How to throttle Supervisor's version check?

Hi Everyone,

Here this is 1120 requests per 24 hours, perhaps a little too chatty. It is my second most requested address after google, which is over-requested by moode-audio. Each 10 minutes, I’ve got a bunch of 20 requestion to version.home-assistant.io.

I’m using Home assistant as my home automation system for not too much relying on external services, this is not exactly what occurs. And I even not speak about the CO2 equivalent production generated the thousands of servers requesting thousands times a day if internet is online or if a new version of home assistant is available ;-).

If I add to that score, all the arpa DNS queries to my internal addresses (eg: 184.0.168.192.in-addr.arpa) which produce “not found Domain” responses, Home assistant is generating one third of my daily DNS traffic.

Some way to reduce this traffic would be highly welcome.

All the best, and happy new year to the developers

I also encountered this with recent releases on a HASSOS based RPi4. Can’t put my finger on the exact release but it was likely with one of the 2021.12.* branch. It even DDos’ed my pihole instance (on a spare RPi3) b/c of the 200 req/s limit so everything went haywire. Back to AGH now where I at least knew where to turn off those limits. Nevertheless, there is something seriously going wrong. Don’t know on which side, though.

Edit: @coissac : As for your internal queries, on AGH you have the possibility to add a block like

[/fritz.box/]192.168.178.1
[/168.192.in-addr.arpa/]192.168.178.1

to your upstream resolver list that in my cases forwards these queries to my router (a FB obviously).

you have 20x every 10 minutes? I checked my dns logs and I have 1 query every 10 minutes.

Yeah, pretty much a block like this every 10 mins.

hassio_dns535×811 92.7 KB

Sounds like a bug, I would expect only 1 call every 10 minutes.

Yeah, could be an ISP thing since I’ve observed similar things for msftconnect.com and the synology online check recently. Will keep an eye out whether things return to normal eventually…

I see the same here

I do not see the reason that it is hammering the DNS server this much.

Right now PiHole says that “version.homeassistant.io” was queried 2904 times in the last 24 hours.

In the top 10 queried domains, the ones in place 2-10 has been queried 2975 in the last 24 hours

So, home assistant queries the DNS just as much as the combined queries of 2-10 on the top 10 list.

Home assistant queries the DNS more than 6 times as often as number 2.

|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:00:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:05:33 |A|version.home-assistant.io|10.0.0.x|OK|
|2022-01-07 20:05:33 |AAAA|version.home-assistant.io|10.0.0.x|OK|

Here’s some data I collected.
My setup is: HA ----> local Pi-Hole_DNS —> Cisco Umbrella DNS

• “Some days” show almost 5000 lookups???
• “Most days” show around 1000 lookups

Both seem ridiculous. Updates are not done automatic and I never update more than once a week.
Why not query once per day?
Even if you query 10,000x per day I still won’t look at available updates until the end of the week. IF I wanted more update checks I could always do it manually.

Umbrella logs I see around 800 lookups a day for both the “some days” and “most days”.

Pi-Hole logs: SOME DAYS (5000 lookups)
Approx every 10 minutes I see this in my PiHole log. Part is cached and part is forwarded to Cisco Umbrella/OpenDNS.

date	type	url	status
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	AAAA (IPv6)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (cache)
17:05	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:04	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:04	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
16:59	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
16:59	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)

Pi-Hole logs: MOST DAYS (800-1000 lookups)
Approx every 10 minutes I see this in my PiHole log. Most of it is forwarded to Cisco Umbrella/OpenDNS.

date	type	url	status
17:46	A (IPv4)	version.home-assistant.io	OK (cache)
17:45	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:45	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:40	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:40	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:35	A (IPv4)	version.home-assistant.io	OK (cache)
17:35	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:35	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:30	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:30	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:25	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:25	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:25	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:25	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:24	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:24	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:19	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:19	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:14	A (IPv4)	version.home-assistant.io	OK (cache)
17:14	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:14	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:09	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:09	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:04	A (IPv4)	version.home-assistant.io	OK (cache)
17:03	A (IPv4)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
17:03	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)
16:58	AAAA (IPv6)	version.home-assistant.io	OK (forwarded to 208.67.222.222#53)

.
Observations

• It looks like for every call there’s an IPv4 and an IPv6 lookup. Why?
• Umbrella logs show lookups every 5 minutes
• PiHole logs show lookups every 5 minutes, but sometimes a lot of cached lookups?

