Wi-Fi router vendors have started issuing patches to defend their products against Google Chromecast devices.
TP-Link and Linksys were first out of the blocks with firmware fixes, and TP-Link has posted this explanation of the issue.
The bug is not in the routers, but in Google’s “Cast” feature, used in Chromecast, Google Home, and other devices. Cast sends multicast DNS (MDNS) packets as a keep-alive for connections to products like Google Home, and it seems someone forgot to configure the feature to go quiet when Chromecast devices are sleeping.
That, at least, is how Vulture South reads the issue that TP-Link’s engineer described:
“These packets normally sent in a 20-second interval. However, we have discovered that the devices will sometimes broadcast a large amount of these packets at a very high speed in a short amount of time. This occurs when the device is awakened from the ‘sleep mode’, and could exceed more than 100,000 packets in a short amount of time.”
It continues: “The longer your device is in ‘sleep’, the larger this packet burst will be.”
If left alone long enough, TP-Link warned, the burst will fill up the router’s memory and leave a reboot the only option to restore connectivity.
As a poster to this Reddit thread noted, MDNS uses UDP – and UDP doesn’t have congestion control.
ASUS users may also affected.
It should be noted that the router vendors’ fixes are mitigations while the world waits for Google to patch Cast. ®
By Richard Chirgwin 15 Jan 2018