Reply

RBR853 with Netgear Armor - seems unstable with large network DHCP-renew

packet_gnome
Tutor

RBR853 with Netgear Armor - seems unstable with large network DHCP-renew

Hello all.

 

I have an RBR853 setup with mesh.  Works well with one exception.

 

I have just over 100 devices on my home WiFi network (yes, I know, lots of home automation stuff), and what I have found is that if I have Netgear Armor enabled, often when the DHCP-renew interval comes around, devices will randomly drop off my WiFi network (no P address) if the RBR853 system is running a volnerability scan at he same time.

 

How do I know this?  Because last time this happneed and I had a large-scale outage like this, I got a message on my phone at the exact same time stating that Armor "had completed a vulnerability scan - no issues found".  AND, when I disbaled Armor after that - poof, no more issues, network totally stable, no outages for days now.

 

The DHCP lease interval in the RBR853 is not adjustable it seems - fixed at 86400 seconds = 24 hours - and I suspect that the Armor vulnerability scan runs in the same 24-hour periodicity.  If you end up rebooting the RBR mesh system (only way I have found to recover the system and all of the downstream devices when the massive DHCP failure to devices occurs), these 24-hour cycles sync up again and the issue repeats.  I lived that for a week or two until I figured this out.

 

Q:  Any way to adjust the DHCP lease lifetime, or even better for Netgear to ensure that these two processes (DHCP renew and Armor vulnerability scan) never run simultaneously, or at least have proper priority in the device so that on does not step on the other?

 

Right now, I have my Armor security tutned off so the subscription I paid for is essentially useless to me.

 

Attentive to any data / thoughts that can be shared.

 

Dave

Message 1 of 2
CrimpOn
Guru

Re: RBR853 with Netgear Armor - seems unstable with large network DHCP-renew


@packet_gnome wrote:

Hello all.

 

Q:  Any way to adjust the DHCP lease lifetime, or even better for Netgear to ensure that these two processes (DHCP renew and Armor vulnerability scan) never run simultaneously, or at least have proper priority in the device so that on does not step on the other?


On the older WiFi5 Orbi product, DHCP lease is a parameter setting: dhcpc_lease_time=86400

It is a simple matter to telnet into the Orbi and change that setting. This would avoid the DHCP lease being "in sync" with the Armor scan, but I can imagine scenarios where they eventually fall at the same time.

 

I seem to remember reading that the Orbi AX models have disabled telnet access.  Questions about Orbi AX are more likely to get an informed response if posted in the community forum for those products:

https://community.netgear.com/t5/Orbi-AX/bd-p/en-home-orbi-ax 

This is also a topic that might be posted in the Armor forum.  Maybe someone on that forum has a work-around.

https://community.netgear.com/t5/NETGEAR-Armor/bd-p/en-home-armor

I love my Orbi.
Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 902 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 6E