Not sure if that fits your needs, but with 2.2.5 you can also configure a static IP address (under Settings - Networking), which includes setting custom DNS server IP.
Cannot set a static address on the C4. My DHCP server hands out Hostname's, Time Server, Gateway, IP Address, domain name, DNS Servers etc. I know not all devices will set these parameters but it's a practice I have been doing for many years.
I wrote the port forwarding rules when I started to see IoT devices bypassing my secured DNS for other DNS servers like Google and some IP addresses in Asia. As we know that DNS is susceptible to man in the middle and poising attacks. There has even been mobile apps that used port 53 as their last gasp to send telemetry to their mother ships.
1 Like
That totally makes sense - and Networking configurator is not present on C4 anyway.
I also block "naughy" IoT devices from using hardcoded DNS and redirect to AdGuard (before this, PiHole). I see no network settings for my C4 hub.
Checking the logs in AdGuard, HE appears to be using the correct DNS (AdGuard), and nothing is being blocked through that aforementioned DNS block-redirect. I've also added service.cloud.hubitat.com to my allow list, though it wasn't blocked in the first place.
I'm not willing to change network settings only for HE -- is this a bug or is it intentional and will be a "problem" moving forward?
Victor (@gopher.ny) has confirmed in another thread on this subject this will be fixed in a the next minor release for 2.2.5.
2 Likes
2.2.4.120 has two new ways to set a DNS server:
- In the Networking section:
- Using a direct endpoint: http://hubs.ip.address.here/hub/advanced/resetResolvConf?nameserver=8.8.8.8 (this works on C4s)
so how does this work if we were on the prvious build using dhcp and we want to continue to use dhcp but use the recommend dns servers sent via dhcp, the link is not enough as my dhcp sends 3 different dhcp servers in order.
Just don't set any value - it's optional.
so it should override the 8.8.8.8 that is set and work correctly once rebooted. thanks.. i dont see this version out yet.. still in beta?
found it thanks. had to manually check.
not working.. upgraded. dhcp still shows 8.8.8.8
cannot blank it out.. when i do and switch away it fills in back in.. and switch to hdcp button does nothing as already on dhcp
i could try filling in dhcp again and switching but i need more than one
It's got to be the browser filling it back in.
Use http://hubs.ip.address.here/hub/advanced/resetResolvConf without parameter, it has the same immediate effect. It should return "ok"
no not working
also tried chrome instead of ie
can i put multiple in the dns override comma delimited?
i have to go out and get my vaccine .. .lucky me.. but when i get back i will try switching to static.. rebooting.. then switching back to dhcp.
dhcp sets the dns in this order
Not at this time. There will be an error message if parameter is not a valid IP address.
more info.. workaround worked..
removed overriden dns setting..
changed to static ip including dns.
rebooted..
switched back to dhcp
rebooted.
it now correctly shows ip and subnet and dns and says it is using dhcp.
not sure if it is using more than one dns as specified by dns server or if it ever did or anyway to know this
side note i have another hub in an empty house in mi, running 2.2.3 do you think it is safe to try an update at this time, or should i wait till we are at that location in june..
thanks
Just to clarify is this how your reset the C-4 to use the DHCP provided DNS? I just applied the update and have zero DNS resolution at this time.
On C4s and earlier, you need to specify a DNS server at this time. C5 and later hubs fill it in but C4s don't yet.
Thanks, I just reconfigured using the static DNS entry parameter and I have name resolution again. I will wait until you guys sort out this new IP stack configuration before recommending updates.
How is everyone feeling about the DNS handling in the latest version? I have a C4 and a C7, and have been waiting for stability.
For the C-4 so far I would like to have the old behavior back where the DNS addresses were assigned from the DCHP server vs. forcing me to manually configure. Ignoring the site's configured DNS settings is bad practice and hard coding to 8.8.8.8 even worse.
I am still not comfortable with putting production Hubitat's on the current version until I am assured that the DNS assignment is following industry norms.
1 Like
