NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Continuing (worsening) problems with DNS resolution can be traced to the FVS336Gv2
Hi -- I'm having continued, and apparently worsening, problems on my network protected behind a FVS336Gv2 (v. 4.3.3-6) firewall. And it all has to do with DNS resolution. Any device behind the firewall trying to access the Internet will chug along just fine for a while, then suddenly start to exhibit all manner of problems related to DNS resolution. Most notably, Web browsers will start timing out with DNS errors. Then, suddenly, the problem will clear itself for a short while, before recurring. This has been an annoyance for some time, but recently the problem seems to have worsened significantly. The PCs all have DNS servers set up on their network interfaces. I have tried five different sets of DNS servers, including the servers from the ISP, OpenDNS, and Google. I have also tried setting up the FVS336Gv2 as a DNS proxy, and then trying it with proxying disabled. Whether or not it's set up in that way, the problem remains. On any of the affected PCs, if I run DNS Query Sniffer the problem is made quite obvious. As the PC tries to move around the Internet, DNS Query Sniffer shows every DNS request the PC makes. A cluster of several dozen DNS queries will show as responded to and resolved. Then several screenfuls of DNS queries will show as not being responded to. You can clearly see the progression on the part of the PC of querying the DNS1 server, not getting a response, querying the DNS2 server, not getting a response, querying the DNS3 server (the proxy, if it is set up), not getting a response, and so on. After a while of this, though, seemingly by magic the DNS queries start getting responses again. This is not a problem with a screwy PC. I can replicate this problem on any PC behind the firewall by running DNS Query Sniffer and checking its output. In case this was related to PC-based malware protection or firewalls, I've disabled these on the PCs and have seen no difference. The PCs in question are running either Symantec Endpoint Protection or Microsoft Defender on either WIndows 7 or 10. I also have a half-dozen Android devces that get caught in the same DNS trap while they're on the WLAN, which have no such problems if they're running on their cellular connections or on someone else's WLAN. Further, I can clearly see that it's the firewall causing the bottleneck if I reconfigure a PC to bypass the firewall and connect directly to the ISP's modem. With the firewall out of the way, DNS Query Sniffer shows almost every DNS query consistently resolved (with the odd miss here and there). The difference is dramatic. I can hammer the connection with DNS requests, as long as I'm hooked up directly to the ISP's gateway, and the PC won't miss a beat. But as soon as I connect the PC back behind the firewall, I can't get more than a few dozen DNS queries out before they start to get blocked (ignored, whatever). I have read a smattering of posts mentioning similar problems, and none seems to have a resolution. The culprit mentioned most often is the Block UDP Flood setting. This firewall had the setting switched off already; the DNS problem still happens. I switched the setting on and set the threshold to 999 (the highest it will allow), just to see if I saw a difference; it did not affect the DNS problem one bit. I switched it back off, as well as the Block TCP Flood setting. This had no effect. Otherwise, I have no problems with this firewall. It processes incoming traffic exactly as it's supposed to. It handles VPN connections properly. Outbound traffic from the PCs -- as long as it's not being encumbered by DNS resolution problems -- is OK. I don't know if this is an indication of a problem or not, but in trying to troubleshoot this problem, I've navigated the firewall's entire Web interface. And boy, is it slow. It can take the firewall several seconds at least (sometimes 20 seconds or more) to move from one page to the next. Is there a way to resolve this problem? Thanks CLPreventing circumvention of OpenDNS with firewall rules
Hi, I am attempting to set up my FVS318Gv2 Firewall so it will block all DNS queries that are not from OpenDNS. I was using this article for reference. To do this, I created a list of outbound rules. The first two I have block all DNS for UDP and TCP. The next four allow DNS on OpenDNS IPs. According to the manual, this is the correct order "you should place the most strict rules at the top" My hope was that the allow rules would override the block rules. According to OpenDNS's Documentation: "The first rule trumps the second rule, so anything requests to OpenDNS are allowed but any DNS requests to any other IP are blocked." I've tried adding these in the reverse order and using port 53 instead of the built in services but whatever I try blocks all DNS requests. Am I adding these rules wrong? What else could I try? Here is a screenshot of my configuration (The block rules are disabled so people can use the internet, but were enabled for my setup) Thank you! -JoelSRX5308 inter-VLAN issues
Hello! I have some issues with this routeur since a long time (relay DHCP not usuable, packet dropped, etc...) and each new firmware solve some problems, but not at all... 4 or 5 times by month, the DNS resolution on my subnet client won't reach the DNS server on a different subnet... The problem spend 3 to 5 mn to solve itself (?) and, during this time,I can't ping my Server subnet. I watch my DNS server log, but, no error noticed. On each client DNS, the event log said the serveur DNS is not reachable... Have you some ideas to solve this problem? Best regards. Fabrice.
FVS318G V2 DNS traffic getting through
Hi. I'm having an Issue with an FVS318G V2. I have only ping and port 8000 open for a specific address and all other traffic Is blocked but DNS requests are managing to get through. Is this even possible ? Could a virus/malware somehow pull this off and bypass the firewall ?
