No Internet in HA?

Actually I take that back.

It’s still not working saying no host internet connection.

Yet, still no internet.

Some stuff works, some stuff doesnt.

Screenshot from 2023-08-10 21-57-43

You know, i’m really going to vent my frustration here.

Why is it that the community has spent hours and hours and hours of time over such a stupid problem.
Its DNS, set your DNS server and be done with it.

It really makes me think that there is more behind the scenes that someone is trying to hide!
Why force HA to use DoT and then make it, literally impossible to disable.

This is a stupid f*&%^& problem that I have already spent about 4 hours on! WHY.

Is homeassistant collection information about its users? WHAT is it querying in the background?

Here is a cap with DNS fallback disabled. Please tell WHERE is 1 single query for my DNS server which is at x.5.

22:06:06.446890 IP 172.16.101.3.41108 > 172.16.101.1.53: UDP, length 43
22:06:08.448235 IP 172.16.101.3.41108 > 172.16.101.1.53: UDP, length 43
22:06:10.450074 IP 172.16.101.3.41108 > 172.16.101.1.53: UDP, length 43
22:06:12.451042 IP 172.16.101.3.41108 > 172.16.101.1.53: UDP, length 43
22:06:14.451968 IP 172.16.101.3.41108 > 172.16.101.1.53: UDP, length 43
22:06:49.028685 IP 172.16.101.3.54770 > 172.16.101.1.53: UDP, length 58
22:06:49.029105 IP 172.16.101.3.45537 > 172.16.101.1.53: UDP, length 58
22:06:49.057747 IP 172.16.101.3.47573 > 172.16.101.1.53: UDP, length 47
22:06:49.057946 IP 172.16.101.3.57946 > 172.16.101.1.53: UDP, length 47
22:06:49.058115 IP 172.16.101.3.39126 > 172.16.101.1.53: UDP, length 47
22:06:49.058266 IP 172.16.101.3.42785 > 172.16.101.1.53: UDP, length 47
22:06:49.058567 IP 172.16.101.3.43193 > 172.16.101.1.53: UDP, length 47
22:06:49.058727 IP 172.16.101.3.38901 > 172.16.101.1.53: UDP, length 47
22:06:49.058913 IP 172.16.101.3.55489 > 172.16.101.1.53: UDP, length 47
22:06:49.059149 IP 172.16.101.3.38155 > 172.16.101.1.53: UDP, length 47
22:06:49.059343 IP 172.16.101.3.45908 > 172.16.101.1.53: UDP, length 47
22:06:49.059510 IP 172.16.101.3.45239 > 172.16.101.1.53: UDP, length 47
22:06:49.059752 IP 172.16.101.3.56844 > 172.16.101.1.53: UDP, length 47
22:06:49.059875 IP 172.16.101.3.49142 > 172.16.101.1.53: UDP, length 47
22:06:49.060077 IP 172.16.101.3.51005 > 172.16.101.1.53: UDP, length 47
22:06:49.060229 IP 172.16.101.3.49349 > 172.16.101.1.53: UDP, length 47
22:06:49.060358 IP 172.16.101.3.42820 > 172.16.101.1.53: UDP, length 47
22:06:54.063091 IP 172.16.101.3.47031 > 8.8.8.8.53: UDP, length 47
22:06:54.063099 IP 172.16.101.3.60463 > 8.8.8.8.53: UDP, length 47
22:06:54.063108 IP 172.16.101.3.50104 > 8.8.8.8.53: UDP, length 47
22:06:54.063111 IP 172.16.101.3.39378 > 8.8.8.8.53: UDP, length 47
22:06:54.063111 IP 172.16.101.3.49634 > 8.8.8.8.53: UDP, length 47
22:06:54.063114 IP 172.16.101.3.42991 > 8.8.8.8.53: UDP, length 47
22:06:54.063192 IP 172.16.101.3.50457 > 8.8.8.8.53: UDP, length 47
22:06:54.063196 IP 172.16.101.3.46682 > 8.8.8.8.53: UDP, length 47
22:06:54.063197 IP 172.16.101.3.46074 > 8.8.8.8.53: UDP, length 47
22:06:54.063221 IP 172.16.101.3.46850 > 8.8.8.8.53: UDP, length 47
22:06:54.063232 IP 172.16.101.3.40393 > 8.8.8.8.53: UDP, length 47
22:06:54.063240 IP 172.16.101.3.47853 > 8.8.8.8.53: UDP, length 47
22:06:54.064135 IP 172.16.101.3.48863 > 8.8.8.8.53: UDP, length 47
22:06:54.064151 IP 172.16.101.3.34234 > 8.8.8.8.53: UDP, length 47
22:06:54.064250 IP 172.16.101.3.40359 > 8.8.8.8.53: UDP, length 47
