[ActionTec] Mysterious DNS Activity in AcctionTec GT724WGR
I keep on getting the same mysterious DSN failures, even after setting dproxy.conf to use only Google's DNS servers, 220.127.116.11 and 18.104.22.168. These lines are (I got the by telnetting to the ActionTec box):
(GMT-08:00)14:46:38 Thu Apr 05 2012 syslog: failed dns request len=141,srcip=22.214.171.124, url=r._dns-sd._udp.hogar
(GMT-08:00)14:46:38 Thu Apr 05 2012 syslog: failed dns request len=142,srcip=126.96.36.199, url=db._dns-sd._udp.hogar
(GMT-08:00)14:46:38 Thu Apr 05 2012 syslog: failed dns request len=142,srcip=188.8.131.52, url=cf._dns-sd._udp.hogar
(GMT-08:00)14:47:14 Thu Apr 05 2012 syslog: failed dns request len=141,srcip=184.108.40.206, url=b._dns-sd._udp.hogar
The first mystery is: who is doing these accesses? I thought I had all browser windows closed, I certainly never looked for 'b._dns_sd._udp.hogar'!
The second mystery is: why does it say "url="? These are not URLs.
May want to toss up a packet sniffer and see a) what kind of DNS packets these are, and b) if something
from your LAN is making a request for those URLs.
I did find a DNS service discovery from dropping in those url= outputs into Google. Seriously though,
something you don't know about is running around on your network that you need to track down.
Thanks, HELLFIRE. I could have sworn I already tried Google, but sure enough, when I followed your suggestion and Googled specifically, "b._dns-sd._udp" I found a very plausible sounding explanation: it is Bonjour trying to do DNS 'service discovery'. I have an Apple running OS 10.6, so that must be the culprit. The same post says it is harmless, but I don't like unnecessary clutter, so the next step is to figure out how to either turn it off or configure it correctly so that discovery complete successfully.
|reply to epaiwn |
You are correct, these are for Bonjour. Bonjour is only needed if you are using AirPrint or AirPlay (so iTunes can play audio out of other devices) If you don't need it, simply uninstall Bonjour from add/remove programs and these excessive queries will go away.