Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
HomeAssistant sends 15-20 req per *second* to 1.1.1.1 and 1.0.0.1
See original GitHub issueDescribe the issue you are experiencing
While DNS is surely important for HASS contacting a 3-rd party provider without my constant is not cool. However it looks like this is ignored and not seen as a privacy problem. Fair enough, but why is HASS essentially performing a SYN flood attack:
ha dns logs confirms that indeed it’s HASS making these requests in some sort of a loop:
This to me seems like at least a bug - it shouldn’t be happening 15-20x a second. Moreover HASS receives and uses the DHCP-provided DNS, so there’s completely no reason for the instance to query 1.1.1.1 and 1.0.0.1.
What type of installation are you running?
Home Assistant OS
Which operating system are you running on?
Home Assistant Operating System
Steps to reproduce the issue
- Block outbound connections from HASS to
TCP/853 - Observe outgoing traffic
Anything in the Supervisor logs that might be useful for us?
N/A
System Health information
N/A
Supervisor diagnostics
No response
Additional information
No response
Issue Analytics
- State:
- Created 10 months ago
- Reactions:5
- Comments:6
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
You would need to have the addon SSH & Web Terminal installed …
at the prompt you would type in the line : ha dns options --fallback=false
that sets the flag to not use the fallback dns hardcoded in the software (I guess it was done this way to help some people who were having serious dns / name resolution issues. They do use TLS to encrypt and obscure the requests)
it does persist after a reboot (I just checked)… I believe the file it updates is in the root filesystem that you can only see if you have setup SSH to the OS … is /mnt/data/supervisor/dns.json but you should only use the CLI command I specified above to avoid trashing the config…as it may make other changes elsewhere that I am not aware of.
the link you provided pretty much explains it all… and like I said you could always set it back to True if some problems arise…
ha dns options --fallback=false (in a SSH session where the cli is available)
seems to have stopped it for me of course if you run into issues you can set it back to true…