Cannot Change Which Is The Default Network Adapter for Home Assistant

[LordNex]

The problem

I have a collapsed core VLAN segmented network with 5 different networks that Home Assistant needs to monitor. This has worked well by just deselecting the auto-configure option in the Network panel in Home Assistant. My problem is that I cannot control which adapter is used as the "Default" adapter. I already have a route set to send all non-local HA traffic to the appropriate interface, but when it needs to get non-local resources I want it to only go out to one specific subnetted VLAN. As you can see in the Screenshot below Home Assistant recognizes all 5 adapters and each has its own subnet. But I cannot change the Starred "Default" to another adapter. And it seems to randomly hop around. I think it just looks at what is the first one that returns a reply but that subnet may be limited in what outside resources it is allowed to serve via my firewall. Is there a way or can one be implemented to be able to indicate which adapter to use for internet-based traffic?

Thanks again for such a fine product! Proud Supporter of Nabu Casa and Home Assistant for about 5 years now!

What version of Home Assistant Core has the issue?

core-2022.10.5

What was the last working version of Home Assistant Core?

core-2022.10.5

What type of installation are you running?

Home Assistant OS

Integration causing the issue

Networking

Link to integration documentation on our website

No response

Diagnostics information

Example YAML snippet

No response

Anything in the logs that might be useful for us?

None that I can tell

Additional information

I'm running on a 40 Core Dell PowerEdge R620 with 256GB of RAM and a small SAN. This has VMWare ESXi 7.0.3 U2 installed with the custom Dell Image and Drivers. It has a 4x 1GB Intel NIC card that has been aggregated to the switch with LACP.

Home Assistant has been allocated 8 Cores @ 2 cores per processor, So basically a Quad Socket Dual Core setup with 32 GB of RAM and an install drive of 512GB. It has 5 NICs attached to the internal VSwitch with each on a separate port group per VLAN. This effectively gives Home Assistant an IP Address in each of the subnets it needs to communicate with.

[LordNex]

I've been receding a lot of the same errors everyone else has post 2022.1.1. This exacerbated the issue by blocking host internet access because it would only default to one specific adapter. I need multicast on all VLANs.

Only way I've been able to bandaid the situation is to remove all NICs from the VM except the one connected to the subnet I want it to connect on, then once it's marked as default, slowly readd the NICs one by one hoping that it doesn't reset.

I've done this once before but this is starting to be more and more of an issue as I segment my network more. Please add a way for us to define this setting as I see no other way in the help files.

[OutOfThisPlanet]

I have the same issue.

I have my homeassistant connected to 3 separate networks, via 3 different interfaces. Each interface has a different public IP address.

I need to be able to force homeassistant to use a specific interface as the gateway. This is so I can correctly set my dynamic DNS IP address for some webservers I host.

When homeassistant is using the wrong gateway, I am reporting the wrong IP address to my dynamic DNS provider.

The only fix I have found is to disable the other interfaces, which is undesirable.

I realise these selections are only for multicast, however how do I set the gateway interface of choice in homeassistant? This random "Default" is beyond maddening!

[home-assistant[bot]]

Hey there @home-assistant/core, mind taking a look at this issue as it has been labeled with an integration (network) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of network can trigger bot actions by commenting:

• @home-assistant close Closes the issue.
• @home-assistant rename Awesome new title Change the title of the issue.
• @home-assistant reopen Reopen the issue.
• @home-assistant unassign network Removes the current integration label and assignees on the issue, add the integration domain after the command.

_{^{(message by CodeOwnersMention)}}

---

network documentation network source _{^{(message by IssueLinks)}}

[QNimbus]

As a temporary workaround, I was able to configure the correct default adapter by:

• Increasing the metric of the interface that I wanted as default (IOT and Guest VLAN's had metric -1 and my LAN got metric 1 to give it a higher priority for routing
• Assigning a static IP to my Guest and IOT VLAN interfaces instead of using DHCP. This way I could remove the gateway assignment (which is not strictly needed for the HA instance on these interfaces). Since it not longer has a default gateway on the Guest and IOT interfaces, all outbound (WAN) traffic is always routed via the LAN interface

To modify the route metric and remove the default gw:

$ nmcli connection edit "<LAN connection name>"

nmcli> set ipv4.route-metric 1
nmcli> save
nmcli> quit

$ nmcli connection edit "<IOT/Guest connection name>"

nmcli> remove ipv4.gateway
nmcli> save
nmcli> quit

## Restart / Reboot

enp3s0 is my LAN interface, the other two are the Guest and IOT interfaces

[OutOfThisPlanet]

Awesome, I'll give that a try! Thanks!

[OutOfThisPlanet]

nmcli connection edit "Supervisor eth0" (I got caught out initially by just putting "eth0")

Nice. :)

Works for me.

Will turn this into a bash script to call from HA. :)

Could be tricky, as nmcli is interactive.

Need to figure out how to do it inline.

[LordNex]

Another way I found to force the default adapter is to leave the rest set to DHCP and just use a static on the adapter you want as default.

Seems to work as needed without much fuss or need to drop to the cli.

