Avahi Configuration Questions



  • Hi all,

    I recently decided to split my WiFi network into two separate VLANs/Subnets, one for WiFi devices that support Radius based authentication (VLAN A/Subnet A) and another for WiFi devices that only support PSK (VLAN B/Subnet B). VLAN B contains mainly IOT like devices, such as Google Chromecasts, etc.. With the WiFi VLAN split, devices in VLAN A were not longer able to see devices in VLAN B (e.g. a tablet in VLAN A trying to connect to a Chromecast in VLAN B), so I went ahead and installed the pfSense Avahi package and configured it. I found out that in order for devices in VLAN A to see devices in VLAN B, I had to enable Avahi on both VLAN A and VLAN B, make sure that reflection was enabled, and set the cache to 0. Does that sound like a correct configuration? Or should things work with Avahi only enabled on VLAN A or VLAN B (i.e. not both)? Also, are there any pitfalls I should look out for (e.g. things that may compromise security)? I apologize for the rather basic questions, but I could not find a whole lot of documentation on configuration for Avahi (if someone knows of a good source, please do share). Thanks in advance for the help, I really appreciate it.



  • When you say

    @tman222 said in Avahi Configuration Questions:

    I had to enable Avahi on both VLAN A and VLAN B

    how do you do that ?

    With the "Deny interfaces" list ?



  • Hi @Gertjan - thanks for the reply. I apologize for the poor wording: What I meant was that I denied all interfaces except those for VLAN A and VLAN B. Does that sound like the correct configuration or should the interface for VLAN A or VLAN B also be denied? Thanks again for your help.