Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing Apple Bonjour?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    34 Posts 4 Posters 34.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ Offline
      jimp Rebel Alliance Developer Netgate
      last edited by

      Huh, that's a new one.

      I wonder if there is a new version of Avahi out there. There may have been some changes to the protocol that Apple and others have starting using.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • J Offline
        jlepthien
        last edited by

        Hi jimp,

        also now my Apple Remote app on my iPhone is not working anymore. The curious thing I see in the firewall logs when I open the app is that multicast packets from ng0(WAN) to LAN get blocked. But why is that? What has WAN to do with this? My iPhone is on OPT(WLAN) and my iMac is on LAN….

        Thx

        | apple fanboy | music lover | network and security specialist | in love with cisco systems |

        1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          For kicks and grins, go to the Avahi settings, and then save twice there.

          Then go to the system logs and copy/paste the startup messages from Avahi here, you can sanitize the external IPs if any are shown.

          There is an odd packages bug we're trying to track down that causes some packages to behave erratically until they are saved twice, and I'm wondering if Avahi has a latent problem in that regard.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • J Offline
            jlepthien
            last edited by

            Hey jimp,

            done. Here is the log:

            Apr 1 14:00:35 	avahi-daemon[29798]: Joining mDNS multicast group on interface vr0.IPv4 with address 10.0.100.254.
            Apr 1 14:00:35 	avahi-daemon[29798]: New relevant interface vr0.IPv4 for mDNS.
            Apr 1 14:00:35 	avahi-daemon[29798]: Network interface enumeration completed.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for fe80::20d:b9ff:fe13:54a8 on ng0.*.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for xxxx on ng0.IPv4.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for fe80::280:48ff:fe62:fa57 on ath0.*.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for 10.0.250.254 on ath0.IPv4.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for fe80::20d:b9ff:fe13:54a8 on vr0.*.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering new address record for 10.0.100.254 on vr0.IPv4.
            Apr 1 14:00:35 	avahi-daemon[29798]: Registering HINFO record with values 'I386'/'FREEBSD'.
            Apr 1 14:00:36 	avahi-daemon[29798]: Server startup complete. Host name is voldemort.hogwarts.local. Local service cookie is 1070838840.
            Apr 1 14:00:37 	avahi-daemon[29798]: Service "voldemort" (/usr/local/etc/avahi/services/ssh.service) successfully established.
            Apr 1 14:00:37 	avahi-daemon[29798]: Service "SFTP File Transfer on voldemort" (/usr/local/etc/avahi/services/sftp-ssh.service) successfully established.
            Apr 1 14:00:39 	avahi-daemon[29798]: Got SIGTERM, quitting.
            Apr 1 14:00:39 	avahi-daemon[29798]: Leaving mDNS multicast group on interface ng0.IPv4 with address xxxx.
            Apr 1 14:00:39 	avahi-daemon[29798]: Leaving mDNS multicast group on interface ath0.IPv4 with address 10.0.250.254.
            Apr 1 14:00:39 	avahi-daemon[29798]: Leaving mDNS multicast group on interface vr0.IPv4 with address 10.0.100.254.
            Apr 1 14:00:44 	avahi-daemon[29907]: Found user 'avahi' (UID 1003) and group 'avahi' (GID 1003).
            Apr 1 14:00:44 	avahi-daemon[29907]: Successfully dropped root privileges.
            Apr 1 14:00:44 	avahi-daemon[29907]: avahi-daemon 0.6.24 starting up.
            Apr 1 14:00:44 	avahi-daemon[29907]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
            Apr 1 14:00:44 	avahi-daemon[29907]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
            Apr 1 14:00:44 	avahi-daemon[29907]: Loading service file /usr/local/etc/avahi/services/sftp-ssh.service.
            Apr 1 14:00:44 	avahi-daemon[29907]: Loading service file /usr/local/etc/avahi/services/ssh.service.
            Apr 1 14:00:44 	avahi-daemon[29907]: Joining mDNS multicast group on interface ng0.IPv4 with address xxxx.
            Apr 1 14:00:44 	avahi-daemon[29907]: New relevant interface ng0.IPv4 for mDNS.
            Apr 1 14:00:44 	avahi-daemon[29907]: Joining mDNS multicast group on interface ath0.IPv4 with address 10.0.250.254.
            Apr 1 14:00:44 	avahi-daemon[29907]: New relevant interface ath0.IPv4 for mDNS.
            Apr 1 14:00:44 	avahi-daemon[29907]: Joining mDNS multicast group on interface vr0.IPv4 with address 10.0.100.254.
            Apr 1 14:00:44 	avahi-daemon[29907]: New relevant interface vr0.IPv4 for mDNS.
            Apr 1 14:00:44 	avahi-daemon[29907]: Network interface enumeration completed.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for fe80::20d:b9ff:fe13:54a8 on ng0.*.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for xxxx on ng0.IPv4.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for fe80::280:48ff:fe62:fa57 on ath0.*.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for 10.0.250.254 on ath0.IPv4.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for fe80::20d:b9ff:fe13:54a8 on vr0.*.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering new address record for 10.0.100.254 on vr0.IPv4.
            Apr 1 14:00:44 	avahi-daemon[29907]: Registering HINFO record with values 'I386'/'FREEBSD'.
            Apr 1 14:00:45 	avahi-daemon[29907]: Server startup complete. Host name is voldemort.hogwarts.local. Local service cookie is 2044989570.
            Apr 1 14:00:46 	avahi-daemon[29907]: Service "voldemort" (/usr/local/etc/avahi/services/ssh.service) successfully established.
            Apr 1 14:00:46 	avahi-daemon[29907]: Service "SFTP File Transfer on voldemort" (/usr/local/etc/avahi/services/sftp-ssh.service) successfully established.
            