I tried once following the proper direction to add a VLAN to the adapter but that failed badly as I'm on VMWare and it's not really setup to work that way

[issue-triage-workflows[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[LordNex]

Nope has not been resolved and is still a very huge problem

[muhlman]

I concur this is an issue, I am having this issue myself on the latest versions.

[bluduk01]

Still an ongoing issue with latest update HA OS 10.5.

[asknoone]

Another way I found to force the default adapter is to leave the rest set to DHCP and just use a static on the adapter you want as default.

Seems to work as needed without much fuss or need to drop to the cli.

I tried once following the proper direction to add a VLAN to the adapter but that failed badly as I'm on VMWare and it's not really setup to work that way

This doesn't work for me sadly. Shame, would have been a fairly simple solution.

[Langelus]

Given how common it is in the community to use seperate IOT vlans I sure hope this issue gets some love

[motoridersd]

I started having issues with some of my integrations failing to initialize because the traffic was being sent out the wrong interface. My firewall configuration has specific access lists to allow the primary interface to reach other devices, but HA was sending this traffic out of an interface that doesn't have access. I used the DHCP trick mentioned above on the secondary interface, and now the primary one (statically configured) is used as default.

Something changed in a recent update that caused the traffic to change source since this had been working for months without issues.

We definitely need to be able to tell HA what interface to use for traffic, or even be able to add static routes to fine tune these things as needed.

Removing the default gateway from the secondary interface's static configuration will probably achieve the same result, but HA doesn't allow us to configure a static IP without a gateway address. The Save option is grayed out until the Default Gateway field is filled in.

[DezzyMelb]

Has this had any update since it was opened??? I've tried all the commands and non of them work to set the default Nic. It would be good if there was an option in the GUI that allows you to run the default NIC Command.

[motoridersd]

This creeped up on me again this week and ended up using the CLI to add my secondary interface without a default gateway.

You can run it from the SSH addon. I used this procedure to add a static route as a guideline

https://community.home-assistant.io/t/declare-a-static-route-to-reach-other-lan/311442

[Programmierus]

nmcli offers a better setting to achieve the desired configuration without removing default gateways: never-default. This setting is available for both IPv4 and IPv6.

I executed the command nmcli con modify 'Supervisor enp0sXX' ipv4.never-default yes for each interface I didn't want to be the default gateway. After rebooting HAOS multiple times, it appears to work as expected; the desired interface is selected as the default.

[OutOfThisPlanet]

nmcli offers a better setting to achieve the desired configuration without removing default gateways: never-default. This setting is available for both IPv4 and IPv6.

I executed the command nmcli con modify 'Supervisor enp0sXX' ipv4.never-default yes for each interface I didn't want to be the default gateway. After rebooting HAOS multiple times, it appears to work as expected; the desired interface is selected as the default.

^ This! ^

[kidhasmoxy]

nmcli offers a better setting to achieve the desired configuration without removing default gateways: never-default. This setting is available for both IPv4 and IPv6.

I executed the command nmcli con modify 'Supervisor enp0sXX' ipv4.never-default yes for each interface I didn't want to be the default gateway. After rebooting HAOS multiple times, it appears to work as expected; the desired interface is selected as the default.

@Programmierus - are you finding that this option is respected all the time? I've set it on 2 of 3 adapters and they still show up as default after reboot. You can get lucky if you reboot enough so I'm wondering if this is a reliable fix.

[Programmierus]

nmcli offers a better setting to achieve the desired configuration without removing default gateways: never-default. This setting is available for both IPv4 and IPv6. I executed the command nmcli con modify 'Supervisor enp0sXX' ipv4.never-default yes for each interface I didn't want to be the default gateway. After rebooting HAOS multiple times, it appears to work as expected; the desired interface is selected as the default.

@Programmierus - are you finding that this option is respected all the time? I've set it on 2 of 3 adapters and they still show up as default after reboot. You can get lucky if you reboot enough so I'm wondering if this is a reliable fix.

I have 3 NICs (which are all physical passthroughs on Proxmox VE) and since setting on 2 of them never-default I can indeed confirm they were never set to default after 4 reboots so far... I also noticed that before the setting was done GUI was ordering NICs in random order (one time 20, 18, 19; other time 20, 19, 18 etc). Now (all 4 times) they are always 18, 19, 20. Seems to be quite a lot of coincidence to be lucky, but I will update if anything changes.

[Jasparigus]

+1 this problem, should be an official way to pick from the UI

[fireheadman]

how are you accomplishing this? I am attempting to set mine and getting an error

root@shield:~# nmcli connection show
NAME                        UUID                                  TYPE      DEVICE
Supervisor enx9ca2f49a4a11  745d943d-d483-4b42-aa1b-054efdbacca9  ethernet  enx9ca2f49a4a11
lo                          bb731b9d-9589-485b-bd83-26b2e47149d7  loopback  lo
Supervisor enp2s0f0         ca623ab2-706c-4c5d-98d2-9cfd8573345d  ethernet  enp2s0f0
Supervisor enx9ca2f49a4a11  4b1aa3a3-95b5-3d09-8901-6d704327497a  ethernet  --

root@shield:~# nmcli con modify 'Supervisor enx9ca2f49a4a11' ipv4.never-default yes
Warning: There is another connection with the name 'Supervisor enx9ca2f49a4a11'. Reference the connection by its uuid '4b1aa3a3-95b5-3d09-8901-6d704327497a'

root@shield:~# nmcli con modify 4b1aa3a3-95b5-3d09-8901-6d704327497a ipv4.never-default yes
Warning: There is another connection with the name 'Supervisor enx9ca2f49a4a11'. Reference the connection by its uuid '4b1aa3a3-95b5-3d09-8901-6d704327497a'

