I suggest a call to BT & ask them to replace the unit.
My BT SH-2 is working fine & its on the same firmware v0.30.01.08093-BT, I also have it partnered to a BT SH-2 ‘Disc’ extender.
I have all my devises & the SH2 on DHCP (no fixed IP addresses) & they flip between 2.4 & 5Ghz bands depending where in the house they are.
Nope no troubles here with my SH2, and I note there has been another update (v0.31.00.10253-BT ) very recently… again no issues…
using iPadOS 15.2.1 using default wifi settings (Private WLAN address)…
I also use other switches connected to my SH2 in my home network which honour and support the IGMP snooping querier protocol that the SH2 initiates to help applications using multicast groups etc, such as used by UPnP and Roon discovery.
If the hub has dynamic channel selection, it’s worth checking the channel hasn’t automatically been changed to a sub optimal channel.
Last week I had a similar problem with my Virgin hub. I’ve used the hub with dynamic channel deactivated for years without a problem. (I manually set the channel). Virgin somehow changed the setting to auto, and selected a channel that did not work well with my wife’s tablet.
I don’t think this is Morrisy’s problem, but a related story …… despite that I live in a neighbourhood with very few other ‘visible’ hubs, I found my BT SH2 kept migrating to the channels that the 3 or 5 other visible nieghbours were on, OK OK it’s only my OCD & it didn’t cause a problem, but I fixed 2.4Hz on ch 1 & 5Hz on ch 48, it bought peace in my OCD mind.
Its worth trying, but I have zero problems with Extended Security ‘ON’
Whatever I’ve just reset both Extended Security & UPnP to ‘OFF’ & will see what happens over the next few days.
I’m trying UPnP off simply because of the web chat/rumours about router UPnP being a potential access point for malware, if we have any IT specialists (@Simon-in-Suffolk) who would like to comment on that, please.
I never had problems with extended security with my ND555 connected by Ethernet. But when I got the Atom HE, disabling Extended Security solved all recognition and connection problems with Wi-Fi (which had been sufficient to make it unusable).
I wouldn’t regard keeping an eye on wifi traffic and router channels to be OCD. But I would say that wouldn’t I.
Knowledge is power.
Below is wifi traffic in the room where the intermittent wifi dropouts occurred. There was an intermittent strong signal from an outside source on the channel that the router auto selected. (Not shown as it is intermittent).
and you have very graphically illustrated why in real world environments having several low power wireless Access Points configured using an ESSID (like with a consumer mesh system), is preferable over a single one trying to beam out to the whole house.
Mike - as you are aware UPnP is a group of control protocols - and AV is only a small part of it. UPnP can be used to internally enable port mappings on a NAT/PAT router interface of your broadband router and firewall. UPnP itself is not a vulnerability - but it is a tool that can be used by bad software or servers that can create a vulnerability and bypass your broadband firewall. It does have a weakness in that it can’t be authenticated - but that is not unique to many home/consumer network systems.
I don’t know what BT means by Extended UPnP Security - it might be that it will only allows flows to be initiated from the inside out across the router - but that is speculation.
The bottom line however UPnP on the router is typically UPnP IGD and is used for creating port forwarding configurations across your routers NAT/PAT interface. Apps that use this are typically games, torrent apps, file downloading and some messaging and communication apps.
So you can try disabling UPnP (and definitely DMZ) on your router to see if anything stops working.
This will/should not affect UPnP as used internally on your home network for audio which is altogether quite separate.
I would be inclined however to leave it UPnP and advanced security UPnP enabled (but disable DMZ) - for maximum flexibility unless you are confident you don’t use any the apps I mentioned above, but ensure computers on your network are properly hardened with internal firewalls, closed not used ports and protected with anti malware. If you use port forwarding - only use it with software from a source you trust and is ideally certified.