Large number of DNS lookups

michaelblight · September 3, 2018, 11:31am

Has anybody had problems with large numbers of DNS lookups? I’m not sure of the culprit(s) yet, but 300,000 a day to tp-link and 100,000 a day to netgear seems a bit excessive. I’ve posted questions on each of their forums too. I have 4 tp-link smart switches plus a netgear modem that are all configured in HA. I also have a netgear NAS but HA doesn’t know about it (I don’t think).

I may have to stop HA for a couple of hours to clear its name, but then I will have to move about the house to turn things on and off.

jwelter · September 3, 2018, 11:50am

They likely don’t run a caching DNS resolver on the equipment.

michaelblight · September 4, 2018, 4:36am

Whether they cache the DNS or not doesn’t really explain why a smart plug would need to phone home every second of every day. I have no such problems with other internet connected devices like Hue or Lifx. Or even a cheap-arse Aldi wifi switch.

And the tp-link ones are all to an address that cannot be resolved (aps1-api.tplinkra.com), so it cannot be cached. The netgear ones are to addresses that can be resolved by a web-based DNS lookup, but they fail within my network. So because they fail they can’t be cached.

Unfortunately it doesn’t seem possible to log this traffic at the modem. A firewall rule to log all port 53 traffic only shows data going from LAN->WAN (eg. Google Home specifically using Google’s DNS Server). All of the LAN devices using the modem for DNS lookup are going LAN->LAN (eg. HA to modem), so this is not covered by the firewall rule. And when the modem uses OpenDNS for lookup, it doesn’t log it. Or that’s what I’m assuming from the absence of logs.

nickrout · September 4, 2018, 6:58am

Are these requests coming from home assistant, or from the sensor itself. If the latter, it doesn’t seem relevant on this forum.

michaelblight · September 4, 2018, 8:11am

I’m not 100% sure where they’re coming from, which is why I asked if anybody has seen something similar. I don’t really want to shut HA down for a few hours to see if they stop. In the meantime I have set up pi-hole to block them. That seems to reduce the frequency dramatically, and has had no noticeable side-effects.

michaelblight · September 5, 2018, 12:37pm

I found a workaround here. The implication is they’re coming from the devices themselves, and not HA.

tom_l · September 6, 2018, 12:27am

You should still report that to TPlink support. That’s a bad bug.

jwelter · September 6, 2018, 12:29am

Some DNS resolvers will also cache a negative response; DNSMasq can be set to do this.

I had a Netgear Orbi that did similar and could never get it sorted.

I have a LG TV that does the same; but it seems HARDCODED to use Google DNS at 8.8.8.8 and not the DNS being returned by DHCP which is how it gets it’s network info