[falk0069]

I have a Netgear R6220 currently running v3.0-r62460 std (10/30/25). I orginally installed dd-wrt on the router in April 2025 using the latest version back then. It was mostly stable, but maybe once a month I had to restart the router to get Internet back. And I believe the issue always happened Sunday morning when I had the scheduled reboot. I recently applied the latest from Oct 24 and now Oct 30 but I'm experiencing more frequent lost of Internet problems. The frustrating part is I cannot restore Internet unless I do a full power off and on. Doing a restart does not fix it--it potentially triggers the issue. Why? What kind of information persists across restarts (that doesn't when the power is cut) that can prevent connecting to my provider.

Things I've tried:
- rebooting from console multiple times
- ping from console to known IPs (1.1.1.1, 8.8.8.8, etc). Only local subnet is pingable.
- dhcp release/renew. My provider (US Fiber) always gives me the same IP. Before I do a release, my IP is shown. After doing the release/renew, I lose my IP and can't get it back until I do a full power cycle.
- nvram set console_debug=1
- looked in dmesg and messages /dev/console for clues
- moved my syslogd to the usb on the /opt drive to survive reboots
- tcpdump
- iptables inspections. Wrote a script to dump all the iptables and compare difference after 5 seconds to see what rules are being hit.
- stopservice wan
- but startservice wan does not restore things. Instead I do this to get the network back:
ifconfig vlan2 up
route add default gw 207.x.y.1 vlan2
startservice firewall
- flushed all iptables rules and created a barebones one to rule out iptables.
- echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_flush

What ideas or suggestions do folks have? I've been using dd-wrt for over 2 decades on various routers and just love it. I think the watchdog restart options are great, but it is frustrating that some issue is persisting across reboot that only a full power cycle can fix. I'm hoping someone has some ideas.

Thanks

[kernel-panic69]

You should use wan_boot to restart wan. Also, these scheduled reboots are probably more hassle than necessary. We don't know specific configuration details, nor are there any logs. Shot in the dark.

[falk0069]

Thanks I'll add "startservice wan_boot" to the list of things to try to get Internet back. I currently have it rebooting hourly to try and reproduce the issue. I'm planning to disable the reboots during the work week.

[falk0069]

Ok, so I actually have been experience two issues. One where all Internet seems to be inaccessible and another where it seems just DNS is not working. I just encountered the latter and DNS was not working. I basically ran this:

[falk0069]

Ran for about a week with the keep-alive/reboot services disabled. However, this morning the DNS (udp-53) traffic stopped again. The stop and "startservice wan_boot" restored it, but what is going on? I have not encountered the full Internet loss again but I feel this loss of DNS is related.

Looking at the iptable chain there are a couple tarpit and DROP counters that increment but it is like one every 10 seconds, so I doubt it has anything to do with iptables. Running dmesg there were a few spoof lines like this around the time things broke:
[68833.653444] arp spoofing detected ip=10.0.0.1xx mac is 08:00:27:e8:55:yy but should be 7a:7c:31:7e:d9:zz
I doubt this means too much. The IP in question is home assistant running with virtualbox on a virtual adapter so I could see how his might have appeared. And the only thing in the messages log at the time of breakage is a few "IEEE 802.11: deauthenticated due to inactivity" where wifi devices are disconnecting.

I'm at a loss where to look next. I still have the firmware I applied back in April that I probably will reapply next weekend to see if I can regain some stability. Any suggestions would be welcomed.

[kernel-panic69]

Do you have the newer firewall features enabled? These may be part of your issue. Also, you have to check to see if dnsmasq is failing and restarting a la "dnsmasq maybe died, need to re-exec it" in the syslog. It could also be due to WAN configuration type and ISP dhcp lease time in connection with other services (NTP, etc.).

[falk0069]

I had "Filter TCP-SYN floods" and "Filter Ping Echo request floods" enabled. I will try disabling them to see how things do.

For DNS, I actually run pi-hole and unbound inside my network. I have these options disabled: Use dnsmasq for DNS
Forced DNS Redirection
Forced DNS Redirection DoT

When DNS is failing, I can ping external DNS endpoints (e.g. 8.8.8. but I cannot UDP port 53 to them via a command like: dig hello.com @8.8.8.8. It fails from all internal clients on my network.

My WAN Connection Type is "Automatic Configuration - DHCP" and I have ignore "Ignore WAN DNS". My ISP, though, provides essentially infinite lease time. It is really hard to get a new IP.

I'll update this thread after running with the additional advanced firewall options disabled.

Thanks

[Per Yngve Berg]

On Status->WAN is there Remaining Lease Time Counting Down?

[kernel-panic69]

[falk0069]

[falk0069]

I went a week without losing DNS or Internet after disabling "Filter TCP-SYN floods" and "Filter Ping Echo request floods" (and with Keep-alive/Reboots disabled)--so this is promising.

I then re-enabled the scheduled reboots over the weekend to see if I could reproduce issues. It did cause things to break. In my case I believe it is due to my sdcard drive hanging during umounting. I switched to a cron version of reboots that includes a lazy umount and it did help. I have been testing this hourly reboot for a day now without issues: