Huge amount of .in-addr.arpa requests from HASS

Since a couple of releases I notice a lot of .in-addr.arpa requests being sent to my local DNS, both to ‘internal’ addresses in the HASS itself (2.0.17.172.in-addr.arpa) as well as for addresses/devices in my LAN (x.x.229.10.in-addr.arpa).
I even see requests to non-existent devices, such as 10.229.x.xsensor.monthly_netto where the 10.229.x.x is the router/gateway address of my LAN.
It’s not only pretty annoying, but also a bit worriesome.
Approximately 40% of all DNS requests are coming from HASS.

Same here since a day or two! Normally I have around 30k DNS requests, but now it has rissen to 800k every 24 hours! It also makes my DNS requests a lot slower. What can I do to fix this? Really annoying.

Same for me
I’ve log a bug for the adguard addon (Huge amount of request since 4.1.6 · Issue #197 · hassio-addons/addon-adguard-home · GitHub) but has been closed, seems to be not related to the latest update. Strange because before i didn’t had some much queries …

What I did for now is to point the DNS server of HA to 8.8.8.8 before was my router that had adguard as dns server hosted on ha.

That seems to solve for now my issue ( except that ha is not filtered anymore… )

This continues and continues ; 3 pages of queries from HASS on the exact same second, all to the ARPA addresses. And a couple of minutes later, the exact same queries.

This has to be a bug.

I have the same on my setup

I had the same issue and got it resolved for me.
I had the name servers in the GUI configured to my DNS-servers (I have two Adguard Home installations running in my LAN).

I changed the following:
I set my DNS-server in the GUI to my local HA DNS-service (172.30.32.3) - You can find that in the ssh interface with the:

~ $ ha dns info
host: 172.30.32.3
locals:

  • dns://192.168.XXX.YYY
  • dns://192.168.XXZ.YYZ
    servers:
    update_available: false
    version: 2021.06.0
    version_latest: 2021.06.0
    ~ $
    I updated the DNS-server in the GUI: (Under Supervisor - System - Change (ip address)) and update the DNS-server to 172.30.32.3 (in the case above)

Then in the SSH-interface use:

ha dns options --servers dns://192.168.XXX.YYY --servers dns://192.168.XXZ.YYZ

Now everything is peachy:
In the end everything looks like:

~ $ ha dns info
host: 172.30.32.3
locals:

  • dns://172.30.32.3
    servers:
  • dns://192.168.XXX.YYY
  • dns://192.168.XXZ.YYZ
    update_available: false
    version: 2021.06.0
    version_latest: 2021.06.0

I hope this helps.

2 Likes

Tried the method above, because i have the same issue, but the internet stopt working because of the loopback

I have the same problem with my HA. Over 4000 queries every hour.

4K queries per hour is excessive, I see 4K queries per day.

Every hour, I see HA ‘scan’ the network by requesting .in-addr.arpa PTR queries for the subnet its on, so 1.10.168.192.in-addr.arpa to 254.10.168.192.in-addr.arpa, I assume this is some module like zeroconf doing discovery, but I don’t see any other requests like this for internal container addresses.

Also, I have found if you block any DNS from HA it goes nuts and keeps requesting the same blocked domain over and over. If you point HA DNS directly at an external server like 8.8.8.8 you will loose all local hostname resolution, as well as local discovery services (its probably not going to like that)

I have the exact same problem, dns logs are spammed by these arpa requests.

2 Likes

I am having this same problem, though with pinhole instead of Adguard. Was there ever a fix?

Was there some solution for this and what is the actual cause for this? My HA started todo this few days ago. Before that no issues.

Same issue. I understand that home assistant is scanning the network once every hour for new devices. However, what is weird to me is that it just keeps scanning the network non-stop until the pihole rate-limits it. It gets to the 7th scan of the network in less than a minute before pihole stops it:

image

I wish they would change the logic here to only scan the network once every hour instead of 7+ times (who knows how many times it would scan if we didn’t rate limit it). Also, I would love an option to only scan the network once a day or even once a week. Of even never (manual button) as I only add a new device once every year or two anyway.

mine does 1000 requests per hour, seems unnecessary lol

If I block HA from the router firewall to do this scan, while still allowing for public dns access, do I break anything?

Such as the scenario below:

I saw that HA was sending a lot of dns lookups to the router gateway ip address. this was in spite of having 8.8.8.8 as the dns address. My gateway is also working as dns server so i started to get connection errors due to high demand in a short amount of time.

Right now, i blocked the local dns requests with a firewall rule. Everything seems to continue working and for the rest of the dns lookups 8.8.8.8 is being used.

Did i break anything with the firewall rule? I dont really any local dns entries.

Managed to fix it on my end by disabling the nmap tracker integration

How did you do this exactly?

I ended up disabling the default config and then manually adding each one except ssdp and zeroconf. Once I did that the huge number of look ups disappeared for me. But I don’t really like having to disable the default config to do it, since it may change over time. So that part of my configuration now looks like this:

# default_config:
# Contains these (as of May 2024)
assist_pipeline:
bluetooth:
#cloud:
conversation:
#dhcp:
energy:
history:
homeassistant_alerts:
logbook:
media_source:
mobile_app:
my:
#ssdp:
stream:
sun:
usb:
webhook:
#zeroconf: