How can I get this UDP relay package for casting across VLANs?
-
What rules did you have there before? I assume you were seeing blocked traffic on IOT?
I expect to need the IP options flag set in a rule for multicast traffic like that.
Steve
-
@stephenw10 said in How can I get this UDP relay package for casting across VLANs?:
I assume you were seeing blocked traffic on IOT
I had a rule which allowed UDP traffic on port
5353on theIOTinterface, but the destination was anRFC1918alias (Non Routeable IP Addresses), which I then changed to to244.0.0.251to make it work.I wonder if mDNS clients also send out to other multicast addresses at times, which is why some slipped through?
Now I have:
DNS rule required to get my MQTT adddress through DNS.
Then the invisible, default
DROP Everythingrule, so I could not see what else was being blocked. -
The UDP relay package is only one part of this puzzle. It helps the secure LAN side "discover" your Bonjour/Chromecast/mDNS/Sonos/SSDP/etc devices.
But in addition to that, you are going to have to punch some holes into your firewall so that those devices can communicate with stuff that's on your secure LAN.
This post helped me with Sonos stuff but can also be used as a basis for anything else.: https://www.reddit.com/r/Ubiquiti/comments/gu19sa/iot_vlan_settings_specific_to_sonos/
Here's what the end result looks like in the firewall rules on my IoT interface
son is an alias containing the IPs of Sonos hosts
Sonos_TCP0, Sonos_UDP0, Sonos_TCP1, and Sonos_UDP1 are aliases for the ports needed, as outlined in the Reddit thread specific to Sonos. These might not apply to your situation. But remember, your IoT devices might require being allowed to initiate some traffic to your LAN devices. Unless you open up the ports required, things might not work right.
-
@stephenw10 Hey stephen, I know this is an old thread but I didn't want to PM you.
I have this same scenario. UPnp was nice for online services like Xbox, Call of Duty, etc.
You mention accepting and using the SSDP packets with UPnP. How is something like this achieved? -
Can you clarify that? The UPnP service in pfSense only supports the Internet Gateway Device part of the protocol.
Steve
-
@stephenw10 said in How can I get this UDP relay package for casting across VLANs?:
Can you clarify that? The UPnP service in pfSense only supports the Internet Gateway Device part of the protocol.
Steve
That's for port forwards right? What did you mean by this? "Yes, you can't have two processes listening on the same port like that. You can either relay the SSDP packets or accept and use them with UPnP."
I understand that upnp uses port 1900, and so does this udpbroadcastrelay, but is there a way to get them both working?
-
Ah, OK. No, that's still true. I would not expect to be able to both accept UDP port 1900 packets into the UPnP process and relay them at the same time.
Unless perhaps the relay process were also relaying them to UPnP?
I've never tried that. I could see many ways that might also not work.Steve
-
Just wanted to follow up on this thread and mention that udpbroadcastrelay still works flawlessly under pfSense 23.01/FreeBSD 14.
It looks like there have been a few updates to the code since I first started using it:
https://github.com/marjohn56/udpbroadcastrelay
Also, it is great to see that a lot of work has already been done to turn this into a formal pfSense package:
-
What is actual approach to install this package to 23.01?
-
@georgecz58 said in How can I get this UDP relay package for casting across VLANs?:
What is actual approach to install this package to 23.01?
