Discovery across vlans
-
@mtk said in Discovery across vlans:
But @jahonix, I'm curious, do you know any receiver that doesn't (or won't) have similar issues?
Even though I do system integrations I do not know of such devices. Unless, maybe, they cost a fortune.
But to be fair, my work is primarily in the commercial and not the residential market. -
@jahonix said in Discovery across vlans:
@mtk said in Discovery across vlans:
But @jahonix, I'm curious, do you know any receiver that doesn't (or won't) have similar issues?
Even though I do system integrations I do not know of such devices. Unless, maybe, they cost a fortune.
But to be fair, my work is primarily in the commercial and not the residential market.FWIW, I have a Yamaha A/V receiver that can be controlled by an Android app on my tablet or phone. However, it uses multicast, which is not normally passed by routers. So, I can control the receiver when I'm at home, but not elsewhere. I also wouldn't expect it to work on my test LAN that's on a different subnet.
-
To be fair they at least allow you enter an IP manually which is more than many other similar apps.
Curious that it still doesn't work even then.
You might be able to do something with IGMP proxy here but it's status with VLANs is not certain AFAIK.
It's marked solved but some people are still seeing issues. Might be user error though.
https://redmine.pfsense.org/issues/6099Steve
-
@jknott said in Discovery across vlans:
@jahonix said in Discovery across vlans:
@mtk said in Discovery across vlans:
But @jahonix, I'm curious, do you know any receiver that doesn't (or won't) have similar issues?
Even though I do system integrations I do not know of such devices. Unless, maybe, they cost a fortune.
But to be fair, my work is primarily in the commercial and not the residential market.FWIW, I have a Yamaha A/V receiver that can be controlled by an Android app on my tablet or phone. However, it uses multicast, which is not normally passed by routers. So, I can control the receiver when I'm at home, but not elsewhere. I also wouldn't expect it to work on my test LAN that's on a different subnet.
I'm not trying to access it from anywhere but my network, but yes expecting it to work from a different subnet.
@stephenw10 said in Discovery across vlans:
To be fair they at least allow you enter an IP manually which is more than many other similar apps.
Curious that it still doesn't work even then.
Let me repeat that - there are 2 issues probably (but not necessarily) related:
- The Marantz App, does allow manual IP, but still cannot access the device (and also does not discover it automagically) - all attempts posted above (i.e packet capture) where done when trying to access the Marantz from the app, by its static ip.
- Spotify Connect on the same Marantz, is not discovered by the Spotify app on my Android phone, but is from the Macbook or iPhone app!
You might be able to do something with IGMP proxy here but it's status with VLANs is not certain AFAIK.
It's marked solved but some people are still seeing issues. Might be user error though.
https://redmine.pfsense.org/issues/6099Steve
This doesn't seem to work either, no matter what/how I set the up/downstreams.
-
Does your marantz allow you to put in a gateway? If not and you can put in the IP of the device you could source nat your traffic so the marantz thinks its being access from local IP, ie your pfsense IP in this subnet.
This is how you can access IP camera's for example that do not allow for a gateway. If the device is designed to only work on local network and not have any sort of internet access then it has no need for gateway.
-
@johnpoz said in Discovery across vlans:
Does your marantz allow you to put in a gateway? If not and you can put in the IP of the device you could source nat your traffic so the marantz thinks its being access from local IP, ie your pfsense IP in this subnet.
This is how you can access IP camera's for example that do not allow for a gateway. If the device is designed to only work on local network and not have any sort of internet access then it has no need for gateway.
-
Do you need something in the port there? Or that's probably for the proxy. nevermind.
-
Does IGMPproxy appear to start and run without errors when using VLAN interfaces?
If you shutdown Avahi do the Mac and iOS Spotify clients also fail to find it?
I would guess they are using mDNS and the Marantz app is using UPnP.
Steve
-
@derelict said in Discovery across vlans:
Do you need something in the port there? Or that's probably for the proxy. nevermind.
@stephenw10 said in Discovery across vlans:
Does IGMPproxy appear to start and run without errors when using VLAN interfaces?
It depends on how it should be set up - I played with the settings too much so at the moment, no it doesn't.
If you shutdown Avahi do the Mac and iOS Spotify clients also fail to find it?
Done & Macbook seem to still find it - Android still doesn't.
I would guess they are using mDNS and the Marantz app is using UPnP.
Steve
-
@mtk said in Discovery across vlans:
The Marantz App, does allow manual IP, but still cannot access the device
As Johnpoz mentioned, if there's no gateway, it can't get past a router. Accessing devices on the local network is different from going through a router, as you're trying to do. If there's no gateway setting, that configurable IP address is used instead of automatic discovery.
When working only on the local LAN, the IP addresses is used to determine the MAC address, by using ARP. The MAC address is then used for the actual communications beteen devices. If the device is on a different network, that's recognized by comparing the remote and local addresses, through the subnet mask, to see if they're on the same network. If not, the packets are sent via the gateway address. However, for this to work, both a subnet mask and gateway are needed. With the method Johnpoz is describing, pfSense is acting as a proxy to pass the packets to another subnet.
