How to stop connections to 8.8.8.8 from SOHO?

jyri · January 10, 2021, 8:29pm

Hi all,

I have a pepwave SOHO, firmware 8.1.0.

I can see from a downstream firewall that the pepwave device is constantly (multiple times per minute) attempting to connect to google dns at 8.8.8.8. These get blocked by the firewall.

I have pepwave configured to provide my internal DNS server to clients over DHCP (in LAN->DHCP Server->DNS Servers) and can confirm that any devices which connect to pepwave over wifi are given the expected (internal) DNS server IP by pep’s DHCP server. Name resolution works fine, so that’s all good.

I have also configured my same internal DNS server in Network Settings->DNS Resolvers.

I can test that pepwave can also resolve names correctly by using the ping test in the UI to external hosts.

So all DNS functionality is working fine and there isn’t any reference to 8.8.8.8 anywhere in the configuration that I can find.

And yet, pepwave keeps trying to connect to 8.8.8.8 constantly. How can I put a stop to these?

Thanks!

erickufrin · January 10, 2021, 10:21pm

Take a look at what your using for Health Checks.

MartinLangmaid · January 10, 2021, 11:01pm

What port is the request to 8.8.8.8 on? If its UDP 53 then it could well be DNS healthcheck on your WAN, if its TCP 443 then the SOHO can use 8.8.8.8 for WAN latency measurements also.

stego · January 10, 2021, 11:53pm

There is also a setting in the DNS proxy network settings allowing you to include google dns servers in the dns resolution to increase availability. Is this checked?

jyri · January 11, 2021, 3:46am

The “Include Google Public DNS Servers” option is unchecked.

Martin: Thanks for making me take a look closer at the details. It’s neither, it is an ICMP ping being sent to 8.8.8.8 so seems may be related to some connection health checks.

My WAN “Health Check Settings” are configured to ping an upstream router host that I control, so it shouldn’t be that though.

andyblac4791 · January 14, 2021, 12:30pm

i was getting the same thing on my Balance One and my One AC Mini AP’s, i forced my local LAN DNS to my pihole, from “Automatic”, my pihole now list loads of entries like this

i have no idea what those local hostnames are. ip’s .4, .6, .8 are my ac one mini’s on formware 5.7.3, it funny my older mini’s on 5.6.3 dont show

EDIT:

these local dns quieres are from the AP’s WAN staus function (DNS lookup), i changed to IP ping with routers IP and everything stopped.