Posted: Fri Apr 19, 2019 1:44 Post subject: Lose Internet every 30 minutes
I just upgraded my ddwrt the other day and reset to fix a separate issue. Every 30 minutes I lose Internet both wirelessly and wired, can’t even access the ddwrt admin page about maybe 65% of the time, though I can 35%ish. I have to reboot to fix it.
I’m fairly confident that it is precisely every 30 minutes, which makes me think some default setting is screwing with this?
My VPN killswitch: iptables -I FORWARD ! -o tun1 -j DROP
I recommend keeping an eye on the syslog (or vpn client log) during this time to see if there are any relevant messages. Most likely the VPN is going through a soft-restart, perhaps caused by the OpenVPN server. IOW, your OpenVPN provider may be forcing a restart just to make sure the OpenVPN client is really there, and if not, he saves resources by killing the connection. Just a guess.
I would normally assume the reneg-sec setting was causing this. This defaults to 3600 (every hour). This causes the session key to be rekeyed. But obviously this can't be the culprit if the value is 0. As an aside, the VPN provider probably suggested this so he could reduce the overhead of having to rekey the session key. Once again, that saves him resources, but at the expense of your security! reneg-sec should be set to something reasonable, say 3600, 1800, etc., NOT 0!
Thanks for the help. I thought it might have something to do with the rekey thing, guess not, The weird thing is not being able to access router admin page locally most of the time this happens. I don’t get the same issues using an OpenVPN client on same VPN service on another computer and non-repeated router.
I’ll see if I can see any router logs before I can’t connect to router admin anymore.
Didnt have issue before upgrading from v24 sp2 to this, same vpn provider and settings.
Maybe my killswitch is preventing local router admin access. But that makes no sense.
That's a long way of saying, try using explicit IPs for the Server/IP Name field rather than a domain name. See if it helps.
Thanks for the help. I tried this but still get the issue.
It is not precisely every 30 minutes as I thought, though usually it is very close. Rarely it can be longer, like an hour.
I cannot check my OpenVPN client log by the time this happens. If anyone can give me a single clue as to why I would lose access to the local admin panel, I’d be grafeful.
Had to disable DNSMasq because as a separate issue, it causes DNS leaks. Still occurs.
Joined: 18 Mar 2014 Posts: 12881 Location: Netherlands
Posted: Sun Apr 28, 2019 8:01 Post subject:
Well maybe that is the issue, that you disabled DSNMasq?
DNSMasq is not causing DNS leaks it is the way you use or setup (sometimes a bug can also play a role).
In my signature there is a thread for a simple-PBR script, in that thread there is also anot on DNS leakage, maybe that is helpfull in plugging the leak?
Well maybe that is the issue, that you disabled DSNMasq?
DNSMasq is not causing DNS leaks it is the way you use or setup (sometimes a bug can also play a role).
In my signature there is a thread for a simple-PBR script, in that thread there is also anot on DNS leakage, maybe that is helpfull in plugging the leak?
It also was occurring with DNSMasq enabled. I wouldn’t guess that DNS issues could prevent local admin access, but you two would know better than me. Thanks for advice on the separate leakage issue, I’m going to check that out.
I will follow the logging tutorial and report back. The work you guys do helping people on this forum is really great.
Btw, I don't recall you mentioning the hardware. There are known issues w/ specific hardware, and that's why sometimes it's better to address this type of problem in the forum for that router's chipset.
What go me thinking about this was the following thread over at Merlin's forum on SNB.
That's why I tend to stick w/ older, totally proven hardware (e.g., ASUS RT-AC68U). Sometimes it takes a few years before issues become well-known and develop a reputation of being problematic.
I am using a TRENDNET TEW-818DRU. Chipset Broadcom BCM4708A0. I had an Asus router, but no ddwrt version was available for it, so I got this cheap thing a while ago. I may need to upgrade.
My ddwrt version is v3.0-r37305. This is apparently a beta, but I am fearful that if I downgrade I’ll be back to the 10 kilobyte per second Internet download problem I had.
I’d guess repeater mode is culprit, but I can’t connect my router any other way to test.
Having troubles logging. Of course, when the issue starts I lose access to both the Internet and local router admin, so I need log persistence locally.
I used this as a startup command:
killall syslogd
syslogd -L -s 8192 -O /var/log/messages
But unfortunately, after using cat on /var/log/messages, it just shows some logs from January 1st (have reset router plenty this month, must be Unix timestamp or something), then current session logs, but they do not persist after restart.
Since remote logging is not an option, how can I persist them? Filesystem readonly if any help.
Kill switch is this for reference, probably irrelevant:
iptables -I FORWARD ! -o tun1 -j DROP
EDIT: Just tried upgrading to a build from last week. Sure enough, 200 Kbps download bug returns.