Sagemcom Router/Spectrum Woes

Topic

New Reply

OK, here’s a curve ball:

Spectrum has been slipping on banana peels over the past 24 hours as the system continues to groan and fail over high usage. After receiving a “Cannot find the DNS server” message a couple of times in Firefox, I decided to switch to Open DNS to see if that made a difference. Opened up the manual for the Sagemcom F@st 5260 which Spectrum provides, and lo and behold, there’s no mention of the letters “DNS” _anywhere_ in the manual, or how to change it!

I poked around in the interface for about half an hour, and I’ll be Da**ed if I can find out how to change the primary and secondary DNS! I can see what it’s currently set to, but that’s it.

Do outfits that supply router/gateways to ISP’s now load them with firmware that prevents the customer from changing the DNS settings?*

If not, what am I missing? Maybe I’m just having a “Stupid Day”…

https://www.manualslib.com/manual/1035219/Sagemcom-F-St-5260.html

(*If this is the case, may The Great Panumjumm of Networking whack them!)

 

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

Reply | Quote

Replies

Nibbled To Death By Ducks wrote:

If not, what am I missing? Maybe I’m just having a “Stupid Day”…

Maybe try this

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

These Sagemcom routers appear to be terrible. An Irish ISP (Eir) recently started deploying them but users have found that they can’t change the IP subnet to anything other than 192.168.1.0/24, which is causing havoc for VPN users to offices with the same subnet.

Which is exactly why I always configure greenfield sites with anything other than 192.168.0.0/24 or 192.168.1.0/24, but I don’t have that luxury with inherited sites!

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

The manual skips the sections I’d look in, DHCP and Routes.
Can you post a pic of the DHCP tab?

cheers, Paul

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

[Nibbled To Death By Ducks]

Sure, Paul, but I’m going to redact the actual addresses, subnet, IP address, mask, etc due to the sensitivity of those figures. I’ll do that tonight during “Maint. Time” i.e. 8-9 PM PDT. Would that be sufficient?

(…and I did muck around in the DHCP section, and hit a knowledge wall. There IS a section to “Add beginning and end” IP addresses, but it did not seem to have an out-and-out ‘DNS Server” dialog. Fiends.)

Anyway, will post tonight, lots to do around the crumbling old Manse today, ha-ha. (Our Landscaper ran off in December, we didn’t find out about it until The Plague hit, so now I have to learn Landscaping, as this is a non-essential service, and no-one can come out anyway…I just got the hang of using a weed whacker this week. And at my age…! The joint looks like a jungle.)  

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

• This reply was modified 4 years, 11 months ago by Nibbled To Death By Ducks.

Reply | Quote

(The board seems to be acting up- I have posted this THREE times and had it deleted; could someone look into this?)

 

OK, I managed to track down the place where I THOUGHT you were supposed to change the DNS settings (under “Internet Connectivity”), did so, hit “apply”, got a confirmation, went over to the dialog summary box under “Router Settings”, only to find that it hadn’t changed at all!

Rebooted, got into the router again, same result.

Ran ipconfig /all from the command line, and got nothing useful, just:

DNS Servers . . . . . . . . . . . : 2001:1998:f00:1::1

2001:1998:f00:2::1

192.168.1.1

Oh, and I changed “Automatically find DNS” to “Manually Find DNS” in the “Internet Connectivity” dialog…could that have something to do with this dichotomy? I thought it would force it to use what was specified, i.e. the Open DNS servers.)

OK, what the *&^$!! is going on here? Screen dumps with some info redacted attached.

How can I truly tell what DNS server/s I’m going through? Sagemcom and Spectrum seem to have a riddle wrapped in an enigma stuffed into a latrine here! Now I know why I never took up networking; I have no mindset for it, and appreciate those who do!

<Scene 2: Man takes Glock 9mm, aims at router…>

 

 

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

Reply | Quote

You were caught in the spambucket on too fast edit/submit. Slow down and give the system time to catch up with you.

3 users thanked author for this post.

Bluetrix, Nibbled To Death By Ducks, Elly

Reply | Quote

@Nibbled …

Your 1st pic above “Internet Connectivity” is the correct place to set up your custom manual DNS server settings and are set up correctly to use OpenDNS.

In your 2nd pic “Router Settings” under “Network”, I believe the DNS settings shown here are not your manual OpenDNS server settings but are the DNS server addresses that are being provided by your ISP.