-
@jknott said in Discovery across vlans:
@mtk said in Discovery across vlans:
The Marantz App, does allow manual IP, but still cannot access the device
As Johnpoz mentioned, if there's no gateway, it can't get past a router. Accessing devices on the local network is different from going through a router, as you're trying to do. If there's no gateway setting, that configurable IP address is used instead of automatic discovery.
When working only on the local LAN, the IP addresses is used to determine the MAC address, by using ARP. The MAC address is then used for the actual communications beteen devices. If the device is on a different network, that's recognized by comparing the remote and local addresses, through the subnet mask, to see if they're on the same network. If not, the packets are sent via the gateway address. However, for this to work, both a subnet mask and gateway are needed. With the method Johnpoz is describing, pfSense is acting as a proxy to pass the packets to another subnet.
Did you see the image I provided, with the IP & gateway & mask?
-
@mtk said in Discovery across vlans:
Did you see the image I provided, with the IP & gateway & mask?
Are those on the receiver or Android/iPhone apps? If the receiver then that's for Internet access for updates, etc., not remote control. That's how my Yamaha is set up. Those apps will require a gateway and subnet mask, if they are on a different subnet. That's in addition to multicast being used. Unless specifically configured or managed with IGMP, multicast packets are not passed by a router.
-
@jknott said in Discovery across vlans:
Are those on the receiver or Android/iPhone apps? If the receiver then that's for Internet access for updates, etc., not remote control. That's how my Yamaha is set up. Those apps will require a gateway and subnet mask, if they are on a different subnet. That's in addition to multicast being used. Unless specifically configured or managed with IGMP, multicast packets are not passed by a router.
Those settings are on the Receiver (web management page) itself, and they set the internet access as well as the local device IP.
The Marantz (Android or iPhone) app, doesn't have the option to set a gateway, just the IP of the device you wish to connect to.
-
@mtk said in Discovery across vlans:
@jknott said in Discovery across vlans:
Are those on the receiver or Android/iPhone apps? If the receiver then that's for Internet access for updates, etc., not remote control. That's how my Yamaha is set up. Those apps will require a gateway and subnet mask, if they are on a different subnet. That's in addition to multicast being used. Unless specifically configured or managed with IGMP, multicast packets are not passed by a router.
Those settings are on the Receiver (web management page) itself, and they set the internet access as well as the local device IP.
The Marantz (Android or iPhone) app, doesn't have the option to set a gateway, just the IP of the device you wish to connect to.
That's what I thought. The receiver needs a gateway & subnet mask to reach the Internet for updates and content, but not for the phone/tablet apps. Since the phone/tablet apps don't have a subnet mask and gateway, they cannot communicate beyond the router. As Johnpoz mentioned, pfSense would have to be configured to act as a proxy for the receiver. In that instance you'd need to manually configure the IP address on those devices.
-
@jknott said in Discovery across vlans:
@mtk said in Discovery across vlans:
@jknott said in Discovery across vlans:
Are those on the receiver or Android/iPhone apps? If the receiver then that's for Internet access for updates, etc., not remote control. That's how my Yamaha is set up. Those apps will require a gateway and subnet mask, if they are on a different subnet. That's in addition to multicast being used. Unless specifically configured or managed with IGMP, multicast packets are not passed by a router.
Those settings are on the Receiver (web management page) itself, and they set the internet access as well as the local device IP.
The Marantz (Android or iPhone) app, doesn't have the option to set a gateway, just the IP of the device you wish to connect to.
That's what I thought. The receiver needs a gateway & subnet mask to reach the Internet for updates and content, but not for the phone/tablet apps. Since the phone/tablet apps don't have a subnet mask and gateway, they cannot communicate beyond the router. As Johnpoz mentioned, pfSense would have to be configured to act as a proxy for the receiver. In that instance you'd need to manually configure the IP address on those devices.
Any hint how to do that?
-
I assume you'd have to set up port forwarding for the protocols used by those apps.
-
@jknott said in Discovery across vlans:
I assume you'd have to set up port forwarding for the protocols used by those apps.
Port forward from where to where?
Traffic between VLAN is wide open (see screenshot above). -
@mtk said in Discovery across vlans:
@jknott said in Discovery across vlans:
I assume you'd have to set up port forwarding for the protocols used by those apps.
Port forward from where to where?
Traffic between VLAN is wide open (see screenshot above).Find out what protocols/port numbers are used, then configure pfSense to forward them to the receiver. It's exactly the same thing as when you have to get past NAT to reach computers on your home network. You determine what has to be forwarded and where.
-
@jknott said in Discovery across vlans:
@mtk said in Discovery across vlans:
@jknott said in Discovery across vlans:
I assume you'd have to set up port forwarding for the protocols used by those apps.
Port forward from where to where?
Traffic between VLAN is wide open (see screenshot above).Find out what protocols/port numbers are used, then configure pfSense to forward them to the receiver. It's exactly the same thing as when you have to get past NAT to reach computers on your home network. You determine what has to be forwarded and where.
well, yes, but we still have the "thing" where it works for iPhone/Macbook (so it's probably open), but not for Android and there are no real blocked entries in the log...
-
@mtk said in Discovery across vlans:
well, yes, but we still have the āthingā where it works for iPhone/Macbook (so itās probably open), but not for Android and there are no real blocked entries in the logā¦
Does the app on those devices have settings for gateway and subnet mask? If not, I have no idea how they manage to work through a router.
