How can I stop cameras from making so manyt DNS requests
I have security concerns over the use of the C100 and C200 Security Cameras.
In any 24 hour period a single camera makes around 22,750 DNS requests to one of five addresses.
The requests are split as:
euw1-relay-dcipc.i.tplinknbu.com 14071
n-device-api.tplinkcloud.com 1239
n-devs-dcipc.tplinkcloud.com 1029
n-deventry-dcipc.tplinkcloud.com 620
Each camera records to a microSD, is not connected to the app, and is kept separated from my main network. I access it (if I need to, which is not often) via a privately set up VPN directly to the devices MAC/IP address.
Is there a way to stop each camera from making so many requests (other than simply blocking them via a pi-hole)?
Also, what is the need for each camera to make so many requests out of my network? I do not believe it is simply to check for software updates as all camera work fine with no updates what so ever.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Update on May 31
Good news! The team has released the official firmware for the frequent DNS Query issue for Tapo C200 1.0&2.0, you can update the firmware to the latest one via the Tapo app to solve the issue.
How to update the firmware of Tapo devices in the Tapo App?
For the other models, you can send an email and provide the camera's MAC address & TP-Link ID to get a beta firmware for a try.
Note: The camera should be online to receive the firmware update or beta firmware.
How to can I get the beta firmware :
Please email to support.forum@tp-link.com with Title ' [Forum ID 578442 ] Model + Tap Cam DNS Query Beta '
Beta Firmware Note: optimized the camera DNS query frequency
How to update beta firmware: the Beta Firmware will be pushed to your TP-Link ID over the cloud server, please update the firmware in your Tapo app when an update (Beta firmware) is available in your app.
Be sure to provide the below information when reaching us
- TP-Link ID
- Model Number of your Camera
Note: the user can stop the beta test at any time if you'd like to, the beta test can be closed by the team and you can upgrade back to the official firmware.
-----------------------------------------------------------------------------------------------------------
Hello everyone,
Thank you for your feedback on Tapo Camera DNS requests over the last few months. Based on my knowledge, Tapo camera, as cloud cameras, will request for DNS service when trying to interactive with the cloud servers and get some services. This ensures the proper functionality of the camera basic or cloud-based features for vast majorities of the Tapo users who are using an app. If the DNS request behavior you noticed happens on a regular basis like every 6 secs, this can be a common behavior with the camera.
We'd share this feedback with the team and see if they have more explanation or suggestions on this, so far it is recommended to try some workaround shared by our forum users if you wish to use the camera local only/without the app. Really appreciated for sharing your knowledge and findings here with the community. If there is any update we'd update on this thread, thank you again for your feedback.
- Copy Link
- Report Inappropriate Content
@TheBear first, I'm sorry to hear that you're having the same problems I do... but I'm glad to hear I'm not alone.
Over the past 8 hours, my four C100 cameras are responsible for over 230 000 requests to Port 53.
What is going on TP-Link?!
- Copy Link
- Report Inappropriate Content
Some extra logs.
After sending the message above I allowed for the cameras to reach the DNS Resolver in my router. This reduced the number of DNS requests from THOUSANDS per hour down to just below two thousand. (Still ridiculous, but ....)
Here's a summary of all traffic for my four cameras for one hour.
- Copy Link
- Report Inappropriate Content
WildWombat wrote
@TheBear first, I'm sorry to hear that you're having the same problems I do... but I'm glad to hear I'm not alone.
Over the past 8 hours, my four C100 cameras are responsible for over 230 000 requests to Port 53.
...
What is going on TP-Link?!
Why is Tapo flooding our network (causing unstable connection)?
- Copy Link
- Report Inappropriate Content
I have a similar issue but with a Tapo C200. It makes around 7000 DNS requests each 24 hours for an invalid domain "euw1-relay-i-09f21ed7afe4c9180.dcipc.i.tplinknbu.com".
This makes no sense to me and I'm not sure if TP-Link is planning to do something to fix all these issues.
BTW, I'm using the latest available firmware, 1.1.18 build 220518.
- Copy Link
- Report Inappropriate Content
Same here for me with a Tapo C110... About 15000 DNS requests to euw1-relay-i-xxxxxxxxx.dcipc.i.tplinknbu.com
- Copy Link
- Report Inappropriate Content
My C100 started doing this a few days ago. Must have been an update. It now floods my router and the logs with a ping of euw1-relay-xxxxx.dcipc.i.tplinknbu.com every 6 seconds. 15.000 requests in about 24 hours. This needs to stop!
- Copy Link
- Report Inappropriate Content
How do you do these tests?
What tools do you guys use?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@KalleKat No, you need something at a router level, that filters all the traffic from your devices, so a RPi with PI-Hole or AdGuard Home etc. is you best bet. Or you have a router that is able to do that.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 6
Views: 12543
Replies: 72