Networking

A reliable home network is key to a reliable HomeKit system. I cannot stress this enough. Every time you open the Home app, the app is going to ask for the status of your HomeKit devices. It is not uncommon to have multiple HomeKit Hubs and dozens or even hundreds of devices. Commands and devices status updates are constantly being sent to all of the HomeKit Hubs and devices. If your home network is not configured correctly, you will experience unreliable HomeKit results. If you are seeing "Unresponsive" devices in HomeKit it is almost certainly something on your home network (assuming you are using well-respected devices).

I have a relatively large home (4,000 sq ft, three floors) with a relatively large number of HomeKit devices (over 100). I have nine HomePods, four TVs, and four TiVos and more iMacs, laptops, iPads, and iPhones than you can shake a stick at. It is not at all uncommon for us to be streaming multiple audio and video sources at the same time, and my HomeKit equipment works reliably and with good performance. So this HomeKit stuff works. Here are some recommendations that I have found useful:

Wi-Fi Channels

Wi-Fi radio signals are divided into bands and channels. Most HomeKit devices operate on the 2.4GHz band, and there are essentially only three non-overlapping channels available to you on 2.4GHz: 1,6, and 11. With only three clean channels available, it is highly likely that you will have a lot of potential interference from neighboring Wi-Fi networks if you live in a city or an apartment building. Use a Wi-Fi scanning app such as WiFi Explorer or WiFi Explorer Lite (free) to scan your environment and configure your Wi-Fi to use the least congested channel available.

Many home Wi-Fi systems will offer an "auto" mode to automatically change the Wi-Fi channel for you. They are supposed to automatically change to the cleanest channel for you. Changing the Wi-Fi channels can affect the reliability of your HomeKit devices to stay connected to Wi-Fi. Personally, I turn the auto-channel option off and set my channels manually.

Wi-Fi "Smart" Features

Many home Wi-Fi systems have features that are supposed to "improve" your home network. More often than not, these features can do more harm than good. Often times these features are used for marketing to set their routers apart from their competitors. These features go by many names: Beam Forming, Band Steering, Game Mode, Air Time Fairness, Air Time Quality, MIMO, auto-whatever, etc. I recommend you turn most of these features off. You may need to do some research to see what a feature is, and whether it should be turned off or not. Generally speaking, I try to run a network that is clean and simple, and turn off any "fancy" features that are trying to bend and twist Wi-Fi devices into doing something they wouldn't otherwise do. Here is an article written by John Lian that gives similar advice: Get reliable connection with your HomeKit devices.

Another reason you want to turn these auto/dynamic and smart features off is for (network) consistency. For consistency in your network experience and consistency when troubleshooting, you don't want your environment to change if you can avoid it. Every change (band, channel, addresses, software and firmware updates, new devices, offline devices, etc) can potentially change a well-working HomeKit environment into an unpredictable, frustrating mess. Get your network running stable, and avoid changes when you can to keep it that way.

But My Wi-Fi Coverage Is Good

One of the things that people fail to realize is that a laptop that connects well in the living room for browsing reddit and amazon does not equate to a smart plug working reliably well in the same room.

First of all, laptops have much larger and more powerful antennas than SmartHome devices (they also probably have more robust Wi-Fi software drivers). But more importantly is how communications are handled. When the web browser on your laptop encounters an error when requesting data from a website, it asks the server to send it again. Due to the nature of web browsing and how web pages load, you may not even noticed the number of errors on your connection. But when you ask a light to turn on and it takes two seconds, you will really notice that.

Topology: Keep It Simple

You may find people suggesting that you should create a separate network for your smart (or Internet of Things) devices to keep them on their own "dedicated" network, for "security" and/or "improved performance". Some recommend separating your 2.4GHz and 5GHz bands, or turning off the 5GHz band altogether. I have even seen people recommending turning off the 2.4GHz bands! Don't do it.

Unless you have very specific needs, are technically experienced with networking, and have enterprise networking equipment, you will be better off creating a simple one-subnet, one-SSID, clean network. This is for several reasons:

  • HomeKit relies heavily on mDNS (Bonjour, ZeroConf) for all of its communications. mDNS does not normally travel between subnets without special configurations, and even then it can be buggy, especially with consumer networking gear.

  • Complex networks are difficult to mange and even more difficult to troubleshoot. Often times you end up shooting yourself in the foot, trying to do something clever.

  • Consumer networking gear does not have good enough hardware or software to reliably handle and mange complex networks.

  • Having multiple SSIDs increases the amount of extra noise and headroom in your home network, decreasing network performance.

  • Simply creating a separate subnet or SSID does not make your network more secure. You have to make it secure. You may as well just make your main network secure (see below).

  • A simple, well-configured network is going to offer you better performance and a better experience.

Static/Reserved IPs

Honestly, having reserved IPs (oftentimes mis-called "static" IPs) is not a requirement, but I assign all of my HomeKit devices reserved IPs, mostly because it makes me feel better having all of my HomeKit devices in block of well-organized IP addresses. I like to keep things tight and organized. This can also help with security (see below), as all of your HomeKit devices will be assigned IP addresses in a block of space. And again, anything that keeps your network consistent is a good thing.

Security

Many of the people recommending setting up a separate IoT network say they do it for security to prevent a hacker gaining access to your home network through a "smart" device. Simply creating a separate subnet or SSID does not make your network more secure. You have to specifically make it secure, through manually configurations on your network and your network devices. You may as well just make your main network secure, instead of building and managing two networks. You can simply block any Internet access to your IoT devices with firewall rules. This is especially simple to do if you have setup your devices with reserved IPs, as mentioned above, because all of those items will be in a block of IPs. Also, firewall rules are easier to manage and troubleshoot than creating multiple home networks, and consumer routers handle firewall rules reasonably well and efficiently. [Since writing this article, HomeKit routers have become available which can help in making your HomeKit devices more secure. While HomeKit routers may be give people with limited networking/technical skills more security than doing nothing at all, I still stand by what I say here: It is better having a simple network, and it is better to secure your entire network, not just your HomeKit devices. Also, you don't have to limit yourself to selecting from the limited number of HomeKit Secure Routers. See below.]

Mesh Networks and Ethernet

It can be difficult to provide adequate Wi-Fi coverage in larger homes. You can overcome this by using Ethernet, multiple access points, or Mesh Wi-Fi systems.

Ethernet:

Generally speaking, if you have the option to connect something via Ethernet, whether it is a wireless access point, or an AppleTV, do it. It will provide a faster, more reliable connection and will reduce the amount of traffic on your Wi-Fi network. For new construction or remodeling, consider running Ethernet to all locations that you would place AV/gear (speakers, TVs, etc), wireless access points, security cameras, doorbells, thermostats, and smoke detectors. Note that even if you don't use Ethernet in some of those locations, you can still take advantage of the wires in an Ethernet cable to connect other low-voltage systems.

Multiple Access Points and Mesh:

You can install multiple access points to extend the range of a Wi-Fi network. This can be done a number of different ways, but you should be aware that they are not all created equal. Read Wirecutter Reviews for help in selecting a Wi-Fi system, and to better understand how Wi-Fi works.

  • Wi-Fi Extenders: The simplest method is to buy an additional Wireless Access Point (WAP) designed to extend your existing Wi-Fi network. This is the least efficient, because it is sharing the wireless radio bandwidth between the wireless clients (your phones, laptops and smart devices) and your main Wi-Fi router. You can also run into potential issues with roaming and mDNS communications, depending on the capabilities of your network devices and how they are configured. Finally, extended networks are managed separately from the main network -it's an add-on device- each device has to be configured and updated using different software and as separate units.

  • Mesh Wi-Fi: You can also extend your wireless Wi-Fi coverage by installing a Mesh Wi-Fi System, which consists of a main Wi-Fi Router Access Point ("base station") and one or more Wi-Fi "Satellite" Access Points. The wireless access points connect to each other, making a large network. The difference between a mesh system and an extended system is that all of the access points are designed to work together, which helps with things like roaming and mDNS. Since it is one system, you only have to configure and manage a single router. Mesh systems have better awareness of all of the network devices in your home, making their interaction more seamless. This is quickly becoming one of the most popular methods of expanding wireless coverage in the home because it is relatively simple to install and provides much better performance over using wireless extenders. Not all mesh systems are created equal. When looking at mesh systems, be sure to look for one that uses a dedicated radio for the backhaul (the link that connects each access point to another) connections. Some also provide an option to use Ethernet for the backhaul connections (see below).

  • Ethernet Backhaul: The third method to create a large Wi-Fi coverage area is to purchase multiple Wireless Access Points (usually designed to work together) and connect them via Ethernet cabling to a central network switch. This type of installation requires a wireless controller to make all of the access points work together (technically you can build a multiple WAP wireless network without a controller, but that is a more advanced network to manage, and you better know what you are doing!). This controller may be a separate piece of equipment, or it may be built into the main Wi-Fi router.

HomeKit (Secure) Routers

Apple announced HomeKit Routers at the June 2019 WWDC conference, which will automatically create a firewall for your HomeKit enabled devices. A HomeKit router might be a good choice for people who are uncomfortable changing settings in their home Wi-Fi and routers. Otherwise, I would recommend selecting the best system for your home first, and if it isn't a HomeKit Router, you can manage the firewall rules yourself.


Things to Consider:

  • A HomeKit Router is only going to add extra protection for your HomeKit devices, not any other devices you have on your home network.