I have even been looking at time-based access-rules that enable version.ha.io around midnight but that’s not a solution

homeassistant: 2022.2.2
machine: raspberrypi4-64
operating_system: Home Assistant OS 7.2
supervisor: 2022.01.1

Just chiming in that I have also seen this issue on my HAOS pi4 for some time now. My router is running Diversion (basically pihole for asus routers), and it shows HA reaching out to version.home-assistant.io about 5000 times in 24hrs. There’s obviously something wrong there, since once a day would probably be enough. FWIW, I’ve had the same ISP for over a decade with no other issues I’m aware of. I also have my router bypassing my ISP dns to use cloudflare instead.

I think I read somewhere that a lot of the calls are simply an online check rather than an update check.

It’s a bit drastic, but in the end I spun up a second Pi Hole on my VM server solely for Home Assistant. I could have faffed something to allow Home Assistant to just use 1.1.1.1 but I have my router set up to direct all traffic on port 53 back to my Pi Hole so it was easier to just spin up a second Pi Hole, though not everyone has a VM server they can just do that on.

Home Assistant 2022.3.5

I have been using the AdGuard Home integration for a couple of weeks now. I also see quite a lot of queries to version.home-assistant.io. In my case, it is my most queried domain what currently means almost 20 % (!) of all the queries within 1 week:

In addition, there are lots of queries to that domain within 1 single second. Here is a recent example with 16 (!) queries at the very same timestamp:

grafik473×887 25.1 KB

I would also love to see this addressed as this clutters the AdGuard results. In addition, I wonder what happens if many HA instances behaved like this (DDoS attack?). Or in other words: Is it really necessary to query the HA version more than once a day (or hour)? Thank you!

I’m seeing the same thing. ~5000 hits / 24 hours.

I get alot of hits on HA but it pales in comparison to my samsung tv which has about 75000 hits in a 24 hour period with about 55% blocked by pihole.

Most of my hits are talking to integrations in the cloud like noaa, ecobee, usgs, etc etc.

I quit worrying about it after seeing how often the tv is making requests.

Do you know what servers it was hitting and what kind of data was transferred ? That’s almost a connection every second… Things like that is why my tv stays dumb and disconnected from the internet.

It has that many requests most likely because it can’t get out so it just keeps trying over and over and over again. Many IoT devices are notorious for this - most people chalk it up to crummy programming.

I know the servers but do not know the data. This is the most blocked server.

Screenshot from 2022-03-27 09-12-21992×195 34.2 KB

If you have cut the cord you do not have much choice. I will take that over supporting comcast, cox, dish, or direct tv. If you have direct tv you are getting pings and it is talking it’s servers. I try to minimize things with pi-hole to lessen what is known about me digitially. I can’t stop it all.

@UngluedChalice is probably right though. You might be getting this massive wall of requests because you’re blocking them. And the tv will keep trying again and again and again… A bit like HA…

It is really sloppy programming. Exponential backoff is a thing after all (and not hard to implement either).

I disabled pi-hole for 5 minutes and turned on TV to let it communicate. I enabled pi-hole for 5 minutes and then disabled again and let it run for 10 minutes. It was still pumping out 10 queries per second while pi-hole was disabled. So it is probably a combo of bad programming and desire to collect a lot of data.

@UngluedChalice I see the same with Philips Hue. It connected to their “diag.” site every minute but when I blocked that it tried to connect every 5 seconds

But in the case of Home Assistant I’m not blocking anything.

HA updates-check only needs to happen once a day (or manually).
Reading the entire thread it seems that version.home-assistant.io is also used for connectivity check.

Q: Why is an internet connectivity check to version.home-assistant.io needed so often?

Q: How often are these connectionsto check for updates?