My Linksys WRT1900ACS Troubleshooting Logs page (looks similar to your Router Settings page) shows the normal ISP provided DNS server addresses just below my public address info but scrolling further down my Troubleshooting Logs, my manually set DNS server addresses are also displayed.

Your Sagemcom “Router Settings” page may (or may not) scroll further down to show this additional information but fortunately, there’s a very simple way to test to see if your router is indeed using the OpenDNS server addresses vs. the ISP supplied DNS server addresses.

If your Internet Connectivity is still set up as depicted, go to the “OpenDNS Welcome” page to test if your using OpenDNS servers for DNS services.

If the OpenDNS Welcome webpage looks like this, you’re using OpenDNS not your ISP provided DNS servers …

BTY, if all looks good, “OpenDNS IPv6” DNS server addresses are 2620:119:35::35 and 2620:119:53::53 if you’ve enabled your system(s) & router to allow using IPv6 (note: your ISP must also provide IPv6 capability).

Your end-to-end IPv6 capability can be tested by “test-ipv6.com“.

Win7 - PRO & Ultimate, x64 & x86
Win8.1 - PRO, x64 & x86
Groups A, B & ABS

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

(The board seems to be acting up- I have posted this THREE times and had it deleted; could someone look into this?)

If I am writing a long post I use notepad and cutnpaste or do an unrealized copy first. I got caught with this today (w/o remembering to do that LOL )

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

@Nibbled . . .

If you go to the DHCP section on your router, and click Advanced, are there settings there for the routers DHCP server to announce a custom DNS set of addresses to the clients on your network when they request an IP address?

If yes, that’s the place you want to enter OpenDNS settings.

~ Group "Weekend" ~

1 user thanked author for this post.

Nibbled To Death By Ducks

Reply | Quote

RDRguy wrote:

Your 1st pic above “Internet Connectivity” is the correct place to set up your custom manual DNS server settings and are set up correctly to use OpenDNS. In your 2nd pic “Router Settings” under “Network”, I believe the DNS settings shown here are not your manual OpenDNS server settings but are the DNS server addresses that are being provided by your ISP.

This was the case!

My Linksys WRT1900ACS Troubleshooting Logs page (looks similar to your Router Settings page) shows the normal ISP provided DNS server addresses just below my public address info but scrolling further down my Troubleshooting Logs, my manually set DNS server addresses are also displayed. Your Sagemcom “Router Settings” page may (or may not) scroll further down to show this additional information

It didn’t. I really dislike this router. I had a Linksys than ran Linux years ago…loved it. I had to put a muffin fan on it to keep it cool in Summer, but it was hands down the best I ever had. Think it was a WRT series, too.

but fortunately, there’s a very simple way to test to see if your router is indeed using the OpenDNS server addresses vs. the ISP supplied DNS server addresses. If your Internet Connectivity is still set up as depicted, go to the “OpenDNS Welcome” page to test if your using OpenDNS servers for DNS services. If the OpenDNS Welcome webpage looks like this, you’re using OpenDNS not your ISP provided DNS servers … OpenDNS

Yup, all looks well!

BTY, if all looks good, “OpenDNS IPv6” DNS server addresses are 2620:119:35::35 and 2620:119:53::53 if you’ve enabled your system(s) & router to allow using IPv6 (note: your ISP must also provide IPv6 capability). Your end-to-end IPv6 capability can be tested by “test-ipv6.com“.

Spectrum is still using some ancient Enigma/Eimac/DEC hardware that belonged to Time Warner, so no ipv6 for me, even though the router does give settings for it. No joy.

RDR guy, that’s two I owe you! If you’re ever down in coastal SoCal, the drinks are on me!

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

1 user thanked author for this post.

RDRguy

Reply | Quote

hello everyone , for me the problem  is i cant change the connection  from static to DHCP , do you have any idea please ???

Reply | Quote

Nibbled To Death By Ducks wrote:

Spectrum is still using some ancient Enigma/Eimac/DEC hardware that belonged to Time Warner,

Why not buy a proper router ?

Reply | Quote

NTDBD here:

Alex, I’m a Senior on a small, fixed budget. I got a deal on this router with Spectrum, but I _am_ squirreling away some cash in the mattress for this very thing. I was beginning the process of moving when The Plague hit, and now no-one’s going anywhere for a while.

…And that Linksys I had was in a more prosperous day.

Reply | Quote

@NTDBD:

I’m also a Senior on a fixed budget.
Recently I have joined a Optical Fiber 1Gb Internet service for $30 a month (including 1Gb router).
I consider fast, reliable..Internet connection (especially in these days) a necessity as much as electricity, water..

