Audio/ video packets incorrectly identified as attack |
Fortunately, there's a setting to disable the behavior. After disabling, I tested the call quality using Skype's test server and it was fabulous! I was just lucky that some of the previous Skype sessions worked fine. I admit, some sessions did have this issue; just not so consistently as with Google+. I also tested with Gmail video chat. What a relief to know the root cause, and also why the unpredictability of it occurrence.
Disable DoS/ port scan detection |
After this fix, even video playbacks like those at YouTube go smoothly without awkward halts in between.
The particular router model is more than four years old. So, the issue may not be relevant in recent devices with improved software implementation of DoS/ port scan detection.
Conclusions
- Always good to provide some kind of logs for the users to figure out what is going on, like Netgear provided in this case.
- It is unclear why the router would classify packets that are part of an already established flow as part of DoS or port scan attempts. It would classify even packets coming from Google DNS (8.8.8.8 or 8.8.4.4) as port scan.
- Fortunately Netgear has already made the source code available publicly. Will share here if I find something.