Current State of presence detection

Corey_Johnson · January 2, 2017, 6:38pm

So I ran nmap -F 192.168.1-2.1-254 from the command line of my HASS Pi on the .2.x subnet and got:

Starting Nmap 6.47 ( http://nmap.org ) at 2017-01-02 12:33 CST
Nmap scan report for 192.168.1.64
Host is up (0.024s latency).
Not shown: 99 closed ports
PORT     STATE SERVICE
8080/tcp open  http-proxy

Nmap scan report for 192.168.1.65
Host is up (0.0029s latency).
All 100 scanned ports on 192.168.1.65 are closed

Nmap scan report for 192.168.1.69
Host is up (0.022s latency).
Not shown: 99 closed ports
PORT     STATE SERVICE
8080/tcp open  http-proxy

Nmap scan report for 192.168.1.76
Host is up (0.0054s latency).
Not shown: 98 closed ports
PORT   STATE SERVICE
23/tcp open  telnet
80/tcp open  http

Nmap scan report for 192.168.1.77
Host is up (0.13s latency).
Not shown: 98 closed ports
PORT     STATE SERVICE
80/tcp   open  http
8888/tcp open  sun-answerbook

Nmap scan report for 192.168.1.82
Host is up (0.11s latency).
Not shown: 99 closed ports
PORT     STATE SERVICE
5060/tcp open  sip

Nmap scan report for 192.168.1.83
Host is up (0.0093s latency).
All 100 scanned ports on 192.168.1.83 are closed

Nmap scan report for 192.168.1.84
Host is up (0.053s latency).
Not shown: 93 closed ports
PORT     STATE SERVICE
80/tcp   open  http
139/tcp  open  netbios-ssn
443/tcp  open  https
445/tcp  open  microsoft-ds
631/tcp  open  ipp
8080/tcp open  http-proxy
9100/tcp open  jetdirect

Nmap scan report for 192.168.1.95
Host is up (0.00097s latency).
Not shown: 95 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
548/tcp  open  afp
631/tcp  open  ipp
8443/tcp open  https-alt

Nmap scan report for 192.168.1.189
Host is up (0.0037s latency).
Not shown: 98 closed ports
PORT     STATE SERVICE
8008/tcp open  http
8081/tcp open  blackice-icecap

Nmap scan report for 192.168.1.254
Host is up (0.0018s latency).
Not shown: 97 closed ports
PORT      STATE SERVICE
80/tcp    open  http
443/tcp   open  https
49152/tcp open  unknown

Nmap scan report for 192.168.2.1
Host is up (0.00076s latency).
Not shown: 95 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
80/tcp   open  http
548/tcp  open  afp
631/tcp  open  ipp
5000/tcp open  upnp

Nmap scan report for 192.168.2.3
Host is up (0.0024s latency).
All 100 scanned ports on 192.168.2.3 are closed

Nmap scan report for 192.168.2.4
Host is up (0.016s latency).
Not shown: 99 closed ports
PORT    STATE SERVICE
443/tcp open  https

Nmap scan report for 192.168.2.5
Host is up (0.031s latency).
Not shown: 99 closed ports
PORT    STATE SERVICE
443/tcp open  https

Nmap scan report for 192.168.2.6
Host is up (0.052s latency).
All 100 scanned ports on 192.168.2.6 are closed

Nmap scan report for 192.168.2.7
Host is up (0.0095s latency).
Not shown: 92 closed ports
PORT      STATE SERVICE
135/tcp   open  msrpc
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
554/tcp   open  rtsp
5357/tcp  open  wsdapi
49152/tcp open  unknown
49153/tcp open  unknown
49154/tcp open  unknown

Nmap scan report for 192.168.2.8
Host is up (0.00013s latency).
All 100 scanned ports on 192.168.2.8 are closed

Nmap scan report for 192.168.2.9
Host is up (0.0086s latency).
All 100 scanned ports on 192.168.2.9 are closed

Nmap scan report for 192.168.2.100
Host is up (0.00026s latency).
Not shown: 97 closed ports
PORT    STATE SERVICE
22/tcp  open  ssh
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds

Nmap scan report for 192.168.2.105
Host is up (0.0066s latency).
Not shown: 96 closed ports
PORT      STATE SERVICE
23/tcp    open  telnet
554/tcp   open  rtsp
5000/tcp  open  upnp
49152/tcp open  unknown

Nmap scan report for 192.168.2.106
Host is up (0.00071s latency).
All 100 scanned ports on 192.168.2.106 are closed

Nmap scan report for 192.168.2.107
Host is up (0.00069s latency).
All 100 scanned ports on 192.168.2.107 are closed

Nmap done: 508 IP addresses (23 hosts up) scanned in 16.03 seconds

Appears all is well (I am not an expert) but when I used it in device_tracker it still did not work to update the statuses

- platform: nmap_tracker
  hosts: 192.168.1-2.1-254
  track_new_devices: yes
  interval_seconds: 15
  consider_home: 180

Corey_Johnson · January 2, 2017, 6:47pm

Hmm, looked back at the NMAP page and saw that HASS runs nmap -F --host-timeout 5s
When I tried that I got:

pi@HASSpi:~ $ nmap -F --host-timeout 5s 192.168.1-2.1-254

Starting Nmap 6.47 ( http://nmap.org ) at 2017-01-02 12:40 CST
Nmap done: 508 IP addresses (0 hosts up) scanned in 5.23 seconds

So does that mean it sees nothing?

