Home Assistant Community Add-on: AdGuard Home

Hi,
I’m using ha ip on dns 1 and dns 2 for lan and wifi settings because some devices like tuya wifi switches can bypass dns 1 and use dns 2 for cloud connections.
In adguard your router should be first on the client list as all traffic is routed through it.
My blocked ratio is well over 50%.
I dont know why you have high cpu usage or does this cpu usage is high for your router or just normal behaviour.
EDIT:
I believe that your new router should be in bridge mode because its connecting your wan, internet, with your local network. Your isp router is a gateway for your local router.
EDIT2:
Your local and isp routers shouldn’t be on the same network. If your local router is on 192.168.1.1 than your isp router should be on 192.168.8.1 ie.

@k8gg and @ddaniel thanks for your reply.

I will try to address your questions.

From what I understand, bridge-mode turns the router into an ethernet swithch, but port 1 (Lan 1) is the passthough. Should it be doing DHCP or not? I have to physically go to the router to check it because its not accessible anymore on my home network…so I will check for this and get back to you on this point.

  1. Here is what is under internet settings:

IPv4:

IPv6

  1. Its actually quite simple to put the router in bridge mode, instructions here untill you get this main page

image

and just hit apply

  1. Do you mean the Query logs? I just checked but I don’t know what is considered normal …im not sure here

@ddaniel I actually have the Linksys wifi (and Actiontec Wifi) disabled because I use 3 wifi boosters (one each floor) which emit their own wifi and those 3 boosters are wired into the Linksys router.

The high CPU usage is definitly not normal for HA.

I’m not sure about this, because I don’t want my actiontec to do an NAT, just the linksys. The Linksys “internet in” is connected to port 1 of the Actiontec.

You are right about this becuase I actually cannot access my Actiontec when typing its IP (192.168.1.254) and I may be mistaken above with the photo showing the Actiontec as a client because its a 7 day plot, so it could be just history and will dissapear soon.

So, could the problem here be that my Actiontec is also doing DHCP?

EDIT: one thing I forgot to mention, the Linksys router has remote access abilities, I can acess the router and all its settings from linksys.com. Does this in anyway interfere with Adgaurd? I think I can disable remote acess if I need to.

No, dhcp is not a problem. The first problem is that your both routers are on the same subnet.
What you want is that new router is your local router that is connecting to your isp router so your local network can have internet access.
I think that first you have to make two subnets one for local router a another for your isp router.
Maybe it will be good idea to restore your new router to factory settings before doing this just in case to remove all configs from it.
As I understand your isp router is on 192.168.1.x subnet. So put your new router on 192.168.2.x subnet.
Connect them with lan cable and check if net is working. if it does than use ha ip on all your local router dns and it should be oke.
Anyway for wifi extending is much better to use wifi mesh networking than extenders.
EDIT: disable remote access as you dont need it.

@ddaniel

so, in starting the process to do this, i noticed that I was not able to access the actiontec router at all from the network. My ISP has an app for the internet and it lists the IP address as something completely different for the Actiontec, like 6X.1X2.21.56, not even close to what I thought.

Ill have to try an access it directly with an ethernet cable connected to it.

Does this information change any of your instructions?

I dont understand you. Your isp router have two address, one is your internet address probably 6 something and another one is your local lan ip address 192.168.1.x something.
You dont want to connect to your isp router from internet. You just want to connect two routers so that your linksys router have internet access over your isp router.
So your isp router is working fine and you have internet access over it. Restore linksys router to default config as its only local lan router and put it on another subnet as I told you. Connect them togheder with lan cable. If everything is oke your linksys router will pick up your isp router and use it as a gateway. Maybe it needs some aditinal config maybe it doesnt. I dont know. It may depend on the router.
If linksys is picked up your isp router as default gateway than you are done. Just fill dns server on linksys.

@ddaniel ok, this I will have to do a night, otherwise my wife will not like no internet when she is working, and it will take me time to reconfigure my devices.

Can I ask, how will this solve my problem?

You have two routers on the same subnet fighting each other. Probably this is a reason why your router have a high cpu usage. You have internet but its obliviously isnt working as expected.

The instructions I gave you is basically my network. I have two xioami routers connected in wifi mesh mode. They are routers for local network with 192.168.31.x subnet. Main local router is connected to cisco router with lan cable. Cisco has its own subnet 192.168.1.x On cisco router I have two lte routers connected to two wan ports with their own subnets.
And everything is working fine, well exept samba backup addon, but thats another story. :upside_down_face:

@ddaniel ok I see now, I’ll confirm this but when a router is in bridge mode, it basically becomes a dumb router, it does nothing to the incoming traffic, it just acts as a pass through or a gateway to my ISP. It should not be competing with anything.

Your internet is very elegant because you have two sources of internet from one source.

What my question is how do I setup Adguard and my Router when I have a Gateway router in my home network?

Perhaps the high CPU usage on my HA is just how much traffic is hitting me connection?

My internet is fine.

I never had high cpu because of ad guard. Currently it has 550.000 queries and around 55 % are blocked. I had a high cpu usage because of frigate addon running my door bell. My current cpu usage is 25%.
You can try add ha ip in your linksys router dns settings. I dont know will it work as is should.
If it doesnt consider changing your network settings in the way I told you.

hi again, so I wanted to provide an update I think i found the cause of this, but will need more time to fully test.

