How can I stop cameras from making so manyt DNS requests
I have security concerns over the use of the C100 and C200 Security Cameras.
In any 24 hour period a single camera makes around 22,750 DNS requests to one of five addresses.
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
n-device-api.tplinkcloud.com 1239
n-devs-dcipc.tplinkcloud.com 1029
n-deventry-dcipc.tplinkcloud.com 620
Each camera records to a microSD, is not connected to the app, and is kept separated from my main network. I access it (if I need to, which is not often) via a privately set up VPN directly to the devices MAC/IP address.
Is there a way to stop each camera from making so many requests (other than simply blocking them via a pi-hole)?
Also, what is the need for each camera to make so many requests out of my network? I do not believe it is simply to check for software updates as all camera work fine with no updates what so ever.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
It would be necessary to see with your technical team the possibility of integrating (with an update) a DNS cache in your cameras, I do not think that the IP of your servers evolve every 6 seconds...
As an element of comparison, the Android phone has a DNS cache of 10 minutes (although they are communicating devices and particularly multifunctional).
- Copy Link
- Report Inappropriate Content
Caching is not the issue here. The problem is that the camera is requesting a URL that does not exist. The DNS server returns NXDOMAIN to these queries as it should and the camera goes on requesting the same nonexistent URL every 6 seconds.
These "Relay URLs" are most likely used for load balancing of streaming feeds, so the URLs are either been generated via some algorithm on the camera (which is broken), or being given to the camera by a proxy service (which is broken).
Sometimes powering the camera off/on will cause a new URL to be requested (sometimes not), and if this exists then all is well, otherwise it's back to requests every 6 seconds.
The fix: if NXDOMAIN is received as a response to a relay URL request, ask for a different one and not the same one over and over again....
- Copy Link
- Report Inappropriate Content
In your case yes, but not in my case!
For my part the address is perfectly reachable (see my previous message: rtsp-dcipc.tplinknbu.com) but I have more than 11000 requests per day that is to say a request every 7.8 seconds !
As a reminder the 1st message of the conversation was about :
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
rtsp-dcipc.tplinknbu.com 5629 -> Concerns me!
n-device-api.tplinkcloud.com 1239
- Copy Link
- Report Inappropriate Content
OK, so do we have two different issues here ?
1) Incorrect relay URLs, should be a pretty simple fix as I've outlined
2) Excessive requests to valid URLs. In your previous post that you mention that port 443 is open and accessable on rtsp-dcipc.tplinknbu.com, but it could also be trying to access other ports..., do you restrict access on your network to a limited number of specific ports ? Clearly the camera is not happy about something.....
My cameras make around 100 DNS requests each per 24 hours, compared to your requests
The requests per 24 hours are split as:
euw1-relay-dcipc.i.tplinknbu.com 0
rtsp-dcipc.tplinknbu.com 1
n-device-api.tplinkcloud.com 1
n-devs-dcipc.tplinkcloud.com 0
n-deventry-dcipc.tplinkcloud.com 0
Most other requests take the form:
euw1-rtsp-dcipc-i-05651cf6695e8fc3a.tplinknbu.com
- Copy Link
- Report Inappropriate Content
My C200 just got updated from 1.1.18 to 1.3.2.
Just wondering if they fixed the issue with this update. (Can't test myself)
- Copy Link
- Report Inappropriate Content
I am having the same problem with my C320WS camera, firmware is 1.3.0 (which the app says is up-to-date).
In the last 24 hours, in my home network over 106,000 DNS lookups (>12% of all lookups for my entire home) have been to:
use1-relay-i-xxxxxxxxxxxxxxxxxx.dcipc.i.tplinknbu.com.
where the x's are a specific string of numbers and letters which I assume map to my device.
Can we please have someone from TP-Link correct this, or at the very least least speak to it here?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@Solla-topee The C100 has this issue as well. I hope you fix it there too.
- Copy Link
- Report Inappropriate Content
Hello @Celico
There are plans for optimizing on Tapo C100 model too.
- Copy Link
- Report Inappropriate Content
Janiek wrote
This update was added today.
@Janiek thank you for sharing this information!
We created a support email titled with 'Forum ID 578442' for your case to invite you to test the beta firmware.
You can reply to the support email to join the beta test. Feel free to share any new observations with the new firmware on the support email or forum, thank you!
- Copy Link
- Report Inappropriate Content
Information
Helpful: 6
Views: 12614
Replies: 72