You weren't asking me, but I have an AVAHI server setup for that. Works great.
2 Likes
My situation is I have everything in a single /24 and I know I need to move to multiple vlans to segregate things like printers and IoT devices away from phones and file shares, but its issues like this, ie HE not discovering things across subnets thats preventing me from doing it.
If they are not standards compliant with regard to the TTL of the SSDP messages, then that is something they should fix.
@JasonJoel "trusted (PC devices operated by humans)" .... you must not have any teenagers 
2 Likes
I hardly think it's making Hubitat bend over backwards to support this. I would argue that you are making it more flexible in the fact that it's now supporting more than just a typical home network.
Plus, lowering your security standards as a tradeoff for convenience is ridiculous.
You also need to remember that Hubitat customers may not all be residential Homeowners. I know of several large apartment building owners that use Vera extensively in common areas for energy savings and security, and their networks are split up just like mine.
As a developer, assuming your user's devices are all on the same local subnet is a shortcoming of your software.
Most of the devices connected to Hubitat hubs are actually on the Zigbee or Zwave mesh networks. Not on lan.
Hmmm... 
In my case, I believe I now have more Network connected devices than I do Zigbee/Z-wave devices...
Yes, I know I am not necessarily the 'typical user', but then just many of us that hang out in this community forum are typical users?
Network
4 Amazon Alexa devices
3 Google Home devices
3 Logitech Harmony Hubs
50 Lutron Caseta devices
10 Contact sensors via HubDuino
1 Motion sensor via HubDuino
1 Water sensor via HubDuino
2 Humidity sensors via HubDuino
6 Temperature sensors via HubDuino
3 Life360 Presence sensors
3 Pushover Notification devices
2 Nest Thermostats
1 IFTTT connected virtual switch
1 Alexa controlled virtual Motion
16 Power Meter devices via IoTaWatt
Total ~106 devices
Zigbee
5 Iris Water sensors
11 Iris Motion sensors
3 ST Contact sensors
5 Iris Outlets
1 Centralite Outlet
1 Peanut Outlet
8 Sengled Color Bulbs
1 Hampton Bay Fan Controller
2 @iharyadi Envrironment sensors
Total ~37 devices
Z-Wave
1 Aeon HEM v1
1 Motion sensor
1 Water sensor
5 Iris Outlets (Z-Wave Repeater portion)
Total ~8 devices
Network connected devices are definitely becoming more the norm and less the exception in my case, by a factor of 2 to 1.
I do have a single, flat, home network. I am not too concerned about network segregation. However, I can respect the decision of others to do so. I simply choose simplicity over complexity. This conversation definitely has highlighted the fact that my HubDuino integration is probably not very VLAN-friendly currently. I'll have to think about that...
6 Likes
Thatβs not true. I use a 10.0.1.x - 10.0.5.x and HE finds those decides without issues.
My experience is absolutely true.
I have devices across the three hex address spaces and they all work flawlessly. So my experience is the opposite.
Well, I'll disagree there. This product is targeted to HOME users, not enterprise networks. Just because you run a much more complicated network than their target audience doesn't mean their product is wrong...
In any case, though, the feature request is out there and the HE team will figure out if/when it will be done. Changing TTL setting, which is coming in the next release as mentioned above, should help in some cases.
I'm not sure which thought process has led you to this conclusion. Hubitat is a consumer product. If they were targeting enterprises it would have enterprise-centric features and capabilities, and a marketing plan to back it up. None of this exists today.
That you or others have chosen to use Hubitat outside of its intended environment, is hardly basis for any reasonable claim that Hubitat is compromising security or developers are writing flawed apps by not supporting multiple VLANs.
As a consumer, would I like to see multiple VLAN support built in? Of course. I like flexibility.. Do I need it? No. Will I ever run multiple VLANs at home? Probably not. I run a large datacenter with hundreds of servers and hundreds of VLANs, each with unique QoS requirements. I simply do not need to deal with that crap when I get home to unwind. I do that enough at work. At home, it just needs to work, and simplicity is the key to achieving that goal.
5 Likes
My point is, you have x number of hours every week for development of new features or fixing bugs. Do we want to spend those hours on things that will help a majority of users or just a few? I think it's a no-brainer personally.
2 Likes
I'll agree with this...because to me "discovery" is more for users that don't have more sophisticated networks. Like I said just give us the option to set a static ip outside the subnet (which most integrations can be done) and I'm good. I do disagree about segmenting. I generally separate items by function. So HomeAutomation get's it's own. The camera's and BlueIris get their own, PC's, etc. Why because those things only talk to each other on limited IP's/ports. The chinese camera's don't get direct access to the internet at all (too many backdoors have been found there), etc. But HA only talks to my blueiris server on a single IP/PORT so that's pretty simple, same with remote management.
BUT, the google homes, HA, lutron, HUE, all live on the same HA network.
PC/s and then phones all on their seperate vlans. It's really not that hard at all...but then again, I've been in IT and security for the last 25 years.
I'm also going to guess I have way more devices on my network than most..being a geek for pretty much all my life. Let's just say I have two 48port POE switches and one 48 port non-poe switch....and that doesn't count my wifi devices....and yes I have different SSIDs on wifi also.
I'm the same. 50 or so wifi devices, and three 24 port Juniper ex-4200s with poe in a stack, with most ports filled.
More and more devices are IP connected. It is very common for large homes using products like Control4 have separate vlans. Yes vlans were general used in Business Enterprise but now users can get vlan and poe switches for next to nothing now days allowing users to have more flexibility. Lets call it Prosumer. Also I would not call Hubitat a simple consumer product. It has some complexity that the average guy I see at Bestbuy would cringe in fear trying to set up. Smarthings is for those kinds of people.
1 vlan for KIDS and their toys..xbox, smart TV etc.
1 vlan for my wife and I at home.
1 vlan for my Office (Managed Services Provider) so I need security.
1 vlan for voip.
I just got the Hubitat and now I am struggling with how best to deploy. I use OPNsense for firewall and I think there is a avahi plugin. I have returned so many hubs trying to find the right one. I hope I don't do that with this one.
You mentioned you are in IT so not sure if you are using business class or consumer class wireless AP's. Another approach is to create separate wireless netoworks and assign to each SSID (I do this with Unifi AP's. Then assign untagged vlan ports to devices that are connected via ethernet. This does add more complexity but can solve many of thee issues.
Exactly what I do...using multiple Aruba APs. Works great!
People set up their networks as they see fit. I have several subnets on my network including one for hard wired lan traffic, one for trusted wifi, and another for guest wifi. With my Google wifi hardware setup, I don't believe I even have a choice in the matter. It created it's own class C subnet just for wifi traffic and it's upstream router is on another device. All of these are conceptually within my lan as a class B network, but broadcast traffic is a bit more isolated.
Is it the most effective set up? For me it is, as it allows me to isolate traffic and create rules that would otherwise be difficult to do. This is the first device I've had where my set up has created a potential issue.
Edit: This problem doesn't exist. Ignore everything below.
This seems like a completely artificial limitation with a trivial fix. I'm honestly surprised there are no responses from devs to at least explain why this restriction is implemented in the first place.
I can sort of understand why hub wouldn't scan outside of own subnet to not get a flood of devices in a misconfigured network, but the fact that raw socket in driver code can't connect to ANY IP is just bizarre.
Is this topic really going to die without any response that aren't arguments over network setup?
Probably, as the thread is over a year and a half old.
It would probably be better served to discuss specific integrations that don't do what you want, rather than philosophy - as there are a number of solutions that do support IPs in other subnets, so local subnet only is not a universal truth/problem.
4 Likes
