Skip to main content

Why does this wireless access point need to do DNS lookups for mqtt-retail.surfboardconnect.com every 5 minutes?

Is it the 300 second TTL on those records that Arris can quickly fix? :

dig A mqtt-retail.surfboardconnect.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> A mqtt-retail.surfboardconnect.com @1.1.1.1

;; ANSWER SECTION:
mqtt-retail.surfboardconnect.com. 300 IN A    edit: removed personal information]
mqtt-retail.surfboardconnect.com. 300 IN A     edit: removed personal information]

 

Because of this, this access point is by far the chattiest device on my network, DNS wise.   And for what?   I can’t imagine any legitimate reason for this device making its own internet connections other than when it is performing firmware downloads/updates.  

 

It just makes the device hard to trust and I’m tempted to sniff the traffic to see what it’s doing unless anyone else has done so already.

 

 

W6U is an extender so it doesn't have the DNS setup. In this case to assist you further can you please help us with the modem model number that you are using to connect your W6U extender.


There is no “modem” in this setup.    I have my own DNS servers.

The W6U gets its DNS and IP addresses assigned to it using DHCP on my network.

Because I manage my own DNS servers, I can see every lookup request on my network, including the lookups the W6U performs.

I see the DNS requests coming from the W6U every few minutes trying to resolve “mqtt-retail.surfboardconnect.com”.  

 

It’s very noisy.

 

I’m just blocking the device at my firewall now since I can’t see any reason it needs to communicate with the internet other than for updates.


Every 5 minutes its sending the request? I know a few of my routers/extenders that roughly time period for a time check as its sync’s regularly (pointless to do that frequent)


Reply