After updating to latest version home assistant now also hammers github.com. Amazing
| 2022-04-09 16:36:00 | A | version.home-assistant |
|---|---|---|
| 2022-04-09 16:33:23 | A | github |
| 2022-04-09 16:33:23 | AAAA | github |
| 2022-04-09 16:33:23 | A | github |
| 2022-04-09 16:33:23 | AAAA | github |
| 2022-04-09 16:33:23 | AAAA | github |
| 2022-04-09 16:33:23 | A | github |
| 2022-04-09 16:33:23 | A | version.home-assistant |
| 2022-04-09 16:33:23 | A | version.home-assistant |
Thank you! Finally someone else has acknowledged what I been seeing for the last several days. Typically my system load is 3-4% but now every five minutes it spikes to 10-12% and it appears to be related to supervisor.store.git. Iâm guessing this is the Content Trust checking versions but seems like a lot of effort for something that changes infrequently. Tried to bring this up in the 2022.4 Blog topic but no comments.
Itâs hammering GitHub because of this. A fix was merged and shipped in 2022.4.5 so you should see this go back to normal.
Iâm not sure about the excessive version check atm, I put it on my list to investigate.
EDIT: oh, I guess that was pretty obvious. Connectivity check is set to 30 seconds. Guess now Iâll have to find out why.
It doesnât actually pull any info for reference. It literally just makes a HEAD request to https://version.home-assistant.io/online.txt to see if that causes an error.
So we could throttle things further by changing the 20 minute interval per Limit Supervisor refresh updates by ludeeus · Pull Request #70075 · home-assistant/core · GitHub
The key change is that it no longer forces supervisor to blow away itâs cache in itâs poll loop. Previously it was forcing supervisor to blow away itâs âavailable updatesâ cache every 5 minutes, now it uses the cache unless a user explicitly does homeassistant.update_entity. So supervisor is now back to just looking for updates on itâs normal schedule (anywhere from a couple hours to once per day depending on the thing).
Have lurked around here for ages, but this issue prompted me to post.
This level of excess requests should not be considered normal.
This table is only from within the last day:
I donât have much else to add â though while troubleshooting Iâve noticed that these online checks appear to be originating from every configured IP interface HASS has access to â be it physical, virtual, or VLAN interfaces. (ala eth0.10, .20, etc.)
Currently, I spread my IoT devices over several VLANs with an HA endpoint in each one (might eventually configure static routes instead) â so as I took these down and brought them up again, the DNS requests scaled exponentially; and given that AAAA records are also being requested on these interfaces that arenât even configured for IPv6, it might explain why these requests are regularly being hammered several times per second.
So in addition to the existing rate-limiting discussions, itâd be great to see settings under âSystem/Networkâ to define specific interfaces through which HA is allowed to communicate externally â be it online checks or otherwise.
Iâm on the latest 2022.5 release and while it is much better than last months release i still get about 15K in entries in my Pihole logs within a 24 hour period.
My HA install is on a VLAN with no internet access, so is there anyway to set user adjustable parameters for version checks? I donât need it to check every X mins, as i only update monthly.
Ironically one of my reasons for HA was so my IoT devices do not call âhomeâ and it seems at this current time HA is the most aggressive one according to the Pihole logs.
Same here. Would be interesting, how to set the schedule.
Iâm in the same issue.
This domain is the first most requested domain, 20x more than the second in the AdGuard log.
Every 30sec I can see about 17 DNS queries.
Is that really necessary and optimized?
Itâs wonderful. This has been happening for months.
Frenck was pretty unsympathetic on Github when it came to these excessive DNS lookups.
And it seems with the one of the newest Supervisor versions, theyâve changed the URL from âversion.homeassistant.ioâ to âcheckonline.home-assistant.ioâ - no change in frequency from what I can see on my PiHole though.
Itâs kind of ridiculous to be using âopen source softwareâ where the team behind it has a Freenode attitude, âwe know better than you, dumb userâ
I wish they would actually address the issue at hand rather than dismiss it as ânormalâ - having no control over whatâs happening on a piece of software that is supposedly for user rights and being all âopenâ - âno trackingâ - how the hell can that be true when the end-user has no control over dumb things like this that are spamming up the network, sending thousands of useless queries, up to 50 in a couple of seconds, every five minutes.
Oh well.
Yeah, running the latest code and still having about 6000 requests for version.home-assistant.io per day. My router only pings for connection check every 5min, and I have full control over that behavior. Be nice if HA would expose the dial on that for the lowly users.
Same here. More than 25 % of all requests are now split up between the 2 HA domains:
version.home-assistant.io: 1500+ / day or 60+ / hourcheckonline.home-assistant.io: 980+ / day or 40+ / hourYes, please!
This is why my HA is still blocked from the internet, it hinders HA but i want FULL control which is the point of HA. The ability to not check in if i so desire, and i know it does not need to check in. HA is the one software that i donât want to automate or update without my intervention.
With the Devs brushing this off as ânormalâ in does not inspire confidence in this open source software.
Hi, there, I have the EXACT same problem on my end. It started a long time ago, but only now I was able to find this thread to come here and COMPLAIN about the unnecessary DNS queries. It bugs my Pi-hole instance down so much so that I had to decrease the max cache size to 1000 in the /etc/pihole/setupVars.conf file. What bugs me even more is the fact that Pi-hole it shows me the .in-addr.arpa domains, is this a home network DDOS attack? What are these??? Finally Iâve blocked all requests to checkonline.home-assistant.io and the requests jumped through the window. What should I do? HEY DEVS, PLEASE FIX THE ISSUE! I can only tolerate a RUN_CHECK_CONNECTIVITY = 86400. It would be plenty for most people and please up the ttl of your domain not change it from version. to checkonline. ⊠this doesnât help us.
This is a special reverse lookup domain. If a computer wants to know the domain of an ip address (so opposite of the normal dns query where it wants the ip address for a domain), it will query .in-addr.apra.
You can see it in work if you ping an ip address. Usually your pc will tell you the (a) domain name of that address.
No, its done on purpose which is why they are ignoring our complaints.
Whatâs the purpose?
I may have missed something but I also canât imagine why HA should not work properly anymore if it would do those online or version checks just once per hour. Or even better: only after my explicit request.
