unable to access ips on vlan after changing Gateway/dns
-
Where are you testing from? What DNS server is that using to resolve those hosts?
-
@stephenw10 im testing from home assistant terminal, Home assistant Devices where it should pop up things
i also cant ping them from my desktop pc
the dns hosts are
192.168.0.1 for Lan
192.168.10.1 for cameras
192.168.20.1 for iot devices
nordvpn uses whatever dns .. from setting up per there setup..all i know
-
Ok and those IPs are the pfSense interface addresses in those subnet? So both the HA host and your desktop are using pfSense for DNS?
Are the hosts you're trying resolve all configured as static dhcp leases? Is the DNS resolved configured to resolve those?
Steve
-
so not sure 100% what you mean since i dont really change pfsense much and i recently just setup these virtual lans prior i broke up my 192.168.0.1-254 into segments to simulate vlans
so like 1-50 lan 51-100 cameras 101-200 iot devices.. so everything fit under 192.168.0.1 dnsright now i have
192.168.0.1 as a static ip and 192.168.0.3 as my unraid static ip address and HA ip address is 192.168.0.12192.168.10.2 static ip for the unraid card for HA to pass through and 192.168.10.12 for static ip of HA for the Camera side
192.168.20.2 satic ip for the unraid card for the HA pass through and 192.168.20.12 for static ip for the HA for the IoT Devices side
if you mean the dns resolver for dns resolved.. i have it set network interfaces to All and Outgoing network is setup to NordVPN to there instructions
if there is something else i need to configure.. i have no idea.. thats all i know
and at moment the Vlans Cameras and IoTs its setup for DHCP starting range at 20 and only static ips i have are what i mentioned above..
other then that i dont know... hopefully it helps.. sorry if it doesnt and i try to find more info you ask of me
and sorry if i dont make sense my disylexia it sounds ok in my head but may not explain it right
-
and i also tried adding some NAT settings for cameras to LAN and iotdevices interface to LAN and that didtn help... so wasnt sure
and i was looking at dns dnsmaq in Home assistant but wasnt sure how to set that up incase that could do the dns for the 192.168.10 and 20
-
The DNS resolver in pfSense does not resolve DHCP hostnames. To include either static or dynamic DHCP leases so other clients can resolve them you need to enable that in the resolver settings.
-
@stephenw10 and what resolver setting is that? i thought pfsense resolved all the host names least thats what i thought so if i camera is labled cam1 and you ping cam1 then pfsense resolves that.. least thats how i thought it to work
so only settings i know network interface i have set to ALL
and for outgoing network interface.. i went from the nordvpn network that was selected
and i selected nordvpn, camera,iotdevices,, so those 3 networks be selected.. as LAN automaiclly gets resolved
which i dont 100% really understand
if i plug HA directly into Cameras Switch HA can detect the cameras.. but if i go through the VLan it cant...and still unable to get camera and iotdevices to detect with HA... i saved. and rebooted all my pfsense and all the switchs and rebooted HA still cant get it to resolve so it can find all the devices on the 2 Vlans so i know im doing something wrong or missed a step
do you need pics? or is there a check box i need to check off?
-
@comet424 said in unable to access ips on vlan after changing Gateway/dns:
i thought pfsense resolved all the host names least thats what i thought so if i camera is labled cam1 and you ping cam1
well would need to be a fqdn query, cam1.yourdomain.tld etc. that your using, default is home.arpa for a while that is domain pfsense uses out of the box.
But if you want dhcp to be registered you have to enable that in the resolver settings, if you want dhcp reservations also needs to be set.
dhcp registrations has been problematic for many, since every time a dhcp lease is renewed, created, etc. it causes a restart of the resolver, so depending on how fast that happens, etc. Some people have reported issues with that settings. And been common to not to register dhcp clients. Reservations don't have the issue because they are only loaded when unbound starts, so no restart all the time. If you have lots of dhcp clients, and short leases you could have unbound having to restart every few minutes, etc.
If you want to make sure something on your network resolves, its prob best to create a reservation for it, and register those - or just create a host override for the device.. Keep in mind cam1 wouldn't resolve unless your client was adding the suffix in its query, etc. dns queries need to be fully qualified.
