Belkin Router Heartbeat to Belkin DNS servers

I bought a Belkin N450DB Wireless Router
It seems to be working OK and overall i am quite satisfied with it.
However, one day I noticed that there were a few thousand DNS lookups to heartbeat.belkin.com.
I tried to figure out why my router was making DNS lookups to this site.
I could find nothing official regarding this. A few google searches revealed some forum discussions stating that the router was pinging this site.
One discussion stated that it did this to determine if the internet was up and working.
There was nothing in the configuration page that allowed me to access this property and turn it off.
I checked the manual and there was no mention of this behaviour.
I was able to notice this because I run a local DNS server. I have no idea what else this router is sending out. I’ll have to sniff the network to do that.
I don’t like this for the following reasons:

  1. Belkin has not documented this feature which means they are not forthcoming.
  2. I t seems to be an invasion of privacy. It may be true that they cannot figure out who is on the other end of the connection, but it makes it easier if they wanted to try and figure it out.
  3. They do not have permission to track my IP address. When they get a ping from me, My IP address is part of that ping. There is no reason for them to know if my router is connected or not.
  4. They are using my bandwidth, again with out my permission. I have not been able to determine the frequency or the pattern yet. On the other hand, I shouldn’t have to.
  5. That fills up my DNS logs. If I was not using my DNS i would be using an internet DNS like google’s 8.8.8.8 or something else. The owners of that DNS, a completely un-associated third party, would then know what type of router I was using. Ping and DNS is a lightweight protocol, but bandwidth is no infinite and after a while all these pings start to add up and contribute to network congestion. And since there is no clear reason for these pings and DNS lookups, it’s just not a nice way to play on the intenet.
  6. I see no practical need for this feature. I never saw it in other routers so why does this one need it?

Most people who buy this Belkin product and others like it don’t see it because the feature is hidden from them. They don’t see DNS looks-ups and they don’t monitor their network traffic. Belkin probably knows they should not do this, but it’s easy to take advantage of the ignorant public so I guess they figure why not. That’s speculation on my part, but still what other explanation is there.
I will have to advise all my friends not to buy a Belkin router no matter what model it is. It’s the only responsible course of action I can take at this point.
Since I can’t turn this feature off I have taken the following steps to disable it:
I run a DNS BIND9 name server on a Linux system. This particular software has a relatively new feature called an rpz zone. Below is how i configured the rpz zone for
heartbeat.belkin.com. I realize this is not a good solution for the vast majority of users but until I can replace the router this was my first best solution.
There are other ways of stopping the ping to heartbeat.belkin.com but for me this was the easiest. Now, when the router tries to look up or ping belkin.heartbeat.com and send any information to it it will send it to me at  myinternaldomain.tld

General info on rpz zones
https://dnsrpz.info/

General method and Configuration of Belkin DNS Domain

I set up the following configuration:

snippet from /etc/named.conf:

response-policy {
 zone "rpz";
 };
. . . .
include "zoneopt/rpz.opt";

contents of rpz.opt:

 zone "rpz." IN {
 type master;
 file "masters/rpz-belkin-hosts";
 forwarders{ };
 };

contents of rpz-belkin-hosts

$TTL 3D
 @ IN SOA @ hostmaster.myinternldomain.mytld. (
 69 ; serial
 1D ; refresh
 2H ; retry
 2W ; expire
 3D ) ; minimum
 @ IN NS ns1.myinternaldomain.tld.
 @ IN NS ns2.myinternaldomain.tld.
 @ IN NS ns3.myinternaldomain.tld.
 heartbeat.belkin.com IN CNAME default.myinternaldomain.tld.

in the file myinternaldomain.tld-hosts

default IN A my.ip.add.ress

Leave a Reply

Your email address will not be published. Required fields are marked *