An ongoing problem that seems to have avoided resolution: Massive number of DNS inquiries from WyzeCams. Here’s an example: Last evening over a period of ten minutes one of our v3 cameras made 3552 DNS queries as reported by the PiHole DNS proxy. That’s about 6 per second! WTF? (No, it’s not a wi-fi issue – the AP “hears” the camera at -60dBm.)
This issue has been reported here in the Forum numerous times and in tickets 1850905 and 1803709, neither of which were resolved.
Where’s the action on the issue? Indeed, a greater question may be “how can Wyze be trusted?”
I’d like to hear this too, even though I have minimized the importance in the past.
I wonder whether this sporadic behavior might be due to
- An expected hard coded external DNS resolver being offline
- The external resolver or other server erroneously maintaining an open connection from its side, misleading your log that it was initiated internally. There was at least one report here of a remote media or P2P server repeatedly trying to reinitiate a connection on its own.
Hi. My thoughts …
n expected hard coded external DNS resolver being offline
- Unlikely 18.104.22.168 and 22.214.171.124 would both be off-line and also – the queries were serviced from cache. And, I am not seeing the other 25+ clients (including two more WyzeCams) relying on the PiHole doing this.
The external resolver or other server erroneously maintaining …
- Interesting thought. Looking at the log, the PiHole replied with cached data so I really don’t think that’s what’s happening here. And, we’re seeing this only with Wyze – not the other clients. The others are well behaved.
I should add that we’ve seen this behavior at two other locations where WyzeCams are installed. We’re thankful we have PiHoles to report this behavior – otherwise wed’ never know.
Are those your chosen ones? I was talking about resolvers hard coded in the firmware, attempting to bypass the ones handed out by your local DHCP. Wyzecams seem to have had a few such instances.
Ahhh, OK. 126.96.36.199 and 188.8.131.52 are the upstream DNSs used by the PiHole. So, if a DNS was hard-coded into the Wyze gizmo I would not see it via the PiHole.
Now, having said that at least at one time 184.108.40.206 was hard-coded into Wyze W and was used to check to see if the unit was on-line. I discovered that dramatic over-activity via a different means, reported it, and was told that, yes, it was too frequent and a FW release would fix it. Did they do so? Unknown – but I will be checking. That issue was discovered by looking at session status in a router (a Peplink Balance 380.) It may be that Wyze simply changed the “on-line check” to use the DNS assigned via DHCP and they never fixed the real issue. Regardless, trust is certainly lacking.