TL-WA855RE V1 Pinging Time servers non-stop

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

TL-WA855RE V1 Pinging Time servers non-stop

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-WA855RE V1 Pinging Time servers non-stop
TL-WA855RE V1 Pinging Time servers non-stop
2017-09-16 23:27:07
Model :

Hardware Version :

Firmware Version :

ISP :

I recently installed Pi-hole on my network to block ads and to run as a network monitor.

To my surprise I found out my TL-WA855RE v1, was pinging the following time servers roughly every 4 seconds 24 hours a day:
time.nist.gov
[*]time.nist.g
[*]time-a.nist.gov
[*]time-b.nist.gov
[*]time-nw.nist.gov
[*]au.pool.ntp.org
[*]nz.pool.ntp.org
This device has a huge amount of DNS requests to these servers every single day, and I want to know what the reason etc for it is, and or other than removing said device from my network, how I can fix the issue?
File:
TL?WA855RE.jpgDownload
  0      
  0      
#1
Options
11 Reply
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-09-21 17:16:12
The request is for adjusting time settings on the extender. Normally that will not effect the internet usage. Do you have any problem with it?
  0  
  0  
#2
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-09-21 21:59:19
My concern is that the access point is reaching out to several time servers non-stop, and cycles through them every 4 seconds. It does this at all hours of the day, nonstop.
  0  
  0  
#3
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-11-06 05:28:39
Hello,

I just bought the same device (WA855RE v1) and just like FranknBeans, I'm also very surprised to see that this Wi-Fi repeater was so "noisy"

Let me explain:
NTP is a very well developed protocol that is supposed to maintain clock accuracy without too much network overhead
It's not because most of the world have (almost) unlimited network capacity (broadband/ADSL/fiber...) that this kind of device should NOT "behave" nicely on the network

It appears that other device have the same "flaw" (tens of thousands of requests per day to time servers)
see https://www.google.fr/search?q=+"tp-link"+au.pool.ntp.org+time.nist.gov which show more than 3k results

On top of that, I live in Europe and the NTP servers are located in the other side of the planet (Australia and New Zealand)
according to this page
http://www.pool.ntp.org/zone/oceania
as of today (5/11/2017) there are only 86 servers reachable through au.pool.ntp.org and 28 with nz.pool.ntp.org
while there are nearly 2000 in Europe
http://www.pool.ntp.org/zone/europe

having potentially thousands of devices "hitting" continuously those time servers could be considered a DDoS (distributed denial of service)

so, as a conclusion, I'd say that it is indeed a real issue to have such an abusive way of making thousands of ping (and NTP) requests a day

TP-Link support should really consider proposing a fix to this problem
  0  
  0  
#4
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-11-06 18:18:10
It seems the repeater ping NTP server to test internet connection. it is not a problem and It won't cause internet issue normally.
Perhaps you can send a feedback to TP-Link and see if they can improve this part.
  0  
  0  
#5
Options
pinging servers non-stop means DoS
2017-11-07 06:47:28
well, let's do the math:
how many repeaters could TP-Link had possibly sold?
thousands? tens of thousands? hundreds of thousands? ...probably not millions (although they wish they had!)

If I'm conservative (let's say 40k of repeaters all over the world which a very low estimate given their popularity)
it means that every seconds, there is 20k packets of ping and maybe other protocols traveling to the following servers:

a.root-servers.net
ath5
au.pool.ntp.org
nz.pool.ntp.org
time-a.nist.gov
time-b.nist.gov
time.nist.gov
time-nw.nist.gov

which translate into 86.4GB of daily bandwidth consumed everyday so that all of those little network devices are sure that the network is not down for more than 2 seconds!!

originally, those devices are just supposed to boost the Wi-Fi network into SOHOs or homes, not fload root DNS servers and others hosts just to make sure the Internet connectivity is alive.

but if there is a chance that support could fix this issue, I'd be happy to send a report

What is the best way to escalate it? (global user support? local assistance?...)

Thanks for you attention
  0  
  0  
#6
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-11-07 14:54:43
You can contact support@tp-link.com.
  0  
  0  
#7
Options
sTuPid-Link
2017-11-24 11:24:51
I investigated this issue and wrote up my findings in detail for anyone who is interested.

Current versions of TP-Link repeater firmware use 715,4 MB per month just to show us “Internet Status: Connected” on a page that no one ever visits is just stupid. It’s implemented in a way that puts a strain on consumer’s bandwidth caps and on public infrastructure.

Windows uses 1,6 KB per month for NTP. TP-Link repeaters shouldn’t use any more than that.
  3  
  3  
#8
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-11-30 11:37:17
I can confirm this behavior. On my recently purchased Archer C5 v1, latest firmware, no devices attached, wifi off, LAN DHCP and all filters/services off, SPI off, remote management off, upnp off, using static WAN address and DNS, this thing makes 6000 DNS requests/day alone to domains www.tp-link.com and a.root-servers.net. I have a dozen routers and, other than the infrequent port 123 time request, this is the only one that generates traffic by itself. This behavior isn't necessary to establish connectivity and certainly not at this frequency. That's the purpose of dns.msftncsi.com. On this router there is no status notification that the WAN is up/connected and there is no facility in the GUI that notifies the user that a new firmware is available. Manually updating to the latest firmware does not change the behavior.

Wireshark tonight shows this thing establishing a TCP socket to 60.251.154.114 which resolves to an address in Taipei, Taiwan. Thousands of packets were transferred out and now I have to disassemble what it is sending with no time to do it. But I'm concerned enough with what I've seen to suspect something more is going on and I have to throw it out there. Googling this brought me here and apparently others are noticing, too, without getting an explanation. Network Solutions should also be concerned as one of the 13 world root domain name servers is a hard-coded target of this firmware.

It goes without saying you should be using OpenDNS or other DNS solution to block suspicious domains.
  0  
  0  
#9
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-12-24 10:01:16
TP-Link has issued new firmware releases that addresses this bug including for the TL-WA855RE. (Update may not be available in all countries.)
  0  
  0  
#10
Options
Re:TL-WA855RE V1 Pinging Time servers non-stop
2017-12-25 08:52:09
well, that too bad the update doesn't cover all versions:
I bought a TL-WA855RE v1 in Nov. 2017 but the firmware upgrade only cover V2 and V3
:-/
  0  
  0  
#11
Options

Information

Helpful: 0

Views: 2632

Replies: 11

Related Articles