So you are not getting the correct/expected result, per the 13:20 and 14:00 mark in the YouTube video you linked.
That means something wrong with your DNSmasq… probably not configured properly.
So! The next step,
Dnsmasq
defaults:
- 8.8.8.8
- 8.8.4.4
forwards: []
hosts:
- host: domain.duckdns.org
ip: 192.168.1.xxx
services: []
I have my HA setup on an Optiplex via Proxmox VM and I’m accessing from a MacBook:
DNS config:
Primary: 192.168.1.xxx
Secondary: 208.67.222.xxx
HA IP is 192.168.1.xxx
This is from the macbook?
How about temporarily removing the secondary?
Try from the macbook with
dig +trace mydomain.duckdns.org
No that DNS config is from my router. DNS from Mac settings is:
Primary: 192.168.1.xxx which is the one I use to login to my router
Secondary: 208.67.222.xxx
Removing secondary did not change things.
Putting that into Terminal gives (I pasted it all, please advise if anything in there is not safe to share publicly. Also, I put my actual domain in not ‘mydomain’):
; <<>> DiG 9.10.6 <<>> +trace mydomain.duckdns.org
;; global options: +cmd
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
. 518400 IN RRSIG NS 8 0 518400 20220209170000 20220127160000 9799 . UhURswQsxwu4nfbd742zy6qJ2rTmSVcevS/E+Fo8ubM0C1BkfvuD1yLk Wepr7ROeeEsKuXECckIZ56DFXwkmY1J6OHB04CVs9i58jG0nIUdVPpB0 nhUA/emnaES53BjVNayYy+AcLTvwt4RlaPpsZs4EK5Il+vF/FQl7uzwo nuqDhehrR6YDymRz8wEciu4tSIdhKiVwCgu61yXGRBCbOp7Ip692nzV4 rxrnE7hPgM9CzX7U3FjskXhG6CUOYB1IYUGYNaXLjknI/a8cxqcuJzdR Q7I2ZCpgEm9QWk3gKesPdhndSIrYKwmiRuJ6A6ZXxYoYutf62Tuhvl7v Qf+cPw==
;; Received 525 bytes from 192.168.1.254#53(192.168.1.254) in 36 ms
org. 172800 IN NS a0.org.afilias-nst.info.
org. 172800 IN NS b2.org.afilias-nst.org.
org. 172800 IN NS c0.org.afilias-nst.info.
org. 172800 IN NS a2.org.afilias-nst.info.
org. 172800 IN NS b0.org.afilias-nst.org.
org. 172800 IN NS d0.org.afilias-nst.org.
org. 86400 IN DS 26974 8 2 4FEDE294C53F438A158C41D39489CD78A86BEB0D8A0AEAFF14745C0D 16E1DE32
org. 86400 IN RRSIG DS 8 1 86400 20220209170000 20220127160000 9799 . jvgKa2yg84mS5OyLatVnComG99xmEFkK6xPt0lGKAJ5IezIx0fTNlwem /tVRxVQX0r0jHV6t1i7in+/1mjxtN2eY9ZpBNwW2BQZ7iXpGZcqzSwwQ c/v3+5sLuwZmqCdLqxalxZ/n+OGJMn7p3KfQHIAcNhKhn/e4QJJyAnpO T/KpNvQdsdPkhCMPUWPOgwKhUFFflBDS/fwd8te9LX94JLJdVFpOx53E SsjLwhvRCSQ4v3o3cQjk57f1SbJjrnLFmEamdWFU5h7B7yzSjkFu7ZUb 5W/x9W9sU9vSiMowYuhx4THnF2q2x0ha7eNa6N6q4Xk5mzOPKWj5sUx5 s7iqOQ==
;; Received 801 bytes from 199.9.14.201#53(b.root-servers.net) in 88 ms
duckdns.org. 86400 IN NS ns1.duckdns.org.
duckdns.org. 86400 IN NS ns2.duckdns.org.
duckdns.org. 86400 IN NS ns3.duckdns.org.
duckdns.org. 86400 IN NS ns4.duckdns.org.
duckdns.org. 86400 IN NS ns5.duckdns.org.
duckdns.org. 86400 IN NS ns6.duckdns.org.
