Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ATV4 wants to connect to an "unknown" ip on TCP/7000

    Scheduled Pinned Locked Moved General pfSense Questions
    19 Posts 4 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bingo600B
      bingo600 @NogBadTheBad
      last edited by

      @NogBadTheBad

      I won't disagree here.
      But i have (AFAIK) , nothing announcing that ip or range.

      That's why i would like to see what avahi (pfsense) has picked up.
      But i can't seem to list the db on the pfsense, it just says client not running.

      It's not super important , but annoying that spooky things happens on my net.

      The ATV4 tries to connect to that ip , after a power off too.

      /ingo

      If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

      pfSense+ 23.05.1 (ZFS)

      QOTOM-Q355G4 Quad Lan.
      CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
      LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

      IsaacFLI 1 Reply Last reply Reply Quote 0
      • NogBadTheBadN
        NogBadTheBad
        last edited by

        @bingo600 said in ATV4 wants to connect to an "unknown" ip on TCP/7000:

        The ATV4 tries to connect to that ip , after a power off too

        Try an avahi-browse -r -a not sure if it's in the pfSense package.

        You may see it, from my homebridge box:-

        =   eth0 IPv6 70-35-60-63.1 Living Room Apple TV            _sleep-proxy._udp    local
           hostname = [Living-Room-Apple-TV.local]
           address = [172.16.4.12]
           port = [57806]
           txt = []
        

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        bingo600B 1 Reply Last reply Reply Quote 0
        • IsaacFLI
          IsaacFL @bingo600
          last edited by

          @bingo600

          I have seen this Apple traffic also. I use 10.0.0.0/24 subnets for my local network, but Apple devices (apple tvs, ipads, iphones) still send traffic to 192.168.0.0/16 port 7000. I finally made a rule to not log it.

          Screenshot 2020-10-11 084304.png

          bingo600B 1 Reply Last reply Reply Quote 0
          • bingo600B
            bingo600 @NogBadTheBad
            last edited by

            @NogBadTheBad said in ATV4 wants to connect to an "unknown" ip on TCP/7000:

            avahi-browse -r -a

            Avahi still gives client not running.

            [2.4.5-RELEASE][admin@..]/root:  avahi-browse -r -a
            Failed to create client object: Daemon not running
            
            [2.4.5-RELEASE][admin@..]/root: ps aux | grep avahi
            avahi   29428   0.0  0.0    7504    2836  -  I    Thu08        5:17.06 avahi-da
            [2.4.5-RELEASE][admin@..]/root: 
            
            

            If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

            pfSense+ 23.05.1 (ZFS)

            QOTOM-Q355G4 Quad Lan.
            CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
            LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

            NogBadTheBadN 1 Reply Last reply Reply Quote 0
            • bingo600B
              bingo600 @IsaacFL
              last edited by

              @IsaacFL
              Thanx for that info , i might end up doing the same

              /Bingo

              If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

              pfSense+ 23.05.1 (ZFS)

              QOTOM-Q355G4 Quad Lan.
              CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
              LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

              1 Reply Last reply Reply Quote 0
              • NogBadTheBadN
                NogBadTheBad @bingo600
                last edited by NogBadTheBad

                @bingo600 said in ATV4 wants to connect to an "unknown" ip on TCP/7000:

                @NogBadTheBad said in ATV4 wants to connect to an "unknown" ip on TCP/7000:

                avahi-browse -r -a

                Avahi still gives client not running.

                [2.4.5-RELEASE][admin@..]/root:  avahi-browse -r -a
                Failed to create client object: Daemon not running
                
                [2.4.5-RELEASE][admin@..]/root: ps aux | grep avahi
                avahi   29428   0.0  0.0    7504    2836  -  I    Thu08        5:17.06 avahi-da
                [2.4.5-RELEASE][admin@..]/root: 
                
                

                So it looks like avahi-browse doesn’t get installed with the avahi pkg, i don’t have it installed and ran avahi-browse from a raspberry pi.

                For the life of me I can’t see the Apple TV’s trying to Airplay to a device without it seeing a source via MDNS.

                Andy

                1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                bingo600B 1 Reply Last reply Reply Quote 0
                • bingo600B
                  bingo600 @NogBadTheBad
                  last edited by bingo600

                  @NogBadTheBad

                  I did install avahi-daemon + utils on my Deb-10 mini-dlna server on the same Vlan.

