Captive portal causing Sendto permission denied errors with udpbroadcastrelay

bitrot

I've been trying to get my Sonos system to work properly across an IoT VLAN using udpbroadcastrelay as described in this thread: https://forum.netgate.com/topic/155698/how-can-i-get-this-udp-relay-package-for-casting-across-vlans

@jimp I couldn't get discovery to work correctly and found your response in another thread (https://forum.netgate.com/post/888663) while troubleshooting because I was getting "Sendto permission denied" errors when running the udpbroadcastrelay command. When I turn off captive portal, these errors go away and Sonos discovery works correctly. But I have no idea what about captive portal is causing this.

Below is my captive portal configuration:

Known devices are configured on the MAC's tab

jimp

Captive portal by design blocks L2 communication and up, which is also blocking multicast. It only allows a small number of things in L2 by default (ARP, PPPoE, and a couple other similar things).

In addition to the known devices you'll also have to add bypasses for whatever multicast destinations you want to allow, though I haven't tested that. It may work, but I wouldn't expect much from trying to allow all that on a segment with captive portal. Might be best to put that on a separate VLAN that doesn't have that in place.

bitrot

Thanks @jimp

Adding an "Allowed IP Address" of 239.255.255.250 for SSDP (Roku Discovery, DLNA Media, Sonos, UPnP + More) to the captive portal did the trick. Thanks a bunch

I've also added 224.0.0.251 for mDNS / Multicast DNS (Chromecast Discovery + Bonjour + More)

Works like a charm now :)