We have noticed that certain Netgear routers with older firmware are performing DNS queries for the names of Netgear NTP servers at a rapid rate, which we initially thought was a DDOS attack on our DNS recursive resolvers. This seems to occur when a cable modem is reset. The router firmware bug can cause a single router to query at rates of thousands per second (millions per day) and impact that customer’s experience by flooding their connection until the router is reset. The DNS records being queried are: time-a.netgear.com, time-b.netgear.com, time-c.netgear.com
Netgear has confirmed the firmware bug and recommends the end users update their device’s firmware to the latest build for the impacted devices. The following links provide specific instructions on upgrading:
If anyone needs help upgrading or has additional questions, they can contact Netgear directly at (888)NETGEAR. They are aware of the issue and ready to assist customers.