UPDATE: I updated my article with a more recent graph with more devices connected.
Here is a quick CSV export of all the concerned hosts (subdomain + domain) I could pick from my database.
https://stan.sh/images/ios_domains.csv
I really want the story behind pancake.g.aaplimg.com
Yes, iOS does talk a lot to the Apple servers, and apple makes heavy use of Akamai for CDN purposes.
If you set your iOS device to auto-update overnight, that will typically happen between 3am and 5am. They even tell you that when they set the schedule.
What exactly makes this "alarming"? I could understand "large" or maybe even "unexpected", but if this is background noise, I'm not sure "alarming" really fits here unless we're sure this is bad behavior.
Since you're blocking some DNS requests, do you think a portion of the usage might be retries? If one DNS request could turn into querying all the addresses in your list, I could see an amplification attack happening, and then that happening also on a retry. Look for patterns in querying the individual names?
Are you sure it's not just a bunch of app store updates and an iCloud backup? That's what I'd expect my phone to be doing at 4am anyway.
I also have a DNS logger and I found that iOS makes a lot of requests to time-ios.apple.com. That one isn't really alarming, though.
Perhaps not really that big a deal, but the first consequence I can think of is draining battery...
What exactly is 'alarming' about a cloud device trying to connect to its cloud services? DNS/UDP is the cheapest way of communicating for the device, and, if the DNS servers are not mad and the RR timers are set correctly, also for the name server.
That animated banner at the top of https://databuster.net is a perfect example of what not to do on a website
I run a pi-hole instance at home and observe the same thing. Most DNS requests come from my iOS devices.
I have been logging, redirecting and blocking these queries for these domains and more for years.
It is one of our biggest complaints about the "new" Apple.
There is no option for the user to disable the nonstop phoning home. iOS is a BSD-like OS configured so that the user does not fully control it (e.g. can't stop someone else's software from incessantly trying to phone home). The user cannot fully configure it (e.g., can't access HOSTS file). Only Apple can (they get root and they do not even own the device). Important settings are placed off limits to the owners of these devices. This is no fun.
Turn on an iOS device and it will keep trying to connect to Apple servers; it will not stop. An incredible tracking device if those servers keep logs, irrespective of Apple's reasoning. Not to mention lots of unnecessary network chatter on the home network.
Clarification: After many years of desensitization to this practice since the first iPhone, it is neither "a secret" nor "scandalous", but it is still disappointing. Moreover, I am not advocating any other mobile OS simply by making a comment about iOS. In fact, none of the "smartphones" being sold today are satisfactory to me as portable computers when compared with the control I get using an open source OS with i386, amd64 or even a development board.