Netgear R7000 - Power Outage and Issues with dnsmasq

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Sun Oct 24, 2021 17:02    Post subject: Netgear R7000 - Power Outage and Issues with dnsmasq Reply with quote
I've been running R7000 with DD-WRT v3.0-r44340 std (09/10/20) successfully for months now and no issues. I had a power outage a few nights ago and have been having issues with DNS lookups. It takes the query and forwards it (if it's not cached) to the authorative server but a lot of the time the response doesn't come back. The query gets re-sent every 5 seconds.. And yes, I know I should-of/can get a UPS. I don't want this thread to turn into a "get a UPS" thread as I've already read a few of those now when searching for "power outage".

I unplugged both my ISP's modem/router for around 30seconds each and also the same with this R7000 router. WAN is off on the R7000 and other routers as I have multiple wifi routers on the same ssid to spread the network around the house.

All my local network devices all point to dnsmasq caching server on this R7000 device.

Any thoughts on what I can do? nvram erase && reboot from ssh? Upgrade my older 44xxx firmware to something in 2021? I've restarted dnsmasq a few times (before the unplug) but it seems to work ok for the first 5 minutes and then it goes back to receiving the some responses. Generally, about 50-75% of the dns queries are responded to but not all.

thank you.

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14126
Location: Texas, USA

PostPosted: Sun Oct 24, 2021 17:23    Post subject: Reply with quote
Forgive the tone, but we cannot see what is on your side of the screen as far as your router's configuration to have any clue what could be mis-configured. Pictures and visual communication go a long way.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157

PostPosted: Sun Oct 24, 2021 19:56    Post subject: Reply with quote
Personally, I would start over, completely. Reset to factory defaults, reinstall the same (or later firmware), reset to factory defaults *again* after the reinstall/upgrade, then *manually* reconfigure the router (do NOT use any backups).

Yes, it's a pain, but so is spending countless hours trying to debug what may be an impossible issue to find. At the very least, you're starting w/ a clean slate, which is always better for you and anyone trying to support you.

_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sun Oct 24, 2021 21:46    Post subject: Reply with quote
Speaking of reset and manual rebuild, as well issues with DNSmasq..not bad idea to update to a recent builds, as DNSmasq has the last version on the resent builds...as well lots of other work and security fixes was done...
I run 47581 with no issues, just bear in mind im not using wi-fi on my R7000, but i guess its not an issue..
If the issues still persist, you have to share what DNSmasq setting do you have and ect., it will help to diagnose the issue...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Sun Oct 24, 2021 21:49    Post subject: Reply with quote
Here you go: https://imgur.com/a/Fph8KXQ

Let me know if you need more. For the items that are not in the screenshots:

Setup->IP6: Disabled
Setup->DDNS: Disabled
Setup->MAC Address Clone: Disabled
Setup->Advanced Routing->Operating Mode: Router
Setup->Tunnels: Disabled

If you need more screenshots of the main tabs let me know. EDIT: Appreciate the feedback (I saw the later posts after I replied here now). If there is nothing blatant showing on the screenshots I will do the factory reset. Does factory reset on a dd-wrt router bring it back to Netgear factory firmware or just zero-settings on a ddwrt firmware router?

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Sun Oct 24, 2021 23:36    Post subject: Reply with quote
nope, reset to factory will erase the nvram/your ddwrt settings and on reboot it will start from default config...DDWRT

i looked briefly at your settings, and you could turn off the (SFE) shortcut forwarding engine form Basic Setup page...

and than, ive never seen such a config, with DNS in router mode...to my understanding, by default using router mode, router denominates any dns and dhcp performed locally, moreover you specified a gateway 192.168.3.1...in local network...may be its just me, ive never seen such set up...so, here im not competent at all, if its working, so be it...

and router mode, as well sfe are known to break things, if not used appropriately...
I believe router mode means router becomes a switch...kinds of...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157

PostPosted: Mon Oct 25, 2021 0:53    Post subject: Reply with quote
Router Mode (as opposed to Gateway Mode) means the router is still a router, but it's NOT NAT'ing the traffic as it passed over the WAN. That *assumes* the upstream network has a static route that points back to the WAN ip of that router as the gateway to the local/private IP network behind it. Otherwise, it won't work.

Router Mode also disables connection tracking, presumably to increase performance. So all connection tracking becomes the responsibility of the upstream (usually primary) router. And *that* is why it tends to break things. As an applications platform, the router assumes connection tracking is enabled. So, for example, if any of the firewall rules depend on state information, guess what happens? Yep, those rules get ignored!