            | apple fanboy | music lover | network and security specialist | in love with cisco systems |

            1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate
              last edited by

              Huh. Usually WAN is excluded from being used for Avahi becuase you almost ever want that to be used.

              Can you try to reselect the Deny interface in your settings, and be sure that WAN is really highlighted?
              I thought I put some code in there to catch the PPPoE case, but it's been so long since I touched it, I can't remember.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • J Offline
                jlepthien
                last edited by

                Okay. Did that. Now ng0 is not mentioned in the avahi logs anymore…
                I will check my iPhone app when I get home and then I can tell you if it is working again.

                Thanks

                | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                1 Reply Last reply Reply Quote 0
                • J Offline
                  jlepthien
                  last edited by

                  Nope. It does not work anymore. I also told iTunes to forget all remotes. I can finely add my iPhone and enter the code number given by the iPhone and then I should be able to control iTunes but the app keeps spinning and nothing happens…

                  The blocked logs show nothing...

                  Besides everything from WLAN to LAN and vice versa is allowed...

                  | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                  1 Reply Last reply Reply Quote 0
                  • jimpJ Offline
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    Was there a recent update to either iTunes or your iPhone?

                    I wonder if there has been an update to Avahi either recently. I may need to compile a new version.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • J Offline
                      jlepthien
                      last edited by

                      Well iPhone OS 3.1.3 is out awhile and I do not know if I used it since the update. iTunes was also update, but that was yesterday…

                      | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                      1 Reply Last reply Reply Quote 0
                      • jimpJ Offline
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        I looked and there hasn't been a new version of Avahi in quite some time. I just wonder if Apple adjusted the protocol behavior in some way that is triggering this.

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • J Offline
                          jlepthien
                          last edited by

                          The weird thing is that the sync with Things.app is still working and that is using bonjour as well AFAIK…

                          | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                          1 Reply Last reply Reply Quote 0
                          • J Offline
                            jlepthien
                            last edited by

                            Any other idea? Is nobody using this kind of configuration?

