Wyze v3 massive DNS traffic

I am having an issue with my Wyze cam v3 sending several thousand DNS requests each second. This is causing problems with my Wi-Fi and my security gateway’s CPU. Sending several thousand packets like this causes ~60% CPU consumption to process all of the suspicious traffic. This limits bandwidth for legitimate traffic on my network so I need to resolve this.

When this happens I can see in the firewall log that the device is sending massive amounts of DNS requests to resolve www.google.com over and over again. If I target my internal DNS it causes problems on that DNS server and it crashes… so I have it using google DNS. Here is just a sample of a log showing ~2,700,000 DNS requests between 10:52 AM and 2:43 PM.
See 'DNS Log' below (limited to a single image in my post)
Once this bug triggers you will see several hundred (at times approaching 1k) DNS requests each second.

Sometimes the volume is much much higher than this example. A reboot of the device is the only thing that makes it stop. Once the device boots it will be ok for some time (Sometimes an hour, or sometimes a day), but it eventually starts to lose its mind and send massive amounts of DNS requests until rebooted again.

I have tried to wipe/reset the device a number of times. It is up to date and I have reset it after each recent firmware update in hopes that the issue would be corrected.

Here is a nice visualization of the traffic generated, and the issues that volume of traffic is causing on my IDP (For those that will say “dns traffic is so light” or… “this is nbd”.

Here you can see a graph of the packets sent by the Wyze v3 in question. This is all DNS traffic. Video traffic does not generate anywhere near this many packets or load on my IDP CPU. (At the scale required to display this graph you cannot even see the blips generated when viewing video)
See 'Packets sent by Wyze v3 Cam' below (limited to a single image in my post)
And here you can see the overall CPU (Yellow) and memory (blue line) utilization for my security gateway. The gateway is performing IDP and the thousands of DNS request packets need to be scanned, causing high CPU utilization. You can see by comparing the graphs the issue caused by the Wyze cam DNS bug. This effectively limits my available bandwidth and causes increased latency
See 'CPU utilization on IDP' below (limited to a single image in my post)

This seems to be an issue that several others have been experiencing for quite a long time:

This needs to be corrected right away as I assume it’s impacting all users and they just don’t realize the impact that your product is having on their network. This is only with a single v3 cam. My v2 cams had this issue some time ago but was patched and has been ok.

I opened a case with Wyze (1675420) and submitted logs (401801, and 401660) and they immediately closed it saying they wouldn’t review my logs and there was nothing that could do for me at that time… I was a little upset that I took the effort to do this logging and bundle this all up for Wyze support to promptly trash:

Thank you for submitting a log! This greatly helps our engineering team as they work to better improve our products and the Wyze app.

My team here in support does not review your log or follow the progress. We’re working on developing a process so that we can track these logs on our end, but it’s still very much in progress. We hope to have the ability to receive more details from your log submissions sometime in the future.
• This request will be closed because we don’t have anything further we can do at this point.
• This request will not be re-opened later.
• Please keep an eye out for firmware and app updates. If the problem persists, please continue to submit logs with the new app and firmware versions.

So what’s the point of the log submission system if they aren’t tracked or reviewed. Even when linked to a ticket the ticket just gets closed and you logs discarded. This is why the Wyze service has been in decline and this has been an issue for such a long time… :frowning:

2 Likes

Something similar to this was fixed back in V3 firmware 4.36.0.252 back in February. Are you using a higher version of firmware?

All firmware on the devices and app are up to date. This issue has has been going on for the last few revisions that I know of. (I can’t see back further in my logs to confirm)

@WyzeBaohua, this may need looking into.

3 Likes

Hi AnoMoss. Thank you so much for posting this issue. I will work on and investigate this issue, and I will try my best to solve it.

First, may I ask if you can send me the DNS Log from that V3 when the issue happened? I can PM you my email. Thank you very much.

2 Likes

I would love to help however I can.
I have already uploaded logs from the app (401801, and 401660) to ticket 1675420.

I would be happy to send you logs from DNS that line up with the above submission!

1 Like

Thank you so much! That will be super helpful. I have another question. I know those logs are collected after the bug happened between 10:52 AM to 2:43 PM. May I also get the date and timezone information? Thank you.

1 Like

Sent and added the requested info. Thanks in advance!

1 Like

Thank you for taking this seriously @WyzeBaohua .

1 Like

I just checked my Wyze camera Internet useage. The Cam V3 is 5 times (almost 6x) more than the Cam V2 in uploaded data over the past month.

In my basement go from 6 to 3 to stop me from getting bumped off 2g on router

My entire network shut down when 6 cameras were capturing activity while I was down there, removed 3 and changed nothing else and internet fine

No idea if related to this issue

I did another test my indoor V3 cameras I turn them all on meaning only three And kick me off the Internet wireless When looking at the cameras something is not right

I have plenty of ring cameras that never happens

How do you get kick k off??

It just happened the only other thing I can think of too many devices on my network

When I would look at the cameras my Wi-Fi signal would drop

1 Like

OK, I don’t know if any of this info will help, but I am going to post on the chance it does:

  1. I was having problems with hooking up a new v3 cam, and then other iot devices in my house would not be able to connect. The solution was to install a memory card in the v3 because without one, the v3 cam seems to be always streaming to the cloud and overloading my slower DSL connection.
  2. Even if you have a memory card installed, it may still stream constantly to the cloud if you have the AI motion features enabled because the analysis of any motion (detecting if its a person, etc) is done in the cloud, so configuring just for motion and not enabling any of the camplus object detection might reduce data usage.
  3. Most routers have a fixed number of devices that it can connect to using wifi. So if you are having strange things happen when you add a new device, it could be that you reached that limit. Check your router settings and there may be a setting to increase the limit. Mine was set to “16” device limit and I raised to 32 and problem went away.

I’m having the same issue with both Wyze Cams v2 AND my Wyze Video Doorbell. Practically non-stop pings to google.com. I am very close to taking the remainder of my Wyze devices offline permanently.

One other thing I forgot to mention…

You should see constant "ping"ing from the cameras to wyze cloud servers (once a second or so) - that is how the app is able to connect to your cameras even though the cameras are on the other side of your routers firewall.

Basically, the app can’t connect directly “into” your cameras because your router’s firewall blocks most incoming connections. So the way around this is for the camera to “ping” (make an “outgoing” connection to) the wyze servers a few times a second (because a firewall always allows outgoing connections) - this pinging is basically asking the server “does the app want to connect to me now?” and if you are not running the app, then the server replies “no” to each of these queries from the camera.

But when you run the app and want to view a camera, the server will then reply “yes - a camera does want to connect to you”, and then the server routes your app to that incoming camera connection and then you can then see the video.

This pinging has to happen often so that you don’t have to wait long to connect to the camera. Because if the ping happened only once a minute, then when you run your app and try to view a camera, it may take up to a minute for the server to connect you to the camera because the server has to wait for one of those “ping” connections from the camera.

Multiple connections per SECOND sounds excessive.

1 Like

Perhaps that is why the family has started complaining about the 300 meg service we have as I recently added a few more cameras… That will suck if this is the cause.

Let me put this into perspective…

Even if each of these “pings” sends 10 bytes per second, that is only 864,000 bytes of data for the WHOLE DAY.

That is a fraction, of a fraction of the 300,000,000 bytes per SECOND of your internet service.

So this pinging is actually so insignificant compared to your home’s internet connection.

1 Like