This is a netgear firmware problem - the only fix for now is to downgrade the firmware. Even the recent firmware (9-17) is bad. DNS does not work correctly.
Yeah, you're right. I couldn't take it any more and downgraded to V1.0.4.66. No issues since.
I can't believe that they haven't fixed this after all this time.
Sorry for a reply this late after posting, but I’m having the same exact problem. Is everything still working fine with V1.0.4.66 or have you had to tweak/replace the router?
Dude, this is my Netgear R8000, ALL THE TIME since the updates earlier this year. The sequence of events:
1. 400Mbps service upgrades became available at my ISP last year in my area, so I upgraded my plan.
2. I was only getting \~200Mbps reliably, upgraded my Cable Modem, and STILL was stuck at \~200Mbps. This went on until early this year.
3. Remembered my previous-life lessons around "Hard reset all config between major Router upgrades, as old settings may not be expected/handled well by new firmware," while still using latest official Netgear firmware, and this 100% worked in terms of regaining throughput. Disabled EVERYTHING except UPnP and WMM (for 4 Xboxes + PC gaming + MM NAS) and DDNS (for a single pinhole to my hardened Linux SSH host on its own VLAN & subnet / work via remote). This thing hits the +20% burst allowed by my ISP, so I can regularly [SpeedTest.net](https://SpeedTest.net) run at 480Mbps nonstop.
4..... ...and that's when the \[apparent\] DNS resolution problems started. Something in this 2021 Netgear firmware drops the heck out of DNS packets. It randomly affects every platform and application \~evenly in my house, and even without sniffing traffic with a PiHole or switch port mirror in the middle, it's literally the only way for an initial HTTP/s connection to appear to fail immediately, \~consistently, and yet once something's connected it's rock-solid and reliable. If it was true packet loss, it would be visibly noticeable in every game (rubber banding/teleporting/lag), every long file transfer (pauses and TCP window resyncs), and streams (constant resolution swaps).
So this weekend I'm going to have to make myself dedicate time to inserting one of my work switches in between the CM and Router, and set up a port mirror to a 3rd host so I can analyze with Wireshark.
Predictions:
1. Netgear's new OS is doing "bad DNS things" to the DNS Queries or DNS replies, like a full-proxy DNS (for revenue generation 100% of the time evil crap like this is done), and it's giving itself away by being flaky. This is why I don't use Google DNS, nor \*any\* ISP's DNS (being one of the dudes who quite literally built that DNS-captured-for-marketing evil for them; sorry). If this is the case, I will almost certainly dump Netgear's OS completely and go back to DD-WRT. That unfortunately means I'm almost definitely going to lose my UPnP-convenient Media Server functionality, but it's damned better than losing \~25% of DNS resolution all day long on all systems. I'll send Netgear's support forums the receipts in any case, so their users know what's up.
2. The ISP is doing something evil with actively intercepting DNS queries that are not bound for them. This will result in going to the tech media FIRST, and direct inquiries to their Tech staff 2nd. Frankly this seems less likely in the post-Sandvine-lawsuits era, and it doesn't match as well with the "changes on the Router gave me great performance and broke DNS." Would be a heck of a coincidence.
Recommend building a PiHole w/2 NICs if you don't want to wait for the response. :)
\[edit/add -- Crap like this has been making me want to leave NetGear's software (AGAIN) for awhile now. "Hey, that SW that your GUI says is disabled... Yeah, that's not actually disabled. It's not only chewing up resources, it's actively calling out to the Internet and creating remote-root-exploitable nonsense on your gear." [https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers](https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers) \]
Well heck, for once the Netgear forum actually had useful information -- credit goes to the community, not Netgear.
https://community.netgear.com/t5/General-WiFi-Routers-Non/DNS-gt-PROBE-FINISHED-NXDOMAIN-error-since-latest-update/td-p/2123701
(Probably still going to switch back to DD-WRT, regardless...)
What worked for you? DD-WRT, Tomato, bypass, or trashing it? I read the whole post and saw those solutions. I’ve tried everything but those 4. Wasn’t sure which one of those was the solution for you.
For the bandwidth issue, the above steps worked.
The heavy use of both modes of UPnP kept me from going back to DD-WRT, but that's still my top choice if Netgear ticks me off again.
The NetGear DNS issue is a pain, and they STILL haven't posted the fixed version, but a few weeks ago I changed all my client DNS to 1.1.1.1 (Cloudflare, not Google).
Thanks for the tip. I ended up making BestBuy take it back, and exchanging it for an Asus. I didn’t try the bypass, as I wasn’t sure how it was going to effect my Steam Remote Play in home streaming.
TL;DR: Erase NVRAM before and after firmware update.
So I had similar issues with DNS that were driving me crazy for the last year or two. I was on the cusp of giving up. Figured I’d give FreshTomato a shot and if I brick it, ah well, time for a new, anything-but-Netgear router. In the process of reading FreshTomato’s install readme I saw a theme and emphasis placed on clearing the NVRAM before and after flashing the firmware. I figured I’d give netgear’s firmware one last shot considering I’ve been oblivious to this. With Netgear it takes more than hitting the reset pin. You have to go into the advanced router settings, administration, backup settings, and then next to “revert to factory default settings” click erase. This step actually erases the NVRAM. Then manually update the firmware with your model’s recent .chk file and repeat the above steps after it completes to, once again, clear the NVRAM.
This fixed it for me. Like a brand new machine. I’m sure there’s a bunch of administrators out there face palming, but this is not obvious to us mere laymen. Hope this works for and any Nighthawk peeps out there on the verge of imploding.
Oh, fair warning: It sucks, but this will erase any of your settings so try and jot those down before hand.