22:06:54.137941 IP 172.16.101.3.54770 > 172.16.101.1.53: UDP, length 58
22:06:54.137952 IP 172.16.101.3.45537 > 172.16.101.1.53: UDP, length 58
22:06:59.068439 IP 172.16.101.3.49142 > 172.16.101.1.53: UDP, length 47
22:06:59.068445 IP 172.16.101.3.45908 > 172.16.101.1.53: UDP, length 47
22:06:59.068449 IP 172.16.101.3.51005 > 172.16.101.1.53: UDP, length 47
22:06:59.068451 IP 172.16.101.3.57946 > 172.16.101.1.53: UDP, length 47
22:06:59.068453 IP 172.16.101.3.38155 > 172.16.101.1.53: UDP, length 47
22:06:59.068453 IP 172.16.101.3.39126 > 172.16.101.1.53: UDP, length 47
22:06:59.068455 IP 172.16.101.3.43193 > 172.16.101.1.53: UDP, length 47
22:06:59.068456 IP 172.16.101.3.42785 > 172.16.101.1.53: UDP, length 47
22:06:59.068458 IP 172.16.101.3.47573 > 172.16.101.1.53: UDP, length 47
22:06:59.068459 IP 172.16.101.3.38901 > 172.16.101.1.53: UDP, length 47
22:06:59.068460 IP 172.16.101.3.45239 > 172.16.101.1.53: UDP, length 47
22:06:59.068461 IP 172.16.101.3.55489 > 172.16.101.1.53: UDP, length 47
22:06:59.068463 IP 172.16.101.3.49349 > 172.16.101.1.53: UDP, length 47
22:06:59.068550 IP 172.16.101.3.56844 > 172.16.101.1.53: UDP, length 47
22:06:59.068578 IP 172.16.101.3.42820 > 172.16.101.1.53: UDP, length 47
22:06:59.388097 IP 172.16.101.3.54770 > 172.16.101.1.53: UDP, length 47
22:06:59.388109 IP 172.16.101.3.45537 > 172.16.101.1.53: UDP, length 47
22:07:04.071700 IP 172.16.101.3.42991 > 8.8.8.8.53: UDP, length 47
22:07:04.071707 IP 172.16.101.3.50457 > 8.8.8.8.53: UDP, length 47
22:07:04.071715 IP 172.16.101.3.39378 > 8.8.8.8.53: UDP, length 47
22:07:04.071731 IP 172.16.101.3.47853 > 8.8.8.8.53: UDP, length 47
22:07:04.071821 IP 172.16.101.3.34234 > 8.8.8.8.53: UDP, length 47
22:07:04.073742 IP 172.16.101.3.49634 > 8.8.8.8.53: UDP, length 47
22:07:04.073745 IP 172.16.101.3.60463 > 8.8.8.8.53: UDP, length 47
22:07:04.073747 IP 172.16.101.3.46074 > 8.8.8.8.53: UDP, length 47
22:07:04.073867 IP 172.16.101.3.46682 > 8.8.8.8.53: UDP, length 47
22:07:04.073868 IP 172.16.101.3.40393 > 8.8.8.8.53: UDP, length 47
22:07:04.073871 IP 172.16.101.3.48863 > 8.8.8.8.53: UDP, length 47
22:07:04.073872 IP 172.16.101.3.46850 > 8.8.8.8.53: UDP, length 47
22:07:04.073874 IP 172.16.101.3.50104 > 8.8.8.8.53: UDP, length 47
22:07:04.073877 IP 172.16.101.3.47031 > 8.8.8.8.53: UDP, length 47
22:07:04.073878 IP 172.16.101.3.40359 > 8.8.8.8.53: UDP, length 47
22:07:04.638117 IP 172.16.101.3.45537 > 172.16.101.1.53: UDP, length 47
22:07:04.638133 IP 172.16.101.3.54770 > 172.16.101.1.53: UDP, length 47
22:07:09.888248 IP 172.16.101.3.58484 > 172.16.101.1.53: tcp 0
22:07:10.919441 IP 172.16.101.3.58484 > 172.16.101.1.53: tcp 0
22:07:12.935574 IP 172.16.101.3.58484 > 172.16.101.1.53: tcp 0
22:07:14.027409 IP 172.16.101.3.33133 > 172.16.101.1.53: UDP, length 47
22:07:14.027418 IP 172.16.101.3.49623 > 172.16.101.1.53: UDP, length 47
22:07:14.057040 IP 172.16.101.3.60792 > 172.16.101.1.53: UDP, length 47
22:07:14.057062 IP 172.16.101.3.53770 > 172.16.101.1.53: UDP, length 47
22:07:15.058229 IP 172.16.101.3.53053 > 172.16.101.1.53: UDP, length 47
22:07:15.058234 IP 172.16.101.3.38004 > 172.16.101.1.53: UDP, length 47
22:07:17.057835 IP 172.16.101.3.59427 > 172.16.101.1.53: UDP, length 47
22:07:17.057848 IP 172.16.101.3.40042 > 172.16.101.1.53: UDP, length 47
22:07:17.159550 IP 172.16.101.3.58484 > 172.16.101.1.53: tcp 0
22:07:19.032745 IP 172.16.101.3.35158 > 8.8.8.8.53: UDP, length 47
22:07:19.032757 IP 172.16.101.3.53370 > 8.8.8.8.53: UDP, length 47
