operating-system: Hostname conflict, changing published hostname from 'homeassistantxxx' to 'homeassistantxxy'

Hardware Environment

Home Assistant OS 5.10 on Proxmox 6.3-3 (Installed using this tuto)

Home Assistant OS release:

System Health

version	2021.1.1
installation_type	Home Assistant OS
dev	false
hassio	true
docker	true
virtualenv	false
python_version	3.8.7
os_name	Linux
os_version	5.4.86
arch	x86_64
timezone	America/Toronto

Home Assistant Community Store

GitHub API	ok
Github API Calls Remaining	4771
Installed Version	1.9.0
Stage	running
Available Repositories	778
Installed Repositories	38

Home Assistant Cloud

logged_in	true
subscription_expiration	January 29, 2021, 7:00 PM
relayer_connected	true
remote_enabled	true
remote_connected	true
alexa_enabled	true
google_enabled	true
can_reach_cert_server	ok
can_reach_cloud_auth	ok
can_reach_cloud	ok

Hass.io

host_os	Home Assistant OS 5.10
update_channel	stable
supervisor_version	2020.12.7
docker_version	19.03.13
disk_total	30.8 GB
disk_used	25.1 GB
healthy	true
supported	true
board	ova
supervisor_api	ok
version_api	ok
installed_addons	Node-RED (7.2.11), InfluxDB (3.7.9), Grafana (5.3.6), Home Assistant Google Drive Backup (0.103.0), Visual Studio Code (2.9.1), Assistant Relay (0.7.4), Mosquitto broker (5.1), Network UPS Tools (0.3.1), OpenZWave (0.8.0), chrony (1.1.3), TasmoAdmin (0.13.1), deCONZ (6.6.2), WireGuard (0.4.0), MariaDB (2.2.1), Terminal & SSH (8.10.0), Portainer (1.3.0), Glances (0.9.1)

Lovelace

dashboards	4
mode	storage
views	5
resources	23

Spotify

api_endpoint_reachable	ok

Journal logs:

Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1742.local IN A 10.1.40.179
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Hostname conflict, changing published hostname from 'homeassistant1742' to 'homeassistant1744'.
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1744\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN TXT ""
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1744\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN SRV 0 0 0 homeassistant1744.local
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1744.local IN A 10.1.40.179
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Hostname conflict, changing published hostname from 'homeassistant1744' to 'homeassistant1752'.
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1752\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN TXT ""
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1752\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN SRV 0 0 0 homeassistant1752.local
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1752.local IN A 10.1.40.179
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Hostname conflict, changing published hostname from 'homeassistant1752' to 'homeassistant1757'.
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1757.local IN A 10.1.40.179
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Hostname conflict, changing published hostname from 'homeassistant1757' to 'homeassistant1759'.
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1757\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN TXT ""
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1757\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN SRV 0 0 0 homeassistant1757.local
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1759.local IN A 10.1.40.179
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Hostname conflict, changing published hostname from 'homeassistant1759' to 'homeassistant1766'.
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1759\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN TXT ""
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1759\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN SRV 0 0 0 homeassistant1759.local
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1766\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN SRV 0 0 0 homeassistant1766.local
Jan 10 15:38:56 homeassistant systemd-resolved[952844]: Detected conflict on homeassistant1766\032\091f82e32391f07425383dd5fbb3a6beafa\093._workstation._tcp.local IN TXT ""

Kernel logs: https://pastebin.com/Ah9rHgSE

Description of problem: I switched to Home Assistant OS in December. I believe this was a 5.6 fresh install at this point and I restored my whole configuration from my previous supervised installation. Since then I have been updating to each update until 5.10 yesterday. I noticed high CPU issues early after the install but I cannot say if that was since the 5.6 initial install or after an update to 5.7 or 5.8. After digging more into the problem I reealized I had a problem specifically with systemd-resolved and all these “Hostname conflict” messages. When I stop this service, goes down by 50% to 80%. Now I’m kind of stuck and not sure where to look at. I’m tempted to recreate a fresh install and migrate again but I’d rather give a shot at finding the actual issue and fixing it. Any help is appreciated. Thank you!

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 1
Comments: 39 (10 by maintainers)

Most upvoted comments

Is it perhaps possible to reopen this issue? Seems like quite a few setups are affected. Many users probably don’t even notice.