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A 1I87R64GAJU4O91MHKBU7I9EKBS7K8UT NS SOA RRSIG DNSKEY NSEC3PARAM
1i870vj5h429vj9pci7ar6e9gki74tr7.org. 86400 IN RRSIG NSEC3 8 2 86400 20220218045447 20220128035447 54255 org. blI4CfdifDQRE3z693VW3kCZ6KSym5wuIxuK9mkuJom67Aht4vpKT9mp 6Zu4mbj2k72EVkqqETk+dkSVQjFN3dScNfEew9zUEWsix24sJvhYfiHI UzoD0H1Nuigm7iAW9GsMWRzQrsRDJg6SGmDIzvBDqg+hn6E+N9tgariL G6w=
3girek7tpo8h3m0je8sh7bmjl4tjtv65.org. 86400 IN NSEC3 1 1 10 332539EE7F95C32A 3GIUUAKS70TM1FIABNKQDB77RDG4P5O4 NS DS RRSIG
3girek7tpo8h3m0je8sh7bmjl4tjtv65.org. 86400 IN RRSIG NSEC3 8 2 86400 20220215152409 20220125142409 54255 org. oKZiY3Opdx3Un/zrI61NC72z7+c7bD9omJGi7mlmXRv/P4cerhZBBct+ cC1tSV1/CP6whEvOssYd5uvHMPDAbqSns3pR5GKdkzEX9P4rZn2YuCVx wNE2Y4I+/IDX0ck18N0DWv1KkvUrqzMQwXFUtZqZEaL9uuPwBdzEQPj/ t7A=
;; Received 763 bytes from 199.19.53.1#53(c0.org.afilias-nst.info) in 85 ms
mydomain.duckdns.org. 60 IN A 172.103.160.177
duckdns.org. 600 IN NS ns1.duckdns.org.
duckdns.org. 600 IN NS ns2.duckdns.org.
duckdns.org. 600 IN NS ns3.duckdns.org.
duckdns.org. 600 IN NS ns4.duckdns.org.
duckdns.org. 600 IN NS ns5.duckdns.org.
duckdns.org. 600 IN NS ns6.duckdns.org.
;; Received 278 bytes from 3.97.58.28#53(ns6.duckdns.org) in 130 ms
Please just answer that question.
I edited my previous answer to include, but here it is again. Looks like the same as my router DNS. Took me a second to find it, sorry.
If the mac does not have the machine running dnsmasq as its dns server, what you are trying to do cannot work.
You can see that the dig output shows the mac looking up mydomain.duckdns.org on 192.168.1.254. 192.168.1.254 forwards the request to the internet’s root servers, and the request eventually ends up at ns6.duckdns.org. In other words dnsmasq doesn.t seem to be touched.
Please be specific about your internal IP’s though. I am assuming .254 is your router, but I cannot tell because you keep writing .xxx which is unhelpful.
Sorry I’m just not familiar with how secure it is to share full IPs, that’s all.
My HA IP is 192.168.1.90 and my router is 192.168.1.254.
That info is no use to anyone unless they have access to your LAN, and if they have access to your LAN you are compromised anyway.
Back to the problem in hand: if your mac isn’t pointed at the computer running dyndns, it cannot resolve mydomain.duckdns.org except thru the internet, which is going to show your external IP.
In other words, DNSMasq will be your (primary) DNS server (and should be your only, as other DNS servers will fail resolving your local address)
So if DNSMasq is on your HA, your primary DNS will be 192.168.1.90
And DNSMasq should use 208.67.222.xxx as main DNS (and optionally router)
So at the moment, @ennsy, you have set up a DNSmasq on your HA (please confirm), which is 192.168.1.90.
But then, your mac is not using the DNSmasq you just set up, and is using the router IP 192.168.1.254.
So your mac (your browser) would understandably not know how to resolve the HA IP, since the correct answer is not in the router (DNSmasq knows the correct answer).
