I have posted elsewhere about my Vaillant heating gateway losing its connection to the Vaillant servers after I installed 3.8.8.2 on my 2925ac. I rather hastily attributed this to the firmware update and reverted to 3.8.8

However, the same problem arose again and then my Qnap NAS started to complain that it's DNS couldn't find a connection to the internet.

This was all very odd as the same systems had been running happily on my 2862ac, with identical WAN and LAN settings, for months/years.

The only difference I could see is that the 2925ac has primary WAN1 connected to my Vigor 130 and a failover WAN2 connected to a 2.4GHz wifi router. In both router cases all DNS entries were set at 8.8.8.8 and 8.8.4.4, with "force router to use LAN1" etc and they have been like this for years.

I used the Firewall "Diagnose" facility to see where packets from the LAN were going - to my surprise, anything directed to 8.8.8.8 was being sent via WAN2 :shock: If I entered my ISP (Zen) DNS server 212.23.6.100 as the destination then packets were sent via WAN1 as expected. Same with, for example, BBC IP addresses.

The wifi failover connection is not particularly stable, resetting itself every few hours, so if clients were looking for DNS 8.8.8.8 via WAN2 they may have had problems.

I have taken out all references to Google DNS and reverted to letting the router pick up my ISP DNS. Everything now seems fine and works as expected on the client side, but Diagnose still shows that packets sent to 8.8.8.8 go via WAN2.

Load balancing is not set on and there are no route policies in place other than the failover to WAN2.

Any thoughts on why packets to 8.8.8.8 would not go via the primary WAN?

Without wanting to state the obvious... you don't hjave a route policy in place ?

The only route policy is using virtual WAN5 as per the guide here https://www.draytek.com/en/faq/faq-connectivity/connectivity.wan/how-to-access-vigor130-in-bridge-mode/ so I can access the 130 without having to disconnect things.

As above, that policy fails over to WAN2 but when WAN1 is up packets go via WAN1 to every IP I've tried so far except 8.8.8.8 and 8.8.4.4 - these go via WAN2

I have removed all instances of those IPs from the router, but I note that in the 130, which is set to bridge mode on the MPoA page as per the guide above the DNS servers are 8.8.8.8 and 8.8.4.4

The router itself reports its DNS as those of my ISP in "Online Status".

Could the 130 somehow be causing this?

Using Ping diagnosis if I ping 8.8.8.8 via WAN1 I get 5 results - 40ms + 4x30ms. If I ping via WAN2 I get 1x220ms, 1x60ms, 2x70ms then the last one times out. Stranger and stranger.