Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Anyone have a guide for getting Airplay working across subnets with avahi?

    Scheduled Pinned Locked Moved
    pfSense Packages
    9
    15
    11.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      whosmatt
      last edited by

      Thanks. I'll look into it.  Regardless, this topic is probably not suited for the packages forum since avahi appears to be doing its job.  I think it's just the Apple devices throwing some of their proprietary nonsense in to play.  Absolute worst case I can connect them both via wireless (right now one is wired and one is wireless) and just switch them to the guest network when needed, so that they are hanging out in the same subnet as my guest devices.

      Thanks for the help, everyone.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Apple chose to send airplay packets with a TTL of 2. That limits airplay to one hop no matter what you do with avahi.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        C 1 Reply Last reply Reply Quote 0
        • S
          stilez
          last edited by

          Has anyone had success in this kind of scenario using out-of-the-box pfSense, and if so, could they post the exact rules/setup they used to successfully get this situation to work by routing multicast correctly (and modding the TTL if applicable).

          As an aside, I've been playing with a different approach and had some success. To save repetition the details are at https://redmine.pfsense.org/issues/2170 , in a nutshell there's a tiny but active port called "mdns-repeater" which relays mDNS multicasts (used for Airplay discovery) across a set of interfaces, and is ideal for Airplay. Because pfSense reworks the FreeBSD pkg repo system (see release notes) I couldn't install it with pkg install, but it turns out you only need one file from it, so I manually put the file on my router in the correct folder, modified the rules to allow both IFs to receive UDP on 224.0.0.251:5353 (and IPv6 equivalent if needed), and it works fine - all multicasts received on one are sent out from the other. So now I can see friends' iPhones/iPads connected to WLAN/OPT1 seeking printers via Airplay multicast, and getting valid data back from printers on the LAN interface, although they aren't get completing their dialog (TTL issues?). So I am hopeful that with a little more work it'll be fully working. if anyone seeing this can figure out the last part of the puzzle, let me know!

          1 Reply Last reply Reply Quote 0
          • M
            munson
            last edited by

            I opened the UDP ports 49152-65535 and I was able to get audio (music and podcasts) working from my iphone on network 1 to my AppleTV on network 2. Unfortunately I was not able to play a video podcast from my iPhone to my Apple TV. Any suggestions?

            I found this on https://community.ui.com/questions/Airplay-across-VLAN-How-to-do/0362cb7f-f38c-43ba-b10e-c2e5cc9dbe16. In particular in addition to the suggestions on the Netgate Forums I found this on https://community.ui.com/questions/Airplay-across-VLAN-How-to-do/0362cb7f-f38c-43ba-b10e-c2e5cc9dbe16

            ******morganelevates
            a year ago
            (Solution below)
            I was having all sorts of issues with Airplay across VLAN's.
            My topology is two VLAN's, one for privilieged devices called LAN, and another for IOT, called MISC.
            I have my airport express and apple TV on MISC.
            I had set up the mDNS repeater, and opened port for mDNS to go both ways. Opened established/related both ways. Other than that, traffic from MISC is blocked to LAN.
            Playing from a device on MISC to either audio output device works.
            Playing from a device on LAN to one on MISC did not work.
            It does see the devices on MISC, but initiating an airplay stream always failed after a 20s pause.
            I opened all the standard airplay ports (listed in the prior post) from MISC to LAN.
            Still not working.
            Then I experimented with various port ranges.
            When I opened the private port range 49152-65535 to both tcp and udp traffic, it worked.
            The only 3 rules I ended up needing to keep it working were:

            1. allow established/related back into LAN from MISC
            2. allow mDNS traffic into LAN from MISC
            3. allow TCP/UDP traffic from MISC to LAN ports 49152-65535
              I wanted to share this solution because after hours of reading posts here, multiple times, I never saw this range of callback ports mentioned.******

            I hope it helps someone save some time and frustration!

            1 Reply Last reply Reply Quote 0
            • C
              CyBiS @Derelict
              last edited by CyBiS

              @derelict Thanks for this interesting piece of information. I guess I'm going to do some packet capturing 😁

              I'm a bit puzzled though as my AirPlay capable SmartTV works just fine as playback device for the iOS Podcast App, for example. However, I'm not able to do a full screen cast onto the TV. The TV screen goes dark for a moment, the iOS device reports a connection issue to the TV and the original TV screen/content is back again. The iOS device is on the LAN subnet and the SmartTV is on the IOT subnet.

              Here's my Avahi configuration (active on both the LAN and IOT subnet):
              services_avahi.png

              Here are my LAN rules:
              firewall_rules_lan.png

              And here are my IOT rules:
              firewall_rules_iot.png

              As mentioned above, I don't understand why a Podcast playback works and a full screen cast does not.

              BR

              M RUBENCH00R 2 Replies Last reply Reply Quote 0
              • M
                MoonKnight @CyBiS
                last edited by

                @cybis

                Selected interfaces should be selected, it looks likes you haven't selected them, for me it looks like you have selected DMZ and SERVER

                --- 24.11 ---
                Intel(R) Xeon(R) CPU D-1518 @ 2.20GHz
                Kingston DDR4 2666MHz 16GB ECC
                2 x HyperX Fury SSD 120GB (ZFS-mirror)
                2 x Intel i210 (ports)
                4 x Intel i350 (ports)

                1 Reply Last reply Reply Quote 0
                • C
                  CyBiS
                  last edited by CyBiS

                  @ciscox That's a side effect of the screenshot. The interfaces LAN and IOT are indeed selected and I see mDNS traffic on the IOT interface and TCP traffic between the iOS device and the TV. If I deactivate the Avahi service the iOS device cannot detect the TV as AirPlay target. Re-activating the service makes the TV detectable again.

                  Unfortunately my packet capture did not reveal anything useful. The mDNS TTLs are 255 and the minimum TTL of the TCP traffic between the iOS device and the TV is 63. Other than a single ICMP destination port 59536 unreachable message (which makes sense as traffic originating from the IOT subnet to the LAN subnet is blocked) I don't see anything pointing to the issue causing the failing connection 🤔

                  When the iOS device is in the same subnet as the TV the AirPlay screen cast works as expected of course (without Avahi).

                  1 Reply Last reply Reply Quote 0
                  • RUBENCH00R
                    RUBENCH00 @CyBiS
                    last edited by

                    @CyBiS Hi, the IOT rule must be on top of the 53 DNS rule. Since it is blocking it as you have it. Check it out!

                    TPC/UPS O= IOT * <---a --> D= LAN *

                    reglas.png

                    1 Reply Last reply Reply Quote 0
                    • M
                      munson
                      last edited by

                      c3c5f98d-b6a6-4184-b5cc-d7655d4bc2e4-image.png

                      Please see the screen shot. I have installed Avahi. My audio devices (such as TVs and devices such has Google smart speakers, Nest doorbell, etc are connected to the IOT network and my iphone and computers are on my LAN network. I can play my music on my iPhone on the LAN network with this configuration.

                      RUBENCH00R 1 Reply Last reply Reply Quote 0
                      • RUBENCH00R
                        RUBENCH00 @munson
                        last edited by

                        @munson Hi, I'm not saying it's wrong but in short it works like this, without creating so many rules.
                        I allow the ITO Network to have access to the Lan Network OPT1 ect ect ect ....

                        RulesIOT.png

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post