Hi all,

We have a Draytek Vigor 2850n that we have been using for about a year and a half. We also have a Draytek Vigor 2860 that we have used on and off at different times.

We run two internet connections into our office. One is a standard broadband connection with BT and one is a leased line - that is a dedicated and uncontested service.

Around a month ago we started to have sporadic DNS failures. Both connections were running through the 2850. People who were connected to remote machines doing client work would stay connected and able to work but any browser requests failed and testing showed there was no DNS. The broadband connection had been configured to use the DNS servers from BT and the leased line configured to use Google DNS so I'm sure it was not an issue with the servers themselves.

I split the connections and used the Draytek 2860 for the broadband, and split our staff between the connections. I would find that eventually those on the broadband connection would start having the same DNS issues so I would move them to the other router - and some time later everyone would start having the same issues. Rebooting generally fixed the issue but over time it started happening more and more often and rebooting would sometimes take 3-4 attempts to work. I started to reload configuration backups instead and this seems to work every time but still the problem was frequent.

Importantly I think in the past another staff member had tried to set routers up to work together within one network. I'm not a qualified networker by any stretch but when it became clear that these two routers might be linked somehow despite running separate connections, I factory reset the second, rarely used Draytek and manually reloaded the important configurations. This did not solve the problem.

Eventually I disconnected the broadband connection, switched off the Draytek 2860 and left just the leased line on the 2850. For a week we had no issue, then today, dropped again twice so far. A reboot fixed it but we can't go on like this.

Is it possible a machine on our network could cause this issue?
Is it worth factory resetting the 2850 and manually re-entering the config? I'm loathe to do this as we have around 50 MAC addresses that are bound to IP addresses and these relate to all our exposed services so the downtime would be huge and attempting to reconnect all those machines to the correct IP would be a nightmare.

Does anyone have any suggestions at all? I'm just at a loss as to how DNS can keep failing regardless of the service we use, regardless of how many times I reset the router, regardless of which router we use, and regardless of which internet connection we use.

Sorry about the long description but this has been going on a long time.

Thanks.

Not sure if will help but worth to try

Lan > General setup > Lan 1, details page > add dns servers manually if helps
On exit Lan>General setup tick the small box "force router ... to Lan 1,2,3,4 etc .. then ok again

Also if you have enable DoS disable if will make difference

Thanks babis3g

I've changed those DNS settings. Strangely enough, our connection dropped immediately after I did it - unrelated though, I believe, as today we are back to constant drops.

Not sure if I want to disable DoS - would that put us at risk of attack?

i only suggest it to close temporarily for testing
For the drops use the syslog tool to capture possible issue and send it to the support
http://www.draytek.co.uk/download/support/Syslog_454_Win.zip
http://www.draytek.com/index.php?option=com_k2&view=item&id=2678&Itemid=293&lang=en

Thanks for the suggestions, didn't know about that tool. I'll give it a go. I factory reset this morning and manually entered all our configuration and we've been OK this morning so fingers crossed.

shaneoh1980 wrote: Thanks babis3g

I've changed those DNS settings. Strangely enough, our connection dropped immediately after I did it - unrelated though, I believe, as today we are back to constant drops.

Not sure if I want to disable DoS - would that put us at risk of attack?

It would make no appreciable difference and might solve your problem.

As I said in another post:

DoS protection on a router is a bit of a gimmick. If somebody determined wants to take down your internet connection by saturating your line with information, then your router dropping those packets when it receives them won't make a difference; no other information will be able to get through.

On the other hand, DoS protection was causing me a few issues; the router thought that my opening lots of browser windows concurrently was a DoS attack and it blocked my PC.