NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

CKopp's avatar
CKopp
Apprentice
Nov 02, 2021
Solved

DNS Issues after firmware upgrade

I recently upgraded to the V1.42.84_1.3.42 firmware verison on my router. Since the update I am seeing random DNS timeout errors (the probe errors). In most cases, the time out is replaced within 1-2...
  • CKopp's avatar
    CKopp
    Jun 22, 2022

    If I enable IPV6, what option should I be using?

     

    Auto Detect?

    6 to 4 tunnel or?

FURRYe38's avatar
FURRYe38
Guru - Experienced User
Apr 18, 2022

Try newer FW as well for the R7960P before enabling IPv6:

https://community.netgear.com/t5/Nighthawk-WiFi-Routers/New-R7900P-R7960P-R8000P-Firmware-Version-1-4-3-88-Released/m-p/2215132#M214605

 

Couple of users seem to seen better DNS experiences here on this version of FW so far. 

CKopp wrote:

I recently upgraded to the V1.42.84_1.3.42 firmware verison on my router. Since the update I am seeing random DNS timeout errors (the probe errors). In most cases, the time out is replaced within 1-2 sec by the actual request going through.  I have verified that this is happening across any DNS service I specify at the router (ISP, cloudflare), and happens accross various local machines, whether on wired or wireless connection. The problem goes away if I specify dns settings on the local machine. 

 

I used fiddler to analyze browser traffic, and can see it occurs when a DNS cache validation happens.  It would appear i am first getting a DNS timeout, rapidly followed by the actual request going thorough.  Interestingly, I have not seen this behavior on the sole IOS device on the network, an IPAD. Not sure if it matters, but I have armor installed.

 

As this behavior appears to directly correlate to the firmware update, and in searching the forums I have seen similar issues on other Netgear routers reported with the latest fireware, I am wondering a few things:

 

1. How many others with the 7960P routers seen this issue with the .84 firmware?

2.Is Netgear aware and working on a fix?

3. If I decide to roll back to the.68 version to fix (as several others have reported on similar model routers) what secuirty updates do I give up?

 

Thanks.

 

 

 

 

 

 

 

  • CKopp's avatar
    CKopp
    Apprentice
    Apr 20, 2022

    Thanks. Interestingly enough Netgear support reached out to me, but have not yet followed through with the contact info I gave them.

     

    I upgraded to the newest firmware (.88 version), here is my experience:

     

    1. Tried to use update process within Web GUI interface.  That just hung for about 15 min.  So I rebooted router to make sure it was cleared, downloaded new firmware and extracted it to desktop, and used the browse for file update process.  Worked great, uploaded and rebooted on its own as expected.  Version number changed to show update appeared to take.

     

    2. Set DNS back to router (which is set to use Cloud flare 1.1.1.2 instead of my ISP).  Did testing.

     

    A.   Seems better but not fixed yet.  I tried about 25 sites in rapid sucession, all loaded quickly without error, then I started to get error messages, followed quickly by the site properly loading in 1 -2 seconds.   This is definately improved behavior from before, where it would start at around 15-18 attempts, and take much longer or multiple retries to go through.

     

    B.  Error message is different.  Instead of the probe error mesage, the message that flashes up says there is a typo in the web address.

     

    c.  No matter how long or how many tries, I could not get to the Netgear support page until I switched the DNS setting on the local machine I was testing with back to the DNS directly.

     

    Something clearly has been changed.  Given the behavior I noticed, I am wondering if it is some kind of caching problem, i.e. a cache fills up and doesn't flush under some conditions past a certain number of DNS requests in a certain time frame?  When I get enough time I may set up analysis on the IP traffic to get a better look.

     

    I also am contemplating enabling IPV6, however I do have questions about how that impacts the secuirty of my network to issue an external ipV6 address I won't be using??

     

    In any event, progress seems to be occuring.  Please keep it up Netgear until this fully resolved for all of us. đŸ˜‰

     

    Thanks.

     

     

     

     

     

     

    • plemans's avatar
      plemans
      Guru - Experienced User
      Apr 20, 2022

      CKopp I'd try both a factory reset and enabling ipv6. 

      IPv6 was made to be more secure than IPv4. Not saying it is but that was the design behind it. Some of the technologies for ipv6 were rolled out to ipv4 (IPSec)

      • CKopp's avatar
        CKopp
        Apprentice
        Apr 20, 2022

        I spoke too soon, didn't see the DNS_probe finished message at the bottom.  Same error. Further the more I continue to use the browser, the more it comes up.  Perhaps the reboot was what made things seem better?

         

        My concern with enabling IPV6 is that if i understand it correctly, I would be establishing an IPV6 public address on the wan side to the router, but as i do not used IP6 for any devices, I would not see any of the typical signs of compromise if it occured (e.g. a software firewall on one my devices reported malicious activity).

         

        PS.  If I do choose IPV6, what do you set the address on the router to?  Auto?

         

        Thanks.