[fireheadman]

strange...... I rebooted and tried this once more and got a different result will also add... I somehow has multiple NAMEs for the same device, which I removed before rebooting and trying again.

root@shield:~# nmcli connection show
NAME                        UUID                                  TYPE      DEVICE
Supervisor enx9ca2f49a4a11  375ab782-768a-4ff0-ad1c-bab84c63ba92  ethernet  enx9ca2f49a4a11
lo                          ea5aeea6-5760-4699-8b71-edb5842755c1  loopback  lo
Supervisor enp2s0f0         ca623ab2-706c-4c5d-98d2-9cfd8573345d  ethernet  enp2s0f0
Supervisor enx9ca2f49a4a11  4b1aa3a3-95b5-3d09-8901-6d704327497a  ethernet  --
Supervisor enx9ca2f49a4a11  745d943d-d483-4b42-aa1b-054efdbacca9  ethernet  --

root@shield:~# nmcli con delete uuid 4b1aa3a3-95b5-3d09-8901-6d704327497a
Connection 'Supervisor enx9ca2f49a4a11' (4b1aa3a3-95b5-3d09-8901-6d704327497a) successfully deleted.
root@shield:~# nmcli con delete uuid 745d943d-d483-4b42-aa1b-054efdbacca9
Connection 'Supervisor enx9ca2f49a4a11' (745d943d-d483-4b42-aa1b-054efdbacca9) successfully deleted.

root@shield:~# nmcli con modify 375ab782-768a-4ff0-ad1c-bab84c63ba92 ipv4.never-default yes
root@shield:~# nmcli connection show
NAME                        UUID                                  TYPE      DEVICE
Supervisor enx9ca2f49a4a11  375ab782-768a-4ff0-ad1c-bab84c63ba92  ethernet  enx9ca2f49a4a11
lo                          ea5aeea6-5760-4699-8b71-edb5842755c1  loopback  lo
Supervisor enp2s0f0         ca623ab2-706c-4c5d-98d2-9cfd8573345d  ethernet  enp2s0f0

appears to be like I want it now

root@shield:~# nmcli d show
GENERAL.DEVICE:                         enp2s0f0
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         40:6C:8F:3E:60:88
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     Supervisor enp2s0f0
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/4
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.1.71/24
IP4.GATEWAY:                            192.168.1.254
IP4.ROUTE[1]:                           dst = 192.168.1.0/24, nh = 0.0.0.0, mt = 101
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 192.168.1.254, mt = 101
IP4.DNS[1]:                             192.168.1.254
IP6.ADDRESS[1]:                         fe80::f935:6926:7068:9d4e/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 1024

GENERAL.DEVICE:                         enx9ca2f49a4a11
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         9C:A2:F4:9A:4A:11
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (connected)
GENERAL.CONNECTION:                     Supervisor enx9ca2f49a4a11
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/2
WIRED-PROPERTIES.CARRIER:               on
IP4.ADDRESS[1]:                         192.168.4.71/32
IP4.GATEWAY:                            --
IP4.ROUTE[1]:                           dst = 169.254.0.0/16, nh = 0.0.0.0, mt = 1000
IP4.DNS[1]:                             192.168.1.254
IP6.ADDRESS[1]:                         fe80::70f0:1438:307f:9487/64
IP6.GATEWAY:                            --
IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 1024

[LordNex]

Has this had any update since it was opened??? I've tried all the commands and non of them work to set the default Nic. It would be good if there was an option in the GUI that allows you to run the default NIC Command.

Try setting a DHCP reservation on your router or dhcp server for all of the non primary VLANs and then set them to dhcp in HA. Then just set the primary interface static. Works until they get better VLAN support.

[LordNex]

And yes it still an issue with 11.0

[ronaldvdmeer]

After upgrade this became a problem once again. Will try the workarounds above but it would be good if this can be configured in the interface. Now all at random things stop functioning because the wrong default interface is selected.

Update: the workaround to set a static IP on the preferred default interface certainly does not work.

[dgricourt]

same for me. Looking forward to be able to define the default interface

[khaosspawn]

Still an issue as of 11.3. Any chance we can get a response or a work around? Setting the desired adapter to static didn't help.

[ronaldvdmeer]

For me the nmcli workaround does the trick.

[LordNex]

I can confirm that this is still happening under 2023.11.3. Luckily I have some pretty good networking equipment and am a network engineer so getting the work around to work isn't hard. But there are several different ways toy can go about it and it all really depends on your network topology.

But a permanent solutions should have already been at least investigated. If anyone at the HA Core team needs some networking help, feel free to reach out and I'd be happy to help.