1.6Gbit connection new smart hub (white, small box) sporadic issues? DNS MITM?

allamavortex · ‎27-07-2025

Hello all,

So I recently changed my service from 900mbit to 1.6Gbit and that involved a change of router and obviously the OR ONT on the wall.

Ever since having it installed there seems to be an issue with (most likely DNS issues). Whatever is loaded/playing/game continue to work, but I have spells where NO further DNS requests seem to make it through.

I totally forgot to nslookup during one of these issues, but I will the next time it happens (it's pretty frequent and annoying). I can ping 8.8.8.8 (google) whilst being unable to load any webpages on any device/browser. Thus removing the possibility of it being localised to a single machine/device as some were using the router, some were set to DNS over HTTPS and some were using Google's 8.8.8.8 etc.

It is very much like the router is playing the MITM and intercepting the requests and then slowly, or failing to process these requests at all for a period of time which ranges up to about 45 seconds.

As I said, cached requests, or those already in process are fine, but even something as trivial as trying to watch a YT video is met with 45 seconds of nothing, totally unable to look up ANY address, but established connections and new connections not requiring DNS all work fine.

I'm not really one for conspiracies but I really feel like this new router is intercepting (MITM), attempting to do something with, and failing the DNS requests. This behaviour is only been present since getting the new Smart Hub (the tall, thing white one).

I did a quick google and it seems I'm not alone with this - is anyone else noticing this type of behavior?

Mixture of wired and wireless devices, same behaviour.

allamavortex · ‎08-08-2025

@Britboy4321

Same thing for me, I notice it because I'm always in front of my PC for work or whatever else in the evening if I am not out.

The range extender wont work with anything other than the SHP. Although if you disable DNS and DHCP on the EE router you could possibly use it as a Wi-Fi extender through essentially jerry rigging it so that you connect to the wireless on the EE router, but the DHCP and DNS server on the new router assign the IP and DNS servers.. I haven't tried it and it may have a fit about having no WAN. For this setup you'd need an ethernet cable between the two routers to work.

The only other 'downside' to this is that you might get double NAT (due to having two routers on the network) but generally speaking that's only really going to cause issues with some games AFAIK that may require you 'NAT' type to be open for quicker matchmaking..

Good luck with whatever you do, I'm sure you'll be fine. I just hope for everyone else's sake they sort the issue and update the firmware as necessary.

10suraj10 · ‎08-08-2025

Thanks for your post, i also have the same issue and now looking into 3rd party router and using EE wifi 7 hubs as access points. I just read elsewhere that someone is successfully using it as a access point by turning off DHCP and DNS already.

Overall really disappointing on EE’s part… and i assume we will never hear about when this will be fixed if ever!

ryajohnst · ‎08-08-2025

I am also seeing the exact same issue on my 1.6Gbps service.

I reported this by phone EE on the 31st July and after struggling to get anyone in technical support to understand what I was trying to explain to them I eventually got them to send me out a new Smart Hub Pro which I installed on the morning on the 6th August.

I optimistically believed the problem was with the original router until I got up this morning and have noticed the problem happening again. It crossed my mind that there was perhaps an automatic firmware upgrade in the period between installing the router and now but there is no record in the logs that this has been the case. The current firmware version is being reported as r2.64.6-R-1303886-PROD-1 and it says N/A under Firmware updated.

As with @allamavortex, there is no difference between using the router as the resolver or using a third-party (I've tried Google, Cloudflare, OpenDNS and Quad9) and it makes no difference if I use DNS over HTTPS or DNS over TLS. I've also tried disabling IPv6 to no avail. I haven't had the time, and don't particularly want to have to set up my own local DHCP server to solve this, but if I find some time over the weekend, I'll probably give it a shot even though it wouldn't be providing the clients any information different than they already received from the router's DHCP server (except different DNS servers, although these have been set manually on the clients anyway).

I'm eager to find out what is causing the issue because while I can understand (but would be uneasy about) the router could try and intercept a standard DNS query, I don't understanding the mechanisms of it being able to do very much at all with an encrypted DNS over HTTPS (or DNS over TLS) query. It certainly can't be decrypting it, analysing it and passing it on as I've not installed any client-side certificates that would be required for this to happen unnoticed.

I'm going to have another go with EE technical support when they open this morning but I'm not expecting much.

jasonpartington · ‎08-08-2025

So i just started another thread not knowing this one existed, im having the exact same issues, ive already spoke to ee and found it hard to make them understand the issue.

They've already sent me a new router which solved the issue for 24 hours until it seems rhe router installed new firmware, this is such a frustrating issue.

