Constant unwanted traffic to dns.msftncsi.com from RT-AC66U

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

nitro001

Regular Contributor
Hello,
I am seeing this as well. I noticed it via Diversion. I have a AC-3100 and AC-87U both and both of them had the checkboxes unchecked for the DNS and Ping settings for the Network Check so I would not expect it to try to resolve out to the server. Is this something that can be requested in a future Merlin firmware where when these are unchecked the nvram setting for this value is also removed and when checked, the value is reset back the the microsoft dns setting? I would go through a formal request process if necessary :)

Thanks,
Nathan
 

RMerlin

Asuswrt-Merlin dev
when these are unchecked the nvram setting for this value is also removed and when checked, the value is reset back the the microsoft dns setting?

Bad idea. Enabling/disabling a setting should not erase the content of another setting.
 

nitro001

Regular Contributor
Bad idea. Enabling/disabling a setting should not erase the content of another setting.

OK, in general I understand that if they were unrelated, but I would assume those settings worked together, i.e. that one would influence the other and if unchecking the boxes does not actually stop the dns pings then having to clear the nvram setting would stop it. The other way, perhaps the underlying DNS ping code isn't actually checking that checkbox value for DNS network is not set (unchecked) in the Admin page and tries to ping anyway.
 

juniorsweet

Occasional Visitor
Just chiming in to say that I too have noticed the constant msftncsi pings and would love to be able to disable this from the GUI. The current checkbox setup is pretty unintuitive in that when the boxes are UNCHECKED the feature is still ACTIVE.

I'm running Merlin's latest firmware 384.12 on an 86U.
 

NetSetGo

Occasional Visitor
I had to go through a similar procedure just now as well because Pi-hole logs were being spammed with 4 requests per minute to dns.msftncsi.com.

Both checkboxes for in DNS Quesry and Ping were disables in Administration->System.
SSH to RT-AC5300 an running "nvram show | grep dns_probe" showed the settings were in effect.
What I did was to first check the DNS Quesry checkbox and empty the "Resolve" input fields, press Apply, then uncheck the DNS Query box and press apply again. The flood of DNS requests stopped.

Out of curiosity I enabled "Ping" and set the target host to be www.example.com. The same behaviour was there as well. Quecries of that domain and pings were going from the router also when the box was unchecked (and applied). I had to check it again, empty the input field, apply, uncheck it and apply to disable the pings.
 

Xannylam

New Around Here
I had to go through a similar procedure just now as well because Pi-hole logs were being spammed with 4 requests per minute to dns.msftncsi.com.

Both checkboxes for in DNS Quesry and Ping were disables in Administration->System.
SSH to RT-AC5300 an running "nvram show | grep dns_probe" showed the settings were in effect.
What I did was to first check the DNS Quesry checkbox and empty the "Resolve" input fields, press Apply, then uncheck the DNS Query box and press apply again. The flood of DNS requests stopped.

Out of curiosity I enabled "Ping" and set the target host to be www.example.com. The same behaviour was there as well. Quecries of that domain and pings were going from the router also when the box was unchecked (and applied). I had to check it again, empty the input field, apply, uncheck it and apply to disable the pings.

Made an account to say thank you for this! Those requests were spamming up my Pi Hole too and was confused as there’s no Microsoft devices on my LAN. This worked perfectly as a workaround fix within the GUI. I hope Merlin can add this to a future release. Simply clearing the domain that’s pinged when “DNS Query” is not checked is enough to stop the requests 100%. Left the IP’s in so I have a secondary method checking the WAN is up.
 

Puremin0rez

Occasional Visitor
This is only 2-3~ days of DNS requests from my entire network
upload_2019-12-28_22-42-1.png

The watchdog ping takes up a massive 25k requests. All monitoring is disabled in the WebUI, so clearly that option doesn't seem to work properly.

Cleared the NVRAM setting for it and all is well now, didn't even require a reboot for me :)
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top