22:07:19.062422 IP 172.16.101.3.54844 > 8.8.8.8.53: UDP, length 47
22:07:19.062423 IP 172.16.101.3.56652 > 8.8.8.8.53: UDP, length 47
22:07:20.057746 IP 172.16.101.3.45314 > 172.16.101.1.53: tcp 0
22:07:20.059588 IP 172.16.101.3.60460 > 8.8.8.8.53: UDP, length 47
22:07:20.059593 IP 172.16.101.3.40747 > 8.8.8.8.53: UDP, length 47
22:07:21.057430 IP 172.16.101.3.50848 > 172.16.101.1.53: UDP, length 47
22:07:21.057449 IP 172.16.101.3.35147 > 172.16.101.1.53: UDP, length 47
22:07:21.063597 IP 172.16.101.3.45314 > 172.16.101.1.53: tcp 0
22:07:22.041752 IP 172.16.101.3.38983 > 172.16.101.1.53: UDP, length 47
22:07:22.041804 IP 172.16.101.3.38520 > 172.16.101.1.53: UDP, length 47
22:07:22.059700 IP 172.16.101.3.38217 > 8.8.8.8.53: UDP, length 47
22:07:22.059724 IP 172.16.101.3.57736 > 8.8.8.8.53: UDP, length 47
22:07:22.067726 IP 172.16.101.3.53499 > 172.16.101.1.53: UDP, length 47
22:07:22.069740 IP 172.16.101.3.60690 > 172.16.101.1.53: UDP, length 47
22:07:23.066717 IP 172.16.101.3.36145 > 172.16.101.1.53: UDP, length 47
22:07:23.066737 IP 172.16.101.3.48992 > 172.16.101.1.53: UDP, length 47
22:07:23.079524 IP 172.16.101.3.45314 > 172.16.101.1.53: tcp 0
22:07:25.065837 IP 172.16.101.3.42791 > 172.16.101.1.53: UDP, length 47
22:07:25.065842 IP 172.16.101.3.38745 > 172.16.101.1.53: UDP, length 47
22:07:26.062496 IP 172.16.101.3.56899 > 8.8.8.8.53: UDP, length 47
22:07:26.062540 IP 172.16.101.3.39135 > 8.8.8.8.53: UDP, length 47
22:07:27.047020 IP 172.16.101.3.34365 > 8.8.8.8.53: UDP, length 47
22:07:27.047058 IP 172.16.101.3.56746 > 8.8.8.8.53: UDP, length 47
22:07:27.073061 IP 172.16.101.3.41917 > 8.8.8.8.53: UDP, length 47
22:07:27.074981 IP 172.16.101.3.34683 > 8.8.8.8.53: UDP, length 47
22:07:27.143596 IP 172.16.101.3.45314 > 172.16.101.1.53: tcp 0
22:07:28.072033 IP 172.16.101.3.49425 > 8.8.8.8.53: UDP, length 47
22:07:28.072049 IP 172.16.101.3.53660 > 8.8.8.8.53: UDP, length 47
22:07:29.058434 IP 172.16.101.3.55070 > 172.16.101.1.53: UDP, length 47
22:07:29.058441 IP 172.16.101.3.45913 > 172.16.101.1.53: UDP, length 47
22:07:29.068275 IP 172.16.101.3.40218 > 172.16.101.1.53: UDP, length 47
22:07:29.068290 IP 172.16.101.3.43348 > 172.16.101.1.53: UDP, length 47
22:07:30.070882 IP 172.16.101.3.42773 > 8.8.8.8.53: UDP, length 47
22:07:30.070884 IP 172.16.101.3.51353 > 8.8.8.8.53: UDP, length 47
22:07:30.138178 IP 172.16.101.3.54404 > 172.16.101.1.53: UDP, length 47
22:07:30.138184 IP 172.16.101.3.50634 > 172.16.101.1.53: UDP, length 47
22:07:34.060442 IP 172.16.101.3.54498 > 8.8.8.8.53: UDP, length 47
22:07:34.063570 IP 172.16.101.3.50462 > 8.8.8.8.53: UDP, length 47
22:07:34.073654 IP 172.16.101.3.49128 > 8.8.8.8.53: UDP, length 47
22:07:34.073665 IP 172.16.101.3.34218 > 8.8.8.8.53: UDP, length 47
22:12:42.842049 IP 172.16.101.3.56371 > 172.16.101.1.53: UDP, length 43
22:12:44.843152 IP 172.16.101.3.56371 > 172.16.101.1.53: UDP, length 43
22:12:46.843469 IP 172.16.101.3.56371 > 172.16.101.1.53: UDP, length 43
22:12:48.850842 IP 172.16.101.3.56371 > 172.16.101.1.53: UDP, length 43
22:12:50.851830 IP 172.16.101.3.56371 > 172.16.101.1.53: UDP, length 43
22:17:47.586864 IP 172.16.101.3.33441 > 172.16.101.1.53: UDP, length 43
22:17:49.589016 IP 172.16.101.3.33441 > 172.16.101.1.53: UDP, length 43
22:17:51.590467 IP 172.16.101.3.33441 > 172.16.101.1.53: UDP, length 43
22:17:53.591385 IP 172.16.101.3.33441 > 172.16.101.1.53: UDP, length 43
22:17:55.592539 IP 172.16.101.3.33441 > 172.16.101.1.53: UDP, length 43

