Is there a reason that the Comet is sending a lot of DNS requests? My firewall is allowing them so far but since I don't have this device available in the cloud I'm wondering if their is a way to disable the DNS requests?
Block port on it?
I should have asked what the DNS requests were for? Is it the device checking for firmware updates? If so I want those to go through.
But yes blocking the port is an option.
Are you using Wireshark?
No. Pfsense firewall logs are reporting the traffic.
Nevermind I was hoping to hear something from a moderator or at least report the frequent DNS traffic from the device in hopes to learn a little more about what this device is doing on my network. I will figure it out.
Moderators close this post please.
This is a behavior derived from PIKVM, which requests stun.l.google.com approximately every 15 seconds or so. We inherited this kind of behavior
This is done to ensure that the internal network penetration of webrtc can work properly
My Comet is behind a firewall that captures all traffic and running Firmware Release 1.3.0 with the "Cloud Service" disabled. I see the following DNS requests from the Comet:
* 0.pool.ntp.org. (32)
* 1.pool.ntp.org. (32)
* 2.pool.ntp.org. (32)
* 3.pool.ntp.org. (32)
* ipv4.connman.net. (34)
* ntp.tencent.com. (33)
* stun.l.google.com. (35)
* time.cloudflare.com. (37)
* time.windows.com. (34)
Without access to the time servers, I can't use 2FA to log into Comet's web app but this is okay by me as it's on local network. I will continue to monitor for unexpected traffic from my Comet.
1 Like
We still don't know what requests OP is talking about.
Would be useful information you'd think.
Thank you minmie. This answers my question.