I have a HA Green with a fairly standard network. Adguard as my local DNS resolver. Every couple days all my integrations that rely on DNS gets messed up stops work. I tried bunch of troubleshooting steps and I cant seem to get anything to stick other than rebooting the Green.
all the integrations start throwing errors about not being able to resolve their respective DNS addresses.
For example
First occurred: February 1, 2025 at 6:11:41 PM (595 occurrences)
Last logged: 12:17:23 PM
Giving up _async_request(...) after 1 tries (aiohttp.client_exceptions.ClientConnectorDNSError: Cannot connect to host www.asthmaforecast.com:443 ssl:default [Could not contact DNS servers])
Giving up _async_request(...) after 1 tries (aiohttp.client_exceptions.ClientConnectorDNSError: Cannot connect to host flustar.com:443 ssl:default [Could not contact DNS servers])
Giving up _async_request(...) after 4 tries (aiohttp.client_exceptions.ClientConnectorDNSError: Cannot connect to host www.pollen.com:443 ssl:default [Could not contact DNS servers])
Giving up _async_request(...) after 4 tries (aiohttp.client_exceptions.ClientConnectorDNSError: Cannot connect to host www.asthmaforecast.com:443 ssl:default [Could not contact DNS servers])
Yep while the integrations are logging DNS errors, im able to do nslookups via SSH and it’s able to resolve. The rest of the network is able to resolve IPs as well
The domains the integrations are trying to resolve doesnt seem to ever make it to Adguard. I did a tcpdump on the router that sits between my HA and adguard and I dont see those integrations making any DNS requests
really if you have DNS server on your network you need to block all DNS traffic and forward it to your DNS or expect devices to escape your DNS and use their own.
For your issue maybe its a cache issue where it doesnt refresh. Have you determined if the DNS queries are failing or just retrieving incorrect IP?
Adguard provides adblocking and general privacy/malware protections. Also because I want to I havent had any DNS issues with Adguard and it requires minimal configuration. almost everything in my network respect the local adguard DNS instance I have setup through DHCP lease options.
I’ve only noticed the integrations breaking when this happens. I have z-wave JS UI and Matter server add-ons. Upon closer inspection, they seem to be affected by. the DNS errors too
2025-02-09 17:07:02.409 (MainThread) WARNING [matter_server.server.helpers.paa_certificates] Fetching latest certificates failed: error Cannot connect to host api.github.com:443 ssl:default [Temporary failure in name resolution]