TL;DR: Two WRX560 routers cannot run their marketed security features (Safe Access + Threat Prevention) without becoming unusable, even on a 34-device network (Synology claims 150). Diagnostic evidence shows it's a software/hardware mismatch — CPU at 95% idle, but RAM exhausted by Synology's own software footprint, forcing the router into swap and dropping wired security cameras. After 75 days, Synology Support has confirmed in writing there is no firmware fix planned. Formal complaint filed under UK Consumer Rights Act 2015. Issuing this post as a fully-evidenced reference case for the community.

I'm publishing this account in the hope it helps other affected WRX560 and RT6600ax owners experiencing the same issues. For context, I've been a Synology NAS user for around 20 years — I know the ecosystem well and I don't write this lightly. The pattern has been documented in this community since November 2022, and I want to add a fully evidenced case file to the public record.

What I bought

Two Synology WRX560 routers — one for my home office (34 devices, 27 February 2025), one for my father's home office (20 devices, 11 June 2025). Both purchased from Ballicom Ltd in the UK. Specifically purchased for the marketed deep packet inspection (DPI) and network-level threat protection — Safe Access and Threat Prevention.

What happened

Within weeks of running both Safe Access and Threat Prevention on the 34-device network, the router became unusable. Apps freezing, content failing to load, intermittent connectivity issues across the day.

On my father's network — where all devices are wired — his Ajax IP security cameras started dropping offline repeatedly.

The diagnostic evidence

I captured diagnostic logs from both routers on 4 May 2026. The findings:

• CPU at 95% idle — the hardware is not under processing stress
• RAM exhausted — the device has 422MB total, of which Synology's own software stack consumes approximately 240MB at baseline. With Safe Access alone enabled, available RAM drops to ~49MB and the router is already swapping
• Synosuricata (Threat Prevention) consumes ~372MB of virtual memory — nearly the entire RAM capacity of the device on its own
• With both features running, swap usage hits 359MB — the router is processing network traffic almost entirely through swap I/O
• 140 simultaneous TIME_WAIT connection failures recorded to the IP security camera addresses on my father's network — the technical signature of the camera dropouts

The mechanism: swap I/O latency causes TCP keepalive packets to time out, dropping connections to local devices. Cameras drop offline. The router catches up. Connections re-establish. The cycle repeats every few minutes.

This is not a hardware limitation — it's a software/hardware mismatch. CPU has significant headroom. Synology's own software footprint is simply larger than the RAM provided.

Synology Support engagement (75 days)

Ticket #3965430, opened 4 March 2026. Throughout 60+ days of engagement, Synology Technical Support and their development team made the following admissions in writing:

1. Their own kernel logs showed the packet processing queue overflowing: nf_queue: full at 128 entries, dropping packets
2. Their own iperf test confirmed the router can deliver 549/73 Mbps at WAN level — proving the hardware can handle line speed
3. Their development team confirmed Traffic Control caused throughput to drop from ~500 Mbps to ~60 Mbps (an 87% reduction)
4. The original characterisation as "hardware limitation" was subsequently revised to "current product specifications"
5. The formal response stated: "Currently, there is no confirmed firmware fix or patch available to fully resolve the behavior you described."
6. The only suggested remedy has been to disable the marketed security features or reduce the number of connected devices

The consequential cost

During the troubleshooting process, Synology Support repeatedly identified USB storage performance as a potential cause. I purchased a high-spec SSD and enclosure (~£72) to replace the USB drive. Synology subsequently confirmed the USB device was never the issue.

The formal complaint

On 6 May 2026 I filed a formal complaint under the UK Consumer Rights Act 2015 via two routes:

• Submitted through the Synology ticket portal (after support@synology.com bounced as decommissioned)
• Posted by Royal Mail recorded delivery to The Company Secretary, Synology UK Limited — delivered and signed for on 7 May 2026

Total remedy sought: £582.06 covering both WRX560 routers, the dependent MR2200AC access point, the SanDisk USB purchased specifically for Threat Prevention, and the consequential SSD costs.

The deadline

I set Synology a deadline of 18 May 2026 to respond substantively. On 14 May the case was escalated to a Senior Business Support Specialist who confirmed it was under management review and requested invoice documentation, which I supplied the same day.

The deadline of 18 May passed without further response. I issued a final notice that evening with a hard cutoff of 09:00 BST on 19 May 2026.

Actions taken on 19 May 2026

With no substantive response received from Synology, I:

1. Engaged the retailer: in line with the Consumer Rights Act 2015, the retailer (Ballicom Ltd) is the party legally responsible to the consumer, and I have engaged them accordingly
2. Submitted a report to Trading Standards via Citizens Advice
3. Submitted a Subject Access Request to Synology under UK GDPR Article 15, covering all data and internal communications relating to the ticket and the WRX560 platform's performance limitations

Why I'm sharing this

Three reasons:

1. The platform-wide pattern. The same symptoms have been documented across the WRX560 and RT6600ax since November 2022. Synology Technical Support has confirmed to other customers as recently as April 2026 that multiple Threat Prevention and Safe Access bugs are acknowledged but have no scheduled fix release. The community needs a fully-evidenced reference case to point to.
2. To support others. If you're experiencing the same issues, you have legal rights under the Consumer Rights Act 2015 (UK) or equivalent consumer protection legislation in your jurisdiction. The retailer is legally responsible — not just the manufacturer. Diagnostic evidence is decisive.
3. To inform purchasing decisions. Anyone considering the WRX560 today deserves to know what the device cannot do in practice and that the platform appears to be receiving minimal ongoing investment.

What you can do if you're affected

• Capture diagnostic logs from your router (via SRM → Support Center)
• Document the specific symptoms and dates
• Engage support formally and ask for the issue to be acknowledged in writing
• If the issue cannot be resolved, invoke your statutory consumer rights against the retailer
• In the UK: Consumer Rights Act 2015 applies, the retailer is responsible, and Trading Standards can be engaged via Citizens Advice
• Outcome of my case will be updated in this thread once it is resolved

On Synology's wider trajectory

Having been a Synology NAS user for around 20 years, I don't say any of this lightly. This is not just a router issue. The 2025 NAS drive lock-in debacle, slowing software development across product lines, no announced router successor, deteriorating customer relations, and a recent FCC ruling making new router introductions to the US market harder all point to a vendor whose trajectory is not in the customer's favour.

I will be replacing my Synology routers with a different vendor regardless of how this complaint resolves. Trust, once broken, is not easily rebuilt.

Happy to answer questions or share additional evidence with anyone running into the same problem. The complete diagnostic data and timeline is documented and available.

— Johnathan