-
Notifications
You must be signed in to change notification settings - Fork 635
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Contstant DoT requests to 1.1.1.1 & 1.0.0.0 #1911
Comments
You can debug the setup with |
I don't see any errors here...(or am I missing something ?)
All these responses look OK to me, and are consistant with commands run directly on HA eg.
|
Upgraded to Supervisor 234, the DoT requests stopped for around 1 hour after the update, then started up again. This also correlates with an increase in processor usage. Supervisor Logs
DNS Logs
|
Upgraded to version 235 of the supervisor, and no 853 traffic for the last 24 hours. Looks Good. |
Spoke too soon, back to the same suituation, constant 853 requests to cloudflair, no errors en the logs, nothing wrong with the DNS setup... |
Have the same issues. Not using hassos until resolved |
There is a heartbeat to all DNS servers, and if you block the DOT, they do that more aggressively. I would suggest to remove the block on the firewall or using Home Assistant Container installation. |
I'm sorry, but this is just not acceptable. Please respect our privacy and remove this unnecessary functionality |
Pls make "all DNS servers" configurable instead. |
That's not the point. This is supposed to be a "fall back" in case the user misconfigures the main DNS settings, so making this configurable is pointless. It just needs to go away, or only be used as an actual fall back when the main service fails, which is not the case here. Hardcoded DNS is not a solution to any problem, it's just a breach of users privacy |
Home Assistant release with the issue:
Operating environment (HassOS/Generic):
HassOS on Raspberry Pi 3B+
Supervisor logs:
Description of problem:
On my network I block all outgoing external DNS requests (Ports 53 & 853). So requests to my local DNS server at 192.168.10.1 are allowed, but a request to 8.8.8.8:53 for example will be blocked. I do this to force all devices on my network to use my local DNS server which is assigned over DHCP, or static.
My HA system functions perfectly, however I see constant DoT requests (10-16 per min) from HA to 1.1.1.1 and 1.0.0.1. This is apparently a fall back #1597 solution for when local DNS is 'messed up'. However, there is nothing wrong with my config, yet I see this constant traffic
I block this kind of DNS traffic because its an issue of both Privacy & Performance. I don't believe systems should have hard coded DNS built in (eg. Google is huge offender...). I understand this is trying to fix a 'Problem', but I don't think hard coded DNS is the solution, especially when the existence of such settings is only apparent after searching the repo, because it's not in the docs, and its not displayed when running the above
ha dns info
command.My personal opinions aside, there is clearly a bug in the 'fallback' solution, as my DNS setup is working fine.
The text was updated successfully, but these errors were encountered: