Even more interesting is it has apparently been working OK all day... So we may be on to something with the UDP.

(I know, that's the Kiss of Death for all IT issues when we say that!)

>Postby admin3 » Thu Feb 08, 2018 4:08 pm

>Please check [Firewall] > [DoS Defense] and if UDP Flood Defense is enabled, try disabling that to see if it helps with your issue.

admin3 you are a Life Saver! I unchecked the box on Thursday night having read your post. For the first time in 4 months we have run for two days without the issue recurring.

Please share with us your thinking on this one and I'll also pass it back to the guys at my end and the BT Techie who have been helping us to try and sort it.

Does BT network use UDP in some way that affects the Draytek?

Rather than disabling it completely, you should be able to alter the "Threshold" to a point where you no longer get false positives.

hornbyp

Good point. It was set at the defaults (150 and 10 from memory) but I'd like to understand what is actually triggering the issue before I try to make any further changes.

andrewc wrote: hornbyp

Good point. It was set at the defaults (150 and 10 from memory) but I'd like to understand what is actually triggering the issue before I try to make any further changes.

The default value on new routers is now 2000 packets with a timeout of 10 seconds. The way that UDP traffic, and especially DNS are used now is quite different from when the Vigor 2820 was made (around 2009).

Now that browsers like Chrome use QUIC (Quick UDP Internet Connections) for data transfer on places like Youtube, the DoS Defense method of simply blocking an IP if it sends/receives too many UDP packets isn't so useful, and can unfortunately cause false positives if it's set too low, as you've seen.

Personally I recommend simply disabling and not using UDP Flood Defense, I don't think it's a useful DoS detection method in 2018.

admin3

Many thanks for that clarification. I just checked another site I have that uses a 2860 on BT Infinity and it is indeed running fine with UDP set at 2000 packets in 10 secs.

Also thanks to everyone else on here who took time to help me address this issue which has foxed us for 4 months! A result.