Multicast traffic between LAN interfaces on different subnets

ericafterdark · Nov 29, 2022, 9:06 PM

Equipment: Netgate 6100 with pfSense 22.05-RELEASE (amd64).

I am trying to reach my Roon audio server (https://roonlabs.com) connected to LAN2 from devices in LAN.

LAN: 10.1.0.0/24
LAN2: 10.2.0.0/24

Devices can ping each other from both subnets so routing is fine. Multicast is where I'm stuck. Roon uses multicast for it's clients to discover the server.

Any advice on how to solve this multicast issue?

rcoleman-netgate · Nov 30, 2022, 4:46 AM

@eric8bits The package avahi will allow you to do multicast between interfaces.

ericafterdark · Nov 30, 2022, 4:46 AM

@rcoleman-netgate so I gave it a try and yes something changed. I now have AirPlay available. Apple devices can broadcast across LAN interfaces. Only Roon’s own protocol is missing. They are not showing up.

I guess they use something funky?

rcoleman-netgate · Nov 30, 2022, 7:14 AM

@eric8bits ¯\_(ツ)_/¯ I've only ever used it for Apple's mDNS stuff (airplay, timemachine, etc.)

ericafterdark · Nov 30, 2022, 7:15 AM

@rcoleman-netgate yes I think Roon is blocking it.

I have two options:

Buy a switch or bridge LAN interfaces on the Netgate.

Bridging LAN interfaces is OK?

rcoleman-netgate · Nov 30, 2022, 7:58 AM

@eric8bits It is not something we'd recommend... Bridges in BSD should be used only when absolutely necessary. A switch won't resolve your issue unless you're going to eliminate the routing, too.

I'd run a packet capture on the Roon to see what it's trying to do and see if you can forward that somehow.

ericafterdark · Nov 30, 2022, 2:43 PM

@rcoleman-netgate based on what I've been reading, Roon "sends broadcast messages to UDP/9003."

https://github.com/synfinatic/udp-proxy-2020

Is this something I can solve within pfSense?

Bob.Dig · Nov 30, 2022, 3:28 PM

@eric8bits I think you should solve it by putting all the devices in the same subnet. If you need a switch for that and maybe a wireless access point, both with vlan support, then get those. A firewall isn't a switch.

ericafterdark · Nov 30, 2022, 3:29 PM

@bob-dig I think that is the best advice. Thanks!

Bob.Dig · Nov 30, 2022, 3:32 PM

@eric8bits Maybe your "roon"-device can be in two subnets, if it has two NICs.

ericafterdark · Nov 30, 2022, 3:33 PM

@bob-dig if only. It does not however. I am going to solve it they way I should solve it. No fancy, funky tricks. Just all equipment doing what they are designed to do.

I will move everything into the same subnet.

Bob.Dig · Nov 30, 2022, 3:35 PM

@eric8bits said in Multicast traffic between LAN interfaces on different subnets:

I will move everything into the same subnet.

I like that.

viragomann · Nov 30, 2022, 3:44 PM

@bob-dig said in Multicast traffic between LAN interfaces on different subnets:

I think you should solve it by putting all the devices in the same subnet. If you need a switch for that and maybe a wireless access point, both with vlan support, then get those. A firewall isn't a switch.

I agree with the last one. However, a switch cannot filter anything normally, but pfSense can, even on bridged interfaces sharing the same L2.

So there are specific circumstances, where a bridge may be the preferred solution.