Event-based WiFi presence detection with OpenWrt + MQTT (no multi-homing, no ARP, no polling)
Most WiFi presence integrations (ping, ARP, nmap, mDNS, iphonedetect, etc.) assume that Home Assistant is in the same subnet or VLAN as the client devices. In segmented networks this often leads to recommendations like adding additional VLAN interfaces to Home Assistant or multi-homing HA into multiple subnets.
From a network architecture and security perspective this is unreliable. A multi-homed application host becomes a de-facto zone crossover point, increases attack surface, and weakens segmentation. This breaks intended trust boundaries and makes policy enforcement significantly harder.
I intentionally avoid integrations that require Home Assistant to access other security zones or perform network scanning, as this weakens isolation and increases risk. Same for other plugins for OpenWRT, as I just want to Keep It Stupid (&) Simple.
I also stopped using ping- and nmap-based presence detection because both are polling-based, unreliable (especially with mobile devices and iOS power saving), often do not work cleanly across subnets, and add unnecessary background and WLAN noise.
Instead, I moved presence detection to where it belongs: The access point. On OpenWrt, hostapd already provides real-time connect and disconnect events. The AP generates authoritative presence events and forwards only the presence state to Home Assistant via MQTT.
Home Assistant stays single-homed, does not access the APs or other network devices, and does not scan or poll the network. MQTT is the only integration point.
This preserves proper VLAN and security zone separation, reduces attack surface, avoids polling and network noise, and provides immediate, event-based presence detection that also scales cleanly to multi-AP environments.
Am just wondering why I did not implement it earlier 
If you are using OpenWrt and MQTT you could give it a try.
Cheers,
fb