-
@johnpoz ok so kinda confused... how come i can ping host names static names or dhcp names under LAN but when it comes with 2 Vlans it doesnt work the same way...
ill try that add static ips for the cameras in the dhcp server... and see if Home assistant pops up automaticlly the cameras
as if i plug a camera on the LAN Home assistant detects that dhcp right away... but when its on the Vlan Camera it cant see it
so i figured when i made 3 ethernets into Home assistant 1 for Lan 1 for Cameras 1 for Iot devices.. that Home assistant would automaticlly detect everything ... or least pfsense would dns it all.. since its doing it for LAN but its avoiding cameras
cuz if i use Shelly Devices Tplink ESP32 (Esphome ) devices on the LAN HA finds it automaticlly no problem... i put them on the IoT Devices Vlan it cant be found..
so i no expert and its almost like you need 4 pfsense
1 for Lan
1 for Vlan Camera
1 for Vlan IoT Devices
and 1 be the parent that all 3 connect to for internet and all dns resolving work but problably that doesnt work...but ill try the register static ips and ill manaulyl add them at the bottom then maybe HA will pop up with all the devices like it does on LAN
-
@comet424 I have no idea what you asking.. Are you resolving via discovery??
I can resolve any host on my network that is in my dns from any network, or even my vpn.. From any client that is pointing to pfsense for dns..
$ dig ntp.local.lan ; <<>> DiG 9.16.36 <<>> ntp.local.lan ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16777 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;ntp.local.lan. IN A ;; ANSWER SECTION: ntp.local.lan. 3600 IN A 192.168.3.32 ;; Query time: 0 msec ;; SERVER: 192.168.9.253#53(192.168.9.253) ;; WHEN: Mon Feb 13 15:55:19 Central Standard Time 2023 ;; MSG SIZE rcvd: 58So for example my client here on 192.168.9 network - and clearly I can resolve something in a different vlan..
3 ethernets into Home assistant 1 for Lan 1 for Cameras 1 for Iot devices.. that Home assistant would automaticlly detect everything
No not if they using some discovery protocol to find stuff.. Which doesn't work across networks.. Unless for say are doing mdns, and setup avahi to broadcast that across your networks.
mdns - is for local networks, it sends a query to a multicast address, that all devices on the network see, and will send back their names, etc. this does not work across networks because multicast is limited to the layer 2 network. Unless you setup something like avahi..
-
@comet424 Yeah, you're barking up the wrong tree here.
Hostname has no effect on the cameras being found.
What are you trying to find them with? Just HA?
Well, did you add them in with LAN ip's, and now when you put the camera back on the LAN it gets that same IP again maybe?
Check in HA, there has to be some kind of camera configuration in there. Even if it just keeps the IP's of the cameras, this would be enough to block them with a new IP on it.https://www.home-assistant.io/integrations/generic/
https://www.home-assistant.io/integrations/mjpeg/
-
@jarhead @johnpoz
so to answer both your guys questions
i not 100% sure about this resolvingif i plug Cameras and IOT Devices all in the LAN port they all get found in home assistant.. they get the hostname of the dhcp
so they all on 192.168.0.x and all worknow if i move the Cameras from 192.168.0.x to 192.168.10.x vlan now the cameras are no longer found Automaticlyl in Home assistant
now if i move the IoT Devices from 192.168.0.x to 192.168.20.x vlan for IoT Devices.. they now no longer work they arent detected... the ip address doesnt get picked up in home assistant so there is no auto discovery on IOT Vlan or Camera.. there is only auto Discovery on LAN
i trying to get auto discovery on Cameras and Iot Vlans
or like ping a hostname i can do it on my desktop if its under LAN or on Home assistant terminal i can ping a hostname thats on LAN but i cant ping hostname on Vlans
and i have no idea what the above screen shot means
all i know is i thought it was going to be easy
i have 3 lan ports Camera LAN and IOT Devices
id have all 3 linked to Home assistant.. and then home assistant should have found them all just like they have no problem if they on LANand no idea what mdns avahi is
all i thought is 3 network interfaces into home assistant and it be easy
its almost easier i guess
you do what 255.255.0.0 subnet
and then do 192.168.0.x for LAN 192.168.10.x for Cameras 192.168.20.x for IOT devices your all on the same LAN port and they all get detected then right?
