NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Nighthawk R7000 needs frequent reboots
My Nighthawk R7000 -AC1900 router needs to be frequently rebooted. This just started about 2 weeks ago. It was working perfectly. We bought it less than 6 months ago. It might connect to the intere...
Running: V1.0.11.116_10.2.100
First, Sorry that this got to long. Please feel free to ignore and not read the whole thing.
I just wanted to relay my experience and how I have the router behaving very well now.
________________________________________________________________________
So I have been plagued with this stupid problem to the point of where I started to look for a different router.
But I'm holding off because I seem to have the router cooperating a lot more by doing a couple of things every day or two, that seem to keep it operating just fine now.
I haven't HAD TO reboot it in a couple of weeks or so! THAT'S PROGRESS!
So first, let me say, I think that ONE of the major problems with this router and its firmware versions, is that it does not handle massive traffic very well, EVEN THOUGHT IT'S A 'GAMING" router.
For my gaming server (which I no longer run or bother with), I had a bunch of ports forwarded to my server's static IP.
Being that these particular ports are well known for the environment I was running, there were constant attacks by :Russia
China
and a few other countries where reporting bad actors was useless.
At one point, so that I wouldn't have to totally remove all the redirects, I just put in a fake IP that went no where on my network, so that any attacks to any of those port ranges would just go to that fake IP.
I also set up huge ranges to redirect attacks to there as well...
THAT WAS A MISTAKE!!!! That's because the router would STILL try to process the requests rather than just ignoring them.
I would notice my entire network starting to grind to a halt , so I'd check the logs and see hundreds of attacks, trying to get into my server. From Remote Desktop attempts to DoS attacks to port hammering, etc.
I'd have to reboot my router and the modem that connects me to my ISP.
Doing so would get me a new external IP as well as clear the cache in the router.
I would also clear the logs, apply and refresh to clean that up.
Sometimes, I couldn't even log into the router and I would have to power cycle it.
I still have some ports open for my security cameras so that I can access away from home.
But with that, I still had the router choke up every couple of days.
I finally decided to REMOVE ALL PORT FORWARDING except for my cameras. Those are vital.
Well that settled things down A LOT!
However, then I would see those same countries trying to access my cameras.
So for those, I tightened up their passwords. At least it won't be easy for those BOZOS to monitor my cams.
But still, the router was not stable. Sure, it was a lot more stable, but I still had to reboot every few days!
To troubleshoot this problem, I have a Command Prompt constantly pinning google.com -t.
When the router would start to get wonky, I'd see packets dropping from the ping.... INTERESTING.
Sure enough, in the logs, I would see attacks, including still, DoS attacks.
But something still didn't seem right.
So then, I added another command prompt window and constantly piinged the router's internal IP.
I wanted to see if pinging outside my network to the internet would fail, but internal pinging was ok.
Sometimes, this was the case ,but other times, more often, when one would start dropping packets, so would the other! HMMMMM
So then, I powered up my laboratory computer, which sits right beside the router and is wired directly into it. This computer does NOT go through anything else, no switches, nothing.
I also ran a command prompt, pinging the router as well.
Now, with 3 pings being monitored, I could get a better visual on where the breakdown is happening.
So now here is where I found what is in fact one of the biggest problems with this dammed router.
THE LOGS! Yes! THE FREAK'N LOGS!
What I discovered that as the log file increased in size, is when the router would start to get wonky!
I could see dropped packets on the external ping, then drops on this machine that pings the router (but it goes through switches). But sometimes, the Lab computer wasn't seeing drops!
But then, I'd start seeing drops on the connected Lab computer.
I started monitoring the logs closer but nothing unexpected was seen.
I did notice, however, that the drops were right around the time that the attackers were trying to get connected to the ports that I did have open.
But at other times, even with that, there was no issues.
I got into the habit of clearing the logs so I would get a clear picture each time.
It's then that I noticed, when I cleared the logs, within seconds, the dropping of packets stopped and the router settled back down!
I've seen this kind of file corruption in older software, but I would have thought that in 2020/2021 there would be much better routines to keep caching in check.
So, very long story short,- remove any port forwarding that you do not NEED
- do not set up huge ranges of ports to forward to a fake IP (if you don't forward ports, the router will just ignore requests to ports not listed)
- clear the log daily (at least to confirm if this solves the problem).
Which version of the firmware are you on?
Which modem model is it?
You put that you need to reboot it but not specifically why. Just that the internet isn't working. Is it connected to wifi but giving you "internet not available" or what exactly is happening?
We just need to figure out if it truly is a router issue or a modem issue.
I've had an arris modem or 2 that would get hot and need the modem and router rebooted to function. Once we isolate the problem, then we can work on steps to fix it.
I have this same issue. It appears it's connected on the Netgear site, but my mac says can't connect to the page. I have a Arries Surfboard 8200. It will connect for a while and then just drop off. HELP.
- The way I solved my issue with the need for daily reboots was too upgrade to the latest firmware version.
- Current Firmware: V1.0.11.116_10.2.100 I've tried several different firmwares from that 42 (I think it's really 44) up to what my current is. The problem is still there. While the problem is not "solved" I do have it a lot more stable now, as I can get a week or more before it starts dropping packets to the point of totally going off line (internally and externally). I should mention, that this router is ion my internal network and to get to the internet, it connects to a Fiber Modem which links to my ISP. This modem is in "bridge mode" which means it does NOT authenticate to the ISP nor does it do any routing at all. The router is disabled when in bridge mode. In troubleshooting this issue, I check the logs constantly. I A LOT of port scanning coming from Russia, China, India and other countries. Only a few from N. America. As I used to run a gaming server, I had a lot of special ports forwarded to my server's IP. In the logs, I could see those countries trying to mass scan and even DDos using those ports! I no longer run that server, so as a test, I removed ALL items in Port Forwarding, EXCEPT those that I need for all my security cameras. Since then, the logs are cleaner, MUCH cleaner and the router is running a lot smoother (not being attacked and having to deal with re-routing to an IP that no longer exists nor to a fake IP I set up so when the morons are port scanning, they'd just be sent to nothing. I also played around with different firmware versions, from .42 to latest. For me, the current firmware I'm at seems to be pretty good, BUT NOT PERFECT. The router still will slow down (dropping packets) then stopping completely. I do have 2 Command Prompts running 24/7. One that: ping www.google.com -t and the other pinging my internal router's IP. By having both pings visible, I can see if the drops are both internal and external or just one or the other. When I see the packets start to drop on the external side (internet) and internal ping is fine, I'll then log into the router and reboot it that way. That usually "cures" things for a while... IMPORTANT TO NOTE, in my case, my ISP is awesome because by rebooting my router, it does the authentication THROUGH the bridge and the ISP automatically assigns a new external IP (most of the time). I find THAT HELPS! I think that there's so much massive port scanning going on that it just eventually messes with these routers until their internal cache gets overrun and BOOM! It just stops working. Just a theory. BUT, since I'm seeing other models having this same problem in the Netgear brand, if I decide to buy a new modem, I will probably just go a different brand. Before buying, however, I will be doing a lot of research on their forums first to see what problem they have.
- I gave up on every firmware after .42.. i tried every single one up to around 100 and ended up just buying a different brand router instead. Ended up getting an asus rt-ax88u and happy with it instead of using .42 which has so many security bugs.
- Thanks for that. I'm going to research it. I love ASUS products. I will research this model and see if it has a full Firewall as well as DDoS protection, port forwarding and other features. I do need those 3 for sure. I do also need 2 and 5 Ghz wireless (fully configurable).... etc.