Matter addon not leveraging network interface

Hi all,

I noticed recently that Google pushed an update to my Nest Thermostats (3rd gen/mirror) and they now have Matter support. My biggest frustration with these devices is that they rely on a cloud API; I haven’t had any issues, but I don’t love that I’m dependent on Google for this basic functionality, so seeing Matter support was exciting and I immediately decided to test it out.

I installed the Matter (Beta) addon and the associated integration which went smoothly. However, when I tried to add the thermostats via the Matter integration I’m getting constant errors although nothing shows in addon the logs.

A little information about my HA setup:
VM on XCP-ng pool imported using the VDI file
VM is configured with 2 NICs:
ENX0 - Connected to the IoT network where all the devices live. This interface has IPv6 enabled (auto) and IPv4 enabled (static with only IP address, no gateway, no DNS)
ENX1 - Connected to the ‘LAN’. This interface has IPv6 disabled and IPv4 enabled (auto) with gateway and DNS populated by DHCP.

Add-on: Matter Server
Matter WebSocket Server for Home Assistant Matter support.

Add-on version: 5.4.1
You are running the latest version of this add-on.
System: Home Assistant OS 12.1 (amd64 / qemux86-64)
Home Assistant Core: 2024.3.3
Home Assistant Supervisor: 2024.03.0

I don’t recall specifically why I configured the VM with 2 interfaces as detailed above, but I know there was a reason and I’m hesitant to change the NIC config and risk breaking things. (It may have been related to how I have my network laid out and where Apple TVs and a UniFi NVR needed to live).

Now one thing I’ve noticed that could be contributing to the problem is that when I check the logs for the Matter addon it’s trying to use ENX1 as the primary interface instead of ENX0 (where the devices live) but there I can’t find anywhere to change this. My thought is that it may be trying to establish a connection out of interface ENX1 which is then blocked from accessing the IoT network. I found the addon’s config file on the github page and it seems to indicate that the container should be using host networking, but if it is it doesn’t seem to be detecting or leveraging the ENX0 interface.

I understand that the Matter standard/protocol and the Matter implementation in HA are still in their infancy (hence the BETA branding on everything). Any settings or troubleshooting steps anyone can recommend? I’m happy to provide additional information or details about my configuration, but I don’t even know where to begin with this!

The matter addon will bind to the fe80 network of the primary interface and it will probably require a gateway too.
HA have very limited IPv6 features and there is no way to control the bindings.

Your best option is to move your HA to the IoT network and then use the router to open port to access HA from the normal LAN.
Remember that when you commission devices then you phone need to have the IoT WiFi network as the default autoconnect WiFI.

Thanks for the reply. I’ll see what I can do. It’s going to be a heavier lift than just ‘move it to the IoT network’

Update: Switching my configuration around to only use 1 network interface in Home Assistant is going to be a heavier lift than you’re assuming and would require me setting up a Bonjour Gateway to maintain Airplay capability and HA integration with the Apple TVs , which I’ve used in the past and didn’t love but am willing to try again at a later date.

In the interim what I’ve done is kept my 2 NICs in Home Assistant, but flipped the configuration around so the NIC on the IoT network is configured with a gateway and the NIC on the normal LAN is not. HA can still talk to the Apple TVs on the normal LAN and can reach the internet and other subnets via the IoT network interface. This is allowing me to setup Matter devices successfully and has been working like a charm for a few weeks.

I haven’t noticed any issues with this configuration since the switch (except that I needed to reinstall one integration) so I’ll likely run with this until I have time to plan a migration for these Apple TVs so I can abide by best practice keeping them with the other IoT devices and bring the NIC count down to 1.

Unexpected benefit: I have a Samsung Tizen SmartTV in my IoT network that would accept all commands being sent to it from HA except power on/off. Following the NIC reconfiguration it’s now accepting power commands! I haven’t had the chance to look into why that is all of a sudden working (I assume it’s something to do with broadcast/multicast traffic), but that was a nice surprise!

I do not know if you can call it best practice.
It is just the way things are because HA lacks the proper IPv6 features.

The off command should work, because that is just a command like any other, but the on command is probably a Wake-on-LAN magic packet, which is not routable and router/firewalls also rarely have helper/forwarder features for this packet.