There is not 1. Instead now its trying google and my gateway. I have set my DNS server static.

what does ha resolution info output?

I can totally understand your frustration, but I can say for sure, that it has something to do with your setup, sorry. :slight_smile:

I have kind of the same config, HA on a miniserver, Pi-Hole as DNS, advertised through the router, a rule to re-route DNS traffic to Pi-Hole, all that - and it works as expected. Don’t misunderstand me, I get that it’s not working for you, what I’m saying is, there is a solution for the problem, we just need to find it, because I have the working example. :slight_smile:

FWIW, if you have some time to loose, here is the thread where this was discussed and ended in the PR that got us the command ha dns options --fallback=false. There is also a check (above mentioned by @WallyR) from @CentralCommand that you should run and see what comes up. It is an interesting topic and worth the read, but it needs time. :wink:

So here you go, take note of the links in that post, the first link brings you to a very detailed description of the problem (especially with some Pi-Hole setups):

ha resolution info

[core-ssh ~]$ ha resolution info
checks:
- enabled: true
  slug: dns_server
- enabled: true
  slug: backups
- enabled: true
  slug: docker_config
- enabled: true
  slug: free_space
- enabled: true
  slug: supervisor_trust
- enabled: true
  slug: core_security
- enabled: true
  slug: network_interface_ipv4
- enabled: true
  slug: dns_server_ipv6
- enabled: true
  slug: addon_pwned
- enabled: true
  slug: multiple_data_disks
issues:
- context: system
  reference: null
  type: no_current_backup
  uuid: d85d4a15eca64fcc8b2d5dfe70b7f0df
suggestions:
- auto: false
  context: system
  reference: null
  type: create_full_backup
  uuid: 343c586aa6324546b1885024b55820c0
unhealthy: []
unsupported: []

a nslookup from my DNS server.

[core-ssh ~]$ nslookup
> server 172.16.101.5
Default server: 172.16.101.5
Address: 172.16.101.5#53
> google.com
;; communications error to 172.16.101.5#53: timed out
Server:         172.16.101.5
Address:        172.16.101.5#53

Non-authoritative answer:
Name:   google.com
Address: 172.217.24.46
Name:   google.com
Address: 2404:6800:4006:804::200e
> trademe.co.nz
Server:         172.16.101.5
Address:        172.16.101.5#53

Non-authoritative answer:
Name:   trademe.co.nz
Address: 151.101.194.137
Name:   trademe.co.nz
Address: 151.101.66.137
Name:   trademe.co.nz
Address: 151.101.2.137
Name:   trademe.co.nz
Address: 151.101.130.137
> home-assistant.io
Server:         172.16.101.5
Address:        172.16.101.5#53

