Avahi - interface missing



  • Re: New Avahi package

    I have installed Avahi 2.0.0_2 on pfSense 2.4.4-RELEASE-p1 (amd64). There are 4 interfaces:

    WAN Interface (wan, re1)
    LAN Interface (lan, re0)
    OPT1_HUA Interface (opt1, ue1)
    OPT2_VMG1312 Interface (opt2, ue0)

    All interfaces are up and running.

    Services/Avahi/Interfaces only lists 3 of them. WAN is missing.

    /usr/local/etc/avahi/avahi-daemon.conf contains:
    [server]
    allow-interfaces=re0
    allow-point-to-point=yes
    use-ipv4=yes
    use-ipv6=no
    enable-dbus=no
    cache-entries-max=0

    [wide-area]
    enable-wide-area=yes

    [publish]
    disable-publishing=no
    publish-addresses=yes
    publish-hinfo=yes
    publish-workstation=yes
    publish-domain=yes
    publish-aaaa-on-ipv4=no
    publish-a-on-ipv6=no
    disable-user-service-publishing=yes

    [reflector]
    enable-reflector=yes


    How to add "allow-interfaces=re1"? On a second line?
    Is Avahi daemon listening and sending on dependent on FW rules created/active?
    WAN is a point-to-point connection with fixed IP to a FritzBox 7490 running as internet-router. UPnP LAN-side is active.

    Service status on dashboard for Avahi mDNS/DNS-SD daemon is green, but a "avahi-browse -a -v" on a Execute Shell Command says:"
    Shell Output - avahi-browse -a -v
    Failed to create client object: Daemon not running"

    Services from pfSense are announced throughout LAN.

    What to do that name resolution for Fritz.Box is available in LAN?

    Rgds
    AW



  • Listening on WAN ?
    Something like
    allow-interfaces=re0,re1
    ?
    This is probably enforced in the surrounding GUI code.
    edit : yep, see here /usr/local/www/avahi_settings.php - line 127.
    Exposing avahi to upstream seems quiet ... not usual to me.

    @aw_sensepf said in Avahi - interface missing:

    Failed to create client object: Daemon not running"

    As discussed : https://forum.netgate.com/topic/134339/new-avahi-package/11



  • @aw_sensepf mDNS on the WAN interface is specifically disabled for security reasons.

    Local browsing (dbus) on the firewall itself is not supported. If you want to browse the local network, you would use a regular host in the local network. See discussion in the Avahi package thread for more information.



  • You are right. I am wrong. It is wrong to do mDNS on WAN interfaces. I am still a newbie with regard to pfsense.

    I was simply confused about the missing interface.

    But then the question in reverse is: Why are there 2 WAN interfaces included where the Avahi daemon is listening and sending on? "OPT1_HUA Interface (opt1, ue1)" and "OPT2_VMG1312 Interface (opt2, ue0)" are WAN interfaces. I have multiWAN with three interfaces. All three WAN interfaces have a upstream gateway assigned to and are used in a gatewaygroup.

    How does avahi on pfSense decide whether a interface is WAN or not? Avahi should listen and send on a interface?

    Rgds
    AW


  • LAYER 8 Global Moderator

    @aw_sensepf said in Avahi - interface missing:

    How does avahi on pfSense decide whether a interface is WAN or not?

    If the interface has a gateway set on it - then to pfsense it is a "wan" interface.



  • @aw_sensepf The package eliminates the single interface named "wan". It does not make judgements on any other interfaces.



  • I misunderstood the thing about avahi and its GUI in PfSense. I am sorry.



  • @aw_sensepf No worries.


Log in to reply