How can I stop cameras from making so manyt DNS requests
I have security concerns over the use of the C100 and C200 Security Cameras.
In any 24 hour period a single camera makes around 22,750 DNS requests to one of five addresses.
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
n-device-api.tplinkcloud.com 1239
n-devs-dcipc.tplinkcloud.com 1029
n-deventry-dcipc.tplinkcloud.com 620
Each camera records to a microSD, is not connected to the app, and is kept separated from my main network. I access it (if I need to, which is not often) via a privately set up VPN directly to the devices MAC/IP address.
Is there a way to stop each camera from making so many requests (other than simply blocking them via a pi-hole)?
Also, what is the need for each camera to make so many requests out of my network? I do not believe it is simply to check for software updates as all camera work fine with no updates what so ever.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Celico I'm seeing the same behaviour - it started happening again yesterday at 14:00 GMT after weeks of nothing...
- Copy Link
- Report Inappropriate Content
@Weavey Both my cameras started requesting non existent URLs again every six seconds.
If you have the capability, do a DNS rewrite of the bad URLs to this domain : use1-relay-dcipc.i.tplinknbu.com
- Copy Link
- Report Inappropriate Content
Same problem for me... too many DNS requests without explanation.
In my case the most questioned domain (more than 11000 requests per day) is : rtsp-dcipc.tplinknbu.com
I made an nmap :
Nmap scan report for rtsp-dcipc.tplinknbu.com (52.50.225.133)
Host is up (0.048s latency).
Other addresses for rtsp-dcipc.tplinknbu.com (not scanned): 52.18.135.86 34.254.53.222
rDNS record for 52.50.225.133: ec2-52-50-225-133.eu-west-1.compute.amazonaws.com
Not shown: 999 filtered ports
PORT STATE SERVICE
443/tcp open https
The url is perfectly accessible on port 443 (https://rtsp-dcipc.tplinknbu.com, this server is online), so the excess of requests can't be attributed to an access problem in my case.
I would really like a solution to remove this excessive demand on my DNS server...
Do administrators, technicians or others from TP-Link sometimes visit the forum?
- Copy Link
- Report Inappropriate Content
@Tescophil How did you find one relay that works? My camera just uses the one and I don't have another camera.
- Copy Link
- Report Inappropriate Content
For me the relays work, to check them load their addresses with a h ttps:// (it works with port 443).
The basic problem remains, why this flood of DNS request !?!
nmap use1-relay-dcipc.i.tplinknbu.com
Nmap scan report for use1-relay-dcipc.i.tplinknbu.com (23.21.233.36)
Host is up (0.11s latency).
Other addresses for use1-relay-dcipc.i.tplinknbu.com (not scanned): 54.197.146.240 54.146.202.30
rDNS record for 23.21.233.36: ec2-23-21-233-36.compute-1.amazonaws.com
Not shown: 999 filtered ports
PORT STATE SERVICE
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 9.25 seconds
nmap euw1-relay-dcipc.i.tplinknbu.com
Nmap scan report for euw1-relay-dcipc.i.tplinknbu.com (34.248.166.100)
Host is up (0.051s latency).
Other addresses for euw1-relay-dcipc.i.tplinknbu.com (not scanned): 52.31.109.126 108.128.11.80
rDNS record for 34.248.166.100: ec2-34-248-166-100.eu-west-1.compute.amazonaws.com
Not shown: 999 filtered ports
PORT STATE SERVICE
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 5.52 seconds
- Copy Link
- Report Inappropriate Content
@Celico I just mapped the broken relay URLs to use1-relay-dcipc.i.tplinknbu.com and it works fine....
- Copy Link
- Report Inappropriate Content
@Tescophil Indeed. Remapping to use1-relay-dcipc.i.tplinknbu.com stopped it. Thank you very much.
- Copy Link
- Report Inappropriate Content
In order to make this more generic I've added these rules to my AdGuard Home custom filters
# Tapo Camera Relays /^euw1-relay-i-[a-z0-9]*.dcipc.i.tplinknbu.com/$dnsrewrite=euw1-relay-dcipc.i.tplinknbu.com /^use1-relay-i-[a-z0-9]*.dcipc.i.tplinknbu.com/$dnsrewrite=use1-relay-dcipc.i.tplinknbu.com
Looks like each time a remote client requests a stream one of these relays is requested, testing on my system these rewrites work fine and video is stable...
Still... a fix from TP-Link would be better.
- Copy Link
- Report Inappropriate Content
@Solla-topee Why still not response from TP-LINK?
- Copy Link
- Report Inappropriate Content
Update on May 31
Good news! The team has released the official firmware for the frequent DNS Query issue for Tapo C200 1.0&2.0, you can update the firmware to the latest one via the Tapo app to solve the issue.
How to update the firmware of Tapo devices in the Tapo App?
For the other models, you can send an email and provide the camera's MAC address & TP-Link ID to get a beta firmware for a try.
Note: The camera should be online to receive the firmware update or beta firmware.
How to can I get the beta firmware :
Please email to support.forum@tp-link.com with Title ' [Forum ID 578442 ] Model + Tap Cam DNS Query Beta '
Beta Firmware Note: optimized the camera DNS query frequency
How to update beta firmware: the Beta Firmware will be pushed to your TP-Link ID over the cloud server, please update the firmware in your Tapo app when an update (Beta firmware) is available in your app.
Be sure to provide the below information when reaching us
- TP-Link ID
- Model Number of your Camera
Note: the user can stop the beta test at any time if you'd like to, the beta test can be closed by the team and you can upgrade back to the official firmware.
-----------------------------------------------------------------------------------------------------------
Hello everyone,
Thank you for your feedback on Tapo Camera DNS requests over the last few months. Based on my knowledge, Tapo camera, as cloud cameras, will request for DNS service when trying to interactive with the cloud servers and get some services. This ensures the proper functionality of the camera basic or cloud-based features for vast majorities of the Tapo users who are using an app. If the DNS request behavior you noticed happens on a regular basis like every 6 secs, this can be a common behavior with the camera.
We'd share this feedback with the team and see if they have more explanation or suggestions on this, so far it is recommended to try some workaround shared by our forum users if you wish to use the camera local only/without the app. Really appreciated for sharing your knowledge and findings here with the community. If there is any update we'd update on this thread, thank you again for your feedback.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 6
Views: 12560
Replies: 72