IOT? What ? Do I?

My mesh system just asked if I wanted to setup an "IOT". I don't know, do I?
HE runs 95% of my devices. Only a very few are WiFi, those are integrated with Alexa. Alexa and HE work excellent together. Automations smooth and reliable, with Alexa providing voice control and tying in those few WiFi devices with HE commands.
This poses a few questions, Advice is requested.
What is IOT?
What if any connection is there to HE?
Is there some benefit for me?
Are there downsides?

What "mesh system" are you referring to? Your router?

Can you post a screen shot of the message and provide a little more detail on the source of the message?

IoT is generically the "Internet of Things" - all the devices that can connect to the internet these days.

1 Like

Probably not. Assuming this is a new WiFi router, it’s asking if you want to setup a separate SSID (a WiFi network) for your IoT devices that use WiFi (if you even have any).

It only makes sense if you intend to take some further actions to “segment” your network. Which is possible, but takes time and effort.

3 Likes

The tl;dr version is that this has nothing to do with Hubitat, and you should click “no” then just ignore most of your router’s “helpful” suggestions.

2 Likes

Interesting...I knew that some routers supported this, but hadn't heard of them "piping up" about it unasked.

Thx. I currently have a Deco M5 mesh two units set as access points. My router is separate. Not to head too far down a rabbit hole, but all is well except the two Nest thermostats have the annoying habit of loosing internet connection. They occasionally require a physical touch to wake them, then they magically rejoin. As I'm toying with this, and looking into changing to a WiFi ipv6 mesh, I updated the Decos. Then within the Deco app, I found a setting asking if I wanted to setup an IOT. I'm looking into, trying to understand better what that is and if it's a good idea. Appears I was able to take this screenshot. It's within the Deco app.

I was assuming this was the case. I don't know if this would beneficial or more problematic and just additionally complicated. Not sure if it made sense to seperate out HE, Alexa and Wifi devices into this new/separate SSID.

Thank all of you for being here, and so quickly addressing questions. I get the impression this would be of no real benefit to my setup, perhaps only adding a layer of unnecessary complexity.

What they are guiding you into is a isolated network where devices on the IOT network can not communicate with things on your "production" ssid or possibly other devices on the same IOT network. This has some security advantages in that say a compromised light bulb can not see into your regular network or any where else other than the internet. But then you can't see your IOT devices directly unless you connect to the IOT network or access them through the cloud service.

1 Like

Thanks. Would there be any performance gains? I mean I shouldn't expect to notice any change in stability or download speeds of other devices on a different SSID, right? Perhaps I can expect a cleaner specific SSID for just smarthome devices, then a separate SSID left for gaming devices or laptops, printers, etc.? for example.

FWIW some IoT devices can only connect to older 2.4ghz WiFi and fail to connect if you share the same SSID between your 5ghz and 2.4 like many do. Rachio is an example.

I personally have a separate IoT WiFi to use with those devices and again it only broadcasts 2.4.

2 Likes

I agree it’d be adding complexity and definitely not for a performance gain. There is at least a theoretical security advantage though.

2 Likes

Negative performance gains. There is only so much bandwidth available and extra ssid only adds broadcast overhead. At my home, I put two ssids on the 2.4Ghz band and omit the IOT ssid on the 5Ghz band. My PCs and phones are on 5Ghz which is where streaming and other foolishness goes on. The IOT devices can have 2.4Ghz to themselves. That said, since doing hubitat, I have swapped all my WiFi switches, dimmers, plugs and bulbs to z-wave and zigbee and saved about 100 watts/hr. A wifi light dimmer feels warm but not the z-wave version. However there are still plenty of wifi devices such as the nest minis and hubs, chrome cast, nest door bell, oven, home theater, garage door, and security cameras. The 2.4Ghz network has plenty to do.

1 Like

You need to know if you have any devices that fit the “IoT” label and would go on this SSID, but also need to maintain a local connection to the rest of your LAN.

For example if you connect your Hubitat hub to an isolated IoT SSID over WiFi, you wouldn’t be able to use your PC to access the hub interface or local dashboards unless your router also allows you to make firewall rule exceptions.

ETA: This is pretty much why I have never pulled the trigger on creating VLANs or other forms of network isolation like what your router is offering you.

I know just enough to have a basic comprehension of how some of it works, but there are so many opportunities to break network connectivity for one or more devices.

3 Likes

In my case Hubitat is ethernet connected to the router where it shares the same broadcast domain as the ssid my phones and PCs are using. So I can manage it. Hubitat, Abode, and other cloud devices have dhcp reservations to they can be omitted from the house VPN service as cloud services tend be aggressively against such services. Hubitat controls only z-wave and ZigBee directly. To get to the nest and Abode integrations it must use the cloud.

1 Like

Sure I just meant that as an example.

It could apply to Sonos devices (in the case of Hubitat’s integration), broadlink IR blasters, maybe Hubitat’s HomeKit integration (if your HomePod is on the IoT SSID), the list could be lengthy.

It’s never seemed quite worth the effort to me to keep track of all that for the probably marginal security benefit in most realistic scenarios.

image

Lots of other good info/advice. I'll just add that without knowing what kind of firewall rules/access limitations, etc., the Deco may put into place related to the IoT network, it's difficult to say what benefits/limitations having it would provide.

1 Like

I have a Deco X55 mesh and use the IOT ssid only for 2.4 ghz devices (especially ones not integrated to Hubitat) as @ritchierich does. You can optionally turn on/off the isolation feature on a device-by-device basis. It is helpful to quickly identify/locate devices if you have a lot, as the Deco app can display a list of devices by ssid.

2 Likes

So, this thread is marked "closed" 13 hours after it was opened, and with a "solution" that is at best a highly subjective opinion. I assume that was done by the OP, but that's a guess. Is the only purpose of this "community" these days to allow about a half-dozen people to provide help desk support, and the moment someone likes an answer, the thread gets closed? How is that a "community"?

I used to really enjoy the dialogue here on topics such as this, but now, topics that might invite a conversation are very often marked "closed" before a user who isn't constantly monitoring the forum (even one that checks in almost every day) can participate, and too often, the "solution" is at best an opinion someone liked, and far from "the" answer (there might be several good options). There are good reasons to run a separate VLAN/SSID, but now it seems "the" answer is not to bother. That's a terrible way to run a "forum", a worse way to build a "community", and not even an accurate help desk. FWIW, Hubitat folks, this practice of allowing basically anyone to "close" a topic they started (or having a moderator aggressively do so) is not doing much to foster widespread brand loyalty or a sense of community. Instead, I'd say it's fostering a feeling of, "Why the heck should I bother reading Hubitat's help desk tickets, if they're all closed before most of us can even chime in?"

This thread isn’t closed.

The fact that you can still write the post that you wrote, and that I’m able to write this one, clearly means the thread isn’t closed.

I had an opinion. The OP appears to have agreed with it and decided to mark my post as a solution to his question.

Rather than decrying the sad state of the forum these days, why not just make your case for why VLANs and network segmentation are worth the headache for a Hubitat user at home (who is starting out from a baseline level of approximately zero knowledge on the subject)?

If your post is determined to be a better solution, we can even un-mark my post as the solution (:scream:) and mark yours as the solution. It’s not a “til death do us part” type of commitment…

7 Likes