mDNS over IPsec
-
I've got a setup where my Linux servers are sitting in a cloud provider, and I have a particular need to run a mDNS solution over IPsec.
I have setup the tunnel in VTI mode and have configured the routes and firewalls accordingly. I can access a local IP address from either end without an issue.
I have also installed Avahi and enabled reflection mode, including the VPN interface in the selection, but no luck.
mDNS records across other VLANs are correct, so I know that the Avahi software is working somewhat.
Do I need to install a reflector on the cloud end? Do I need a GRE or GIF interface to the cloud server? Is there some other magic I'm missing? Any advice would be much appreciated.
-
@ijeff
mDNS is IP Multicast which by default only works on non routed networks or with a router supporting Multicast routing. You best choice might be to install a mDNS proxy on both ends of the tunnel to get the entries by unicast from one end to the other. -
I figured that might be the case. The cloud provider doesn’t natively offer that.
Would you have any recommendations on being able to run it on the pfSense box itself on the on-prem side?