DNS storm causes DDOS on my network every 60mn

Installation
1

Hello everyone,

For the past few weeks, I’ve been dealing with a rather “funny” issue with Home Assistant that has a significant impact on my network.

After every reboot—and then exactly every 60 minutes from that point—my HA instance sends thousands of DNS requests within a few seconds, which causes my entire local network to freeze.

I spent several weeks troubleshooting, starting from the initial symptom (network freeze) all the way to identifying Home Assistant as the root cause. I’m now confident that HA is responsible.

I’ve come across a few posts mentioning similar issues, but the suggested solutions aren’t very clear to me.

This behavior started after one of these changes:

  • A Home Assistant Core update
  • A Zigbee2MQTT update
  • A firmware update on my ASUS router

What I’ve Tried So Far :

Changed HA’s IP (reserved in DHCP)
Disabled some HA add-ons (like Music Assistant, Telegram)
Switched DNS from Cloudflare to 8.8.8.8
Downgraded router firmware
Confirmed no Wake-on-LAN on the network
Checked DNS lease time (default: 86400s)

I’d really appreciate your advice on how to properly fix this.

Below, I’ve included a quick diagram of my current network setup, along with logs from both my Asus router and HA itself.

Thank you for your help!

image
image1036×781 47.4 KB

DNS log on HA

> 2025-05-09 09:28:40.595 homeassistant dockerd[627]: time="2025-05-09T09:28:40.595092870Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:56837" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:56837->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t A"
> 2025-05-09 09:28:40.596 homeassistant dockerd[627]: time="2025-05-09T09:28:40.595253535Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:51776" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:51776->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t AAAA"
> 2025-05-09 09:28:43.096 homeassistant dockerd[627]: time="2025-05-09T09:28:43.096672006Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:50273" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:50273->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t AAAA"
> 2025-05-09 09:28:43.097 homeassistant dockerd[627]: time="2025-05-09T09:28:43.096698913Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:50248" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:50248->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t A"
> 2025-05-09 09:28:45.604 homeassistant dockerd[627]: time="2025-05-09T09:28:45.604049062Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:36780" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:36780->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t A"
> 2025-05-09 09:28:45.604 homeassistant dockerd[627]: time="2025-05-09T09:28:45.604060080Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:57390" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:57390->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t AAAA"
> 2025-05-09 09:28:48.105 homeassistant dockerd[627]: time="2025-05-09T09:28:48.105544626Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:39129" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:39129->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t AAAA"
> 2025-05-09 09:28:48.107 homeassistant dockerd[627]: time="2025-05-09T09:28:48.105629625Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:51336" dns-server="udp:9.9.9.9:53" error="read udp 192.168.1.100:51336->9.9.9.9:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t A"
> 2025-05-09 09:28:52.106 homeassistant dockerd[627]: time="2025-05-09T09:28:52.106648686Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:38600" dns-server="udp:192.168.1.1:53" error="read udp 192.168.1.100:38600->192.168.1.1:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t AAAA"
> 2025-05-09 09:28:52.107 homeassistant dockerd[627]: time="2025-05-09T09:28:52.107249531Z" level=error msg="[resolver] failed to query external DNS server" client-addr="udp:192.168.1.100:37319" dns-server="udp:192.168.1.1:53" error="read udp 192.168.1.100:37319->192.168.1.1:53: i/o timeout" question=";o427061.ingest.sentry.io.\tIN\t A"

Log on asus

16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=33277 DF PROTO=TCP SPT=40956 DPT=853 SEQ=356465925 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=12747 DF PROTO=TCP SPT=39974 DPT=853 SEQ=4250102778 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=46327 DF PROTO=TCP SPT=40958 DPT=853 SEQ=2106520644 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=10109 DF PROTO=TCP SPT=40004 DPT=853 SEQ=1953116849 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=21397 DF PROTO=TCP SPT=39992 DPT=853 SEQ=1386308144 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=18371 DF PROTO=TCP SPT=40030 DPT=853 SEQ=2173235087 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=16400 DF PROTO=TCP SPT=59840 DPT=853 SEQ=2284892309 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080AB0CB3E990000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=10143 DF PROTO=TCP SPT=39990 DPT=853 SEQ=857774310 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=21735 DF PROTO=TCP SPT=40014 DPT=853 SEQ=4022992539 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478450000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=47958 DF PROTO=TCP SPT=60006 DPT=853 SEQ=2893571359 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080AB0CB3E990000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=45306 DF PROTO=TCP SPT=60606 DPT=853 SEQ=3456848711 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080AB0CB3EB90000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=40519 DF PROTO=TCP SPT=40196 DPT=853 SEQ=4181429377 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478650000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=59885 DF PROTO=TCP SPT=59864 DPT=853 SEQ=642377711 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080AB0CB3EB90000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=14598 DF PROTO=TCP SPT=40046 DPT=853 SEQ=1993664808 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478650000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=9.9.9.9 LEN=82 TOS=0x00 PREC=0x00 TTL=62 ID=44676 DF PROTO=UDP SPT=48396 DPT=53 LEN=62 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=45251 DF PROTO=TCP SPT=41006 DPT=853 SEQ=3076760472 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080A019478C50000000001030307) 
16/05/2025 18:54	GT-AC5300-A9C0-8393BAC-C	kernel:	ACCEPT IN=br0 OUT=eth0 MAC=0c:9d:92:aa:a9:c0:dc:a6:32:c4:57:04:08:00 SRC=192.168.1.80 DST=1.1.1.1 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=30685 DF PROTO=TCP SPT=60036 DPT=853 SEQ=2495947027 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405B40402080AB0CB3F790000000001030307)

