Hi there,
i have a docker instance of home assistant running on a cloud service alongside an mqtt broker where i’m already using some shellies via mqtt.
I’m not really sure matter will work in this scenario. Is there a way to pair up my matter devices in my house (so in my local network) with my cloud instance of home assistant without dealing with an VPN connection?
I don’t currently own any matter device so i don’t have really tested anything about matter at the moment.
Thanks in advance.
Matter relies heavily on Multicast DNS protocol (mDNS) which, somewhat unfortunately, is a IP multicast protocol so is ordinarily limited to a single broadcast domain (typically a subnet). It does not work across VLANs and certainly won’t work across a WAN. I don’t know of a way to use Matter without mDNS but an expert might now more.
Based on my quick survey on the topic the only way to get mDNS packets through the cloud would be via a layer-2 vpn tunnel such as OpenVPN in tap mode. A classic L2TP might also work.
If you have a server in your home available, you can run just the matter server locally, as its communication with HA is simple IP unicast (websockets). They provide instructions to set it up on a docker host. Short of this you would need to use a 3rd-party Matter controller box than can export devices to HA over a different protocol… SmartThings for example provides a cloud API for its devices. But overall I would suggest that Matter is not a good fit for this scenario.
Thank you very much, something i was expecting…
I was reading the official documentation and it says that i should “provide the URL to your Matter server” in my home assistant instance but since it will run on my local network i think it can’t work anyway.
Plus, on github docker commands example there was no port mapping as it is not exporting any port “publicly”.
The docker container needs to run with network_mode: host (for reasons) so individual ports do not need to be mapped, it gets everything. On the Internet side, you would need to set up port forwarding on your router if you wanted a cloud-based HA to access a LAN-based Matter server — the IP would be your home router’s external Internet address (our dynamic dns hostname) with the mapped port. However this has serious security implications as I’m not sure how locked-down the Matter server authentication methods are. Again, it was not really designed to be used that way.
I agree, thank you for clarification.
I think the “secure way” could only be setting up an openvpn connection between my cloud instance and my local network.
But i think i should prefere other solution like mqtt (which is running on the same cloud instance) right now.
I will probably set up an openvpn connection anyway in order to access my tcp modbus gateway but these IP are on another VLAN (via cable) and not the same of the possible wifi solution for possible matter devices.
I’m trying to use as much as possible the mqtt protocol but i don’t know if i can manage to get some commercial devices to work with mqtt out of the box.
There are a number of commercial devices supporting MQTT out of the box now (Shelly is quite popular), and even more that ship with or can be flashed with open-source Tasmota or ESPhome firmware, which both work over MQTT.
Macvlan works better in my opinion
Tailscale or even better would be head scale since you are cloud hosting.
Thanks, tested tailscale and it seems working fine with another LAN.
As i said i don’t have any matter devices at the moment but i tested it with a shelly that is not connected via mqtt.
I think autodiscovery of devices on LAN will still not working correctly.
If you have any other suggestions 