Good question. I'd like to know this too. I still have it installed manually as per instructions in this post. The package doesn't appear to be available yet. Not sure what the status is. Bug report is here: https://redmine.pfsense.org/issues/10818
-
It's not been merged yet so you still need to fetch and install it manually:
[23.01-RELEASE][root@4100.stevew.lan]/root: fetch https://redmine.pfsense.org/attachments/download/4621/pfSense-pkg-udpbroadcastrelay-1.0.pkg pfSense-pkg-udpbroadcastrelay-1.0.pkg 12 kB 7983 kBps 00s [23.01-RELEASE][root@4100.stevew.lan]/root: pkg install pfSense-pkg-udpbroadcastrelay-1.0.pkg Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. The following 2 package(s) will be affected (of 0 checked): New packages to be INSTALLED: pfSense-pkg-udpbroadcastrelay: 1.0 [unknown-repository] udpbroadcastrelay: 0.3.b [pfSense] Number of packages to be installed: 2 15 KiB to be downloaded. Proceed with this action? [y/N]: y [1/2] Fetching udpbroadcastrelay-0.3.b.pkg: 100% 15 KiB 15.3kB/s 00:01 Checking integrity... done (0 conflicting) [2/2] Installing udpbroadcastrelay-0.3.b... Extracting udpbroadcastrelay-0.3.b: 100% [1/2] Installing pfSense-pkg-udpbroadcastrelay-1.0... [1/2] Extracting pfSense-pkg-udpbroadcastrelay-1.0: 100% Saving updated package information... done. Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Executing custom_php_resync_config_command()...done. Menu items... done. Services... done. Writing configuration... done. -
@stephenw10 said in How can I get this UDP relay package for casting across VLANs?:
It's not been merged yet so you still need to fetch and install it manually:
[23.01-RELEASE][root@4100.stevew.lan]/root: fetch https://redmine.pfsense.org/attachments/download/4621/pfSense-pkg-udpbroadcastrelay-1.0.pkg pfSense-pkg-udpbroadcastrelay-1.0.pkg 12 kB 7983 kBps 00s [23.01-RELEASE][root@4100.stevew.lan]/root: pkg install pfSense-pkg-udpbroadcastrelay-1.0.pkg Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. The following 2 package(s) will be affected (of 0 checked): New packages to be INSTALLED: pfSense-pkg-udpbroadcastrelay: 1.0 [unknown-repository] udpbroadcastrelay: 0.3.b [pfSense] Number of packages to be installed: 2 15 KiB to be downloaded. Proceed with this action? [y/N]: y [1/2] Fetching udpbroadcastrelay-0.3.b.pkg: 100% 15 KiB 15.3kB/s 00:01 Checking integrity... done (0 conflicting) [2/2] Installing udpbroadcastrelay-0.3.b... Extracting udpbroadcastrelay-0.3.b: 100% [1/2] Installing pfSense-pkg-udpbroadcastrelay-1.0... [1/2] Extracting pfSense-pkg-udpbroadcastrelay-1.0: 100% Saving updated package information... done. Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Executing custom_php_resync_config_command()...done. Menu items... done. Services... done. Writing configuration... done.@stephenw10 - with 23.01 having been released, any idea when this might become an official pfSense pacakge? Judging by the Redmine ticket it looks like the majority of the work has already been completed. Is more community testing needed?
-
It might just need a nudge. Let me see what I can do....
-
Just out of curiosity I tested it with a VM (Oracle) and ran into a php error
PHP errors PHP ERROR: Type: 1, File: /usr/local/pkg/udpbroadcastrelay/udpbroadcastrelay.inc, Line: 458, Message: Uncaught Error: Call to undefined function config_get_path() in /usr/local/pkg/udpbroadcastrelay/udpbroadcastrelay.inc:458 Stack trace: #0 /usr/local/pkg/udpbroadcastrelay/udpbroadcastrelay.inc(202): udpbr_get_settings(true) #1 /etc/inc/pkg-utils.inc(802) : eval()'d code(1): udpbr_resync() #2 /etc/inc/pkg-utils.inc(802): eval() #3 /etc/inc/pkg-utils.inc(928): eval_once('udpbr_resync();') #4 /etc/rc.packages(76): install_package_xml('udpbroadcastrel...') #5 {main} thrown @ 2023-03-20 13:53:47 -
You should add that to the open redmine issue: https://redmine.pfsense.org/issues/10818
What version were you testing against there?
-
@stephenw10 You mean Oracle VM or pfS version?
VirtualBox Graphical User Interface Version 7.0.6 r155176 (Qt5.15.2)
pfS 2.6.0 release CE -
The pfSense and pkg versions.
And also what exactly you did to trigger it. It seems to work as expected for me in 23.01.Steve
-
Ah, Ok. Note that the package build 26/12/2022 that's on the redmine is for 2.7 or 23.01 only right now.
-
Missed out that one ;) try an install on the beta (2.7.0) soon
-
Looks like
udpbroadcastrelaywill be included as a pfSense package in 23.05 - great news!https://www.netgate.com/blog/pfsense-plus-software-version-23.05-rc-now-available