(Can you run ifconfig from your mac?)
So, I’m quoting timestamp 14:07 of the YouTube you linked.
You will need to tell your mac to “go check the IP using DNSmasq, not using the DNS in your router.” How you do that, depends on your router. So you’ll want to provide more information.
IMHO abandoning the DHCP server on your router and using Dnsmasq’s DNS server for your entire lan is the way to go. Then when a computer joins your lan, dnsmasq will give an IP configuration including itself as DNS server. Then any device on your lan can contact home assistant.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=201<PERFORMNUD,DAD>
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
EHC253: flags=0<> mtu 0
EHC250: flags=0<> mtu 0
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
ether 3c:07:54:1a:35:50
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (none)
status: inactive
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 60:c5:47:8e:52:a6
inet6 fe80::426:212f:667a:79d6%en1 prefixlen 64 secured scopeid 0x7
inet 192.168.1.87 netmask 0xffffff00 broadcast 192.168.1.255
nd6 options=201<PERFORMNUD,DAD>
media: autoselect
status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 02:c5:47:8e:52:a6
media: autoselect
status: inactive
en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
options=60<TSO4,TSO6>
ether d2:00:13:c9:8d:60
media: autoselect <full-duplex>
status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
lladdr a4:b1:97:ff:fe:3c:98:d6
nd6 options=201<PERFORMNUD,DAD>
media: autoselect <full-duplex>
status: inactive
bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=63<RXCSUM,TXCSUM,TSO4,TSO6>
ether d2:00:13:c9:8d:60
Configuration:
id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
ipfilter disabled flags 0x2
member: en2 flags=3<LEARNING,DISCOVER>
ifmaxaddr 0 port 9 priority 0 path cost 0
nd6 options=201<PERFORMNUD,DAD>
media: <unknown type>
status: inactive
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
inet6 fe80::9dcc:4f38:59d1:f4e5%utun0 prefixlen 64 scopeid 0xc
nd6 options=201<PERFORMNUD,DAD>
Are you saying to make that 208 IP the one used as primary in my router and the one used in Dnsmasq?
Your ‘client’ (any device on your network) asks your primary dns where to find the address.
If the primary doesn’t answer, it will try the secondary.
Your clients will know the address of primary and secondary IP address as configured within the dhcp server (or configured manually when using static IP).
So within your network, the primary dns server should be the address of dnsmasq, so local devices will be able to resolve local addresses.
For dnsmasq to be able to resolves external addresses, it needs to ask another dns server. In other words, the primary dns for dnsmasq should be 208.67.222.xxx 
And in the above setup, the dns function of you router is irrelevant, as it no longer used; the only function on the router is being a gateway…
Regard the secondary dns server the same applies and you should use the one your provider given you….
I hope this explains what you trying to achieve 
Okay I think I understand what you’re saying a little bit. Basically what I have now is wrong and I need to change some stuff, specifically, the primary DNS server within my network and what is in dnsmasq currently. What I don’t understand is what exactly needs to be changed to what? Do I need to change any DNS settings withing my router? How do I find the address of dnsmasq? And where am I putting the 208 IP, is that instead of my 192.168.1.90 within dnsmasq?
Sorry for all the rookie questions, appreciate your patience with me.
You need to change/reconfigure the DHCP server in your network to advertise the ip addres 192.168.1.90 as primary DNS (which is the same IP as dnsmasq is installed on HA)
If you can’t configure the DHCP and the DHCP server is running on your router, it is an option to use 192.168.1.90 as primary DNS on the router (but do not set a secondary).
Since dnsmasq uses 8.8.8.8/4.4 as primary/secondary dns (which are google’s dns), you can leave it like that (or change it to 208.67.222.xx, they will both work)
You can check which one is fastest for you😉
For me it turned out to be 1.1.1.1 
Correct, @ennsy - quoting time stamp 14:40 of the YouTube you linked. Exactly how or where, depends on the web interface your router.
No problem mate, never be afraid to ask!!
In the land of the blind, one eyed is king 
