MDNS across two interfaces WITHOUT Avahi - help !
-
Hi - I have an internal LAN subnet and an internal WIFI subnet. The wifi subnet is secured from the LAN and only certain protocols will be allowed.
I want a client on the Inetrnal WiFi subnet to be able to control an AppleTV / iTunes on the LAN subnet - to do this I had previously used Avahi to handle the multicast DNS.
I have had no end of problems with Avahi on the Alix2D13 hardware (size / dependancies etc) and someone on the forum has suggested that I may be able to get around the issue by using the builtin IGMP proxy. I have no idea how to configure it.
I have removed all F/W rules between the LAN and wifi subnet and allowed the advanced option to allow IP Options on both interfaces in the F/W rules.
Nothing that I do will get the multicast packets from one subnet to the other.
Can anyone please help !??
-
So have you tried the IGMP proxy, or?
Yes - I tried all combinations of upstream / downstream and used both subnets (192.168.10.0/24 - LAN; and 10.0.101.0/24 - WiFi)
-
So what's your trouble exactly? (No, "does not work" is not exactly useful.)
-
So what's your trouble exactly?
A client on the WiFi subnet (an iPhone in this case) can't see the iTunes instance running on the LAN subnet. If I move the iPhone to the LAN subnet (different WAP) it pops up as it should in the Apple Remote app.
I have done a packet capture on both interfaces and can not see the multicast traffic make it across the interface boundaries.
-
Kindly post the relevant configuration screenshots here.
-
I too would like to know what the basic setup for IGMP Proxy would be to route mDNS across two LAN subnets.
I have a download of the pfSense 2.1 book and it's basically a rehash of the Interface, nothing new there. I've tried Googling the answer, but there's nothing pfSense-specific out there.
I have two LANs that both communicate to one another but are on two separate subnets and physical LANs. pfSense sits between both of them.
All I'm trying to do is route mDNS traffic from (LAN) 10.0.1.0/24 to (LAN2) 10.0.2.0/24. Really simple. Both LANs have the default "LAN -> any" rule enabled, so everything is flying back and forth without an issue. However, I'm not sure which interface to set up as the upstream and which the downstream and which subnets belong where.
Please see my ignorance-fueled screen shot below.
 -
Kindly post the relevant configuration screenshots here.
I had gone to bed last night when you posted this question. My screenshots and scenario mimick exactly the poster's scenario above. Two subnets and trying to get mDNS packets between them.
-
I'd also like to mention that I've checked off "allow packets with IP options to pass". See additional screen shot.
 -
What I am noticing is a lot of IPv6 traffic with port 5353 attached to it getting blocked at the firewall. Not sure if Apple is implementing mDNS via IPv6 and that's why it's not routing.
Port 5353 is used by mDNS in Apple's implementation. http://support.apple.com/kb/TS1629?viewlocale=en_US&locale=en_US
Or, I could be completely lost, which is how I feel. :)
 -
Are you running IPV6?
-
-
Well, since you are blocking the traffic by disabling IPv6… mDNS is using multicast to 224.0.0.251 and FF02::FB - http://tools.ietf.org/html/rfc6762
-
Well, since you are blocking the traffic by disabling IPv6… mDNS is using multicast to 224.0.0.251 and FF02::FB - http://tools.ietf.org/html/rfc6762
I am confused as to what IPv6 has to do with my mDNS problem? Nothing of mine talks IPv6 and mDNS has been around much longer than IPv6 became mainstream.
-
Oh really? So the traffic comes from… hmmm, another galaxy? :D Pretty much every OS out there is using IPv6 by default these days.
-
Hey - You were nicer than normal that time. It does make for alot of noise in the logs though doesn't it?
-
Yeah, it does. There's a checkbox somewhere in log settings to disable the default rule logging, plus a bunch of others.
-
Got it… Thanks.
Status > System Logs > settings
-
Oh really? So the traffic comes from… hmmm, another galaxy? :D Pretty much every OS out there is using IPv6 by default these days.
So is this a solution ? Do we have to have IPv6 enabled to make mDNS work ?
-
I don't use mDNS nor any Apple device for anything => no such nonsense needed here. As stated by the linked RFC (written by Apple itself, BTW), it uses both IPv4 and IPv6.
-
I don't use mDNS nor any Apple device for anything => no such nonsense needed here. As stated by the linked RFC (written by Apple itself, BTW), it uses both IPv4 and IPv6.
So what's with the hoohaa about me not using IPv6 ?