Hi all, i had a lot of DNS requests using Adguardhome as well, i had a firewall rule in my router to redirect all DNS queries to my adguardhome instance, and then every 6 seconds i got a lot of dns requests from tapo cameras.

my advice is this:

Create a NAT rule that rewrites the source of the DNS response (the PiHole or Adguardhome) to match the intended source (the hardcoded DNS of the cameras).

i used this tutorial.

htt ps://jeff.vtkellers. com/posts/technology/force-all-dns-queries-through-pihole-with-openwrt/

i hope this help you guys.

3 weeks nothing and now it started up again.

@Celico I'm seeing the same behaviour - it started happening again yesterday at 14:00 GMT after weeks of nothing...

  @Weavey Both my cameras started requesting non existent URLs again every six seconds.

If you have the capability, do a DNS rewrite of the bad URLs to this domain : use1-relay-dcipc.i.tplinknbu.com

It never stopped for me, but it has increased from 15k to 70k calls per day.

Same problem for me... too many DNS requests without explanation.

In my case the most questioned domain (more than 11000 requests per day) is : rtsp-dcipc.tplinknbu.com

I made an nmap :

Nmap scan report for rtsp-dcipc.tplinknbu.com (52.50.225.133)

Host is up (0.048s latency).

Other addresses for rtsp-dcipc.tplinknbu.com (not scanned): 52.18.135.86 34.254.53.222

rDNS record for 52.50.225.133: ec2-52-50-225-133.eu-west-1.compute.amazonaws.com

Not shown: 999 filtered ports

PORT STATE SERVICE

443/tcp open https

The url is perfectly accessible on port 443 (https://rtsp-dcipc.tplinknbu.com, this server is online), so the excess of requests can't be attributed to an access problem in my case.

I would really like a solution to remove this excessive demand on my DNS server...

Do administrators, technicians or others from TP-Link sometimes visit the forum?

  @Tescophil How did you find one relay that works? My camera just uses the one and I don't have another camera.

For me the relays work, to check them load their addresses with a h ttps:// (it works with port 443).

The basic problem remains, why this flood of DNS request !?!

nmap use1-relay-dcipc.i.tplinknbu.com
Nmap scan report for use1-relay-dcipc.i.tplinknbu.com (23.21.233.36)
Host is up (0.11s latency).
Other addresses for use1-relay-dcipc.i.tplinknbu.com (not scanned): 54.197.146.240 54.146.202.30
rDNS record for 23.21.233.36: ec2-23-21-233-36.compute-1.amazonaws.com
Not shown: 999 filtered ports
PORT    STATE SERVICE
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 9.25 seconds

nmap euw1-relay-dcipc.i.tplinknbu.com
Nmap scan report for euw1-relay-dcipc.i.tplinknbu.com (34.248.166.100)
Host is up (0.051s latency).
Other addresses for euw1-relay-dcipc.i.tplinknbu.com (not scanned): 52.31.109.126 108.128.11.80
rDNS record for 34.248.166.100: ec2-34-248-166-100.eu-west-1.compute.amazonaws.com
Not shown: 999 filtered ports
PORT    STATE SERVICE
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 5.52 seconds

  @Celico I just mapped the broken relay URLs to use1-relay-dcipc.i.tplinknbu.com and it works fine....