TheJulianJES on Jun 5, 2021

@agners This issues happens when there is multiple network interfaces (for example for different VLANs), and router (for example UniFi) proxies/reflects multicast traffic between networks.

Solution is here

t3hk0d3 on Dec 19, 2023

I had simillar symptoms:

Constant spam about hostname conflict.
High CPU usage by systemd-resolved and mdnsd:
resolvectl mdns returned on mode for all active interfaces. Turning them off by resolvectl mdns 2 resolve/off was fruitless, because NetworkManager turns mdns on immediately.

I’ve got it solved following way:

Set all connections to resolve-only mode (you might leave one of connections active, to keep homeassistant.local working)

> nmcli connection modify <connection> connection.mdns resolve

Restart Network Manager

> systemctl restart NetworkManager.service

Confirm it working

> resolvectl mdns
Global: yes
Link 2 (eth0): resolve
Link 3 (wlan0): no
Link 4 (usr0): resolve
Link 5 (iot0): resolve
Link 8 (docker_gwbridge): no
Link 9 (hassio): no

After that a constant stream of conflicts got resolved, and no more CPU hogging by systemd-resolved and mdnsd.

Screenshot_20231117_205836

t3hk0d3 on Dec 19, 2023

In my experience, after enabling mDNS repeater you run into more problems: How do you deal with names/services announced using IPv6 link local addresses?

Easy, I don’t have IPv6 in the local network. Having two WANs, I figured there would be no gain of NATing IPv6 to the LAN. 😄

IMHO, nicer would be to have all the devices in one LAN, and filter traffic per device (based on port/MAC, e.g. using OpenFlow). These type of filtering and device specific routing is definitely done in data center SDNs, but not sure if one ever attempted to implement such networking architectures in home networks. 😅

Have you implemented that approach? It sounds like a lot of configuration work (which would be manual for me because tplink omada isn’t easily automateable). How do you deal with additions to the guest WLAN? Having to add the IPs/MACs of every new guest to the configuration when someone asks for the wifi password sounds a bit impractical 😛

It should be possible to influence mDNS settings per interface. it could be part of the Supervisor networking. Patch welcome 😉

Great, I will see if I can find the right places to make it configurable. If/when it makes it to the UI will would be a checkbox in this area?

dsander on Jul 21, 2023

mDNS is built on link-local multicast. Link-local multicast is meant to be, surprise, link local. Any mDNS reflector or other “link-local multicast extension to another subnet” is a hack at the end of the day. Since nowadays many IoT protocols embrace protocols built on link-local multicast (like mDNS/DNS-SD), VLAN is kinda a bad option. IMHO, instead of spending time making VLAN work, rather embrace zero trust networking: Just make sure all your devices are secured by default (no anonymous logins, safe passwords, encrypted communication etc.). Consider your network Internet. It’s quite freeing 😄 If you have legacy stuff or stuff you can’t secure that way, you can still use a VLAN to move that particular device off of your main LAN.

The problem with that is that there are no IoT devices that are secure. The biggest security risk on a network are the IoT devices that you have no control of. Especially the ones that contact anything in the cloud. Look at Eufy, Ring, etc.

The only reason my iot devices can communicate with anything on my network is so that I can cast to them or otherwise control them like for instance the TV or sound bar etc. And in that case, I would prefer that they are not allowed to talk to anything else other than the specific hosts/ports that I want them to talk to. I also block them from calling home except for the hosts that absolutely stop them from working. The number one blocked DNS queries on my network are all tracking hosts at Microsoft, Amazon, Samsung etc.

In a perfect world, they wouldn’t talk to the cloud at all and have absolutely no internet access and only be allowed to speak to the specific hosts and ports that I want them to.

Unfortunately, that would require the manufacturers to give up all that add tracking money which they will never do. Or it would end up doubling, tripling or more the price of the devices.

Until then, I’ll use whatever means I need to to completely segregate them from anything and everything else on my network that I don’t need them to be able to talk to. And right now that’s usually either vlans or a whole lot of manual firewall rules. Any of my IoT devices that do not absolutely need internet are not even given a gateway when DHCP assigns them their address which is static. If there’s an update that’s needed and no way for me to push it to the device locally I allow an exception to the specific host that they need to talk to for the update and only for the amount of time it takes for them to update.

Just putting a device on your network and allowing it to do whatever it wants is almost as bad as just posting your configs and passwords on the internet.