That's why we strongly discourage the use of Router Mode. You need to understand the implications, and it's NOT obvious what those are unless you are very experienced w/ the router. Most ppl just get themselves into trouble, *unless* they're only using it as a pure router, NOT an applications platform. In the case of FreshTomato and users naively turning on Router Mode, it got so bad, they literally removed the option from the firmware! What little benefit it offered wasn't worth the tech support headaches.

_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Mon Oct 25, 2021 1:55    Post subject: Reply with quote
Alozaros wrote:
nope, reset to factory will erase the nvram/your ddwrt settings and on reboot it will start from default config...DDWRT

i looked briefly at your settings, and you could turn off the (SFE) shortcut forwarding engine form Basic Setup page...

and than, ive never seen such a config, with DNS in router mode...to my understanding, by default using router mode, router denominates any dns and dhcp performed locally, moreover you specified a gateway 192.168.3.1...in local network...may be its just me, ive never seen such set up...so, here im not competent at all, if its working, so be it...

and router mode, as well sfe are known to break things, if not used appropriately...
I believe router mode means router becomes a switch...kinds of...


It is set up this way (WAN is off and all routers are linked) because I followed this set up to link my routers together: https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point

So WAN is off (not used for all my routers) and my routers are connected through their LAN ports that go back to my ISP gateway router/modem. I'm extending my wireless coverage using wireless routers on the same subnet and they are wired back to the LAN ports on the ISP gateway. My ISP gateway modem/router is 192.168.3.1 and it does dhcp for whole network (and dhcp it turned off on all other routers which are on same subnet). My R7000 does the dns for whole network. I hope this helps explain my setup.

I have SFE enabled because my assumption, when I bought my r7000 a few years ago, was that it could handle my gigabit isp connection but it never was the case (wired or wireless tests). I read that turning on sfe would increase throughput but it really didn't overall (maybe 25-50Mb).

Does this explain my setup a bit better? Not sure it really assists with the dnsmasq issue...
My setup has been this way for over a year (since my fw version) with no issues that I could see...

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Mon Oct 25, 2021 9:12    Post subject: Reply with quote
yep WAP mode was the first thing that came into my mind...but, running DNS on it, was never my thing...i've never tried it, and prefer my DNS server to be behind NAT, where router mode means no NAT...

SFE works in a way to accelerate packets trough a NAT so, in router mode its not needed...and wont work at all...to be precise in router mode your router acts like a switch/WAP so, it runs on the switch speeds...whatever it can achieve...

And in general WAP mode relays on DHCP & DNS from the router ahead/in front or whatever router its connected to...so doing DNS in WAP it probably interferes with the other router DNS resolving capabilities and i believe it can get messy...

But as you stated it was working ok for you, it wont hurt to update, and enjoy the new DNSmasq security fixes...

I don't know your main router and how powerful it is, but in some scenarious its good to have a single DNS server than many...unless they are not on their own subnet and behind NAT...like routers in double NAT...
I run a secure encrypted DNS on my router and DNS goes like normal TLS traffic, so im ok to run multiple DNS servers on my double NAT networks...but in other case, i would run a single DNS and point the other routers to the main and only DNS server either via iptables INPUT chain rules or DNSmasq rules...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Mon Oct 25, 2021 9:44    Post subject: Reply with quote
The main router is an ISP router (Actiontec R3000) and the wireless speeds off it are very good but the location of it in my basement is not central to anything. Moving it centrally is not easy.

I’m really only running dnsmasq as I have a fqhn hostname in the real world that is run off web server on RPi locally at home and I want to use that same DNS name when I am at home in the local network. I could use local hosts file instead I suppose but can’t do that on Apple iPhone I don’t think. Dnsmasq is a convenience to me I guess And I like messing around with setting it up. The main router (isp) doesn’t allow me to add local DNS lookups. I used to have dns TLS enabled on this pogo plug/RPi as an Alternate to dns but found the look ups were obviously slower than non-tls (the price of encrypted lookups).

I have to read up on NAT and double NAT as it’s been a while and I’m not totally sure what is what in that regard.

I’ll try to do the FW upgrade (restore to default on GUI and also a Nvram erase, etc) as I’ve seen on the forum and see what happens. Thank you for your help!

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Mon Oct 25, 2021 10:28    Post subject: Reply with quote
Just to throw in my 2 cents Smile

If the router always worked without a problem a simple power outage should not make a difference as all settings are stored in nvram and it should be setup the same.
Is it possible that there is a hardware failure, I am thinking especially of failing power supply.

I have seen strange things when a power supply is failing.

