Benoit Panizzon <benoit.panizzon <at> imp.ch> writes: > > Heyo! > > Any others who are being affected? > > It looks like our customers Netgear routers (known ones: WNR3500Lv2, WNDR4500) > are asking our DNS Server for the A record of: time-g.netgear.com or time- > a.netgear.com > > Instead of an A record reply, they get a CNAME as answer with additional > information the A record of that CNAME. That is what netgear has published on > their DNS Servers. > > Those routers are not happy with that reply and just start sending several > hundred requests per second for A time-g.netgear.com resulting in considerable > load and traffic on our DNS caches. Some customers have already transfered > 35GB of DNS traffic, only since today midnight. > > I have contacted netgear technical support. The issue is yet unknown to them. > They got my pcap files to analyze > > Any others observing that behaviour of netgear products? Any know remedies? > > Mit freundlichen Grüssen > > Benoit Panizzon
Netgear in the Netherlands/Belgium first denied a problem and needed more complains before escalating it L3 suppport. Seems later L3 support reported this issue should have been resolved from firmware version 1.0.1.6. This is for the WNDR4500 model. Somehow i don't think the problem has been resolved. Did anybody received a solution yet? Maybe beta firmware? For the WNR3500Lv2 model is new firmware available. Short copy paste from the release notes (16 may 2013): WNR3500Lv2 Firmware Version 1.2.0.18 •Fixed DNS Flood issue, the router would be triggered to send lots of DNS queries to the DNS server under some conditions. _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog