Ever since the middle of the pandemic, Iāve been using Eero Mesh Networking products in my home. I switched from a single Nighthawk router to the Eero Pro products (pre-Eero 6) and it was a huge upgrade in bandwidth and stability. Unfortunately, it was a huge step backwards in features and monitoring. Ever since I found out they want $$ just to get basic bandwidth monitoring features, which are only available in their mobile app and not via any website, Iāve been searching for alternatives.
After years of searching, I finally gave up. And starting building my own.
DHCP And Hostnames
I let Eero do my DHCP, and it does a good job. It has basic reservations support, but a few things (like the Eero themselves) keep changing IPās. As far as I can tell, thereās no good way to assign hostnames in a traditional DNS-style way with Eero, so itās hard to setup any kind of network monitoring while things keep moving around.
I previously maintained a
dnsmasq
system on a raspberry pi to service up local names, but it was a constant headache as things moved around. Thanks to some amazing work from 343max on github, I was able to build a python tool that generates a hostfile from my configured Device Nicknames and share it across my network. This is the beginning of my āeero-toolsā project.eero_tools
Yeraze ā¢ Updated Oct 4, 2024
Still in itās infancy, the only function it has right now is a simple script that will export your eeroās and all named devices into an
/etc/hosts
syntax file. I donāt actually use it as my /etc/hosts
file, but instead use features of dnsmasq
to load it as an alternative, and apply my local domain name ( .yeraze.online
) to it. I recently added support for aliases so that services proxied behind my Synology Reverse Proxy or a Nagios Reverse proxy are all available as well, and adjust to any changing IPās. Simply tweak the
run.sh
to your use case, add this to a cron job to run regularly, and voila everything works.DNS with AdGuard and dnsmasq
My actual network DNS is served up by AdGuard Home running in a docker container on my Synology NAS. This gives me lots of nice features like multiple parallel lookups, failover, ad and malware blocking, monitoring, and more. However, I needed it to also handle my local network names.
To do this, I took a nearby raspberry pi and set it up with
dnsmasq
. This is a very lightweight DNS, DHCP, and tftp system that Iāve stripped down to just run DNS for me. In AdGuard, I setup the following configuration:
This runs most DNS queries thru adguardās DNS-over-quic system or Googleās DNS, and routes everything on the
*.yeraze.online
domain over to my raspberry pi at 192.168.4.165
.. On the raspberry pi, I have a
/etc/dnsmasq.conf
that contains the followingport=5353 no-resolv no-poll no-hosts server=0.0.0.0 local=/yeraze.online/ addn-hosts=/etc/dnsmasq-hosts.conf expand-hosts domain=yeraze.online
The top few lines set the port for the service, and disable use of the
/etc/resolv.conf
and /etc/hosts
files. I then configure any DNS lookups it doesnāt recognize to die at 0.0.0.0
, and to route everything *.yeraze.online
to the /etc/dnsmasq-hosts.conf
file (generated by the eero-tools scripts above, run on an hourly cron). The expand-hosts
and domain
lines tell dnsmasq to effectively add that domain to every entry in the file.Conclusion
And voila! I now have working DNS names across my network! Iāll post more in the future, but this was the first step for me to get working SSL up across various services on my network in a reliable way. Iāve recently setup Zabbix, OpenVas, FileBrowser, and a few other services that all really needed SSL but I couldnāt get a valid certificate before. With this in place, I was able to register the domain and get a wildcard cert from LetsEncrypt, and now have everything working.
In additional, now that I have valid working hostnames for everything, I can configure Zabbix to monitor devices via DNS names and it will handle the few cases where an Eero IP changes.