If I need more eth interfaces?

Hi everyone, I have a question:
Is there a way to use more than just one ether net interface in a Hassio instance running on a virtual machine based on VMware?
Because I use several different technical nets and I need more then one to monitor some different devices in different areas covered by different technical nets.
Must I use the normal network config file by adding different interfaces? If yes, how?
Thanks in advance for your kind help.

This is what routing and firewalls are forā€¦

1 Like

yes, I know of course.
by the way, I must say that Iā€™m in a ā€œpioneerā€ condition: I would bring some open source ioT in my multinational factory. the only firewall which we have is actually managed by an outsourced company, and itā€™s quite difficult to explain to mai headquarters that Iā€™m this kind of ā€œpioneerā€.
going back to my question, is there a way to add more ethernet interfaces in a Hassio istance?

Iā€™m not quite getting what you are after.
I ā€œASSUMEā€ the following : -

  1. You have placed the HA instance inside your corporate network ?
  2. You need access to it from outside the network ?
    a) Does your company know you are doing this (itā€™s usually forbidden) ?
  3. Your corporate network it split onto subnets ?
  4. The subnet you want to access HA from is different to the HAā€™s subnet ?
  5. HA needs to be on that subnet because itā€™s controlled entities are on that subnet ?
  6. Do you have a diagram ?

Hi, and thanks for your answer.
Iā€™m responsible of factory and its technical nets.
The corporate policies does not allow to surf internet to every devices, so my hassio istance cannot go outside of the local (corporate) network. Actually is set up with a fix address, without gateway or DNS in order just to acces on it from local physical network in factory.
this istance runs on a server which is connected to every technical nets in factory, with several VMs controlling different applications, so I have the possibility or to add one adapter per each net, or natting the interested net on the hassio istance: howewer, this is the option I would avoid.
the other soultion is to make an istance for each technical net, but this will affect the good browsing of the hassio istances.
have you got any suggestion?

Nope, still not getting it.
So you ā€˜needā€™ different physical ethernet ports for each of the subnets ? Or are you acting (as Moe said) through an internal gateway to access the different subnets ? It ā€˜soundsā€™ like you need ā€˜trusted networksā€™ - Try reading through : - https://www.home-assistant.io/docs/authentication/providers/#trusted-networks
It may be you need one of our network guys to review this, DavidFW1960 is one who springs to mind, Iā€™m sure heā€™ll take a look.

Exactly, it will be perfect if iā€™ll get one adapter for each subnet, as it is now in the other VMs.
is it ā€œtrusted network topicā€?

hassio is likely not a good fit then. If you are set on using home assistant (I donā€™t see this feasible for a work environment), then look at pure docker home assistant or python venv.

Iā€™d like to use it for simply jobs, like monitor temperature in a room or switch on some light, nothing so complicated. Why you donā€™t think is feasible?

Edit: Sorry Moe this wasnā€™t for you, I hit the wrong button.

It seems you keep saying yes to answers that need a little more meat on the bones.
You are aware that a lot of HA components are downloaded and updated via the Internet ?
Do you actually need external access or are you happy just to access this from inside your firewall ? (donā€™t just say yes to this as well)
(This relates directly to the post Moe just gave)
ā€œifā€ you want multiple ethernet cards then itā€™s more complicated as you will have to map them through to your docker/portainer thingumie.

As Moe says though, why are you entertaining the idea of using a home automation system within a corporate environment ? Surely youā€™d be better off with a PLC system running modbus or some such ? And using a slimmed down SCADA system (perhaps with a Web component) as your frontend ?

Maybe is my ignorance, but I donā€™t know any open source a free SCADA to interface with everything I have. the situation now is just a shelly and a ESPHome device for monitoring a temperature.
do this small thing justify this kind of effort? I would just to use the existing nets which are already running in factory to take the datas from ioT devices. I repeat, everything stuck in internal technincal net, and could be accessible from the local corporate network only.
If you have suggestion for open SCADA web based, just tell me where to get some infos aboutā€¦:slight_smile:

I donā€™t know how hassio works. But for Linux in general daemons generally binds to 0.0.0.0 (I.e all interfaces).

If you run into trouble with hassio specifically, running home assistant in a venv in a Linux image is really easy and I prefer that level of control I get.

His issue is that he wants to create new interfaces on the VM, and the process to go about that, because hassio is not a general Linux distro. HassOS (the correct term for the OS he is using) is a bare bones docker host, that runs hassio (which runs in docker).

I suspected as much. Thatā€™s why my thought was that it might be simpler to use a standard Linux image with homeassistant if there is not a simple solution in hassOS/docker.

The thing is, you donā€™t need a bunch of interfaces and it really doesnā€™t require docker to support such a configuration. Itā€™s all a HassOS issue. If routing is properly done in that environment, then you should have access to devices across subnets and doesnā€™t require an interface in every subnet. Thatā€™s a terrible networking practice.

1 Like

Yes, but sometimes things are the way they are, outside of your control, but you need to work around it. ā€œFix your routingā€ may not be that helpful.

1 Like

This is ignoring ITā€™s standards and protocols for the sake of wanting something cool.

This will get you fired in my organization. If you want to do something like this, you come and ask IT and present it in a way that makes sense. Perhaps we have a better solution for youā€¦

Maybe helpfulā€¦Any IP stack should be able to support multiple interfaces (Ethernet (eth) being one type of interface, Bridge (br) being another type of interface possibly used in a VM), and you can assign an address to each interface. As long as routing is enabled in the IP stack, then the stack will route packets to an interface based on its address. However if that interface is down, then routing will not forward to that interface. The general practice is to assign a real IP address to the loopback (lo) interface of the IP stack as it never goes down (but be careful with the net address of this real IP address). Either way, HA will be listening on some port (ex 8123), and any packets destined to one of the IP Stackā€™s IP addresses with HAā€™s port will be forwarded to HA.