I don't think the phone would be broadcasting. It might be having an issue with the large subnet.
Only other thing you could check would be to connect the PC to the same wifi as the mobile if it is not already, see if that changes anything with the HAP discovery.
Somewhere, someone posted a curl command you can issue to the hub to see what it is broadcasting... could be worth checking.
Restart everything involved, including networking equipment.
If errors continue, post a screenshot of the exact error when trying to add the hub to your home in Apple Home.
I was able to see the hub on the new IP, but unfortunately same results with Homekit.
Last night I was at a friends house and tried setting it up for him. His network is a lot simpler than mine, and it paired almost instantly. At least I know what to look for.
Thinking as a test, I am going to move the device (and the phone) onto a different VLAN which uses a /24 net mask, just to see if that makes any difference. If it does, I guess I am going to need to look at routing/FW rules. One step at a time.
Thank you for all the assistance and suggestions so far!
Some progress made, but still not working...
Placed the hub and phone on an isolated VLAN which uses a /24 net mask. Set the hub back to DHCP. I was finally able to get the phone to pair with the QR code. I was able to see the devices, but they were all in a not responding state. Powering down the Apple TV (which is on the primary LAN) and restarting the Homekit app on the hub, I was finally able to control devices from the Home app on my phone. Unfortunately, my understanding is that without the ATV, I will have no access outside the house. I also want to keep the phone on my primary LAN.
Plugging in the ATV forces all the devices back to a "not responding" state.
I tried leaving the hub on the isolated VLAN and moving the phone back to the primary LAN. Same results with the not responding. (I did have multicast enabled on both the primary LAN and VLAN, along with firewall rules to allow traffic between the hub and the ATV, and a 2nd rule to allow Multicast traffic to traverse the VLANS). Unfortunately still no dice.
With the exception of leaving the hub Homekit paired with Apple home, I reset my config back where I started. mDNS is still enabled as well. I did disable the firewall rules as everything is back on the same segment.
At this point, there may be multiple issues at play:
Does the hub properly handle a DHCP issued address on a /18 subnet?
With the network moved (from VLAN --> LAN) is the QR pairing still valid or should I delete?
See @gopher.ny's response above. It does. But it has to be configured manually.
Keep your AppleTV (or other Apple Home hub) on the same LAN segment as your Hubitat hub. Or, run a multicast reflector so that you can "reflect"(route) multicast packets across your VLANs.
I just don't understand why people feel the need to make such a complicated home network. I have a degree in networking so I somewhat know what I am doing. I have a plain old consumer grade router configured like a normal sane person would. I have one separate VLAN that was created by the guest network setup on the router. I have one other "guest" network that is not segregated and just used to join IoT devices to a dedicated 2.4Ghz SSID (the main SSID is shared 5/2.4). They still join into the main LAN segment with all my other devices.
Do people have more than 240 devices where a single normal /24 wont work?
Yeah I originally was going to segregate my IoT stuff using the separate guest network but then it was like, wait what if I want to Cast to my TV, or some app wants to direct connect to the device via LAN, or a bunch of other situations so at that point I just turned off the segregation. If someone really wants to get into my LAN and hack in through my Nest Thermostat, Samsung Fridge or Robot Vac, go for it. Not going to find much anyway.
All the consumer equipment is designed to function on a normal consumer type of network. If you put a business class network in your home then you are on your own for getting it to work.
I know some of you may have felt my network setup was overkill, but I am at over 200+ devices hence the /18. I also was intending to segregate IOT devices (which I concur with jtp10181, good in theory but did not work as planned) and have my cameras on a special VLAN that is heavily restricted - both for security & privacy. That and of course the guest network.
I have given up on the Hubitat app for now. Instead, I installed a Homebridge server and using the tonesto7 plugin. I am able to achieve about 95% of the functionality I desire. In addition, the off network functionality using the ATV is working as desired as well. All of this is working properly on the /18 segment without needing any tweaks.
In summary, I am not sure exactly of the root cause to my issue, but hopeful that a future Hubitat release will enable direct a Homekit integration.
FWIW I don't think you get any more functionality than that with the built in integration. I have had Homebridge setup since before the system HK came out and am still using it.
Yeah, I have a guest wifi network for guests.... Rest of the stuff is on a flat network. It's not like I'm at one of my clients and we have to segregate groups from getting in where they don't belong and what not. Like I said, if someone gets through your nat, they're getting through your vlans too.
No, you should be able to run both. Do you have the HE hub segregated on a different VLAN or behind other equipment that may not be forwarding multicast?