Non-authoritative answer:
Name:   home-assistant.io
Address: 104.26.4.238
Name:   home-assistant.io
Address: 104.26.5.238
Name:   home-assistant.io
Address: 172.67.68.90
Name:   home-assistant.io
Address: 2606:4700:20::681a:4ee
Name:   home-assistant.io
Address: 2606:4700:20::681a:5ee
Name:   home-assistant.io
Address: 2606:4700:20::ac43:445a
>

And

ha network info

as requested, ha network info

[core-ssh ~]$ ha network info
docker:
  address: 172.30.32.0/23
  dns: 172.30.32.3
  gateway: 172.30.32.1
  interface: hassio
host_internet: false
interfaces:
- connected: true
  enabled: true
  interface: ens19
  ipv4:
    address:
    - 172.16.102.1/27
    gateway: null
    method: static
    nameservers: []
    ready: true
  ipv6:
    address:
    - fe80::84e0:ec07:ca7a:eda2/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 02:5A:80:90:6A:5B
  primary: false
  type: ethernet
  vlan: null
  wifi: null
- connected: true
  enabled: true
  interface: ens20
  ipv4:
    address:
    - 172.16.103.10/28
    gateway: null
    method: static
    nameservers: []
    ready: true
  ipv6:
    address:
    - fe80::b713:120:8093:4ed5/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 0A:A0:5A:40:23:0F
  primary: false
  type: ethernet
  vlan: null
  wifi: null
- connected: true
  enabled: true
  interface: ens18
  ipv4:
    address:
    - 172.16.101.3/27
    gateway: null
    method: static
    nameservers: []
    ready: true
  ipv6:
    address:
    - fe80::9494:92f0:b4eb:7597/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 0A:79:F8:45:51:1E
  primary: true
  type: ethernet
  vlan: null
  wifi: null
supervisor_internet: true

You don’t have a DNS server set in HA.

ipv4:
    address:
    - 172.16.101.3/27
    gateway: null
    method: static
    nameservers: []
    ready: true
1 Like

See attached,

image

I would try switching to DHCP and back.

Regardless of what the UI is showing, that DNS server doesn’t appear to be set based on the ha network info command. That would explain why you’re only seeing traffic to your gateway.

Yes, thats what it look like to me too.

I will try switch to DHCP and back.

1 Like

Do you advertise your DNS server via your router? I have the HA settings on “auto” but do advertise the IP of the DNS server via the router. HA picks up on that and has them listed under nameservers (ha network info).

Sorry, when you say “advertise” DNS are you referring to DHCP?

Yes. :slight_smile: Can you set that in your router (or at the DHCP server)?

Yes, the DNS server is issued via DHCP.

ha network info after setting DHCP.

[core-ssh ~]$ ha network info
docker:
  address: 172.30.32.0/23
  dns: 172.30.32.3
  gateway: 172.30.32.1
  interface: hassio
host_internet: false
interfaces:
- connected: true
  enabled: true
  interface: ens19
  ipv4:
    address:
    - 172.16.102.1/27
    gateway: null
    method: static
    nameservers: []
    ready: true
  ipv6:
    address:
    - fe80::84e0:ec07:ca7a:eda2/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 02:5A:80:90:6A:5B
  primary: false
  type: ethernet
  vlan: null
  wifi: null
- connected: true
  enabled: true
  interface: ens20
  ipv4:
    address:
    - 172.16.103.10/28
    gateway: null
    method: static
    nameservers: []
    ready: true
  ipv6:
    address:
    - fe80::b713:120:8093:4ed5/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 0A:A0:5A:40:23:0F
  primary: false
  type: ethernet
  vlan: null
  wifi: null
- connected: true
  enabled: true
  interface: ens18
  ipv4:
    address:
    - 172.16.101.21/27
    gateway: 172.16.101.1
    method: auto
    nameservers:
    - 172.16.101.5
    ready: true
  ipv6:
    address:
    - fe80::9494:92f0:b4eb:7597/64
    gateway: null
    method: disabled
    nameservers: []
    ready: true
  mac: 0A:79:F8:45:51:1E
  primary: true
  type: ethernet
  vlan: null
  wifi: null
supervisor_internet: true

And yet,

I’m wondering if having multiple interfaces is the issue. I would presume not since the one with DNS configured is marked as primary.

Alternatively, you could try disabling blocking in piHole temporarily and see if the add-on install will work. Or just look at the log query to see if anything is being blocked.

The strange thing is, some things work, some don’t.

For example, I’m running a CF tunnel, which connects everytine without issue. Now for this tunnel to connect it obviously needs to resolve the hostname for the server, this happens without issue.

Also, I can browse HACS, browse the add on store etc.

Just cant install add-ons and updates.