Yes, it was a problem with the Asus router.
There's nothing to configure in the Asus web interface, but telnetting into it gave an option to shut it off.
nvram show | grep dns_probe
Shows the offending addresses. I set them to null, saved, then rebooted.
nvram set dns_probe_content=0.0.0.0
nvram set dns_probe_host=""
nvram commit
reboot
I flushed the logs, and now dns.msftncsi.com doesn't show up every few seconds.
There's some information about it here: http://www.snbforums.com/threads/constant-unwanted-traffic-to-dns-msftncsi-com-from-rt-ac66u.35367/