I don't feel i should have to replace the equipment when we are all secretly paying for it within the £70+ a month charge.

Im also going to try and call ee yet again, but i just don't want to have to stay on the phone 2 hours explaining to someone who can hardly talk off script about any issue.

allamavortex · ‎08-08-2025

@jasonpartington @ryajohnst

I guess we just need as many people posting in one place as possible.

@ryajohnst I agree, I tried DNS over HTTPS to see if it would stop the issue, and if they were intercepting it, it would be pointless to even try and do so.

Normal DNS requests are sent in plain text though. When I first moved in here, I let a neighbour use my WIFI until his was sorted and it revealed all sorts of information about his life, his gambling and his preferences, etc.. Just happened to come across the logs when I was trying to diagnose an issue of mine, obviously his requests were mixed in with mine on the router. It's useful information and whilst I don't want to go full tin hat, it is concerning that out of everything it's the DNS queries that get messed up and during this time your connection is fine to use anything non-dns related.

TraderTravel · ‎08-08-2025

I don't believe you can use the externs (smart wifi pro) with another router/hub @10suraj10 .

I would also be careful going down the 3rd party route quite yet as if you read the help forums for other products worthwhile upgrading to, they have their own sets of issues.

I've switched over yesterday to using a Raspberry Pi to act as my DNS and DHCP server and so far my experience has been great. Unlike @allamavortex , I've not seen any further slowdowns, nor dropped packets from the router side.

I think for the most part my solution appears to be working although I was meticulous around the setup and I also ensured all devices on the network as well as the network itself were fully restarted to ensure net network settings were pushed to all devices with nothing cached.

Regardless, EE need to fix the DNS components of their router software stack. How this version of their firmware got out into the wild without proper testing beggars belief, especially as the issues show up within a few hours. FWIW, since moving DNS/DHCP across to a Raspberry Pi, all browsing and everything else feels significantly snappier.

TraderTravel · ‎08-08-2025

I've now been testing for some 24 hours and since putting dnsmasq to run DHCP and DNS services as well as unbound to allow DNS over TLS secure to cloudflare, I have not had any of the DNS issues I was experiencing before.

I'm very tempted to run Pi-Hole on this new configuration, but I know quite a few websites will stop working (it's a known downside to running pi-hole), so for the moment I am going to leave that alone.

Be aware that I have setup dnsmasq (and unbound) to support IPv4 and IPv6. Also make sure your entire network is restarted including any devices on batteries. In my case I switched off the house at the mains and then also restarted any iPads and laptops. Clearly you need to also double check the EE Smart Hub Pro DHCP server is switched off.

If you want my configuration code for dnsmasq and unbound, I am happy to share this.

So far this is working well and seems significantly faster. There are still other issues related to the EE firmware that need to be resolved, but I think I might be likely to not allow the EE kit to run DNS and DHCP, especially since I have the Raspberry Pi running a host of other services for me 24/7.

allamavortex · ‎08-08-2025

@TraderTravel

Hey, thanks for the offer, I am too and running Pi-Hole. I have an Unraid server with a host of VMs and Docker images running on it.

If you just go with the default list I don't think it's too restrictive IIRC. I added a good amount of lists, mostly to stop ads and stuff and selected it to use Quad9 and CF DNS servers.

One of the first things I did was disable IPV6 just to rule out and limit the number of factors, as you do when you troubleshoot stuff.

Let us know how you get on with Pi-Hole. I reverted back to Pi-Hole again this morning, and also the new SHP turned up but given what we know now and the number of people effected by it I'll likely not install it and send it back. I will check the back to see if it's a slightly different revision or anything first though.

10suraj10 · ‎08-08-2025

Just read this post of someone buying the kit off ebay and using it as access points only

https://community.ee.co.uk/t5/Broadband-Landline/EE-Smart-Hub-Pro-Great-Piece-of-Kit-Access-Point/td...

TraderTravel · ‎08-08-2025

@allamavortex

As I mentioned above, I am going to avoid pi-hole. A few websites I go to totally have a fit and refuse to work with it, so I am happy with my config just with dnsmasq and unbound running.

The issue is definitely a software rather than hardware issue. EE need to fix the firmware, but who knows how long that will take. It's not helped by the fact that most users and customer service people won't be technical enough to help explain the issue back to the team responsible for managing the code base. I also strongly doubt they are EE employees.

If I can be bothered, I might write a snail mail letter with full details in the vague hope that the list of bugs I have encountered with this hub can be resolved, although I fear it will fall on deaf ears.