Avahi with IPv6 bug

dennypage

@isaacfl said in Avahi with IPv6 bug:

Right now, I have a rule that passes ipv6 Link_Local_Address to Multicast. If someone else were to come in and see this, they would think "That's not legal. You can't pass Link Local addresses, out of the subnet" so I put a comment, required by Avahi on the rule. Maybe that is only way.

Let's pop up a level. Can you explain what it is you are trying to accomplish with using Avahi? Is it providing information about the firewall itself? Or is it allowing dns-sd to function across subnets?

IsaacFL

@dennypage said in Avahi with IPv6 bug:

@isaacfl said in Avahi with IPv6 bug:

Right now, I have a rule that passes ipv6 Link_Local_Address to Multicast. If someone else were to come in and see this, they would think "That's not legal. You can't pass Link Local addresses, out of the subnet" so I put a comment, required by Avahi on the rule. Maybe that is only way.

Let's pop up a level. Can you explain what it is you are trying to accomplish with using Avahi? Is it providing information about the firewall itself? Or is it allowing dns-sd to function across subnets?

I think it is just dns across subnets, but not sure. I am trying to get all of the Apple based home automation type things to work across the subnets. I have my iphones, ipads, appletvs wirelessly connected to one subnet. I have my thermostats, garage door openers, smart switches etc. in a different subnet. My windows pcs and printers in a 3rd subnet.

So with Avahi working properly I can print something from the iPhone in one subnet to printer in a different subnet. Also Apple TV can play a movie from a PC which is running iTunes.

It does seem to be working with Avahi, but I notice it is falling back to ipv4 a lot. Whereas before I subnetted the devices it was ipv6 exclusively. So trying to isolate the issues.

IsaacFL

@jimp said in Avahi with IPv6 bug:

It's more broken to reappropriate existing macros and terms to include things they should not.

Anyone who saw a rule with a destination of "multicast" and actually thought it would leave the segment needs reeducated. That's not confusing at all. (And in the future with something like PIM might actually be allowed)

I guess it is possible using a global address to multicast across the internet using ipv6. Beyond my skills on how to do that though.

dennypage

I stand corrected. I do have some devices that are using link local addresses only even though global addresses have been assigned.

costanzo

@jimp said in Avahi with IPv6 bug:

The choices really are:

Someone could manually make a rule on their own as-is with minimal risk aside from maybe shooting their own foot with setting a gateway (what we have now).

So, is this how one would manually make a rule to address this? I created this on each subnet that Avahi has set under interfaces.

axel77

@costanzo That's about what I made mine but also added source fe80:: as /10 with port 5353