Avahi not working

nazuro

Hello, I am struggling to get Avahi to work (HomeKit devices on IOT VLAN talking to devices on MAIN VLAN)

I checked the most recent entry in the system log and see this. Can anyone please help me diagnose what the issue is? Restarting pfsense does not help

ay 29 08:18:17 pfSense php-fpm[57588]: /diag_reboot.php: The command '/usr/local/etc/rc.d/avahi-daemon.sh stop' returned exit code '1', the output was ''
May 29 08:19:49 pfSense php-fpm[346]: /rc.start_packages: Starting service avahi
May 29 08:19:49 pfSense avahi-daemon[67202]: Found user 'avahi' (UID 558) and group 'avahi' (GID 558).
May 29 08:19:49 pfSense avahi-daemon[67202]: Successfully dropped root privileges.
May 29 08:19:49 pfSense avahi-daemon[67202]: avahi-daemon 0.7 starting up.
May 29 08:19:49 pfSense avahi-daemon[67202]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
May 29 08:19:49 pfSense avahi-daemon[67202]: Loading service file /usr/local/etc/avahi/services/sftp-ssh.service.
May 29 08:19:49 pfSense avahi-daemon[67399]: Found user 'avahi' (UID 558) and group 'avahi' (GID 558).
May 29 08:19:49 pfSense avahi-daemon[67202]: Loading service file /usr/local/etc/avahi/services/ssh.service.
May 29 08:19:49 pfSense avahi-daemon[67399]: Successfully dropped root privileges.
May 29 08:19:49 pfSense avahi-daemon[67202]: *** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
May 29 08:19:49 pfSense avahi-daemon[67202]: bind() failed: Address already in use
May 29 08:19:49 pfSense avahi-daemon[67202]: Failed to create server: No suitable network protocol available
May 29 08:19:49 pfSense avahi-daemon[67202]: avahi-daemon 0.7 exiting.
May 29 08:19:49 pfSense avahi-daemon[67399]: open(/var/run/avahi-daemon//pid): File exists
May 29 08:19:49 pfSense avahi-daemon[67399]: Failed to create PID file: File exists
May 29 08:19:49 pfSense avahi-daemon[67145]: Found user 'avahi' (UID 558) and group 'avahi' (GID 558).
May 29 08:19:49 pfSense avahi-daemon[67145]: Successfully dropped root privileges.
May 29 08:19:49 pfSense avahi-daemon[67145]: open(/var/run/avahi-daemon//pid): File exists
May 29 08:19:49 pfSense avahi-daemon[67145]: Failed to create PID file: File exists

Gertjan

@nazuro said in Avahi not working:

May 29 08:19:49 pfSense avahi-daemon[67202]: *** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
.....
May 29 08:19:49 pfSense avahi-daemon[67145]: Failed to create PID file: File exists

The logs are telling you another instance is already running.
This other instance, probably not working, is using the same ports, so the second instance, the one that is logging right now, is baling out.

First, in the GUI, stop avahi.
Enter console (or SSH, same thing, easier), and choose option 8 from the menu.
Execute

ps ax | grep 'avahi'

You'll see something like this :

31191  -  S       0:05.49 avahi-daemon: running [pfsense.local] (avahi-daemon)
74033  0  S+      0:00.00 grep avahi

Kill this rogue '31191' process with

kill 31191

All avahi instances should be gone - so repeat if needed.

Now, in the GUI, clean the logs, and start avahi again.

Except for the

WARNING: No NSS support for mDNS detected, consider installing nss-mdns!

there should be no other warnings any more.

There is not much to set up with Avahi :

Just select your LAN's ...

johnpoz

@nazuro said in Avahi not working:

Hello, I am struggling to get Avahi to work (HomeKit devices on IOT VLAN talking to devices on MAIN VLAN)

While avahi not actually running would be problematic ;) as stated by @Gertjan its pretty clicky clicky sort of setup... Keep in mind that all it does is allow for resolution via mdns..

If your firewall rules would still have to allow for the connection once the whatever has been resolved via mdns. And your firewall rules have to allow for pfsense to see the mdns query via the port 5353 to avahi to pass it on to the other vlans.

nazuro

Hi Gertjan and johnpoz, thanks for your time to help. Actually, even if disable Avahi through the UI, there are no processes visible with ps ax. If I then enable Avahi in the UI the same thing, I cannot see any processes running. Maybe I messed something up previously when I tried restarting it through the CLI.

Yes, on the face of it I think it should be fairly straightforward, but when I initially configured it I made sure that both VLAN had full open connectivity to each other so not really too sure why it never started working. I have tried uninstalling and re-installing the package, but I all of my previous settings are still there so I am not sure to what extent it was uninstalled.

johnpoz

"*** WARNING: Detected another IPv4 mDNS stack running on this host."

Do you have something listening on 5353?

With avahi not running do you see anything if you run

[2.4.5-RELEASE][admin@sg4860.local.lan]/root: sockstat | grep 5353
avahi    avahi-daem 59647 13 udp4   *:5353                *:*
avahi    avahi-daem 59647 14 udp6   *:5353                *:*

That is with avahi enabled and running - if I turn it off.. I get

[2.4.5-RELEASE][admin@sg4860.local.lan]/root: sockstat | grep 5353
[2.4.5-RELEASE][admin@sg4860.local.lan]/root: 

So check to see if something listening on 5353..

nazuro

Ahhh yes, I think you've found the issue! My DNS Forwarder is listening on port 5353 (I can't remember why - I set it up a few years ago). I'll look at fixing this up and then hopefully Avahi will work :)

Thanks again