                            | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                            1 Reply Last reply Reply Quote 0
                            • J Offline
                              jlepthien
                              last edited by

                              Yep. Me, too…

                              | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                              1 Reply Last reply Reply Quote 0
                              • jimpJ Offline
                                jimp Rebel Alliance Developer Netgate
                                last edited by

                                not sure why this thread is suddenly a target for spammers. That's the second blatant spam post I've had to remove from the thread today…

                                Links about DVD box sets are not relevant to pfSense :-)

                                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                Need help fast? Netgate Global Support!

                                Do not Chat/PM for help!

                                1 Reply Last reply Reply Quote 0
                                • I Offline
                                  iFloris
                                  last edited by

                                  I've been seeing the same 'invalid query packet' errors. In addition, it seems to be unable to actually register itself:

                                  avahi-daemon[40465]: Failed to add service 'SFTP File Transfer on firebox1' of type '_sftp-ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/sftp-ssh.service): Not supported
                                  avahi-daemon[40465]: Failed to add service 'SFTP File Transfer on firebox1' of type '_sftp-ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/sftp-ssh.service): Not supported
                                  avahi-daemon[40465]: Failed to add service 'firebox1' of type '_ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/ssh.service): Not supported
                                  avahi-daemon[40465]: Failed to add service 'firebox1' of type '_ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/ssh.service): Not supported

                                  Which means that though avahi is running, it doesn't seem to be doing anything.

                                  one layer of information
                                  removed

                                  1 Reply Last reply Reply Quote 0
                                  • jimpJ Offline
                                    jimp Rebel Alliance Developer Netgate
                                    last edited by

                                    The ssh/sftp errors are normal and do not indicate an actual failure, they just mean that those particular services aren't registered.

                                    I see them all the time and my sessions are (still) running fine.

                                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                    Need help fast? Netgate Global Support!

                                    Do not Chat/PM for help!

                                    1 Reply Last reply Reply Quote 0
                                    • I Offline
                                      iFloris
                                      last edited by

                                      Thanks, I did not know that.

                                      So how do I know if avahi is working?
                                      My pptp sessions don't seem to allow bonjour and neither does openvpn.

                                      Could it be that avahi is having difficulty with my time capsule and airport base stations and that a conflict is causing the invalid packet errors?

                                      Perhaps jlepthien can tell us if he too has bonjour routing devices on his network?

                                      one layer of information
                                      removed

                                      1 Reply Last reply Reply Quote 0
                                      • J Offline
                                        jlepthien
                                        last edited by

                                        I am just using avahi between my WLAN and LAN interfaces. I can test if avahi is working via PPTP when I get home to my box…

                                        | apple fanboy | music lover | network and security specialist | in love with cisco systems |

                                        1 Reply Last reply Reply Quote 0
                                        • jimpJ Offline
                                          jimp Rebel Alliance Developer Netgate
                                          last edited by

                                          iFloris, is your OpenVPN connection happening between routers, or is the client end an actual Mac?

                                          I have only made it work by running it router-to-router, I don't think it works if it's only running on the server side. Perhaps if you can run Avahi locally on the Mac somehow it may work?

                                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                          Need help fast? Netgate Global Support!

                                          Do not Chat/PM for help!

                                          1 Reply Last reply Reply Quote 0
                                          • I Offline
                                            iFloris
                                            last edited by

                                            Yes, my connection is from a MacBook Pro using Viscosity(http://www.viscosityvpn.com) to a firebox (x500) running pfsense (1.2.3-RELEASE).
                                            I'm not sure how I would go about running avahi on the mac.
                                            Every mac already has mDNS[responder] built in, which I believe is what Avahi is based on.

                                            On the avahi ports page for osx is stated that: "This kind of technology is already found in Mac OS X (branded Rendezvous, Bonjour and sometimes Zeroconf) and is very convenient. Avahi is mainly based on Lennart Poettering's flexmdns mDNS implementation for Linux which has been discontinued in favour of Avahi." (http://avahi.darwinports.com/)

                                            What are the chances of avahi conflicting with mdns on this macbook pro?

                                            one layer of information
                                            removed

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.