GenMatrix Posted December 9, 2021 Share Posted December 9, 2021 Something weird is happening where my Pihole sees a huge spike in DNS queries within a very, very short window, the router sits near maxed out CPU and I get spammed with the warning message below. Any idea why this is happening? Link to comment Share on other sites More sharing options...
GenMatrix Posted December 9, 2021 Author Share Posted December 9, 2021 To show what I mean by a huge burst, the time it took me to compile this post now sees the queries at the count below. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted December 9, 2021 Administrators Share Posted December 9, 2021 Could you provide the full log file please? Then I can more accurately determine the cause - it could have been downloading a cloud update for example. Link to comment Share on other sites More sharing options...
GenMatrix Posted December 9, 2021 Author Share Posted December 9, 2021 It appears to be triggered when I log into the R2 Duma GUI. When I did that my Pihole stats went through the roof. log-1639073049760.txt I gotta reboot the router to get it to stop. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted December 9, 2021 Administrators Share Posted December 9, 2021 Okay that's interesting, it's seeing a lot of interactions as potential DNS rebind attacks which are almost always a false flag, a lot is coming from PlayStation - was the PS doing an update at the time this was happening? Link to comment Share on other sites More sharing options...
GenMatrix Posted December 9, 2021 Author Share Posted December 9, 2021 2 hours ago, Netduma Fraser said: Okay that's interesting, it's seeing a lot of interactions as potential DNS rebind attacks which are almost always a false flag, a lot is coming from PlayStation - was the PS doing an update at the time this was happening? It was on with Amazon prime, the behavior of it trying to phone home to Sony is consistent on my Asus router as well. A little after posting my previous reply, the router exhibited the same behavior as all other firmwares where it just dies on the WAN side, GUI becomes inaccessible and all devices lose internet connectivity. I’m really regretting this purchase since it’s been a over a year and it’s spent more time as a paperweight than a functioning as a router. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted December 9, 2021 Administrators Share Posted December 9, 2021 Did you factory reset after upgrading to .394 initially? If not please do that as it does prevent issues carrying over Link to comment Share on other sites More sharing options...
GenMatrix Posted December 9, 2021 Author Share Posted December 9, 2021 Yeah I reset after I passed the firmware. I’ll try it again I suppose. Maybe reset it 5 times. Link to comment Share on other sites More sharing options...
Administrators Netduma Fraser Posted December 10, 2021 Administrators Share Posted December 10, 2021 Set the WAN lease hours to 168, change the DHCP start to .50, then give devices reserved IPs between .2 - .49 then reboot and see if it is more stable after that. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.