Strange DNS lookups by hub?

No, as far as I can tell, everything is acting as it should.

Hi I’m wondering if anyone has any insight about a somewhat related problem I’ve discovered with my new Connect Home hubs. The main hub seems to be flooding my pi-hole server with millions of requests in the last 24 hours for reverse DNS lookup. No idea why. ( [0.0.0.0.in-addr.arpa] and [0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa] ) I just bought these hubs and haven’t even moved my smartthings devices over from my V2 hub yet (because it sounds like I have to do it all manually) and yet the connect home hub is slamming my dns server with hundreds of reverse requests every second. I disabled the “smartthings hub” feature for the connect home and it’s still sending the constant dns requests. I Updated the firmware on the two connect homes as well and no difference. Any ideas would be appreciated. Sounds like this other person is having the same problem… https://us.community.samsung.com/t5/Smart-Home-Support/Connect-WiFi-reverse-dns-flood/td-p/1008496

I had something similar to that some time ago. It seemed to have something to do with the hub mistakenly looking up some Hue devices on DNS . It was about that time I stopped using the ST hub for most of my automation and moved to Homeseer instead. I still have the ST hub running for some routines that work on it, but not for any of my lighting.

Thanks Bill. I don’t actually have any Hue devices on my network and actually these new connect home hubs are only currently acting as a wifi network as I’ve disabled the smartthings portion of those hubs. Yet it seems to be flooding the dns server with reverse lookups. Maybe Patrick has some inside info about this or is there a better place to get directly in touch with Smartthings staff? I suppose I could just e-mail them directly but this problem seemed similar to the one I’m experiencing. Thank you

Unfortunately I won’t be any help one this one. Anything I’ve ever worked on here (or even seen) gets turned off when you turn off the hub feature & I don’t have any contacts on the team that does the development for the ST Wifi itself. The problem mentioned above should now be fixed and it’s code that is disabled when the hub feature is off. So, this thread is probably a red herring for the issue you’re seeing.

Okay thanks for the quick responses. I’ll try to hunt for an answer elsewhere then.

I turned on DHCP server on my pi hole as well and disabled DHCP on the router and configured router to advertise the pi hole DHCP. That way you don’t have to configure every client. I have about 80 devices so I just flipped the main breaker on the house to reset everything. Call me lazy.

I had something similar to your problem, the DNS was very strange and we changed IP addresses and providers, but these methods did not help us. It turned out that we kept a small hosting service for our site at home and it spoiled the dns addresses.

Please excuse my necroposting, but I just rebuilt my network (had a lightning strike that accelerated the rebuild I had planned) and I switched my hub over just last night. I’m using a Samsung Connect hub (the wifi mesh hub that has ST built in) and shut off the wifi portion entirely as I’m using something else for wifi. I’m also using a pi-hole for DNS and noticed this morning that I had a ton of requests coming from the hub (again, wifi is shut off) going to the 0.0.0.0 addresses as described above. I blacklisted it and it didn’t seem to affect my devices or the ST app at all, but it totally overloaded my pi-hole (which is running in docker with minimal resources.) I had to flush everything just to get it back up and running.

Thankfully when I redid my network I VLAN’ed off my IoT (including the hub) to a separate network where they get their own DHCP from so I just reassigned the DNS to the router itself for those devices. Of course, I’d really like to be able to see those devices specifically so I can see exactly these sort of things (I once bought an wireless IR device that called out to China every 10 seconds!)

Any ideas? I know this is a bit bizarre but it’s also very confusing as to why it would make a DNS request to 0.x addresses like that.

(edit)

I just re-added it after I rebooted the hub and it’s still making these requests like crazy. Literally at least 20-50 per second. Wound up giving it its own VLAN where it’s totally isolated and not going through the pi-hole for now but it’s pretty concerning that it does this.

I have exact the same issue. Any outcome or fixes to this?