  • Most people will want to apply firmware updates to their devices, so they will probably pick the middle setting of "Automatic: Default security. Your accessory can communicate with HomeKit and connections recommended by its manufacturer." This doesn't even make sense to me. You are going to allow connections "recommended by its manufacturer"? Isn't this what you were paranoid about in the first place, how secure is this?

I guess it is better than nothing for those that just want to push a button and don't understand or want to mess with network settings, but this could very easily (and probably more efficiently, and certainly much more securely) be implemented by simply placing some rules on your firewall.

Some Things You May Not Know About Wi-Fi

  • I mentioned at the beginning that the 2.4GHz band only provides three non-overlapping channels. Make sure your home network is on the cleanest channel(s)!

  • It is the software and hardware on the client (in other words, your computer, or phone, or iPad, or smart device), not the access point, that determines how it connects to Wi-Fi.

  • Another thing to be aware of is that (prior to the newly-released Wi-Fi 6 specification) only one device can talk to a Wi-Fi radio at a time. Period. All of the MIMO features and other marketing mumbo jumbo that implies a Wi-Fi router is handling more than one connection at a time is baloney. A way to really picture this is to imagine placing a single chair in the middle of the room. Now fill that room with 20 people. Now imagine that the only person that can talk is the person sitting in the chair. Now imagine that in order to sit in the chair you have to ask for permission and receive permission first. Now imagine that permission to sit in the chair isn't given until the current person is done talking. Now have the 20 people in the room discuss politics. That's how Wi-Fi works. All that being said, Wi-Fi access points change "who is sitting in the chair" very, very, very, quickly. But it is still only one device at a time. This is why it is important when looking at mesh Wi-Fi systems to either connect the backhaul using Ethernet or pick a system that has a dedicated radio for the backhaul communications.

  • Many consumer grade Wi-Fi systems cannot handle more than 50 connected devices at a time, and their performance falls as more devices connect. Now think about how many smart switches and outlets you might have in your home. Now read below about why bridged-HomeKit gear is a good thing:

Bridges VS Wi-Fi

Some devices connect to HomeKit using Bluetooth, some over Wi-Fi, and some use Bridges. They all have pros and cons. Often times, people will ask what is better, a light that connects using a bridge, or a light that connects directly to Wi-Fi?

Several popular HomeKit devices connect to HomeKit using Bridges, such as Lutron Caseta, Hue, and Aqara.

Note: Some people incorrectly call HomeKit Bridges "hubs". This is partly because manufacturers often times call them hubs because when used by themselves outside of HomeKit they are hubs, but a HomeKit Hub is something else entirely. A HomeKit Bridge "bridges" a manufacturer's proprietary ecosystem into HomeKit. It is usually a small box about the size of an TV that plugs into your router via Ethernet.

Many people will tell you they don't want to buy devices that require a bridge. That is not good advice, in fact, I consider it the worst possible advice a person can give you about HomeKit, and is usually coming from somebody who had a bad experience and doesn't fully understand what they are talking about. Read below for more information.

The Wi-Fi protocol was not designed for home automation. There is a lot of network communication overhead in Wi-Fi (and also in TCP/IP) transmissions that result in slower performance. This overhead is not particularly noticed when you click on on a link in Amazon to view a product page, but it can become very noticeable when flicking a light switch and expecting the lights to come on immediately. There are other protocols (Zigbee and Lutron's RA2) that were specifically designed with home automation in mind: They are designed for low latency (fast) communications, they use frequencies that minimize radio interference, and are designed to handle dozens of devices efficiently. It can be beneficial selecting HomeKit devices that use these protocols and integrate into HomeKit using Bridges.

A well-designed Bridge provides several advantages over directly-connected Wi-Fi devices:

  • Better performance using protocols specifically designed for quickly delivering commands to smart home devices

  • Reduces the number of devices on your Wi-Fi system

  • When you open the Home App, instead of HomeKit having to send a status update request to each device individually (and wait for each device to respond), it can send a single request to the Bridge, which can provide the answer in a single response

  • If you ever change your Wi-Fi SSID or password, all of your bridge-connected devices will work without changing their settings

This is not to say that Wi-Fi devices don't have their place, they do. But, devices that use bridges should not be dismissed simply because they use bridges, and consideration should be made regarding the number of devices you are going to control and how many you want on your Wi-Fi network. For example, it wouldn't be unheard of to install 70 light switches or light bulbs in your home. Do you want all of those devices connected to your Wi-Fi network, or does it make more sense to have them connected to a bridged system for faster HomeKit responses and more efficient use of Wi-Fi?

What I Use

I use the NetGear Orbi RBK50 Mesh Wi-Fi System. It has proven very reliable and offers good overall performance. As I stated earlier, it isn't at all uncommon for multiple video and audio streams to be going on at the same time in my home, and my HomeKit devices have always performed reliably and quickly. This doesn't mean that other Wi-Fi systems won't work, this is just what I use, and I have found it to be very reliable for home Wi-Fi in general and HomeKit devices specifically.