Netgear R7000 Wifi 2.4Ghz/DNS failures

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
eplossl
DD-WRT Novice


Joined: 25 Mar 2020
Posts: 7

PostPosted: Wed Jun 09, 2021 17:42    Post subject: Netgear R7000 Wifi 2.4Ghz/DNS failures Reply with quote
Everyone - Apologies if I could have found an answer elsewhere in the forum... I have been trying unsuccessfully to find an answer through google searches and the search feature on the forums and have not found an answer that seems relevant yet.

I am running a Netgear R7000 router behind a Netgear CM1000 (yes, it is vulnerable to CableHaunt, I haven't found a way to fix that yet, either; this is the whole reason I went to DD-WRT in the first place). I was running r42803 on the router, but as a result of the continued problems I have been having over the last week or two, I updated it on Monday evening to r44715, as per what I found when trying to figure out if there was a newer build for this router available.

The problems I am having:
Until about two or so weeks ago, I wasn't really having any issues. Every so often, all my smart lights and speakers and stuff would die, but it was uncommon. Perhaps two or so weeks ago, all that changed. To my knowledge, the only thing that recently changed is that my Mother-in-Law came to stay with us for a bit. That said, she's not nearly as "techie" as my wife and I, so I don't *THINK* she has anything to do with it, but I could be wrong...

The issues I started having are two-fold:
1. on an almost daily basis, I now have to power the router off for at least 30-45 seconds, then power it back on. Doing this allows all the 2.4GHz wireless devices to reconnect.
2. I also noticed, via syslog, that I am getting a lot of messages indicating that something is trying to resolve a *LONG* domain name ending in "avqs.mcafee.com" and deciding that this is a DNS Rebind attack. I suspect that I know what's causing the problem, but I cannot prove it because I don't get any information about the device making the DNS request, only that the syslog message came from the router.
3. Although correlation does not necessarily equate to causation, about the same time the wireless goes down for 2.4GHz, I also see errors start up similar to this one:
Code:
dnsmasq[1093]: Maximum number of concurrent DNS queries reached (max: 150)
. I was able to resolve this for last night(see below), but the wireless didn't come back up when the DNS was fixed.

Until a few days ago, I hadn't really specified any DNS servers in the web UI. I had allowed the router to basically proxy for Suddenlink's DNS servers coming to it via the cable modem. A couple of days ago, I added 8.8.8.8 in an attempt to address the DNS issues. That seemed to work for about a day, but then the problem happened again. After some searching, I have now added two more DNS servers to the list in the Basic Setup tab under Network information, so that there are three servers. Doing that seems to have resolved internet connectivity last night, but the 2.4 GHz network apparently either was already tango uniform or went tango uniform shortly thereafter.

To quickly summarize:
Router: Netgear R7000
Router Firmware: r44715, installed either Sunday 6/6 or Monday 6/7
Cable Modem: Netgear CM1000

DHCP enabled, serving Wired and Wireless networks, 192.168.1.100-149
Total devices currently connected:
wl0 - 11
wl1 - 12
Wired - 5

Total devices possibly connected:
Wireless: 33 (or so)
Wired: 5

All the full computers (laptops, cellphones, tablets) are generally on 5GHz. Most of the IoT devices are on 2.4.

2.4 Config:
Wireless mode: AP
Network Mode: Mixed
Channel: 6
Width: 20 MHz
SSID Broadcast: Enable
TurboQAM: Enable
Beamforming (explicit and implicit): Disable
Airtime Fairness: Disable
Sensitivity Range: 500
Multicast to Unicast: Disable
Network Config: Bridged

Questions:
1. Is there a better version of the firmware that I can probably load that should help with these issues?
2. How can I turn on extra logging for DNSMasq to see who is doing the requesting of various stuff?
3. I am considering splitting off the wireless networks from the wired network to have them be on one or maybe two separate DHCP block(s). If I did this, would it likely only cause me more headaches, or would it likely help?
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14102
Location: Texas, USA

PostPosted: Wed Jun 09, 2021 17:59    Post subject: Reply with quote
Please consider upgrading to the latest release:

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t329299

https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/2021/06-05-2021-r46885/netgear-r7000/

Also, some additional reading that may or may not be helpful:

https://wiki.dd-wrt.com/wiki/index.php/DNSMasq_as_DHCP_server

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318767

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327595

https://wiki.dd-wrt.com/wiki/index.php/Basic_Wireless_Settings

https://wiki.dd-wrt.com/wiki/index.php/Advanced_wireless_settings

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6388
Location: UK, London, just across the river..

PostPosted: Wed Jun 09, 2021 22:56    Post subject: Reply with quote
To log dns queries and see more details about those
add those few lines in advanced DNSmasq box

# Log the results of DNS queries with EXTRAs
log-queries=extra
# Best to store DNS Cache in file for viewing
log-facility=/tmp/DNSCache.log


Than to see the logs
cat log-facility=/tmp/DNSCache.log

do keep in mind, it's better idea to put those on jffs via mounted usb

log-facility=jffs/tmp/DNSCache.log

Than to see it
cat log-facility=jffs/tmp/DNSCache.log

For the other issues, you have to set your router as it should and this cannot be done before you gain some knowledge first...
Follow the links that KP-69 posted above!
Once that is sorted and you get some basic idea what is going on, than it will be easy to address the other issues, if so...
In general, its not a good practice to have many IoT on the same LAN, as they tent to spam or flood the pool with bogus traffic...so thats why you'd ned isolated VLAN's..but you better update to the last build first and ill give you more details later.

Also add to advanced DNSmasq

no-resolv
server=1.1.1.1
server=9.9.9.9

Those are much better DNS resolvers...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum