Portal does a lot of DNS requests

Comments

27 comments

  • Avatar
    David Tay

    This is interesting and I can't wait to hear what the response is from Portal about this.  Could this be some tests that Portal runs just to verify connectivity (for DFS/cloud feature)? 

    0
    Comment actions Permalink
  • Avatar
    Benjamin Schollnick

    I don't mean to be "that guy".  

    But I wouldn't hold my breath waiting for a reply.  I rarely have seen anything from Portal.  Heck, we're still waiting to get the release notes from the latest firmware release (the last documented is from May 2017)....  Or documentation on the QOS features?

    I like my portal, but I can't recommend them simply because of these issues...  

    1
    Comment actions Permalink
  • Avatar
    Rinze (Edited )

    Gordon (support) opened a request for me on my behalf.

    Last night my internet provider had an error which caused my internet connection to be unavailable.
    During that time, Portal made over 10.000 DNS requests per hour!
    connectivitycheck.gstatic.com and www.gstatic.com were queried constantly.
    That means that there were about 3 DNS requests per second at that time.

    0
    Comment actions Permalink
  • Avatar
    Kevin

    I just set my Portal up about 4 hours ago and it's already performed close to 90,000 DNS requests. It's getting returned if they don't address the issue.

    0
    Comment actions Permalink
  • Avatar
    Christy Wilson

    :-( FIVE HOURS LATER OF SOLID RED...I'm still fighting just to set it up. Y'all are making me think putting this thing back in the box and sending it back to Amazon might be a better idea

    0
    Comment actions Permalink
  • Avatar
    Paul S

    Could that be why my internet keeps disconnecting; because the router itself is using more of the bandwidth then myself the actual user?

    0
    Comment actions Permalink
  • Avatar
    Geran Smith

    How do you have your DNS setup? If you are letting your devices choose their DNS servers, Portal advertises itself as the DNS host and then forwards the requests onto the DNS servers Portal was configured for (ISP DNS by default, or whatever you put in the UI).

    So if you have Google DNS configured in the Portal config page, your DNS on your PC will show as 192.168.10.1 (or whatever the Portal IP is).

    0
    Comment actions Permalink
  • Avatar
    Rinze

    Hi Geran,

    This is my network setup:

    Internet router - running DHCP, providing ip addresses and access to the internet
    RaspberryPi - running as internal DNS-server (PiHole, to block all the ads, DNS pointed to Google Public DNS)
    Portal - running as accesspoint to deliver wifi in a part of my house

    All my devices are getting an ip address from the internet router. The router also provides the ip of my RaspberryPi as my internal DNS server.

    Portal does have a DHCP reservation based on it's mac address. So Portal is just being used as an accesspoint.
    There is no need for Portal to check if there is an internet connection available, because it is not it's job to provide it. It's job is to provide wireless access to my network.

    0
    Comment actions Permalink
  • Avatar
    Geran Smith

    We have pretty similar setups actually, I have a separate router for DHCP, firewall, etc as well.

    From what you described, it sounds like it is the Portal device making all those requests. I noticed something similar with my Portal, but ran into the issue I mentioned in my last post about Portal giving it's IP as the DNS resolver.

    In general, I'd say that Portal has some weird issues with being in bridge mode. I've run into issues with my phones randomly disconnecting, the DNS spam, etc.

    0
    Comment actions Permalink
  • Avatar
    Rinze

    I just read your other post. I found out this issue because of the PiHole.

    I will check if Portal is pushing it's own ip as a DNS server as well, let me get back to you on that.

    I do have some strange disconnects too. For example when using my Google Chromecast. It suddenly stops playing the movie without any reasons. I've been thinking about getting the Chromecast a wired connection, but perhaps it is time to replace the Portal then, unfortunately...

    1
    Comment actions Permalink
  • Avatar
    Geran Smith

    I have a long going support case with the folks at Portal about disconnects on Android phones (and I think on my Nest thermostat). I sent them some logs, but so far they said that the phone is requesting the disconnect and it isn't the Portal. I do know my RT-AC68U is not experiencing issues at all...

    It is hard to rationalize replacing the Portal too... I have two of them, so it wasn't terribly cheap. I also would need to replace them, which isn't terribly cheap. They do a good job, beyond the disconnect issues. The DNS spam is annoying, but in theory it is non-impactful since the DNS resolver (in your case the PiHole) will cache the request and give a reply quickly.

    0
    Comment actions Permalink
  • Avatar
    Rinze

    My Portal isn't pushing it's own ip as DNS server fortunately. It is sending the PiHole ip as DNS server.

    I've only one Portal (via Kickstarter) and indeed, it wasn't cheap. The other part of the house is covered by a UniFi.

    Besides the disconnects and the DNS queries (which is only annoying), Portal works fine for me.

     

    0
    Comment actions Permalink
  • Avatar
    Geran Smith

    Then Portal is definitely doing a lot of DNS queries, weird.

    The disconnects are slowly driving me insane. Maybe it is just a sign that my wife and I should use our phones less in the house?

    0
    Comment actions Permalink
  • Avatar
    Doug H.

    Rinze said: There is no need for Portal to check if there is an internet connection available, because it is not it's job to provide it. It's job is to provide wireless access to my network.

    While I agree that such DNS requests seem like they are for that type of reason, your statement doesn't account for the fact that Portal has said they do processing in cloud server to analyze your wireless congestion.  The green ring means that it is in contact with such cloud in the internet.  I am not clear whether this is only DFS radar events or maybe additional info about non-DFS channel usage.  I just wanted to remind users that without internet connectivity, Portal can't do its best providing wireless.

    0
    Comment actions Permalink
  • Avatar
    Geran Smith

    There is a difference between checking for internet connections, and making 16K DNS requests in a day.

    The wireless shaping and DFS channel usage probably doesn't require any internet access. I can't see why it would need it, beyond making some communications to whatever server is doing the processing of the usage.

    0
    Comment actions Permalink
  • Avatar
    Rinze

    Hi Doug,

    I agree that it is allowed to check for internet availabilty. But once per minute looks more than fine to me. That would make 1440 DNS requests a day. A complete difference than about 19K DNS requests per day. That is more than 13 times as much!

    0
    Comment actions Permalink
  • Avatar
    Onno Feringa

    It would be great if this weird behavior is fixed in a next firmware release. Any comments on this by customer support?

    0
    Comment actions Permalink
  • Avatar
    Rinze

    Hi Onno,

    Unfortunately customer support keeps quiet...

    0
    Comment actions Permalink
  • Avatar
    Baivab Mitra

    I just responded in the other thread, please check it out.

    0
    Comment actions Permalink
  • Avatar
    Onno Feringa (Edited )

    Thanks, but your response in that thread is not an answer to why Portal makes all these DNS requests.
    Please explain why this may be necessary or if it is a bug (and I expect it is) when this will be fixed.

    0
    Comment actions Permalink
  • Avatar
    Benjamin Schollnick

    @baivab Mitra, which thread?  This support portal is one of the most annoying environments.  Almost no threading, and it's difficult to find any posts easily.

     

    0
    Comment actions Permalink
  • Avatar
    Baivab Mitra

    @Onno - ah, got it. I used a professional level sniffer agent due to a particular work I was doing and currently have Edge router as the work I do necessitates extreme security. Anyways, when I noticed this same behavior you've noticed sometime back I reached out to Portal team. As I have understood from them, as and when the cloud connectivity can not be established Portal by default cycles thru some 100K DNS addresses before determining connectivity can not be established. However, at the same time I did not get a clear idea why this occurs or is required. I am still in the process of sorting this out. 

    1
    Comment actions Permalink
  • Avatar
    Rinze

    I've requested the support engineers for an update, since it has been almost 3 months now without any update.

    1
    Comment actions Permalink
  • Avatar
    Benjamin Schollnick

    All I will say is cycling through 100K DNS Addresses to decide that network connectivity can't be made seems a bit extreme.  Why not 1K or 5K, what was the rationale on 100K?

    0
    Comment actions Permalink
  • Avatar
    xorportal

    I posted this (below) on the other thread regarding pihole, but I'll post it here too because it seems relevant... TLDR; there is a bug in the portal firmware I had confirmed by portal support at the end of July, it looks to me like it can cause a DNS loop in your network.

    ----

    It's a bug in the portal firmware - I'm hoping it gets fixed in the upcoming release (or I'm giving up on this router).

    What appears to happen is that the portal intercepts ALL port 53 UDP traffic in the network and sends it to the configured DNS server.

    Your pihole receives the DNS request, then tries to forward it to your upstream DNS provider (e.g. Google, OpenDNS, ISP). But the portal intercepts that connection too and sends it back to your pihole.

    You end up with an infinite loop, no DNS, red light, hours of frustration...

    ----

    0
    Comment actions Permalink
  • Avatar
    Rinze

    I tot an answer from support:

    Hi Rinze,

    Engineering believes that this issue has been resolved and will be part of the release scheduled to occur next week (2am Tuesday morning). Please let us know if you continue to see the unusually high rate of DNS accesses after Portal automatically updates.

    Regards,
    David

    0
    Comment actions Permalink

Please sign in to leave a comment.