Running HA on the IOT vlan. Pros/cons? | Home Assistant | Page 1

edgy kraken Jan 13, 2025, 2:54 PM

#

Pros/cons?

small nacelle Jan 13, 2025, 2:55 PM

#

considering that inter-VLAN access is not an issue (which it very well could be if not done right), the HA box itself should be trusted and it should be running inside of a trusted VLAN, whereas IoT devices themselves are not trustworthy and should be in the IoT VLAN. That's how I'd approach it, at least

edgy kraken Jan 13, 2025, 2:55 PM

#

Some devices connect through wifi which most certainly go on IOT. I feel as though an HA installation should be "semi-trusted" on my network and figured sticking it on the IOT vlan is most prudent to help with connectivity to other IOT devices and to limit its access to other devices that it doesn't need access to (like my desktop)

small nacelle Jan 13, 2025, 2:56 PM

#

one follow up question: would the IoT VLAN run in "guest mode", where members don't see each other? if so, then it's simply not possible to have the HA host there 😄

zealous star Jan 13, 2025, 2:57 PM

#

The flip side is that many of HA's integrations won't work across VLANs, so putting HA on the IoT VLAN is often the only smart thing to do

zenith rose Jan 13, 2025, 2:57 PM

#

note that a lot of modern "local" access devices are discovered on the network via broadcasts, mdns, etc. which generally don't work across vlans. so you want home assistant to be on a network interface in the same vlan as devices

edgy kraken Jan 13, 2025, 2:57 PM

#

small nacelle considering that inter-VLAN access is not an issue (which it very well could be ...

no, they can see each other on my IOT - my firewall rules just prohibit IOT from accessing other vlans - otherwise they have Internet access but don't use my own private DNS

#

although I should probably reconsider Internet access on my IOT considering I may not trust some wifi-only device accessing the internet....

#Running HA on the IOT vlan. Pros/cons?