How can I stop cameras from making so manyt DNS requests
I have security concerns over the use of the C100 and C200 Security Cameras.
In any 24 hour period a single camera makes around 22,750 DNS requests to one of five addresses.
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
n-device-api.tplinkcloud.com 1239
n-devs-dcipc.tplinkcloud.com 1029
n-deventry-dcipc.tplinkcloud.com 620
Each camera records to a microSD, is not connected to the app, and is kept separated from my main network. I access it (if I need to, which is not often) via a privately set up VPN directly to the devices MAC/IP address.
Is there a way to stop each camera from making so many requests (other than simply blocking them via a pi-hole)?
Also, what is the need for each camera to make so many requests out of my network? I do not believe it is simply to check for software updates as all camera work fine with no updates what so ever.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Tescophil Indeed. Remapping to use1-relay-dcipc.i.tplinknbu.com stopped it. Thank you very much.
- Copy Link
- Report Inappropriate Content
In order to make this more generic I've added these rules to my AdGuard Home custom filters
# Tapo Camera Relays /^euw1-relay-i-[a-z0-9]*.dcipc.i.tplinknbu.com/$dnsrewrite=euw1-relay-dcipc.i.tplinknbu.com /^use1-relay-i-[a-z0-9]*.dcipc.i.tplinknbu.com/$dnsrewrite=use1-relay-dcipc.i.tplinknbu.com
Looks like each time a remote client requests a stream one of these relays is requested, testing on my system these rewrites work fine and video is stable...
Still... a fix from TP-Link would be better.
- Copy Link
- Report Inappropriate Content
@Solla-topee Why still not response from TP-LINK?
- Copy Link
- Report Inappropriate Content
Update on May 31
Good news! The team has released the official firmware for the frequent DNS Query issue for Tapo C200 1.0&2.0, you can update the firmware to the latest one via the Tapo app to solve the issue.
How to update the firmware of Tapo devices in the Tapo App?
For the other models, you can send an email and provide the camera's MAC address & TP-Link ID to get a beta firmware for a try.
Note: The camera should be online to receive the firmware update or beta firmware.
How to can I get the beta firmware :
Please email to support.forum@tp-link.com with Title ' [Forum ID 578442 ] Model + Tap Cam DNS Query Beta '
Beta Firmware Note: optimized the camera DNS query frequency
How to update beta firmware: the Beta Firmware will be pushed to your TP-Link ID over the cloud server, please update the firmware in your Tapo app when an update (Beta firmware) is available in your app.
Be sure to provide the below information when reaching us
- TP-Link ID
- Model Number of your Camera
Note: the user can stop the beta test at any time if you'd like to, the beta test can be closed by the team and you can upgrade back to the official firmware.
-----------------------------------------------------------------------------------------------------------
Hello everyone,
Thank you for your feedback on Tapo Camera DNS requests over the last few months. Based on my knowledge, Tapo camera, as cloud cameras, will request for DNS service when trying to interactive with the cloud servers and get some services. This ensures the proper functionality of the camera basic or cloud-based features for vast majorities of the Tapo users who are using an app. If the DNS request behavior you noticed happens on a regular basis like every 6 secs, this can be a common behavior with the camera.
We'd share this feedback with the team and see if they have more explanation or suggestions on this, so far it is recommended to try some workaround shared by our forum users if you wish to use the camera local only/without the app. Really appreciated for sharing your knowledge and findings here with the community. If there is any update we'd update on this thread, thank you again for your feedback.
- Copy Link
- Report Inappropriate Content
It would be necessary to see with your technical team the possibility of integrating (with an update) a DNS cache in your cameras, I do not think that the IP of your servers evolve every 6 seconds...
As an element of comparison, the Android phone has a DNS cache of 10 minutes (although they are communicating devices and particularly multifunctional).
- Copy Link
- Report Inappropriate Content
Caching is not the issue here. The problem is that the camera is requesting a URL that does not exist. The DNS server returns NXDOMAIN to these queries as it should and the camera goes on requesting the same nonexistent URL every 6 seconds.
These "Relay URLs" are most likely used for load balancing of streaming feeds, so the URLs are either been generated via some algorithm on the camera (which is broken), or being given to the camera by a proxy service (which is broken).
Sometimes powering the camera off/on will cause a new URL to be requested (sometimes not), and if this exists then all is well, otherwise it's back to requests every 6 seconds.
The fix: if NXDOMAIN is received as a response to a relay URL request, ask for a different one and not the same one over and over again....
- Copy Link
- Report Inappropriate Content
In your case yes, but not in my case!
For my part the address is perfectly reachable (see my previous message: rtsp-dcipc.tplinknbu.com) but I have more than 11000 requests per day that is to say a request every 7.8 seconds !
As a reminder the 1st message of the conversation was about :
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
rtsp-dcipc.tplinknbu.com 5629 -> Concerns me!
n-device-api.tplinkcloud.com 1239
- Copy Link
- Report Inappropriate Content
OK, so do we have two different issues here ?
1) Incorrect relay URLs, should be a pretty simple fix as I've outlined
2) Excessive requests to valid URLs. In your previous post that you mention that port 443 is open and accessable on rtsp-dcipc.tplinknbu.com, but it could also be trying to access other ports..., do you restrict access on your network to a limited number of specific ports ? Clearly the camera is not happy about something.....
My cameras make around 100 DNS requests each per 24 hours, compared to your requests
The requests per 24 hours are split as:
euw1-relay-dcipc.i.tplinknbu.com 0
rtsp-dcipc.tplinknbu.com 1
n-device-api.tplinkcloud.com 1
n-devs-dcipc.tplinkcloud.com 0
n-deventry-dcipc.tplinkcloud.com 0
Most other requests take the form:
euw1-rtsp-dcipc-i-05651cf6695e8fc3a.tplinknbu.com
- Copy Link
- Report Inappropriate Content
My C200 just got updated from 1.1.18 to 1.3.2.
Just wondering if they fixed the issue with this update. (Can't test myself)
- Copy Link
- Report Inappropriate Content
I am having the same problem with my C320WS camera, firmware is 1.3.0 (which the app says is up-to-date).
In the last 24 hours, in my home network over 106,000 DNS lookups (>12% of all lookups for my entire home) have been to:
use1-relay-i-xxxxxxxxxxxxxxxxxx.dcipc.i.tplinknbu.com.
where the x's are a specific string of numbers and letters which I assume map to my device.
Can we please have someone from TP-Link correct this, or at the very least least speak to it here?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 6
Views: 9976
Replies: 72
Voters 2
