A little confused about the networking requirements to use the Roborock Integration. It specifies a port that comms use, but it doesn’t really say which direction/when/why.
Is anyone using this integration with their roborock on a separate VLAN (IoT VLAN)? Curious what I would need to do in order to allow the proper communication between the HA server (default VLAN) and my roborock (IoT VLAN).
Thanks!
Add bi-directional communication between the vacuum and HA on port 58867 to your firewall rules. Make static IPs for both to make the firewall rule easy.
As for “why”, to be honest, it should be self explanatory: To get the status of the vacuum and to let HA control the vacuum.
RE: Why…if it’s “polling” as it says in the category/description, then HA would always be initiating the TCP session, and bi-directional is not necessary. If HA reaches out to the vacuum to poll/query it, then allowing “established” sessions back from the vacuum would be sufficient and far more secure.
You’re assuming that the roborock API has these options.
The integration is a polled integration.
Yes, that’s my point. If HA will always be initiating a session (i.e. to poll for status/updates or to send a command), then there is no reason for the vacuum to be able to initiate traffic across the VLAN to the internal network.
The whole point of an IoT VLAN is to prevent those IoT devices from trying to talk to your “more secure”, general network.
Here’s the upstream library that HA uses to connect to the vacuum. HA is limited to what is provided by this library.
If you can come up with a better way to connect, then by all means, contribute to that library to make that happen.
I am. I didnt have to do anything to make it work. In my case it works out of the box. I know that this might be not helpfull to you.
All i done was to add them to vlan ssid and add them again in ha.
Same here. The vacuum has internet access though. I guess that does the trick?