+1 Totally agree. Zero trust requires proper endpoint management and security, but in the IOT space endpoints are the problem for all the reasons just mentioned. We don’t have the option of using only secure IOT devices because they don’t seem to make those.

And this is only going to get worse with Matter. At least with zigbee the cheap chinese etc… devices don’t have IP access to anything, and if I trust the zigbee coordinator code (I use the open source zigbee2mqtt), you have limited security exposure. But with matter everything is IP connected, and that’s a real problem because I don’t trust any of those devices.

VLAN’s are going to be even more important with Matter and will require even more sophisticated network management to safely integrate them in our homes.

fresnoboy on Jul 20, 2023

mDNS is built on link-local multicast. Link-local multicast is meant to be, surprise, link local. Any mDNS reflector or other “link-local multicast extension to another subnet” is a hack at the end of the day.

Since nowadays many IoT protocols embrace protocols built on link-local multicast (like mDNS/DNS-SD), VLAN is kinda a bad option.

IMHO, instead of spending time making VLAN work, rather embrace zero trust networking: Just make sure all your devices are secured by default (no anonymous logins, safe passwords, encrypted communication etc.). Consider your network Internet. It’s quite freeing 😄

If you have legacy stuff or stuff you can’t secure that way, you can still use a VLAN to move that particular device off of your main LAN.

The problem with that is that there are no IoT devices that are secure. The biggest security risk on a network are the IoT devices that you have no control of. Especially the ones that contact anything in the cloud. Look at Eufy, Ring, etc.

The only reason my iot devices can communicate with anything on my network is so that I can cast to them or otherwise control them like for instance the TV or sound bar etc. And in that case, I would prefer that they are not allowed to talk to anything else other than the specific hosts/ports that I want them to talk to. I also block them from calling home except for the hosts that absolutely stop them from working. The number one blocked DNS queries on my network are all tracking hosts at Microsoft, Amazon, Samsung etc.

In a perfect world, they wouldn’t talk to the cloud at all and have absolutely no internet access and only be allowed to speak to the specific hosts and ports that I want them to.

Unfortunately, that would require the manufacturers to give up all that add tracking money which they will never do. Or it would end up doubling, tripling or more the price of the devices.

Until then, I’ll use whatever means I need to to completely segregate them from anything and everything else on my network that I don’t need them to be able to talk to. And right now that’s usually either vlans or a whole lot of manual firewall rules. Any of my IoT devices that do not absolutely need internet are not even given a gateway when DHCP assigns them their address which is static. If there’s an update that’s needed and no way for me to push it to the device locally I allow an exception to the specific host that they need to talk to for the update and only for the amount of time it takes for them to update.

I also segment all mobile devices like cell phones and tablets etc to their own VLAN that cannot communicate to any of the other devices or vlans unless specifically allowed via rules. I don’t need one of the kids phones able to see all of the devices or possibly control them. That includes casting to them without my knowledge and subsequently rules to allow it.

Any five-year-old can download a script off the internet and totally own 90% of people’s networks because they just put stuff on them and have no idea about it and rely on the manufacturer to actually secure them, update them, patch vulnerabilities etc. When the majority of hardware released is lucky if it’s supported for a few years when people end up using it for much longer. There comes a point when it’s completely called for to sacrifice ease of use for security. Especially for those people that have no idea. Which is the majority of the world unfortunately. I’m sure everybody knows friends or family that are still running Windows 7 and postponing updates because they don’t want to be bothered with reboots etc. That’s all it takes to have all of your personal information, finance information etc stolen. And when that happens it’s the fault of the administrator or person in charge of the network who just relied on the manufacturer and trusted that they would do what they needed to do.

Just putting a device on your network and allowing it to do whatever it wants is almost as bad as just posting your configs and passwords on the internet.

phiberoptick on Jul 20, 2023

Had the same issue with a pfsense router. I initially suspected a problem with my second LAN interface, but simply disabling “Enable reflection - Repeat mdns packets across subnets” in the avahi-package solved the problem.

Thanks!

andrelung on Nov 22, 2022

OK, I have disabled multicast DNS on my UDM pro and that error has stopped right away. I am actually using https://hub.docker.com/r/scyto/multicast-relay so I should have disabled multicast DNS before. That does not explain why it was working with HassOS 5.11 though. I will reopen if that error comes back again. Thank you

cben0ist on Feb 22, 2021