About the use of DNS server, I personally see no problem in using the DNS server from your WAP (as long as DNS queries are not intercepted or relayed on your main router), you should however disable DHCP as you can only have one DHCP server in your subnet

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Mon Oct 25, 2021 14:48    Post subject: Reply with quote
egc wrote:
Just to throw in my 2 cents Smile

If the router always worked without a problem a simple power outage should not make a difference as all settings are stored in nvram and it should be setup the same.
Is it possible that there is a hardware failure, I am thinking especially of failing power supply.

I have seen strange things when a power supply is failing.

About the use of DNS server, I personally see no problem in using the DNS server from your WAP (as long as DNS queries are not intercepted or relayed on your main router), you should however disable DHCP as you can only have one DHCP server in your subnet


I agree that it shouldn’t change anything. Not sure why it’s happening.
Power supply - I can check that out and see if I can do a replacement. DHCP is disabled on all routers except for the main router (ahead/upstream of all other routers). I thought made the most sense.

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Tue Oct 26, 2021 10:06    Post subject: Reply with quote
eibgrad wrote:
Router Mode (as opposed to Gateway Mode) means the router is still a router, but it's NOT NAT'ing the traffic as it passed over the WAN. That *assumes* the upstream network has a static route that points back to the WAN ip of that router as the gateway to the local/private IP network behind it. Otherwise, it won't work.

Router Mode also disables connection tracking, presumably to increase performance. So all connection tracking becomes the responsibility of the upstream (usually primary) router. And *that* is why it tends to break things. As an applications platform, the router assumes connection tracking is enabled. So, for example, if any of the firewall rules depend on state information, guess what happens? Yep, those rules get ignored!

That's why we strongly discourage the use of Router Mode. You need to understand the implications, and it's NOT obvious what those are unless you are very experienced w/ the router. Most ppl just get themselves into trouble, *unless* they're only using it as a pure router, NOT an applications platform. In the case of FreshTomato and users naively turning on Router Mode, it got so bad, they literally removed the option from the firmware! What little benefit it offered wasn't worth the tech support headaches.


So I have the following setup (I have to do two lines to show the different routers):

Internet<-IPS Router <- Router 1 with dnsmasq
Internet<-IPS Router <- Router 2 with WAN port disabled
do you suggest putting Router 1 and 2 on gateway mode? If I need all devices connected to Router 1 and 2 to see each other wouldn’t gateway mode separate the devices on both routers in different subnets?

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Tue Oct 26, 2021 10:32    Post subject: Reply with quote
ikwyl6 wrote:
Internet<-IPS Router <- Router 1 with dnsmasq
Internet<-IPS Router <- Router 2 with WAN port disabled
do you suggest putting Router 1 and 2 on gateway mode? If I need all devices connected to Router 1 and 2 to see each other wouldn’t gateway mode separate the devices on both routers in different subnets?


yep, gateway mode separate the devices on both routers in different subnets, but you can add static routers on your routers so, those subnets will be able to communicate...i guess...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
ikwyl6
DD-WRT Novice


Joined: 23 Apr 2013
Posts: 43

PostPosted: Tue Oct 26, 2021 22:03    Post subject: Reply with quote
Alozaros wrote:
ikwyl6 wrote:
Internet<-IPS Router <- Router 1 with dnsmasq
Internet<-IPS Router <- Router 2 with WAN port disabled
do you suggest putting Router 1 and 2 on gateway mode? If I need all devices connected to Router 1 and 2 to see each other wouldn’t gateway mode separate the devices on both routers in different subnets?


yep, gateway mode separate the devices on both routers in different subnets, but you can add static routers on your routers so, those subnets will be able to communicate...i guess...


So still have dhcp running on the upstream (ISP) router and disable it (dhcp) on all downstream routers and put the downstream routers on Gateway mode. Ill try that.

Btw I put the newer 2021-10-20 fw on the router but I think the thing that definitely got changed was an option to “change WAN to switch” option. That is what is messing things up for me to try and troubleshoot this networking issue. At the same time, I have a gold shell miner that just takes any IP that is so pleases on reboot and I realized last night that even if I reserve the MAC to a certain IP for this miner, it just takes whatever IP it so chooses…. And it took the IP of my router with dnsmasq at some point after the power outage when things came back on.. didn’t pick up on that…
This dnsmasq issue has snowballed into something more than just dns! Ha. Thanks for help All.

_________________
[ NetGear R7000 : DD-WRT v3.0-r47581 std (10/20/21) - Local dnsmasq with caching using syslogd to send logs to remove server
TP-Link Archer C5 Stock Firmware
TP-Link Archer A9 Stock Firmware - Not Being Used ]
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum