WAN keeps going down

Comments

17 comments

  • Avatar
    Firewalla

    If you still have internet access after firewalla detect it as down, likely one of the test targets is not behaving.

    What you can do to identify this is, tap on the down event, and you should see exact reason why firewalla consider you link down. It can be DNS failure or ping failure. If you see ping failure (most like), change the target to say 1.1.1.1 or 8.8.8.8, see https://help.firewalla.com/hc/en-us/articles/4413511352083-Network-Performance-and-Quality-Monitoring#h_01GPX4GXBARCYJDC2JV9AD4KK6 (you need to scroll down a few paragraphs)

    1
    Comment actions Permalink
  • Avatar
    John Harrold

    Ah. I see. So it looks like it's a github.com DNS failure. Do I just change that to something like google.com?

     

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    First, that shouldn't fail. Are you using any filtering DNS? or at a place that like to filter DNS?

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    Honestly it worked fine until a little over a week ago and then just started failing. It doesn't happen for the Starlink connection. It only happens on the AT&T connection. I'm not using anything beyond what is in the firewalla box in terms of services. If there is anything about my configuration that would be helpful I can pull that out and put it here.  

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    What you can do is set your WAN DNS to 1.1.1.1 or 8.8.8.8 and not use ISP default. 

    Github is a big site and shouldn't fail on DNS lookups ... if it did, then your DNS server is likely not very good or filtering something 

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    I've looked through and I cannot see the option to sent the DNS servers. 
    Primary and secondary DNS from AT&T are: 68.94.156.8 and  68.94.157.8. I don't think I can change them. 

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    I may be misunderstanding this but there is an IP Passthrough option. If I set that to the firewalla will it just use the default DNS server options on the firewalla? Sorry if this is a really daft question. 

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    Same thing with google (as you probably guessed). The passthrough option doesn't do anything either. I just set it to empty to bypass the test. 

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Tap on "network button"

    Tap on "WAN"

    Tap top right "edit" button

    Then scroll down, you will see "Primary DNA Server", change that to 1.1.1.1 and your Secondary to 8.8.8.8

     

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    It looks like this worked. Thank you.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Great! It is strange to see that ATT DNS is not resolving github.com 

    0
    Comment actions Permalink
  • Avatar
    adam.d.hunt

    I’ve been having the same challenge with ATT fiber: I wasn’t sure if it was due to the configuration of the fiber to the apartment building and then coax to the apartment. It looks like this has resolved my issue as well

    0
    Comment actions Permalink
  • Avatar
    John Harrold

    I'm glad you posted this because I thought it was something I was doing wrong :). I'm also glad it helped you.

    I swapped out everything (cables, fiber modem, etc) before I found the problem. I was using Starlink for 3 weeks because every time it would switch back and forth my video conferences would pause for like 5-10 seconds.

    0
    Comment actions Permalink
  • Avatar
    Eibensl

    I'm experiencing the same type of issue.  I have Pro in transparent bridge mode with 3 networks (VLANs).  The connectivity test (DNS test using github.com) fails daily at approximately the same time, but only fails for the first VLAN that was created; the other 2 VLANs (networks) pass the github.com DNS test.  I've changed the DNS target for the first network/VLAN to www.google.com and will continue to monitor.   

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    What was the old DNS you have on the first VLAN 1 before changing to google? 

    0
    Comment actions Permalink
  • Avatar
    Eibensl

    @Firewalla :  I have two Pro's...one in router mode and one in bridge mode.  The Pro (Router) sits in front of my TP-Link ER8411 (router) and the Pro (Bridge) sits after my TP-Link ER8411...this configuration was based on work requirements (I work from home).

    The networks/VLANs on the Pro (Bridge) use the LAN IP address of the Pro (Router) as their DNS.  This was how I originally set it up and it is currently configured.

    The LAN network on the Pro (Router) uses its own LAN IP address as the DNS.

    The WAN networks on the Pro (Router) use 1.1.1.1 and 8.8.8.8 as the DNS'.

    All 3 networks/VLANs on the Pro (Bridge) were set up using github.com as the DNS Test Target.  I have now changed the DNS Test Target for the first VLAN from github.com to www.google.com.

    Note:  When the DNS Test would fail for VLAN 1, my wifi would go down; meanwhile, the DNS Tests would continue to pass for the other two networks/VLANs.  I was seeing this failure at near-same time daily.

    Updates:

    - Has been 24 hours since changing the DNS Test target from github.com to www.google.com for VLAN/Network 1 and I have not seen any further once daily 4 minute DNS Test failures.  Will post an update here if I start seeing this activity again.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    If DNS test fails, and your wifi goes down, it is likely a real connectivity issue. Is this VLAN connected to the router mode Pro or the bridge mode Pro?

    0
    Comment actions Permalink

Please sign in to leave a comment.