                  And used : avahi-browse -r -a -t -v

                  I see announcements from my ATV4 + my ATV3 + the pfSense
                  None of these announces anything in the 192.168.x.x range

                  Maybe IsacFL is right , apple does strange things in the 192.168.x.x range.
                  Could be that 192.168.1.x id the most used home lan-range out there

                  If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                  pfSense+ 23.05.1 (ZFS)

                  QOTOM-Q355G4 Quad Lan.
                  CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                  LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                  1 Reply Last reply Reply Quote 0
                  • NogBadTheBadN
                    NogBadTheBad
                    last edited by NogBadTheBad

                    Just added a block & log rule, lets see if I see anything.

                    Do you both have an ATV3, I just have 2 x ATV4s?

                    Screenshot 2020-10-13 at 09.42.31.png

                    Andy

                    1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                    bingo600B IsaacFLI 2 Replies Last reply Reply Quote 0
                    • bingo600B
                      bingo600 @NogBadTheBad
                      last edited by bingo600

                      @NogBadTheBad

                      That rule ought to catch "it" , if any traffic šŸ‘
                      I have an ATV4-4K + an old ATV3 (guest room).
                      The ATV3 is still fine for NetFlix , and i actually like the UI + Remote better than on the 4's.

                      /Bingo

                      If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                      pfSense+ 23.05.1 (ZFS)

                      QOTOM-Q355G4 Quad Lan.
                      CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                      LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                      1 Reply Last reply Reply Quote 0
                      • IsaacFLI
                        IsaacFL @NogBadTheBad
                        last edited by

                        @NogBadTheBad said in ATV4 wants to connect to an "unknown" ip on TCP/7000:

                        Just added a block & log rule, lets see if I see anything.

                        Do you both have an ATV3, I just have 2 x ATV4s?

                        I have 2 of the Apple Tvs just prior to the 4K (so 1080P)

                        I noticed though that it is not just the AppleTVs. The iphones and and ipad are also talking back and forth using 192.168.x.x. You have to use something like WireShark to see it and it is not a lot of traffic.

                        If you google enough you will find others have seen this also, but since most common home net is using the 192.168, it goes unnoticed.

                        NogBadTheBadN 1 Reply Last reply Reply Quote 0
                        • NogBadTheBadN
                          NogBadTheBad @IsaacFL
                          last edited by NogBadTheBad

                          @IsaacFL

                          I still haven’t seen any hits to a 192.168.0.0/16 address.

                          By ā€œ I have 2 of the Apple Tvs just prior to the 4K (so 1080P)ā€ do you mean you have 2 1080 non 4K Apple TV 4’s ?

                          Andy

                          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                          bingo600B 1 Reply Last reply Reply Quote 0
                          • bingo600B
                            bingo600 @NogBadTheBad
                            last edited by bingo600

                            @NogBadTheBad

                            I just noticed this one "sigh" ...
                            https://www.reddit.com/r/HomeKit/comments/bk1ee9/home_app_tries_to_communicate_with_random_ip_on/

                            I live in an appartment , and have lot's of neighbours within BT range

                            Could be the culprit.

                            Edit:
                            As i have both an ATV3 (VPN to US) + an ATV4 in the livingroom , i had ATV3 remote control issues. The ATV4 was picking up the ATV3 remote IR signals.

                            I blocked the ATV4 IR sensor by covering the ATV4 left front with "Black tape", and now rely on the ATV4 to get the commands via BT (working fine).

                            That makes disabling BT on the ATV4, "not an option".

                            Well ... The "loveliness" of wireless , and "ease of use" before security

                            Edit2: Enabling "on same Lan" would prevent my iPhone/iPad on the "Phone Vlan" to Stream to my ATV4 on the "Mmedia Vlan" .

                            I guesst i should just learn to live with those TCP:7000 packet blocks.
                            /Bingo

                            If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                            pfSense+ 23.05.1 (ZFS)

                            QOTOM-Q355G4 Quad Lan.
                            CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                            LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                            1 Reply Last reply Reply Quote 0
                            • bingo600B
                              bingo600
                              last edited by

                              Now my ATV4 has "Fallen in love with 192.168.1.14 TCP:7000"

                              Well i have had it ...
                              Made a deny rule targeting ATV4 -> 192.168.1.0/24 (I dont have that range) , and disabled logging.

                              /Bingo

                              If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

                              pfSense+ 23.05.1 (ZFS)

                              QOTOM-Q355G4 Quad Lan.
                              CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
                              LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.