#Mobile app does not automatically see home assistant behind router on subnet

Hi,

We have a few installations with home assistants running on a subnet behind a mikrotik router with the idea that we can add all our hardware on that subnet later on with only 1 IP as a visible installation to a user.
For this we opened port 8123 on the router.

We can now access the homeassistant by going to http://ROUTERIP:8123 and its all working nicely.
However, the mobile app does not automatically recognise the home assistant, requiring the user to manually find out the IP of the mikrotik router and set it as a manual address.

We have been building around this issue during a test installation phase of 10 devices by assigning a fixed IP in the router settings of the users for the mikrotik, however this may change when a router is updated, reset, etc. after which the user can no longer access the home assistant.

Since we are preparing for a rollout of 84 installations, each of which includes a home assistant green and a mikrotik router, we would want to resolve this issue beforehand.

When loading up home assistant in the dev enviroment I did see the following ports, and tried opening them as tcp but without success:

• 11984
• 18554
• 18555

Is home assistant using a different port to be "findable" that we are missing?

Thank you for your help.

Remco

its not a matter of ports, auto discovery will not work across networks/subnets/vlans. broadcasts do not cross them, thats how tcp works.

you could put the HA server on multiple networks. either physically or by a virtual adaptor (although a virtual adaptor on HAOS may have issues like not persistent through updates etc...).

Try adding a USB ethernet adaptor to the green to give it another ethernet connection and have 1 set to each network. that way the green is on both. if this works its an easy and pretty inexpensive solution,

Sadly having multiple connections is not an option, the mikrotik works as a single location where we can easily have lan, wifi and 4g (preffered lan, then falling back to the others). Due to the locations where we want to install this we want to only have a single entry point on any local network.

From what I understand from you, is that we need to find a way to pass a tcp broadcast through the mikrotik?

which would mean, one of those ports has a UDP broadcast running right?

you can forward 100% of the ports and it still will NOT WORK

thats forwarding, but what about a broadcast relay

or in the case of the mikrotik, I can do low level linking of any traffic of a specific ip+port to a different subnet, based on the interface that would be L3 level

shame homeassistant doesnt use UPnP for its discovery

I am not familiar with microtik router configuration options, in any case. this is not really a home assistant issue. its a network configuration issue.

the correct solution as i see it, is probably to have the router assign a static ip and then you enter that on the app. or you could give it a DNS name to make entry more simple.

we tried the dns name, but found a few locations where there was no local dns running, at which point that failed

upnp is outdated and blocked alot these days

static IP is the way to go then

which wont be an option if any of the clients ever update their router or reset it

thats always the risk with a complicated network setup. if someone fucks with it then it breaks

its not a home assistant issue, I was trying to gather information on how the discovery works to see if I can fix it in the network layer

but since I cant even identify the port on which it is sending its broadcast, there wont be a way for me to try to resolve the issue

having some special broadcast forwarding/relay setup would also suffer from this problem

except, that then they can easily rediscover the home assistant automatically

instead of having to figure out in some way what the ip is

realistically what you are trying to do is change the way networks have been designed to work for 50 years.

seeing as how broadcast relays have been done for at least 10 years already, that statement feels like a bit of a stretch

the reason we often didnt have to use broadcast relays was because of UPnP in the past

The single question remains, on what port is it broadcasting

And is that a static port, or randomised between reboots

have you tried DMZ'ing the green? depending on the microtik implementation then that might work

I am not familiar with DMZ on our own subnets, time to learn

DMZ basically exposes the device to the outer network. bypassing any need for specific forwarding. but router manufacturers implement it in different ways so maybe it works in your setup maybe it doesn't

if you want more specifics about how the broadcasts work then you are likely best off just doing a traffic analysis

note for future reference, when trying to resolve homeassistant.local it seems to consistently use MDNS protocol on port 5353

so if we can either dmz or relay that port, then it may be a solution. If I do get it working Ill post it here

.local is a domain that is usually hooked into mdns on clients today, yes. with linux you can easily set up mdns to announce a mdns name to ip address binding that points to an ip that is not its own. if you can do the same in the router, perhaps? get it to announce a homeassistant.local service pointing to itself?

to be clear: if you just relay mdns then homeassistant.local would point to the real ip of your ha instance. you don''t want that. you want the router to advertise itself as homeassistant.local if i understand you correctly.

so look up mdns docs for mikrotik

agreed, if the ha is running on 192.168.88.2, and the external ip of the router is 192.168.178.55, then we want it to discover itself at 192.168.178.55, which has port 8123 forwarded so that when someone tries accessing 192.168.178.55:8123 they do get on the green

im finding some mdns stuff for the mikrotik and am trying a bunch of different ways, now that we know its mdns we got something to focus on

update, I have been able to resolve the mdns such that it gets send, however that indeed shows 192.168.88.2, and though a website does work, the app doesnt work for that

Second one is behind the mikrotik, just need to learn to spoof it