Avatar of Sean Rhudy
Sean Rhudy
Flag for United States of America asked on

Odd networking issue

Our main internet connection is Windstream and we have a backup Verizon DSL line.  The Windstream connection uses a Linksys RV220W router.  We manually switch the cable to the DSL Westell router if ever needed.

We were starting to experience random network issues.  Some computers were getting random errors in our Database software and ping tests showed some small packet loss.  When we switch over to DSL, the problems immediately go away.  If we switch back to the Windstream connection, the issues come back, but not right away.  Normally it takes an hour or so but ALWAYS comes back.  We replaced the RV220W router and upgraded the firmware in it.  Our 2 servers are fully patched.   I've done a deep malware scan on both servers.  The only thing that makes sense to me is some kind of flood attach to the Windstream IP address.  Unfortunately the RV220W logs don't tell me much.  Any ideas?

Avatar of undefined
Last Comment
Sean Rhudy

8/22/2022 - Mon

What kind of connection is the Windstream pipe? Ethernet handoff, etc.?
Here's a test you could do to at least doublecheck yourself and isolate the issue.
Switch over to DSL for the time being, since that's a stable connection.
Connect a computer or small test network directly to the Windstream pipe, and see if the creeping errors recur, or if it stays clean. You'll likely have to re-address whatever computer you connect to the Windstream pipe unless they hand out DHCP to you, but it'd be a good way to show Windstream 'this connection suffers packet loss/latency/other issues separate of any of our internal infrastructure'.

Presumably the RV is not set in failover mode, correct?

What logging options have you enabled on the RV220W?
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.

I have had a similar issue with a netgear modem/router.
I disabled IP flood (Syn flood) detection in the firewall settings and now it is much better...
I run a local DNS inside my LAN (behind the NAT) and it seems that DNS queries are detected as "syn-flood" attacks
Sean Rhudy

rharland2009; Yes, it's an ethernet handoff. I switched over to the DSL line and I connected a single laptop with a static IP for testing. So far, everything looks good.

fmarshall: No, it's not in failover mode.

giltjr: I have enabled all logging, but the logging in this device is not the best.  There isn't much in the logs at all.

vivigatt: I disabled Syn Flood detection, but same issues.

Have you tried completely disabling the firewall and see if this is any better ?
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Sean Rhudy

View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.

What does this mean:
the correct server, but wrong info.

You meant a rogue DHCP server ?
Sean Rhudy

Unplugging the extender fixed the issue.
Your help has saved me hundreds of hours of internet surfing.