PiVPN and Domotz agent

[TonyC]

I have a working installation on a RaspberryPI 3 with Domotz and PiVPN (openVPN server). All is working fine but I've noticed recently that Domotz is now discovering the tun0 interface associated with OpenVPN, which is on a different subnet to the main wlan0 interface. wlan0 is on 192.168.1.0/24 and tun0 is on 10.8.0.0./24 subnet.  Up until recently Domotz ignored the tun0 interface and only reported discovered devices on my WLAN. But since a few weeks backs the tun0 IP address(10.8.0.1) is now being discovered and reports this belonging to the the Domotz agent. 

 

The problem I have is that because tun0 is a virtual interface its MAC address changes quite frequently and so I'm now seeing on a daily basis a new 10.8.0.1 interface being discovered and the previous one's now being marked as down. I therefore, have to remove the old 10.8.0.1 interfaces on a regular basis.

 

I have not made any changes to my setup and so I can only assume that a recent Domotz agent update is causing this new behaviour. 

 

Could anyone advise on whether this is a bug with Domotz, or is there a file I can change so that only the main WLAN0 subnet is scanned?

 

 I have a subscription to the legacy Lite plan on my RaspberryPI as this is all I need for my requirements.

 

Thanks

 

Tony

 

  

[henriquesalvador]

HI @TonyC,

 

I'm checking internally what happened, but note that the Agent is suppose to monitor any available interface at the host, I assume the engineering team updated the way the agent discover interfaces. I will update this thread soon.

 

Henrique Salvador.

[TonyC]

Thanks Henrique, if this behaviour is expected can you find out if there is a way to disable monitoring of the tunnel interface?

 

Cheers, Tony

[TonyC]

Hi Henrique, did you get some feedback from your Engineering Team on this subject?

 

Thanks,

 

Tony

[david-technoloje]

I have the exact same problem. Any updates with this?

 

[david-technoloje]

On 1/8/2021 at 1:57 AM, henriquesalvador said:

HI @TonyC,

 

I'm checking internally what happened, but note that the Agent is suppose to monitor any available interface at the host, I assume the engineering team updated the way the agent discover interfaces. I will update this thread soon.

 

Henrique Salvador.

Any news regarding this?

 

[Giancarlo]

It is now possible to disable the scanning and monitoring of interfaces, through the means of Public API. Please have a look at:

 

https://portal.domotz.com/developers/#domotz-public-api-networking

 

In particular, the API to allow/deny list of interfaces to be scanned and monitored:

 

https://portal.domotz.com/developers/#setagentinterfacespolicy

 

You should now be able to create a policy so that Domotz does not scan the VPN interface.

 

Note: we will also add this capability in the UI

[JohnButare]

Thank You!  This is a great add.   I am using to ignore my Docker networks.

[smackie]

@Giancarlo Quick question - Is this functionality in the UI yet or do we still need to add ignored networks via the API? Just getting going with a new setup and I need to ignore all of the docket networks on the Synology that's acting as agent host. Thanks!

 

[Giancarlo]

28 minutes ago, smackie said:

@Giancarlo Quick question - Is this functionality in the UI yet or do we still need to add ignored networks via the API? Just getting going with a new setup and I need to ignore all of the docket networks on the Synology that's acting as agent host. Thanks!

 

 

At the moment, it is still required to use the Public API to disable the network interfaces that need to be ignored.