Hi,
While setting up some firewall rules, I noticed in the firewall logs that the Hubitat hub is constantly pinging the default gateway. The hub is configured to get a static DHCP ip address and the logs show that it is trying to ping the default gateway every second. Any pointers as you why this is happening? Thanks
In the picture below, I have an IOT VLAN. The hub is at 192.168.56.2 and the default gateway is 192.168.56.1. I have a deny rule which is why all these lines are in red.
If you feel that one icmp echo request every 5
minutes compromises your LANβs performance, you can go under Settings -> Network Settings and disable auto-reconnect.
Be aware that when this is done, incidental loss of connectivity will not be monitored or corrected.
It seems to be once every second. I checked and auto-reconnect was already disabled.
Should I just try to set up a static ip within the hub instead of making the DHCP server give it a static ip?
Do you have any app that uses ping?
FWIW, Iβm seeing one icmp echo request from each of my hubs every 5 minutes.
I disabled each app individually but the ping continues to happen.
I would not recommend that. Unless you also configure access to multiple reachable DNS servers in the Network Setup page. Something like: "1.1.1.1, 8.8.8.8, 9.9.9.9". And then permit outgoing UDP 53 for the VLAN that the hub is in.
I vaguely remember some sort of issue when you disable the reconnect, try setting the reconnect check to SOMETHING, and see if it then follows the timing you set. Maybe the past issue was never resolved.
I added a firewall rule to enable only ICMP traffic between the hub and the default gateway and I no longer see pings being captured. I wonder if there is a ping sequence within the hub that is a dependency on something else to fire and if the ping fails, the hub keeps pinging the gateway hoping for the ping to succeed?
I wonder if the auto-reconnect depends on this? By the way, I tried change the auto-reconnect to 5 minutes and that made no difference.
DNS lookups depend on UDP. As does DHCP. What happens if you enable access to UDP 67-68, and UDP 53?
The firewall has an automatic rule to pass traffic on 67 and 68 to prevent lockout. I have port 53 explicitly enabled for DNS queries and they do work from the hub because name resolution to http://speedtest.wdc01.softlayer.com is successful if I initiate the speed test.
By the way, I checked this hub behavior by again blocking icmp traffic between the hub and gateway and I did not see any new deny lines in the firewall log. Then I rebooted the hub and sure enough, I started seeing those deny lines again.
By inference, it does seem like the hub needs icmp traffic to pass through during initialization (and only during initialization) or it goes nuts.
Well on boot as well it goes out for NTP and to check cloud access. You should see that traffic as well. @gopher.ny any info on the icmp to the gateway?
What is the auto reconnect setting in Settings - Network setup?
That's the only place that does explicit pings that I can think of.
If auto reconnect is disabled, that behavior is not explicitly implemented, although it could be a part of some system process.
I switched to static ip on the hub and according to the doc, the auto-reconnect setting is ignored on Ethernet with static ip?
"Makes hub proactively ping router and attempt to reconnect if router is not responding. Use it if hub drops off LAN while using Ethernet.
This setting has effect only if hub uses Ethernet connection with DHCP."
Should I set it to 300 seconds?
How does an ethernet device even need to "reconnect" with a router? Are the instructions saying it's pinging so that it can renew it's DHCP lease (possibly requesting a new IP address if the router resets it's client list on a reboot)? Reconnect isn't really the right term here is it?
There's a bug there after all. Please set it to Disabled. I'll get it fixed in the next build.
We've come across network disconnects on some hubs using DHCP for reasons unknown. Restarting eth0 interface would immediately reconnect the hub. It would reconnect on its own, too, but that could take a minute or two.
@gopher.ny still seeing the pings under 2.3.4.134 with Auto reconnect set to Disabled.
Does it actually require configuring an static DHCP to stop the pings?
How often? Some of them come from IP -> MAC resolution.
Once per second. All 4 hubs have the same behavior.
Just as a test, I tried changing to 300s and rebooting. Interval did not change, still once per second.
Download the Hubitat app