It actually doesn’t seem be because of my router or the router settings. Here’s what I did:

  1. in my Linksys Router, i placed my HA IP in the static DNS 1 (the rest, remained 0)
  2. Next, I looked at my DNS block list

I unchecked all of them off, except for the first 3 or 4, and waited, then I kept checking more lists and waited. I eventually got to the big “The block list ads” entry and waited, after about 1 hour or so, my CPU usage was high again and the queries and blocks numbers were increasing. I then removed the “The block list ads” and CPU usage dropped back down 10% (from around 30%,ie 1 of 4 RPi cpu’s is 100%)

The block list ads list is

  1. A custom list that I added
  2. It also has aroun 150,000 websites on it

So I wanted to confirm if perhaps there is a problem with the list or if perhaps, it just overwhelming the system because its processing to many blocks.

Do I have too many lists?

Yes, more than 30 lists… I tried your big list with more than 3 milion rules and nothing. There is no cpu increase.

Thanks @ddaniel for confirming!

Initally, there is no CPU increase, if you can give it few hours, and let me know, please do. Thank you.

Look I went to ad guard to see roughly how many rules are in my lists. its more than 600.000 without your list. I dont believe that anything will happen.

1 Like

thanks, im trying to determine if the list is corrupt

After some time of experimenting, I can with confidence say that the increase in CPU utilization for my system is 100% due to the enabling of this list below:

the moment I enable this list, the CPU utilization goes from just under 10% to around 33% (or 100% for 1 core) AND my block-list quieries also incresae, you can see the increase inblock list numbers goes up after I enable it (just after the flat line part).

image

At the moment, I have 570,000 rules, but this list just bring it over to the top.

What can I do now:

  1. Disable this list?
  2. Replace it with another ad list?
  3. Report it as a bug?
  4. Let it go on its own and see what happens? Will this eventually stop maybe its doing a initiliazing…no idea

As I mentioned in the issue you created as well, there is probably a host that is blocked that makes one of your integrations go haywire.

This, of course, can’t be right :slight_smile:

Is there anything in your logs that indicates the host that is requested and blocked during that time? (originating from the IP address of this Home Assistant instance).

…/Frenckl

Hey there!

Did anyone get ipv6 in the local network working with this ad on?

I’m new to HA and don’t now how to debug correctly to resolve this issue by my selft.

Hope anyone can help me.

I use HA with Ad Guard as a DNS server in my local network.
My routers (Fritz Box) local DNS Server points to the PI with ipv4 and ipv6 (local: fd00:…)

The first problem i’ve noticed was: I was not able to register/log in to HA Cloud in the Frontend under “Settings-> System → Home Assistan Cloud”.
Everytime a got a Timeout.
Browser worked very well. Ping in the Terminal too.

HACS won’t be able to add a Reporitoy. Also a time out.
I did a test with the manifest.json in the Terminal and it worked!

It seams, that the HA frontend does not work with ipv6 or somtimes it uses ipv4 or ipv6?

If i go to “Settings → System → System Health”
I got many timeouts.

Home Assistant Community Store:
GitHub API: ok
GitHub Content: timeout
GitHub Web: ok

Home Assistant Cloud
Reach Certificate Server: timeout
Reach Authentication Server: timeout
Reach Home Assistant Cloud: ok

Home Assistant Supervisor:
Version API: timeout

Now my internal hostname resolution stoppt working too.
All my NAS Backups with hostname as adresses fails.
If i switch to plain ipv4 instead of hostname it works.

But this bothers me. I don’t wont to switch from readable hostnames to ipv4’s.

I tried so many settings in “Ad Guard → DNS-Settings → private dns revolers”
but nothing works.
Did i miss anything, did i used the wrong ipv4/ipv6 in the dns settings?

Everytime my PI boots, i got 3 IP addresses under “Setup guide”. 2 ipv4 and 1 ipv6.
After RESTARTING Ad Guard, i got 6! 3 ipv4 and 3 ipv6.

With PI-Hole on my Synology NAS evertings works Perfekt.

Last try was turning of Ipv6 in Ad Guard settings, everthing works!
No timeouts in the frontend, HACS, …

But this is not what i want. I want to use ipv6.

Ad Guard can’t handle ipv6 or what did i wrong?

Thanks for you help!

maybe stupid question… but did you configure in ha → network interfaces ipv4 and ipv6?

Yes i did.
Both static. Tried dynamic as well.
Currently “Static” in HA and “Fixed” in router.

EDIT: found the issue, it wasn’t related to adguard. I had enabled logging for unifi and seems the log file was constantly increasing. deleted the debug line on config.yaml and deleted the log file. its fine now.
hi All,

Anyone noticed increase in HA storage space after installing AD guard?
mine went from 24 Gb to 85Gb in matter of 2 days. I’ve not added anything stuff on my HA (which runs standalone on intel NUC)

on Ad-guard addon general settings i’ve reduced logs and statistics retention to 24hours, not sure if this will fix, will observe.

if anyone has had similar issue please can you advise?

Thanks