Managed Switch Configuration with Avahi

  • I have two Chromecast devices on VLAN/subnet B.  One is hardwired into my Cisco SG-350 managed switch and the other connects to my WiFi B (tagged to VLAN/subnet B).

    I have a desktop hardwired to my Cisco SG-350 on the default VLAN/subnet A and a laptop that connects to my WiFi A (untagged) in subnet A.  So both computers are in subnet A.

    My WiFi AP is a UniFi AC Pro and is connected to my SG-350.  It broadcast both WiFi A and WiFi B and tags each into the proper VLAN/subnet.  The Cisco SG350 is in layer 2 mode and so routing between subnets are handled by pfSense.

    I wanted my computers on the default VLAN/subnet A to discover the Chromecasts on VLAN/subnet B.  So I installed the Avahi package with the default settings.  Firewall wise, VLAN B is fully accessible from VLAN A, but VLAN A is not accessible from VLAN B.

    So my hardwired computer on VLAN A can discover the hardwired Chromecast in VLAN/subnet B, but not the wireless Chromecast.  My wireless laptop on VLAN A can discover both Chromecasts.

    I suspect that something is not being properly passed from the wireless to the wired, but have no clue what need to be done.  The UniFi controller for the AP is not blocking LAN to WLAN multicasts and I have enabled IGMPv3 on the AP.  The Cisco SG350 have some settings for multicast, but I haven't figured out how to use it yet.

    Can someone shed some light as to what is preventing my wired desktop from discovering the wireless Chromecast?

  • Galactic Empire

    Have a look in the firewall logs, do you see any multicast packets being blocked ?

    Also there are multicast options in the UniFi software, its under wireless networks.

  • I thought the purpose of Avahi is so that I would not have to start opening ports to just get the multicast between subnets?

    Anyway I don't see anything being blocked from the Chromecasts.  Also, since I can see the hardwired Chromecast, I don't think the firewall is blocking.  It's just the Chromecast connected via WiFi that I cannot see.  Both Chromecasts are in the same subnet.

    The UniFi software have two multicast settings: 1. To block mulicast (disabled) 2. IGMPv3 (enabled)

    Something tells me that the multicast from the WLAN may not be making it to the LAN?  According to Ubiquiti, the Unifi AC allows broadcast from LAN to WLAN by default, but I have not found if it is true from WLAN to LAN.

  • Galactic Empire


    Something tells me that the multicast from the WLAN may not be making it to the LAN?  According to Ubiquiti, the Unifi AC allows broadcast from LAN to WLAN by default, but I have not found if it is true from WLAN to LAN.

    Thats easy to work out do a packet capture on VLAN/subnet B, open it up in wireshark and use ip.addr >= as a display filter or ip.addr >=  || ipv6.addr >= ff00:: if you run IPv4 & IPv6 :)

  • I have my pfSense configured in General Setup for the domain to MyPrivateNet.  Avahi default is local.  Should I add MyPrivateNet to the Avahi domain field?  When I first installed Avahi, I appended MyPrivateNet to the Avahi's domain field so that it contained: local, MyPrivateNet.  I was able to discover the hardwired Chromecast.  But I noticed my unRAID server started using Avahi as the DNS server, so I removed "MyPrivateNet" from the Avahi's domain field and just left it at the defaul "local".

    Then I rebooted my desktop and when it came up it no longer sees even the hardwired Chromecast.  I am not sure what Avahi is doing on the network level, but I decided to start fresh my uninstalling it.

    Guess what?  On my wireless laptop in subnet A, I can still see the two Chromecasts.  So either the Chromecast plugin for Chrome remembers the IP of the casting device or something else is going on.

    I am starting to hate these Google devices.  Why can't they just let me enter a freaking IP address in the discovery tool?

    I will try wireshark.  I have never use it, but I assume to capture packets on subnet B, I will need to be connected on subnet B?

  • Galactic Empire


    Should I add MyPrivateNet to the Avahi domain field?

    No it needs to be different local is fine.

    Re the packet capture, Diagnostics -> Packet Capture and select the interface you want to capture on and hit start.

    You can download the packet capture and open it in wireshark.

  • My Cisco SG-350 switch has Multicast features such as IGMP Snooping, IGMP query, IGMP proxy.  I am not familiar with these technologies, but is it possible to configure the switch with these features to allow discovery of Chromecast devices accross VLANs without using Avahi?  Or do I need to do both?

    Right now I have uninstalled Avahi.  However, my wireless laptop on subnet A is able to see, manage, and cast to the two Chromecast devices on subnet B.  In the firewall, Subnet A has full access to subnet B and subnet B does not have access to subnet A.  Without Avahi, I am perplexed why my wireless laptop A can still see the Chromecast devices on subnet B (one hardwired and one on WiFi).  It could be that the initial discovery was performed with Avahi installed and once the Chromecast plugin for Chrome browser discovers the Chromecast devices, it remembers the devices IP addresses and no longer needs Avahi.

    My UniFi AP AC Pro is serving WiFi for both subnets and tagging them into the appropriate subnets.

    I guess the ultimate question is: Do I need to configure IGMP snooping and/or proxy on my switch in addition to installing Avahi?  I was under the impression that all I needed to do was install Avahi to be able to discover the Chromecast devices across subnets since Chromecast devices uses mDNS for discovery.

  • I am about to give up on the Avahi package.

    After uninstalling it and waiting for a day, I reinstalled the package and then my hardwired desktop on subnet A was able to discover and manage/cast to the Chromecast devices on subnet B.  Then a day later, with no changes, the desktop can no longer see the Chromecast devices.

    The only thing that would have changed is that unbound was restarted by pfBlockerNG DNSBL over night.

    I uninstalled the Avahi package and will try again one more time.