Resolvable lookups failing on Home Assistant

[tescophil]

See entries in the DNS log like this:

[INFO] 172.30.32.1:36641 - 26669 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.07923001s
[INFO] 172.30.32.1:56006 - 42324 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.115866818s
[INFO] 172.30.32.1:36639 - 54793 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.019258559s
[INFO] 172.30.32.1:49961 - 35427 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.019973296s
[INFO] 172.30.32.1:56884 - 15459 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.000998071s
[INFO] 172.30.32.1:40150 - 19278 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.001119269s
[INFO] 172.30.32.1:44170 - 34040 "A IN [::ffff:c0a8:afd].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.001005519s
[INFO] 172.30.32.1:40861 - 29636 "A IN [::ffff:c0a8:ac3].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.002434682s
[INFO] 172.30.32.1:33793 - 49925 "A IN [::ffff:c0a8:ac3].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.000872862s
[INFO] 172.30.32.1:41128 - 21426 "A IN [::ffff:c0a8:ac3].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.000692394s
[INFO] 172.30.32.1:60529 - 40085 "A IN [::ffff:c0a8:ac3].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.000515103s
[INFO] 172.30.32.1:56278 - 10524 "A IN [::ffff:c0a8:aa5].local.hass.io. udp 49 false 512" NXDOMAIN qr,aa,rd 49 0.032861237s

On a machine that uses the same local DNS servers as HA these domains are resolvable:

phil@desktopphil:~$ dig [::ffff:c0a8:afd].local.hass.io.

; <<>> DiG 9.16.27-Debian <<>> [::ffff:c0a8:afd].local.hass.io.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4255
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;[::ffff:c0a8:afd].local.hass.io. IN    A

;; ANSWER SECTION:
[::ffff:c0a8:afd].local.hass.io. 10 IN  A   172.30.32.1

;; Query time: 8 msec
;; SERVER: 192.168.100.10#53(192.168.100.10)
;; WHEN: Sat May 07 12:58:29 BST 2022
;; MSG SIZE  rcvd: 76

SSH'ing into Home Assistant and trying the same results in this:

| |  | |                          /\           (_)   | |            | |  
| |__| | ___  _ __ ___   ___     /  \   ___ ___ _ ___| |_ __ _ _ __ | |_ 
|  __  |/ _ \| '_ \ _ \ / _ \   / /\ \ / __/ __| / __| __/ _\ | '_ \| __|
| |  | | (_) | | | | | |  __/  / ____ \\__ \__ \ \__ \ || (_| | | | | |_ 
|_|  |_|\___/|_| |_| |_|\___| /_/    \_\___/___/_|___/\__\__,_|_| |_|\__|

Welcome to the Home Assistant command line.

System information
  IPv4 addresses for eth0:  192.168.10.30/24
  IPv4 addresses for wlan0: 

  OS Version:               Home Assistant OS 7.6
  Home Assistant Core:      2022.5.2

  Home Assistant URL:       http://hassio.local:8123
  Observer URL:             http://hassio.local:4357
➜  ~ dig [::ffff:c0a8:afd].local.hass.io.                                
zsh: no matches found: [::ffff:c0a8:afd].local.hass.io.

DNS info

➜  ~ ha dns info
fallback: false
host: 172.30.32.3
llmnr: true
locals:
- dns://192.168.100.10
- dns://192.168.100.11
mdns: true
servers:
- dns://192.168.100.10
- dns://192.168.100.11
update_available: false
version: 2022.04.1
version_latest: 2022.04.1
➜  ~ 

When I do the dig from the HA command line it never hits my local DNS server..., don't know what side effect this is having, but its probably not working as intended.

System Health

version	core-2022.5.2
installation_type	Home Assistant OS
dev	false
hassio	true
docker	true
user	root
virtualenv	false
python_version	3.9.9
os_name	Linux
os_version	5.10.103-v8
arch	aarch64
timezone	Europe/London

Home Assistant Community Store

GitHub API | ok -- | -- GitHub Content | ok GitHub Web | ok GitHub API Calls Remaining | 4876 Installed Version | 1.24.5 Stage | running Available Repositories | 1123 Downloaded Repositories | 10

Home Assistant Cloud

logged_in | false -- | -- can_reach_cert_server | ok can_reach_cloud_auth | ok can_reach_cloud | ok

Home Assistant Supervisor

host_os | Home Assistant OS 7.6 -- | -- update_channel | stable supervisor_version | supervisor-2022.05.0 docker_version | 20.10.9 disk_total | 109.3 GB disk_used | 9.8 GB healthy | true supported | true board | rpi3-64 supervisor_api | ok version_api | ok installed_addons | Duck DNS (1.14.0), File editor (5.3.3), Home Assistant Google Drive Backup (0.107.1), SSH & Web Terminal (10.1.3), MariaDB (2.4.0)

Dashboards

dashboards | 2 -- | -- resources | 6 views | 9 mode | storage

Sonoff

version | 3.0.4 (8a202d5) -- | -- cloud_online | 13 / 14 local_online | 0 / 0

[mdegat01]

local.hass.io is an internal domain used by supervisor. Every container managed by supervisor is given a hostname (listed on the addon's info page) and a secondary alias of <hostname>.local.hass.io. Supervisor's DNS plugin considers itself authoritative on this domain as it is managed by supervisor so no it does not ask any other DNS resolver for answers to local.hass.io queries.

If you are trying to use local.hass.io on your network then that won't work. I mean I guess it will work for communications between systems on the rest of your network but all containers managed by supervisor will fail to resolve local.hass.io queries other then the ones supervisor knows about. I would strongly recommend picking a different TLD for internal lan usage.

[tescophil]

I'm not using local.hass.io on my network, like I said, I don't think this is working as intended...

[jjvandenberg]

Hi,

same here. :-( I want it to resolve a .home domain, which is running on my private DNS. it won`t :-( I stopped trying the .local domain, since HA does not handle that very well either.

Seems HA just doesn't use the specified DNS servers at all, although one would think that is what they are specified for , right ? Maybe there is an option to bypass it's love for cloudfare DNS (1.1.1.1) and just fwd unresolvable requests to the specified DNS ?