I re-entered in device_tracker as:

- platform: nmap_tracker
  hosts: 192.168.1-2.1-254
  scan_options: " -F "
  track_new_devices: yes
  interval_seconds: 15
  consider_home: 180

But now it only sees the 2.x subnet again.

Corey_Johnson · January 2, 2017, 10:14pm

So reading up on nmap, it is/can screen across multiple subnets but it will not receive the MAC address on subnets other than the computer it is running on.

So I need a workaround. Anyone know how to get HASS to connect to an ARRIS/PACE 5268AC to get the information direct?

OR perhaps run a Master/Slave HASS across the different subnets? hmmm, I wonder if they could then share the information.

tmjpugh · January 3, 2017, 2:53pm

Eventstream component can be used to share sensor/state data between multiple ha instances using MQTT messaging.

Corey_Johnson · January 3, 2017, 3:05pm

So I would run 2 Pi, one with full install (Main) on x.x.2.x and the other just running a basic install +MQTT + nmap on x.x.1.x?

mqtt_eventstream:
  publish_topic: MyServerName
  subscribe_topic: OtherHaServerName

Or would I still run Master/Slave? I’m fine with the Master/Slave other than the documentation seems lacking (at least for someone like me).

tmjpugh · January 3, 2017, 3:55pm

Yes. 1 full install. 1 basic with only desired component (you probably won’t use frontend)

sensor.nmapx.2 setup in config on full
sensor.nmapx.1 setup in config on basic

sensor.nmapx.1 entity added into group file of full to enable display on frontend

Eventstream will add entity as if it existed natively on pi

Corey_Johnson · January 3, 2017, 6:51pm

I may end up doing this as I have a spare Pi but I have come across something else - but will probably need a networking guru to help me figure it out.

I have a server (running Ubuntu Server & Zoneminder only atm) that I could add HA to. This server has 4 NIC ports(?). In theory I could attach both subnets, run HA and it see both subnets… I think.

Not a very green solution but the server has mucho idle time and has a UPS on it so…

turboc · January 3, 2017, 7:04pm

Doesn’t the RPI have wireless built in as well as a physical ethernet jack?

Corey_Johnson · January 3, 2017, 7:07pm

Yes but I am like a fish out of water with networking in Linux. It is somewhat fun & exciting to learn but also frustrating when I cannot get HA & everything to work very easily.

keith-michael · January 3, 2017, 7:25pm

Forgive me, can you make a clarification? You say you had the tolerance on nmap bumped to wait 20 minutes. Is this done through ‘consider_home: X’ ? I have a droid and suffering from my own trouble with Owntracks, but my wife has iPhone 6. After I added ‘consider_home’ HaSS does a pretty good job of knowing if she is home or not. I’m not sure if this matters but my nmap tracker entry only tracks her phone via IP address as host. She has the same IP address all the time even though she is using DHCP because I put in a DNS reservation for her MAC address.

martoq · January 3, 2017, 10:40pm

That’s correct. This has to do with the why LAN networking works. Specifically arp tables. You can only see the MAC’s of the networks you are on because the local machine (in this case, HA) can arp for the MAC and get a response. It cannot send an arp request to a different subnet without advanced configuration which I personally wouldn’t recommend.

Corey_Johnson · January 3, 2017, 10:46pm

I am making a back up the the Pi HA now and will try to activate eth0 & wlan to access both subnets. Going based off of:

and

If it works I may still move everything to the server but an awaiting some additional drives for it before I do a wipe and reinstall.

I’ll keep you posted

Corey_Johnson · January 4, 2017, 12:08am

Well, I got it set up I think. ifconfig shows:

pi@HASSpi:~ $ ifconfig
eth0 Link encap:Ethernet HWaddr b8:27:eb:fc:5a:f7
inet addr:192.168.2.8 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::ba27:ebff:fefc:5af7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21802 errors:0 dropped:0 overruns:0 frame:0
TX packets:34144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5158654 (4.9 MiB) TX bytes:4300023 (4.1 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:31538 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31538 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:2516333 (2.3 MiB)  TX bytes:2516333 (2.3 MiB)

wlan0     Link encap:Ethernet  HWaddr b8:27:eb:a9:0f:a2
          inet addr:192.168.1.173  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::ba27:ebff:fea9:fa2/64 Scope:Link
          inet6 addr: 2602:306:340a:5b60:697f:6c51:961f:c9e1/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21299 errors:0 dropped:831 overruns:0 frame:0
          TX packets:49882 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3405111 (3.2 MiB)  TX bytes:4153386 (3.9 MiB)

so that means I have etho on 2.x and wlan0 on 1.x.

