Still unsure what to use for trusted networks auth provider

because of various errors in the logs, maybe related to local network settings, please let me ask about the auth provider trusted network setting.

docs show 192.168.0.0/24

My router is at 192.168.1.1 though, but using 192.168.1.1/24 results in

2019-06-03 12:15:08 ERROR (MainThread) [homeassistant.auth.providers] Invalid configuration for auth provider trusted_networks: not a valid value @ data['trusted_networks'][1]. Got '192.168.1.1/24'
2019-06-03 12:15:10 ERROR (MainThread) [homeassistant.config] Invalid config for [homeassistant]: not a valid value @ data['trusted_networks'][1]. Got None. (See /config/configuration.yaml, line 1). 

tried to google this, but all info about the subnet masks don’t help me understanding what the notation does in fact, and what I should be using in my case.

HA makes it clear this is so obviously wrong ;-( I might be able to only use 192.168.1.1, and did so before, but that gave me auto lockouts and ip-bans for devices on my own network…
So, question is, why is the correct setting in the trusted network section? Would appreciate any help.

Would it be 192.168.1.0/24 meaning all addresses from 192.168.1.0 to 192.168.1.255?

secondly, could this be related:

2019-06-03 12:33:30 ERROR (MainThread) [homeassistant.setup] Error during setup of component asuswrt
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/homeassistant/setup.py", line 153, in _async_setup_component
    hass, processed_config)
  File "/usr/local/lib/python3.7/site-packages/homeassistant/components/asuswrt/__init__.py", line 55, in async_setup
    await api.connection.async_connect()
  File "/usr/local/lib/python3.7/site-packages/aioasuswrt/connection.py", line 72, in async_connect
    self._client = await asyncssh.connect(self._host, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/asyncssh/misc.py", line 182, in __await__
    return (yield from self._coro)
  File "/usr/local/lib/python3.7/site-packages/asyncssh/connection.py", line 5451, in connect
    conn, _ = yield from create_connection(None, host, port, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/asyncssh/connection.py", line 5107, in create_connection
    yield from auth_waiter
asyncssh.misc.DisconnectError: Disconnect Error: Connection lost

this is the tinydtls.py error I see popping up again, killing my Ikea Tradfri setup.

2019-06-03 12:35:08 ERROR (MainThread) [homeassistant.core] Error doing job: Task exception was never retrieved
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/aiocoap/transports/tinydtls.py", line 157, in _run
    yield from self._connecting
concurrent.futures._base.CancelledError

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/aiocoap/transports/tinydtls.py", line 169, in _run
    self.coaptransport.new_error_callback(-1, self)
  File "/usr/local/lib/python3.7/site-packages/aiocoap/protocol.py", line 203, in _dispatch_error
    for key, (monitor, cancellable_timeout) in self._active_exchanges.items():
AttributeError: 'NoneType' object has no attribute 'items'

Thanks!

You are correct on your thinking in your config. Here is mine:

auth_providers:
  - type: homeassistant
  - type: trusted_networks
    trusted_networks:
      - 192.168.1.0/24
      - 172.17.0.0/24

ok thanks!

how did you calculate the ‘internal’ ip addresses?

silly thing is, I’ve just rebooted with the 192.168.0.0/24 setting, and both the asuswrt error and the Tradfri issue have disappeared. other than pure coincidence, I am really stumped as to what this could be.

the 172.17… IP range is for my Docker network that it set up automatically during install. I don’t use hassio. I installed Docker myself and then just run the HA container independently.

ok I see, thanks. its just that I often see these 172. addresses pass by, and maybe thought to have to set auth for these too.

You might have to also since hassio uses Docker to and it still has the same internal network. I’m really not sure tho.

If your network is 192.168.1.1 (for the router) they you would not use 192.168.1.1/24 as that’s invalid. You would use 192.168.1.0/24 The /24 is a 24 bit mask where the 192 is 8 bits, 168 is 8 bits and 1 is 8 bits… so the /24 mask is saying the first 24 bits, 192.168.1 are the network and after that is the node. Incidentally, you could use 192.168.1.1/32 and that would be valid although not that useful.

1 Like