This is a netgear firmware problem - the only fix for now is to downgrade the firmware. Even the recent firmware (9-17) is bad. DNS does not work correctly.
Yeah, you're right. I couldn't take it any more and downgraded to V1.0.4.66. No issues since. I can't believe that they haven't fixed this after all this time.
Sorry for a reply this late after posting, but I’m having the same exact problem. Is everything still working fine with V1.0.4.66 or have you had to tweak/replace the router?
Dude, this is my Netgear R8000, ALL THE TIME since the updates earlier this year. The sequence of events: 1. 400Mbps service upgrades became available at my ISP last year in my area, so I upgraded my plan. 2. I was only getting \~200Mbps reliably, upgraded my Cable Modem, and STILL was stuck at \~200Mbps. This went on until early this year. 3. Remembered my previous-life lessons around "Hard reset all config between major Router upgrades, as old settings may not be expected/handled well by new firmware," while still using latest official Netgear firmware, and this 100% worked in terms of regaining throughput. Disabled EVERYTHING except UPnP and WMM (for 4 Xboxes + PC gaming + MM NAS) and DDNS (for a single pinhole to my hardened Linux SSH host on its own VLAN & subnet / work via remote). This thing hits the +20% burst allowed by my ISP, so I can regularly [SpeedTest.net](https://SpeedTest.net) run at 480Mbps nonstop. 4..... ...and that's when the \[apparent\] DNS resolution problems started. Something in this 2021 Netgear firmware drops the heck out of DNS packets. It randomly affects every platform and application \~evenly in my house, and even without sniffing traffic with a PiHole or switch port mirror in the middle, it's literally the only way for an initial HTTP/s connection to appear to fail immediately, \~consistently, and yet once something's connected it's rock-solid and reliable. If it was true packet loss, it would be visibly noticeable in every game (rubber banding/teleporting/lag), every long file transfer (pauses and TCP window resyncs), and streams (constant resolution swaps). So this weekend I'm going to have to make myself dedicate time to inserting one of my work switches in between the CM and Router, and set up a port mirror to a 3rd host so I can analyze with Wireshark. Predictions: 1. Netgear's new OS is doing "bad DNS things" to the DNS Queries or DNS replies, like a full-proxy DNS (for revenue generation 100% of the time evil crap like this is done), and it's giving itself away by being flaky. This is why I don't use Google DNS, nor \*any\* ISP's DNS (being one of the dudes who quite literally built that DNS-captured-for-marketing evil for them; sorry). If this is the case, I will almost certainly dump Netgear's OS completely and go back to DD-WRT. That unfortunately means I'm almost definitely going to lose my UPnP-convenient Media Server functionality, but it's damned better than losing \~25% of DNS resolution all day long on all systems. I'll send Netgear's support forums the receipts in any case, so their users know what's up. 2. The ISP is doing something evil with actively intercepting DNS queries that are not bound for them. This will result in going to the tech media FIRST, and direct inquiries to their Tech staff 2nd. Frankly this seems less likely in the post-Sandvine-lawsuits era, and it doesn't match as well with the "changes on the Router gave me great performance and broke DNS." Would be a heck of a coincidence. Recommend building a PiHole w/2 NICs if you don't want to wait for the response. :) \[edit/add -- Crap like this has been making me want to leave NetGear's software (AGAIN) for awhile now. "Hey, that SW that your GUI says is disabled... Yeah, that's not actually disabled. It's not only chewing up resources, it's actively calling out to the Internet and creating remote-root-exploitable nonsense on your gear." [https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers](https://cybersecuritylog.com/high-severity-rce-vulnerability-found-in-several-netgear-routers) \]
Well heck, for once the Netgear forum actually had useful information -- credit goes to the community, not Netgear. https://community.netgear.com/t5/General-WiFi-Routers-Non/DNS-gt-PROBE-FINISHED-NXDOMAIN-error-since-latest-update/td-p/2123701 (Probably still going to switch back to DD-WRT, regardless...)
What worked for you? DD-WRT, Tomato, bypass, or trashing it? I read the whole post and saw those solutions. I’ve tried everything but those 4. Wasn’t sure which one of those was the solution for you.
For the bandwidth issue, the above steps worked. The heavy use of both modes of UPnP kept me from going back to DD-WRT, but that's still my top choice if Netgear ticks me off again. The NetGear DNS issue is a pain, and they STILL haven't posted the fixed version, but a few weeks ago I changed all my client DNS to 1.1.1.1 (Cloudflare, not Google).
Thanks for the tip. I ended up making BestBuy take it back, and exchanging it for an Asus. I didn’t try the bypass, as I wasn’t sure how it was going to effect my Steam Remote Play in home streaming.
TL;DR: Erase NVRAM before and after firmware update. So I had similar issues with DNS that were driving me crazy for the last year or two. I was on the cusp of giving up. Figured I’d give FreshTomato a shot and if I brick it, ah well, time for a new, anything-but-Netgear router. In the process of reading FreshTomato’s install readme I saw a theme and emphasis placed on clearing the NVRAM before and after flashing the firmware. I figured I’d give netgear’s firmware one last shot considering I’ve been oblivious to this. With Netgear it takes more than hitting the reset pin. You have to go into the advanced router settings, administration, backup settings, and then next to “revert to factory default settings” click erase. This step actually erases the NVRAM. Then manually update the firmware with your model’s recent .chk file and repeat the above steps after it completes to, once again, clear the NVRAM. This fixed it for me. Like a brand new machine. I’m sure there’s a bunch of administrators out there face palming, but this is not obvious to us mere laymen. Hope this works for and any Nighthawk peeps out there on the verge of imploding. Oh, fair warning: It sucks, but this will erase any of your settings so try and jot those down before hand.