If I run sudo nmap -F 192.168.1.1/24 or .2/24 I can see the MAC addresses from both subnets but HA is now not seeing either.

Corey_Johnson · January 4, 2017, 12:16am

Correction!! It worked. I had to change the device_tracker nmap to:

- platform: nmap_tracker
  hosts:
    - 192.168.1.63-255
    - 192.168.2.1-255
  track_new_devices: yes
  interval_seconds: 15
  consider_home: 300

I had it set to 192.168.1-2.1/24 (per some other nmap pages).

Awesome!!! Thank you for your assistance @tmjpugh & @turboc & everyone! This is why I love HASS so much. It has the best community!

I may still move it over to the server but this lets me know it will work.

towme · January 9, 2017, 1:04pm

You do not need to use two different network cards. All you have to do is a little subnetting.
Right now you are using up address space for more than 500 thingies. Do you really have that much equipment?

If not then use a subnet calculator, and devide up the 192.168.1.0 to more /25, /26, /27 subnets
Try this: http://www.subnet-calculator.com/cidr.php

But the easiest is to set your computer (rpi) to a 192.168.1.0/23 subnet, or 255.255.254.0 broadcast (192.168.1.0 - 192.168.2.255). This way it will be “on both subnets”, and set other device to /24 subnet (192.168.1.0/24 and 192.168.2.0/24) so they won’t see each other
But keep in mind the larger the subnet, the longer it takes to do anything (dhcp, nmap, etc.)

Generally speaking using subnets rather then IP from-to is better/faster.

tom

Corey_Johnson · January 9, 2017, 11:10pm

I sure wish that made more sense to me. I tried to read up on it but still do not grasp the concept. I have about 18 devices on the Home Automation/Security subnet and 20 on the ‘family’ subnet.

My primary purpose for even dividing the two was that I seemed to be bogging down the primary network with cameras so I moved them along with the HA to a different router & network/subnet (as far as I understand). I will probably add 2-3 more cameras before it is over with and maybe another Dot.

towme · January 10, 2017, 7:00am

Ok.
Every network no matter how big or small it is must have a “nomination ip”, a broadcast address, and some ip addresses.
Normally you can have 254 different machines on one home network. That is how all routers and other home iot things are set up in default. That means that you can have ip addresses from say 192.168.1.1 - 192.168.1.254. This means that your network is a /24 network, your broadcast address is 192.168.1.255, and your “nomination ip” is 192.168.1.0.
But you can segment it to almost any portion. The portions are not obvious that is why you need a network calculator.
Lets stick at the default 192.168.1.0/24 network. A /25 network devides the /24 network in two halves, so you will have a network of 192.168.1.0/25 and one of 192.168.1.128/25. A /26 network devides your original /24 network into four subnets, so you will have 192.168.1.0/26, 192.168.1.64/26, 192.168.1.128/26, 192.168.1.192/26.
A /27 network gives you 8 subnets, and so on until /32, which is a special one ip network.
All you have to remember about this, is that the very first ip of the network is the “nomination ip”, and the very last one is the broadcast address. So you can not use those for any machine on the network. That is why you can not devide a network into 3 segments, only 2, 4, 8, etc.
So in the 192.168.1.64/26 network, you will have ip addresses from 192.168.1.65 - 192.168.1.126, which gives you 62 devices in one network.
According to your post /27 subnets would be enough for you, because a /27 subnet gives you 30 devices per subnet.

But you should keep in mind that after a couple of months you will forget about your subnetting and if you have more then 30 devices in one subnet then you will run out of ip addresses.

Because you actually have two different things you wish to separate (cameras, other devices) you can safely use /26 networks, which means you can have 62 cameras, 62 other devices, and still have 128 ip addresses to spare.
I have made a little drawing for you, for easier understanding.

The ip addresses on the my little diagram, are just examples. If your router has the 192.168.1.254 address, then you can give your computer 192.168.1.253 or anything else until you stay above 192.168.1.128.
Or if your network is built up from the “other way”, so your router has the address of 192.168.1.1, then you switch your other devices (raspberry pis) to the 192.168.1.128/26 network, and the addresses become: cam1: 192.168.1.129, cam2: 192.168.1.130, cam3: 192.168.1.131, cam4: 192.168.1.132 and cam5: 192.168.1.133. Everything else can stay the same as per my diagram.

Of course using subnets you will encouter your next problem, namely “howto give a device an appropriate address automatically?” But first you will need to get a little more comfortable with how a network works.
Hope this helps!

cheers
tom

towme · January 10, 2017, 7:01am

Sorry for hijacking the thread!

tom

Corey_Johnson · January 10, 2017, 9:43am

that was actually one of the clearest explanations I have seen yet. Thank you. I am sure I will be rebuilding in the future and will take this into account. I am severely under-utilizing a DL380 G7 server that I want to take advantage of.

turboc · January 10, 2017, 2:20pm

ok, let me ask what to the network guru’s on here will be a silly question I am sure, but why not just stay with the /24 subnet and assign the cameras 192.168.1.* and the family devices 192.168.2.*. I a private subnet are we really that concerned about spare addresses?