Under the new Network settings panel in 2022.5.1, there is a list of configured ethernet adapters that HA is exposed to – one of them is automatically designated a ‘default’ adapter, marked with a star , that appears to be the primary interface where HA calls out DNS requests. (from what I can tell)
This seems to be assigned lexicographically – i.e. eth0 will always be assigned default over eth1, etc. – in cases where one does not have control over the underlying interface names, it would be nice to have a selection box or mechanism that tells HA specifically which interface to star as ‘default’.
A little background for context: I’ve recently moved over from an HAOS install to Core under Docker. I expose HA to a handful of VLAN interfaces (eth0.10, .20, etc.) where all my IoT devices live – as well as one VLAN for management. Normally, I’d be able to overcome this default adapter assignment by modifying the system definitions to force eth0 into an adapter/VLAN of my choosing.
For this Core deployment, Docker abstracts all the exposed interfaces into standard ethX names – in docker-compose there is a ‘priority’ flag that is supposed to let you order the instantiation of these ethX interfaces by weight (higher is prioritized) – but as it turns out, there is an ongoing docker-compose bug that ignores this flag altogether. Partial example:
In this case, the expected behavior is that vlan_management should be instantiated first as eth0, as it is set to a priority of 100. What actually happens is that vlan_iot_lights is assigned eth0, since ‘10.0.10.1’ lexicographically comes before ‘10.0.50.1’.
Needless to say this has been frustrating since the docker-compose folks have weirdly ignored bug reports regarding this issue for the last few years. In spite of this, I was hoping there was a way to simply have HA’s default adapter be selectable – from the UI or otherwise.
I have the same issue running VMWare ESXi 7. I have ESXi 7 on a trunk port with all VLANs passed. I then created a port group for each VLAN and pointed it at the correct default gateway. Then added a Network Adapter for each VLAN I wanted HA to detect devices and control them. The problem is it seems to only want to pass traffic on the defaulted adapter. I’m running HA 2022.11.2 and the only way I’ve been able to get it to change default adapters is to remove all but the one I want the default, then boot HA, shut down, then readd the other adapters. But this doesn’t always stay. It would be nice to be able to select what default adapter to use or make sure it attaches ports to each interface provided.
I’ve double-checked my Firewall and have all the proper route statements and policies in place. All switches are properly trunked together in a Collapsed Core Star Topology. With more and more different protocols and devices showing up, i can only see the need for more segmentation in the future so complete control over the NIC interfaces and port assignments should really be added.
When HA auto chooses my network, it chooses the one that is going via a VPN.
This means all my port forwarding doesn’t work, I can’t get WAN access, and everything breaks.
It should not be like this.
Please give us the ability to hard set the default gateway!
Yes, still an issue with the latest version. This is super annoying. It is good security practice to separate the IoT nodes to separate network(s) from the main home network. Giving possibility to mark the default network shouldn’t be even too hard to implement. Now this feels just silly.
I was able to set my default network adapter from enp0s20 to enp0s18. I have changed the metric with nmcli.
My HA versions:
OS Version: Home Assistant OS 11.2
Home Assistant Core: 2023.12.3
Here is what I did:
$ ssh ha
...
➜ ~ docker exec homeassistant ip route
default via 10.10.10.1 dev enp0s20 src 10.10.10.2 metric 100
default via 192.168.8.1 dev enp0s18 src 192.168.8.2 metric 101
default via 10.10.100.1 dev enp0s19 src 10.10.100.2 metric 102
10.10.10.0/24 dev enp0s20 scope link src 10.10.10.2 metric 100
10.10.100.0/24 dev enp0s19 scope link src 10.10.100.2 metric 102
172.30.32.0/23 dev hassio scope link src 172.30.32.1
172.30.232.0/23 dev docker0 scope link src 172.30.232.1
192.168.8.0/24 dev enp0s18 scope link src 192.168.8.2 metric 101
➜ ~ nmcli con sh --active
NAME UUID TYPE DEVICE
Supervisor enp0s18 x ethernet enp0s18
Supervisor enp0s19 y ethernet enp0s19
Supervisor enp0s20 z ethernet enp0s20
➜ ~ nmcli connection modify "Supervisor enp0s20" ipv4.route-metric 103
➜ ~ nmcli connection modify "Supervisor enp0s20" ipv6.route-metric 103
➜ ~ nmcli connection up "Supervisor enp0s20"
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
Reboot HA.
$ ssh ha
...
➜ ~ docker exec homeassistant ip route
default via 192.168.8.1 dev enp0s18 src 192.168.8.2 metric 100
default via 10.10.100.1 dev enp0s19 src 10.10.100.2 metric 101
default via 10.10.10.1 dev enp0s20 src 10.10.10.2 metric 103
10.10.10.0/24 dev enp0s20 scope link src 10.10.10.2 metric 103
10.10.100.0/24 dev enp0s19 scope link src 10.10.100.2 metric 101
172.30.32.0/23 dev hassio scope link src 172.30.32.1
172.30.232.0/23 dev docker0 scope link src 172.30.232.1
192.168.8.0/24 dev enp0s18 scope link src 192.168.8.2 metric 100
On the UI (Settings → System → Network → Network adapter) I can see the change as well.
, that appears to be the primary interface where HA calls out DNS requests. (from what I can tell)