Reply | Quote

Alex,

Well, you got the gold ring! Out here in SoCal Spectrum-land, It’s $70/mo for 20Mbps down, 12 up, and a “free” (ha-ha) modem and gateway/router thrown in. All depends on where you are and which pirates you’re dealing with, and what the competition is like. In this neighborhood the only other ISP is AT&T, so you get the idea.

Oh, and that router checker is only .9x; I never install anything in beta, besides MSFT patches.  :/

But tnx anyway.

…and things are running MUCH better with Open DNS.

Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

Reply | Quote

[glnz]

You might also wish to read a very good article on Ars Technica about encrypted DNS.  I’ve been using Simple DNSCrypt (on my PCs) and DNSCloak (on my iPhone and iPad) connecting to Cloudflare’s 1.1.1.1 service for two years now.

https://arstechnica.com/information-technology/2018/04/how-to-keep-your-isps-nose-out-of-your-browser-history-with-encrypted-dns/

• This reply was modified 4 years, 10 months ago by glnz.

Reply | Quote

DNS encryption will prevent man in the middle attacks, but ties you to one or two DNS providers, contrary to the open nature of DNS. And it doesn’t provide more privacy.
It’s not an IETF standard and may never become one, so you may have tied your wagon to a white elephant.

cheers, Paul

Reply | Quote

I couldn’t let the “It’s not at IETF standard” part go unchallenged. For the record, DNS over HTTPS is RFC 8484.  DNS over TLS is 7858. Do not let the status (Proposed Standard) of both documents confuse. In the IETF, we are very conservative about calling anything an Internet Standard, but a Proposed Standard is very much a fully specified standard. See RFC 7127 for a discussion of why we don’t promote many standards all the way to full Internet Standard status. Even HTTP 1.1 and 2 have not reached Internet Standard status, but I doubt anyone thinks any less of them for that.

While you are quite correct that encrypted DNS is protective against MitM attacks and it does tie you to a DNS provider, I’d say you were likely tied to one anyhow if your ISP is supplying you with a default resolver address. I’m on Comcast and they point me at their DNS servers. I get around that by running a full DNS resolver on my own server, although I acknowledge that that does nothing against Comcast snooping my DNS traffic. (I run my own resolver for puposes of using a split horizon.)

3 users thanked author for this post.

wavy, Paul T, Elly

Reply | Quote

FYI: To see what DNS servers your web browser (not necessarily the rest of the OS) is currently using, there are a number of tests here
https://routersecurity.org/testdns.php

On desktop OSs both Firefox and Chrome let you set your own DNS servers as part of their move to encrypted DNS. At the moment, it is easier to do this in Firefox. Its a mess on Chrome with two ways to do it now and third way coming soon. For more, see the section on Encrypted DNS here: http://www.DefensiveComputingChecklist.com

Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

1 user thanked author for this post.

wavy

Reply | Quote

[WSprenticemarie]

I may have come late to this issue, and I may be missing a trick here, but why bother trying to set your Router to OpenDNS when, if you change the Network Connections TCP/IP settings in Windows (or Linux) to “Use the folowing DNS Server Address” to OpenDNS settings 208.67.222.222 and 208.67.220.220 then Window will always override the settings in your Router. Problem solved …

• This reply was modified 4 years, 9 months ago by WSprenticemarie.
• This reply was modified 4 years, 9 months ago by WSprenticemarie.

1 user thanked author for this post.

wavy

Reply | Quote

The router gets to chose if it wants to accept the DNS servers from Windows. Many will accept it, but some routers have an option to force their preferred DNS servers on all devices that connect to them.

That said, this discussion is based on legacy DNS. If you configure your web browser to use the new encrypted DNS (either DoH or DoT) this will over-ride both the router preference and the Windows preference for old school DNS.

Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

Reply | Quote

Michael432 wrote:

but some routers have an option to force their preferred DNS servers on all devices that connect to them.

Is that an obvious thing in the settings??

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

It’s the default if you use the router as the DHCP server – which is the way home / ISP supplied routers work.

cheers, Paul

Reply | Quote

Not true. The router is always the DHCP server. Having the router over-ride the DNS servers that a client wants to use is a whole different thing.

Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

Reply | Quote

Strictly speaking, the DNS is set by the DHCP server (router) if the DHCP client (the computer) uses the default DHCP configuration. You can always change the config on the client to use something else and the DHCP server has no say in this.

cheers, Paul

Reply | Quote

Too many different routers for that question to have a single answer.

Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

Reply | Quote