System Information

version core-2025.5.1
installation_type Home Assistant OS
dev false
hassio true
docker true
user root
virtualenv false
python_version 3.13.3
os_name Linux
os_version 6.6.74-haos-raspi
arch aarch64
timezone Europe/Paris
config_dir /config
Home Assistant Community Store
GitHub API ok
GitHub Content ok
GitHub Web ok
HACS Data ok
GitHub API Calls Remaining 5000
Installed Version 2.0.5
Stage running
Available Repositories 1770
Downloaded Repositories 5
Home Assistant Cloud
logged_in false
can_reach_cert_server ok
can_reach_cloud_auth ok
can_reach_cloud ok
Home Assistant Supervisor
host_os Home Assistant OS 15.2
update_channel stable
supervisor_version supervisor-2025.05.1
agent_version 1.7.2
docker_version 28.0.4
disk_total 56.4 GB
disk_used 8.6 GB
healthy true
supported true
host_connectivity true
supervisor_connectivity true
ntp_synchronized true
virtualization
board rpi4-64
supervisor_api ok
version_api ok
installed_addons Node-RED (19.0.2), Mosquitto broker (6.5.1), Zigbee2MQTT (2.3.0-1), File editor (5.8.0), Terminal & SSH (9.17.0), Log Viewer (0.17.1)
Dashboards
dashboards 3
resources 4
views 6
mode storage
Network Configuration
adapters lo (disabled), end0 (enabled, default, auto), docker0 (disabled), hassio (disabled), vethd8b4d24 (disabled), veth9566c28 (disabled), vethde5b40d (disabled), veth2b4f503 (disabled), veth8671af4 (disabled), veth0692c0e (disabled), veth4182c2f (disabled), veth1d75b21 (disabled), vethe2d315e (disabled), vethdd74bbb (disabled), vethcd88876 (disabled)
ipv4_addresses lo (127.0.0.1/8), end0 (192.168.1.80/24), docker0 (172.30.232.1/23), hassio (172.30.32.1/23), vethd8b4d24 (), veth9566c28 (), vethde5b40d (), veth2b4f503 (), veth8671af4 (), veth0692c0e (), veth4182c2f (), veth1d75b21 (), vethe2d315e (), vethdd74bbb (), vethcd88876 ()
ipv6_addresses lo (::1/128), end0 (fe80::94f3:7dab:bcb8:8053/64), docker0 (fe80::d88d:9bff:fef9:987/64), hassio (fe80::80bf:77ff:fe3e:eaed/64), vethd8b4d24 (fe80::5c4b:59ff:fe60:874/64), veth9566c28 (fe80::8872:ddff:fea7:6cab/64), vethde5b40d (fe80::4c00:1dff:fe66:2686/64), veth2b4f503 (fe80::c8c:9eff:fe88:aed2/64), veth8671af4 (fe80::8c78:afff:fe42:2b9b/64), veth0692c0e (fe80::7ce2:d4ff:fe80:b202/64), veth4182c2f (fe80::6c1b:34ff:fe04:fd7a/64), veth1d75b21 (fe80::3407:fdff:fed0:6ae9/64), vethe2d315e (fe80::1cfb:4cff:fea5:6d06/64), vethdd74bbb (fe80::9860:1fff:fea3:71f/64), vethcd88876 (fe80::b036:38ff:fe50:1286/64)
announce_addresses 192.168.1.80, fe80::94f3:7dab:bcb8:8053
Recorder
oldest_recorder_run May 6, 2025 at 12:47
current_recorder_run May 16, 2025 at 17:53
estimated_db_size 67.66 MiB
database_engine sqlite
database_version 3.48.0
2

Did you disable all Add-ons and Custom Integrations in groups. It’s very likely one of them.

3

9.9.9.9 is Quad9’s DNS server and that is the one that stops responding, but I do not think have use it normally.
The DNS service from Quad9 is aiming to block malware domains, so maybe a malware scanner somewhere in your setup.

4

So I think I’ve got the beginnings of an answer, at least my network no longer freezes:
There was probably a block on my router’s side, which forbade DNS resolution for certain outgoing IPs.
These blocks would prevent TimeOut of 30 seconds, times hundreds (thousands?) of requests.
I lifted these blocks, no more freeze!

I’m not really satisfied with what I’ve done on the router side, but it works! I’ll dig deeper later

Having said that, I still have 2 outgoing ip’s requesting reverse DNS for all 255 local ip’s, the resolution is done in hundredths of a second, but I still find it weird!

[INFO] 172.30.32.1:36616 - 13015 “PTR IN 252.1.168.192.in-addr.arpa. udp 55 false 1232” NXDOMAIN qr,rd,ra 44 0.057674322s
[INFO] 127.0.0.1:56417 - 19366 “PTR IN 245.1.168.192.in-addr.arpa. udp 55 false 1232” NXDOMAIN qr,rd,ra 44 0.015054163s

We’ll say problem solved until the next one!

Thank you all for your help on this topic

5

Seems to be the very same like THIS. Sadly dosen’t really fit into “… puts local control and privacy first.”

1 Like
6

More background here:

https://community.home-assistant.io/t/ha-spamming-ptr-dns-lookups/143687/85

1 Like
7

Nice. Thank you for the pointer. I just disabled dhcp from default_config as suggested. Lets see whether the hourly DNS bursts stop.