Moving My Homelab to California

2024-06-25

6 min read

golden gate bridge
I can't think of a good hero image, so let's destroy the Golden Gate Bridge!

Last week, we made the move to California to start a new internship. Having only lived in New York since moving to the States, this has been quite an adjustment. Here's how I’ve been navigating these changes and adapting my homelab.

Changing the ISP

One of the first challenges was bidding farewell to Verizon Fios. I LOVE Fios: it follows the standards, making it extremely easy to bring my own router. It provides unlimited, symmetrical broadband at a great price. It's not as cheap as crappy Comcast Xfinity, but I don't suffer from 20 Mbps uplink and a 1.2 TB data cap. When I built my custom router to replace the Verizon router, I easily got a /56 prefix.

Unfortunately, Fios is not available on the West Coast. My new apartment only offers two options: Xfinity and AT&T Fiber. But luckily, AT&T Fiber is also symmetrical and doesn't have a data cap. The downside is $5 more per month plus tax (Verizon pricing was after-tax).

Oh, and they need to install a modem that also acts as a router in my unit. The router part cannot be turned off unless I find a way to replace the modem altogether. I can only set the router to 172.16.0.1 (it doesn't even let me set it to 10.0.0.1, what the heck?) and enable IP passthrough mode, and bear with the one extra hop. And in terms of IPv6, AT&T only hands out a /60 prefix instead of the suggested /56. What's more, the modem reserves half of the /60 for itself, so all I get is a total of 8 /64 subnets. Fortunately, I can get away with one or two /64's.

Rebuilding My Homelab

A week after arriving in California, the moving boxes finally showed up at our door. Now it's time to check the robustness of my homelab setup. If I've done well, I should be able to get everything running with minimal modifications. And I did! I only needed to change the time zone of a couple of services from Eastern to Pacific, then modify the wide-dhcpv6-client config to accommodate the /64 instead of /56, and I could plug the WAN cable into the modem. Within 90 minutes, everything was running exactly the same as before!

Enabling HomeKit Device Discovery for Home Assistant in VM

When we signed the lease, I was told the apartment had a "smart thermostat" installed. Now that we've moved in, I finally got to learn what a smart thermostat is. Turns out it's an AC controller with the current temperature displayed.

Now, whenever an apartment tells you they have some "smart" features, it almost always means they've installed some devices connected to a centralized server, collecting data every single second. That's how IoT works for the average person, after all. I was so into this stereotype that I didn't check the features of this thermostat. It wasn't until yesterday that I realized the Honeywell thermostat in my unit is actually fully isolated. In addition, it's compatible with HomeKit! Sorry and big thanks to the apartment builder!

The next step was expected: I googled how to connect to the device from Home Assistant. The device is WiFi only (Honeywell makes a Z-Wave model, but I understand their intent to make it accessible for average families) and IPv4 only, which means my IPv6-only IoT VLAN once more misses the opportunity of getting its first user. I added it to the IPv4 IoT VLAN because it almost certainly will start sending data to Honeywell's server if connected to the public Internet. After connecting, it acquired a nice 192.168.2.8 IP address. Now the real question:

How on Earth Do I Connect HomeKit Devices to Home Assistant?

It's actually easy: the device should be automatically discovered by Home Assistant. Out of the box, not integration or addon needed. But I'm not seeing the thermostat anywhere in HA. Why?

The reason is I didn't set mDNS relay. mDNS (multicast DNS) is a protocol to perform DNS queries without a DNS server. Basically, the devices claim themselves to be something.local and listen on 224.0.0.251 or ff02::fb on UDP port 5353. Then the client sends the multicast DNS query message to these two addresses. The device matching the requested service sends an mDNS response. HomeKit uses this mechanism for automatic device discovery. Whenever a device joins the network, it sends a multicast message to announce its presence. HomeKti Hub also periodically sends mDNS queries to make sure it discovers all HomeKit-conpatible devices.

My home assistant VM is connected to a bridge network vmbr0. While the bridge connects to the main and IoT VLANs using iptables rules, the multicast message works only on the local subnet. The messages on my IoT subnet can't reach vmbr0, and vice versa. To relay to messages, I need to use some packages.

There are three options for this purpose. The first is the largely unmaintained mdns-repeater package. Then, someone wrote a Python script a few years back to enable mDNS relay for Ubiquiti routers. It came as a handy docker container, but unfortunately doesn't support IPv6. It's reasonable since Docker IPv6 support is lacking itself, but, deal breaker. And finally, there's another package avahi that supports dual stack. Needless to say, it is my pick.

Setting up avahi is easy. Just replace /etc/avahi/avahi-daemon.conf with the following content, restart the service, and it's good to go.

[server]
use-ipv4=yes
use-ipv6=yes
allow-interfaces=enp1s0,enp1s0.3,enp1s0.4,vmbr0

[publish]
publish-hinfo=no
publish-workstation=no
publish-aaaa-on-ipv4=yes
publish-a-on-ipv6=yes

[reflector]
enable-reflector=yes

Within an instant, I was able to see the thermostat in Home Assistant.

thermostat
The device control in Home Assistant dashboard. I forgot to screenshot the device discovery card.

Conclusion

Transitioning my homelab setup to California turned out to be far smoother than anticipated. thanks to my efforts to make it robust in the first place. Honestly, I didn't expect it to be that smooth, considering I worked til 4 am the night I tried to build my own router and barely got IPv4 to work.

The other parts of life are not as smooth. Last Friday night, our moving boxes were STOLEN and searched. It doused all our excitement about the relocation and burnt us out for the whole weekend. Definitely not a good welcome message from The Golden State. We also had to start learning for a driver's license. Setting up a new life involves much more than just technical adjustments.