An ongoing problem that seems to have avoided resolution: Massive number of DNS inquiries from WyzeCams. Here’s an example: Last evening over a period of ten minutes one of our v3 cameras made 3552 DNS queries as reported by the PiHole DNS proxy. That’s about 6 per second! WTF? (No, it’s not a wi-fi issue – the AP “hears” the camera at -60dBm.)
This issue has been reported here in the Forum numerous times and in tickets 1850905 and 1803709, neither of which were resolved.
I’d like to hear this too, even though I have minimized the importance in the past.
I wonder whether this sporadic behavior might be due to
An expected hard coded external DNS resolver being offline
The external resolver or other server erroneously maintaining an open connection from its side, misleading your log that it was initiated internally. There was at least one report here of a remote media or P2P server repeatedly trying to reinitiate a connection on its own.
n expected hard coded external DNS resolver being offline
Unlikely 126.96.36.199 and 188.8.131.52 would both be off-line and also – the queries were serviced from cache. And, I am not seeing the other 25+ clients (including two more WyzeCams) relying on the PiHole doing this.
The external resolver or other server erroneously maintaining …
Interesting thought. Looking at the log, the PiHole replied with cached data so I really don’t think that’s what’s happening here. And, we’re seeing this only with Wyze – not the other clients. The others are well behaved.
I should add that we’ve seen this behavior at two other locations where WyzeCams are installed. We’re thankful we have PiHoles to report this behavior – otherwise wed’ never know.
Ahhh, OK. 184.108.40.206 and 220.127.116.11 are the upstream DNSs used by the PiHole. So, if a DNS was hard-coded into the Wyze gizmo I would not see it via the PiHole.
Now, having said that at least at one time 18.104.22.168 was hard-coded into Wyze W and was used to check to see if the unit was on-line. I discovered that dramatic over-activity via a different means, reported it, and was told that, yes, it was too frequent and a FW release would fix it. Did they do so? Unknown – but I will be checking. That issue was discovered by looking at session status in a router (a Peplink Balance 380.) It may be that Wyze simply changed the “on-line check” to use the DNS assigned via DHCP and they never fixed the real issue. Regardless, trust is certainly lacking.