrive.
pinchweasel wrote:Yeah, I'm fixing mine by returning to Costco as soon as the new Unifi 6 APs I ordered arrive.
I wish I ordered from Costco so I had that option I ordered from Bestbuy. Really disappointed in Netgear and I haven't recommended this Product to anyone who has asked me. What exactly did I pay a premimum for? Never again.
Good Luck then.
Mines working, with out the IPv6 configuration.
pinchweasel wrote:Yeah, I'm fixing mine by returning to Costco as soon as the new Unifi 6 APs I ordered arrive.
We won't use Ubiquiti model in our installs. Coverage and speed are limited. I hope your results differ.
- How can I telnet into my router? The option is not on my debug.htm screen.
Look at this
python telenetable.py 10.0.0.1 [MACHERE] admin [mypassword]
Sent telnet enable payload to '10.0.0.1:23'
rgautier@kali2020:~$ telnet 10.0.0.1
Trying 10.0.0.1...
telnet: Unable to connect to remote host: Connection refusedAny advice - sorely welcom
The link you provided appears to link to others identifying the same problem, and that thread is both shorter and less helpful than this one, as well as doesn't provide any suggestions or solutions. It provided only false hope, to be dashed after spending time going to read the thread.
Does anyone have any good or helpful suggestions, rather? This thread appears to be the solution to my (and many other's problems). However, without the ability to telnet or ssh into the router, the solution cannot be applied.
The solution is there for using telnet enabler for prior versions of FW, however it no longer working with v12 FW. I confirmed this last nite on my system.
I enabled telnet many releases ago, so maybe this possiblilty is removed. You could try different versions (windows,linux) from this thread https://oldwiki.archive.openwrt.org/toh/netgear/telnet.console
I believe v16 worked...
Orbi kit CBK752 (CBR750 and RBS750) is showing the same issue - missing/dropped/lost DNS requests. I have not ferreted out the low level side, and setting DNS manually in adapter IP4 table seems to resolve it, for now. But I do wonder about other clients like all the android devices running around the home.
Seriously: IP protocol stacks have been around for a very long time: this should be no brainer code work and testing for a semi-competent crew to get right the first try.
There's a thread on here that explains exactly what the problem is...dnsmasq is trying to monitor for changes to the resolver configuration, rather than the changes to the resolver merely restarting dnsmasq. Since the filesystem is slow/busy, this constant polling can hang. The busier the router (more devices, more reliant on IPv4), the worse it gets. Using -n for running dnsmasq would fix it (and telling the WebGUI to restart dnsmasq when changing resolvers to account for it).
dnsmasq on the Orbi is SLOWER to resolve addresses than remote resolvers out on the Internet, which it shouldn't be since latency is so minimal. The DNS resolver on your cable modem/router is usually super fast (AND MAY EVEN CACHE!!!!). But dnsmasq isn't caching, hangs when it can't monitor the resolver file, and refuses to look up IP addresses (causing applications to hang, since DNS lookups are a BLOCKING network call!)
Now, the solution is EASY, IF you can get into the telnet mode. And there's two solutions..one, set DNS to something else in the DHCP OPTIONS passed to your devices...best bet, a pi-hole, or just your cable modem itself or a DNS service on the Internet. The other, is to tell dnsmasq to stop polling (-n flag), which should make it faster (although bind w/cache would still be a much better option).
From the debug run:
dnsmasq -h -n -c 0 -N -i br* -r /tmp/resolv.conf -u root
Problems with this:
So, it looks like they're specifying BOTH the -r and -n flags, but this is NOT permitted. Since -r comes after -n, it's possibly overriding the -n selection, since -r is ONLY ALLOWED WHEN POLLING (see below).
-c is given a parameter of 0 ??
-u (It runs as root...so any RCE in dnsmasq is going to give full access to the device) -u is usually used to DOWNGRADE permission.
From the dnsmasq man page:
-h, --no-hosts Don't read the hostnames in /etc/hosts.
-n, --no-poll Don't poll /etc/resolv.conf for changes.
-c --clear-on-reload Whenever /etc/resolv.conf is re-read or the upstream servers are set via DBus, clear the DNS cache. This is useful when new nameservers may have different data than that held in cache.
-N, --no-negcache Disable negative caching. Negative caching allows dnsmasq to remember "no such domain" answers from upstream nameservers and answer identical queries without forwarding them again.
-i, --interface=<interface name>
-r, --resolv-file=<file>Read the IP addresses of the upstream nameservers from <file>, instead of /etc/resolv.conf. For the format of this file see resolv.conf(5). The only lines relevant to dnsmasq are nameserver ones. Dnsmasq can be told to poll more than one resolv.conf file, the first file name specified overrides the default, subsequent ones add to the list. This is only allowed when polling; the file with the currently latest modification time is the one used.
-u, --user=<username> Specify the userid to which dnsmasq will change after startup. Dnsmasq must normally be started as root, but it will drop root privileges after startup by changing id to another user. Normally this user is "nobody" but that can be over-ridden with this switch.
Rich
