Router creating strange DNS requests even if noting is connected to it
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Router creating strange DNS requests even if noting is connected to it
Model :
Hardware Version :
Firmware Version :
ISP :
Hello all,
I have been using the Tp-link TL-R470T+ load balancing router at my work place for a couple of months now. My initial intention was to combine two broadband connections using this router, but due to some reasons the ISP couldn't provide me with two broadband connections. Therefore I'm only using it as a basic router with a single broadband connection. The router is connected to switch catering to 20 computers. I've configured the single WAN port (connected to the modem) to use OpenDNS so I can view the domain requests, etc on the OpenDNS dashboard (just for curiosity's sake).
For the past couple of months, I've noticed that there are tens of thousands of DNS requests from a specific set of domains [see table below] at odd times (outside working hours) when all the computers are turned off.
To investigate this, on a weekend, I disconnected the switch from the router and I left the router with only the modem connected to it and noting else.
This is the DNS domain data request I've logged from the the OpenDNS dashboard (with nothing apart from the modem connected to the router):
Rank,Domain,Requests
My question is, why is the Tp-link TL-R470T+ load balancing router sending so many requests to these specific websites? I believe most of these sites are of Chinese origin. I know for a fact that nothing was connected to the router other than the modem.
Thanks!
Hardware Version :
Firmware Version :
ISP :
Hello all,
I have been using the Tp-link TL-R470T+ load balancing router at my work place for a couple of months now. My initial intention was to combine two broadband connections using this router, but due to some reasons the ISP couldn't provide me with two broadband connections. Therefore I'm only using it as a basic router with a single broadband connection. The router is connected to switch catering to 20 computers. I've configured the single WAN port (connected to the modem) to use OpenDNS so I can view the domain requests, etc on the OpenDNS dashboard (just for curiosity's sake).
For the past couple of months, I've noticed that there are tens of thousands of DNS requests from a specific set of domains [see table below] at odd times (outside working hours) when all the computers are turned off.
To investigate this, on a weekend, I disconnected the switch from the router and I left the router with only the modem connected to it and noting else.
This is the DNS domain data request I've logged from the the OpenDNS dashboard (with nothing apart from the modem connected to the router):
Rank,Domain,Requests
| 1 | www.google.com | 17,091 |
| 2 | www.w3.org | 17,086 |
| 3 | www.yahoo.com | 17,085 |
| 4 | www.sina.com | 17,085 |
| 5 | www.baidu.com | 17,085 |
| 6 | www.ieee.org | 17,084 |
| 7 | www.tplink.com | 17,084 |
| 8 | www.163.com | 17,084 |
| 9 | www.sohu.com | 17,084 |
| 10 | www.qq.com | 17,084 |
My question is, why is the Tp-link TL-R470T+ load balancing router sending so many requests to these specific websites? I believe most of these sites are of Chinese origin. I know for a fact that nothing was connected to the router other than the modem.
Thanks!
