Chromecast audio/video between VLANs
-
***Quick update - as mentioned below you now also need 8443, Google added that at some point and has basically nuked all documentation on the internet about port usage.
I've seen a few posts on this, but nobody covers it all - and most just tell you to put in blanket "allow everything" rules as a copout.
Step 1 - turn on Avahi. This is greatly simplified on the latest builds of PFsense - once installed you should just need:
Check the enable box
Select the interfaces you WANT broadcast traffic enabled on (on older versions you selected the excluded interfaces)
Check the box for "enable reflection"that should be it for Avahi.
Step 2 - if you're like me and you've got a lot of devices, I STRONGLY suggest creating an alias for them:
Firewall >> Aliases
Name: whatever you want
Description: whatever you want
Type: hostsNext put in the IP addresses of all your chromecast devices - if you haven't already you REALLY need to do static DHCP for all of them or it will be a nightmare.
Step 3:
Once this is done it's time for the firewall rules.
Go to the VLAN where you source hosts will be (not the VLAN where the chromecasts will be).
You'll need at least 5 rules.Rule 1:
Action: Pass
Interface: Host VLAN
Address Family: IPv6
Protocol: UDP
Source: Any
Destination: single host or alias | ff02::fb | port 5353Rule 2:
Action: Pass
Interface: Host VLAN
Address Family: IPv6
Protocol: UDP
Source: Any
Destination: single host or alias | ff02::fb | port 1900Rule 3:
Action: Pass
Interface: Host VLAN
Address Family: IPv4
Protocol: UDP
Source: Any
Destination: single host or alias | 224.0.0.251 | port 5353Rule 4:
Action: Pass
Interface: Host VLAN
Address Family: IPv4
Protocol: UDP
Source: Any
Destination: single host or alias | 224.0.0.251 | port 1900Rule 5:
Action: Pass
Interface: Host VLAN
Address Family: IPv4
Protocol: TCP
Source: Any
Destination: single host or Alias | Chromecast Alias you created earlier | Port 8008-8009, 8443Now, depending on how strict you want to be, you can set up Rule 5 to be restricted to only certain IPs on your Host VLAN vs. "any".
That should be it - you should be good to g.
This was directly from google as far as what ports chromecast uses:
Which ports does Chromecast use when connecting to external services?
HTTP: TCP/80 HTTPS: TCP/443 DNS: UDP/53 SNTP: UDP/123Which ports are used by Chromecast to communicate with computer/phone/tablet in the same network?
SSDP: UDP/1900/multicast mDNS: UDP/5353/multicast TCP/8008 TCP/8009 -
Thanks for this.
I just got my Vlans for the iot network up and running.. for me it was enough to install avahi and enable it on the selected interfaces.Now I can simply be logged on the LAN wifi and still be able to cast my 2 chromecast even if they are on different vlan / ip-space.
-
-
FYI to anyone still coming across this topic. I was able to solve my issue. Some of the details are found in feature request I opened once I realized the package fixed my issues:
https://redmine.pfsense.org/issues/10818
-
@burntoc said in Chromecast audio/video between VLANs:
FYI to anyone still coming across this topic. I was able to solve my issue. Some of the details are found in feature request I opened once I realized the package fixed my issues:
https://redmine.pfsense.org/issues/10818
Hi @burntoc - I think adding a package is a great idea. Do you mind sharing some more details on how you are currently running UDP broadcast relaying manually? I'm interested in experimenting with this as well. Thanks in advance.
EDIT: I found your other thread here and followed instructions there - works great!
https://forum.netgate.com/topic/155698/how-can-i-get-this-udp-relay-package-for-casting-across-vlans
-
This was very helpful! I had to add Port 8443 to Rule 5. Using a new Nest Hub and that port was preventing communication.
-
I can not get this working with a chromecast gen. 2
I have chromecast on a IOT VLAN.
In Avahi I have picked "allow" mode and picked the IoT VLAN and the regular LAN where my source phone is at.
Then clicked the repeat tickbox and set up my pfsense domain and hostname settings.Then I have followed the rest of the instructions for firewall rules.
I still can not find the chromecast when trying to cast from my phone.. Any advice or anything?
-
@incognito said in Chromecast audio/video between VLANs:
I can not get this working with a chromecast gen. 2
I have chromecast on a IOT VLAN.
In Avahi I have picked "allow" mode and picked the IoT VLAN and the regular LAN where my source phone is at.
Then clicked the repeat tickbox and set up my pfsense domain and hostname settings.Then I have followed the rest of the instructions for firewall rules.
I still can not find the chromecast when trying to cast from my phone.. Any advice or anything?
EDIT:
Actually it did work.. Seems like it took some time to get working. Maybe was a cache thing.. -
This post is deleted! -
Hi,
thank you tcsac for your guide. This helped me out a lot.
I followed your setup guide, adjusted it a little to my needs.
For example I completely skipped the IPV6 part. On my pfSense setup I have deactivated IPv6 completely or at least all traffic is being blocked. Therefore I also checked the disallowed IPv6 Traffic in Avahi.I had to allow an additional destination address 224.0.0.252 and port 5355 UDP after permitting the traffic to pass, I could see the chromecast residing in a different VLAN and Subnet.
At the end it turned out I only had to setup following rules:
Protocol: TCP
Source: VLANx (where streams originates from e.g. Mobile Phone)
Destination: Static DHCP addresses from chromecast in VLANy
Port: 8009Protocol: UDP
Source: VLANx
Destination Address: 224.0.0.251 + 224.0.0.252
Ports: 5353 UDP (mDNS) + 5355 UDP (LLMNR)Thanks again.
BR
Alex