NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Mexilence's avatar
Mexilence
Guide
Nov 15, 2015
Solved

R6220 Stops Forwarding DNS Requests

Hello,

 

I recently purchased a Netgear Genie R6220 Wireless router. The firmware is currently V1.1.0.31_1.0.1. I have noticed that every hour or so, DNS queries outbound begin to fail. This happens regardless of what IP Addresses I have configured for DNS servers in the "Internet" section. I've used my ISP DNS servers, OpenDNS, Google DNS (8.8.8.8) and others. A "quick fix" is to log into the Netgear, go to "Internet", and click "Apply" without changing any settings. 

 

Example Walkthough

-Normal web browsing will work for about an hour

-After this, any device on my network cannot browse or ping any websites via name

-However, during this time, browsing and pinging via IP Address is successful - example, ping 8.8.8.8 will return 100%, and doing something like 'curl 74.125.224.9' will return text from Google. 

 

Here is a screenshot illustrating ping via IP working, and ping via domain name not.

 

 

 

 

Notice the circled "Apply?" if I hit that, pinging via name works again in about 10-15 second. If I don't hit that, I cannot browse until I either reboot the Netgear or hit that button.

 

Going further, a wireshark analysis of the network traffic during this time indicates that the packets are being sent out repeatedly but no response is ever received, resulting in a lot of DNS requests being in the "suspected retransmitted" state, until I reboot the router or hit "Apply" settings. This indicates that the device is either no longer pushing through DNS queries, or no longer accepting the response (I didn't bother digging any further).

 

Is this a known bug with this firmware? Should I roll back to a previous version? I really don't want to, given that this firmware fixes an authentication bug. 

 

One unknown: I do not have any wired connections. I do not know if wired clients can still forward DNS requests during this period.

 

Joe Gomez

 

 

 

 

 

 

Hardware
Security
Troubleshooting
  • Mexilence's avatar
    Mexilence
    Nov 15, 2015

    And as a point of clarity to the above post for anyone reading this:

     

     

    "This time, I manually set my DNS records on my PC so that they weren't forwarded to the the IP of the router, but the IP of a DNS server, and web browsing works again. Set them back to the router, and browsing fails."

     

    The manual IPs I set for DNS servers was 8.8.8.8 and 4.2.2.2. 

    The configured DNS forwarders on the Netgear were also 8.8.8.8 and 4.2.2.2.

     

    So they were both pointed to the same servers, but having the netgear forward the request fails.

     

    Solution: Bypass netgear handling of DNS and use the netgear as an AP-only. Unfortunate, because AP mode turns off a lot of advanced features of the netgear.

     

    Joe

6 Replies

  • Mexilence's avatar
    Mexilence
    Guide
    Nov 15, 2015

    This just occurred again. And this time I hard wired in and tested from a wired connection into the Netgear R6220 and DNS queries were still failing in the same fashion.

    • netwrks's avatar
      netwrks
      Master
      Nov 15, 2015

      So, you are saying you see the packets go out on wireshark, but nothing come back?  Sounds like a ISP issue. Have you tested directly connected to the modem?

      Do you have another cable to use between the router and modem? If you do, try that..

      • Mexilence's avatar
        Mexilence
        Guide
        Nov 15, 2015

        Thanks for the response. 

         

        To clarify on your question:

        So, you are saying you see the packets go out on wireshark, but nothing come back? 

         

        Sort of. The wireshark analysis shows that the DNS request standard request is sent to the netgear, but there is never any standard response from the netgear. When performing correctly, a standard response is received from the netgear, the payload of which being the IP Address of the domain you are trying to reach. I cannot analyze the traffic on both sides of the Netgear without putting a device in between it and the modem.

         

        I have tested with all new cables. 

        The problem does not exist without the netgear in place.

         

        Through process of elimination, I have discovered that this issue seemingly only occurs when the router has a USB Device (small, portable 250GB HDD) plugged into its USB port in the back. Unplugging the external device let me browse correctly for over 6 hours, then plugging a drive back in and waiting about an hour and DNS queries were failing again. 

         

        Seems like there may be a CPU or memory leak on the device regarding the Readyshare, to which hitting "Apply" may restart some processes and thus free up resources. Unfortunately, there is no visibility into the unit beyond some basic logs.

         

        FWIW: The only ReadyShare configuration I had enabled was the SMB connector.

         

        Joe