Windows 10 wifi - internet connectivity keeps dropping

Help
1

Please follow the below template, it will help us to help you!

If you are Experiencing issues with a Pi-hole install that has non-standard elements (e.g you are using nginx instead of lighttpd, or there is some other aspect of your install that is customised) - please use the Community Help category.

Expected Behaviour:

Normal internet connectivity on WiFi in Windows 10.

Actual Behaviour:

WiFi still connected, but internet connectivity keeps dropping.

Debug Token:

https://tricorder.pi-hole.net/olrwtjjvow

Now coming to the full details:

I installed Pi-hole v5.0 on a Raspberry Pi 3B+ running Raspberry Pi OS 10 (Buster). I didn't deviate from the default installation - chose CloudFlare as the upstream DNS service. Used the default domain blacklist configuration, no modifications there.

Connected the RPi by LAN (CAT-5) cable to my router - NetGear JWNR2010v5. Assigned a static IP to the RPi and set this local static IP as the primary DNS server in the router, no secondary DNS server added in the router. Using the router for the DHCP functionality, not Pi-hole's.

Now I have quite a few devices connected to the router for WiFi - some android phones, a smart TV, a Win10 PC by LAN cable, and a Win10 Laptop by WiFi.

Ads are getting blocked fine in all the devices. There are no connectivity issues in the devices except for one - the Win10 laptop connected on WiFi

For some weird, unknown reason, my Win10 Laptop keeps getting internet connectivity drops while still being connected to the WiFi - I keep getting the "No Internet, Secured / Connected" status. This keeps happening randomly - from once every few minutes, to the max being once in an hour. This happens only on this device.

While this happens on the laptop, all the other devices are still connected and have internet connectivity, without any issues. Also, at this time, from the laptop, the router and other connected devices like the RPi aren't visible / accessible.

This gets fixed temporarily for a few minutes when I either manually disconnect and re-connect to the WiFi , or use the netsock commands to release, renew ip and flush dns cache. If I run the windows troubleshooter, it disables and re-enables the WiFi radio, establishing a new connection and fixing temporarily, and the issue starts repeating in a few minutes.

I tried removing Pi-hole as the DNS server from the router and from the laptop individually, going back to pre pi-hole setup, using the default DNS servers and also separately, manually specifying CloudFlare/OpenDNS/Google DNS severs - everything works fine then - no drops or internet disconnection then.

I checked if there's any blacklisting on the msftncsi domains used by Win10 for checking networking connectivity, but it seems they're already whitelisted and I can see the response when I try them manually in the browser, during the connected state.

I also read about DNS over HTTPS (DoH) and Windows 10 issues with that. So I followed Pi-hole's guide on installing a background service for DoH offered by CloudFlare on the RPi and updated Pi-hole's upstream DNS to use the local service.

Still no luck - works fine on all the other devices except the Win10 laptop.

Posting this finally, in hope of any suggestions by the Wizards.

2

Maybe Pi-hole is blocking one of the domains contacted by Windows to analyze network connectivity (e.g. msftconnecttest.com). While a valid check, this also means that MS is informed whenever your device goes online (of course, the same would be true for other OSs as well). Different versions of Windows may well use different domains.

Do a bit of a search for candidate domains for your actual Windows version and watch your query log for such domains.

If that's indeed the case, I can think of two possible solutions:
a) whitelist (or remove the blacklist) for the corresponding domains
b) disable Windows checking and reporting your online activity, e.g. by disabling Active Probing (you may have to search further for instructions specific to your Windows version)

1 Like
3

I tried checking for some msft connect/ncsi domains, like dns.msftncsi.com, www.msftncsi.com, www.msftconnecttest.com and they're already whitelisted.

This is a bit confusing though, because if that was the issue, then it should effect the Win10 PC too, which isn't the case.

I'll try checking if there are any other windows version specific domains used for connectivity testing.

The other one - I didn't want to tinker with registry and disable the active probing, but will try that too as a last resort and see if it helps.

4

If (intial) active probing isn't your problem, it may be (continuous) passive polling that's causing you troubles. By means of the latter, Windows is constantly trying to assess if you still have network connectivity by inspecting TTLs and estimating hop counts for traffic in certain intervals.

According to this Cisco support article, passive probing may guess your connectivity wrong, e.g. when multiple network adapters are present in a machine (which may be what's distinguishing your laptop from your PC).

The article also contains information on how to control Windows polling estimation parameters (hop count and polling interval) - I am afraid it's again registry stuff. :wink:

Edit: Click for a quote of those registry settings

Just in case the link alters or goes dead :wink:

Passive Polling can be adjusted to make the system more likely to recognize internet traffic. The drawback is that it may not work in every scenario. These steps should only be used as a last resort only and should not be used in conjunction with any of the above fixes.

Microsoft recommends adding the following registry keys:

  • Disable Active Probing:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\EnableActiveProbing = 0 (DWORD)
  • Reduce the Passive Hop count threshold to 1 (this is the minimum):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\MinimumInternetHopCount = 1 (DWORD)
  • Double (or more) the Passive Polling period:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\PassivePollPeriod = 30 (DWORD)

If any of the registry keys do not exist they should be created. Please reboot the system after making these changes.

Whilst these registry keys should make it far more likely that passive polling will succeed, they will not necessarily resolve the problem for every environment. Please contact Microsoft Support for assistance in troubleshooting Passive Polling.

As that is controlling a heuristic approach of determining connectivity, there seems to be no guarantee that this will properly address your issue.
Still worth a try.

5

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.