cuz thats what i was hoping instead of squeezing it all in 192.168.0.x this way u scrap vlans if i cant get dns to work right for each vlani figured adding 192.168.10.1 and 192.168.20.1 in the System-->General setup and added it to DNS so then dns would be added to each Vlan so then auto discovery would work but it didnt..
so much for plug and play like LAN lol
and its not just Cameras its like the 100 IoT Devices i have that cant auto detect unless it on the LAN port
-
so if im confusing sorry
so i have 5 Reolink Camears...
if they are on the LAN Port it automaticlly gets discovered in Home Assistantif you put the 5 Camears on the Vlan Cameras.. pfsense gets the Ips for it but Home Assistant Cant find it
my 100 Iot Devices all auto detect when on the LAN port in Home Assistant.. but if i put them on the Vlan IOT Devices pfsense gives all the ips.. but Home Assitant can no longer find any of them...
i thought maybe NAT bound stuff so i made a few interfaces on there but it didnt work either...
and home assistant has 3 ips
192.168.0.12 for LAN
192.168.10.12 for Cameras
192.168.20.12 for Iot Devices
those the ips of home assistantand like i can ping the camera ips but i dont know if they going out the 192.168.10.x port or the 192.168.0.x
as i know if i ping my host name of unraid it comes back 192.168.10.2 not my main ip which is 192.168.0.3 and thats pinging from Home Assistant Terminal
-
@comet424 said in unable to access ips on vlan after changing Gateway/dns:
but Home Assitant can no longer find any of them...
Well if your HA is using mdns then no it would not find devices on another vlan, or whatever other "discovery" protocol it is using. Discovery is only ever going to work on the local network..
If its using mdns, you could setup avahi between your lan and your iot vlan so that discovery could work. But prob easier to just put your HA server/device on the same iot vlan. My alexas for example are on my iot network.. When I add a light bulb for example it auto finds them.
-
@johnpoz no idea what mdns is or how to configure that thats over my head
and i thought i have 3 local networks?
i have 3 physical network cards in Home assistant.. so 3 seperate physical networks
the vlan part is just at the pfsense level and then when i have that tagg trunk stuffof that stuff still doesnt work.. cuz i went 3 network cards this way i thought no issues
so u mean get rid of my 192.168.0.12 but then will it automaticlly find everything on 192.168.20.x
here is my 3 physical local lan ports
in home assistant
-
@comet424 You're making a mess over there...
Told you a long time ago, get rid of the other nics. You have vlans setup, use them.
You don't need mdns, they're on the same network as HA.
Go into HA, I don't use it so I can't give specifics, delete the cameras that are in there. They will have the old LAN ip's.
The new cameras will then be found.Or, if possible, just edit the IP's in HA to the new ones.
-
@jarhead ya nothing auto detects
you delete 100 IOT devices and the 5 cameras.. nothing gets foundya u cant edit them easilly.. i have to ask home assistant side
i just figured when i have physical LAN ports in home assistant then that not really a Virtual Lan as its a physical local card and it should auto work.. ill see if the ha community help someone over there has to have pfsense working lol
-
@comet424 said in unable to access ips on vlan after changing Gateway/dns:
i have 3 physical network cards in Home assistant.. so 3 seperate physical networks
If your iot devices are on your iot network, then put your HA box in the iot vlan and be done with it.. Multihoming a device is going to bring all kinds of its own issues, with asymmetrical routing, etc.
-
@johnpoz so tell Unraid to put HA on 192.168.10.x then now can u still access home assistant by typing homeassistant or do you loose it as i cant seem to get hostnames to work on different vlans
and what is the asymmetrical routing and why is that bad and what does multihoming mean does it mean 3 ip address for 1 location?
-
@comet424 why do you need a host name? Just use the IP, if you want to use a fqdn then just set that up as a host override in unbound. Or as stated already if you register reservations then you would be able to use the fqdn, etc.
As to asymmetrical this is when a path to and from are different. This is problematic with a stateful firewall doing the routing for sure, and even with when not it can be a problem.
Yes a host with connections into multiple networks can be problematic unless specifically setup.. And you run into a problem when device has multiple connections. I have gone over it multiple multiple times over the years here..
You for sure know the IP address of your HA box that you put on the iot network right - so use that IP to get to it from your lan until you setup resolution to its name, kind of like how I have my example of my ntp server..
