mDNS or Multicast Traffice Not Passing Between Multiple Vlans

stephenw10

@ayansaari said in mDNS or Multicast Traffice Not Passing Between Multiple Vlans:

I think pfsense is not have the ability to manage multiple vlans

Of course it does. Most pfSense deployments include multiple subnets.

So when you used an mDNS/Bonjour browser tool to discover advertised services what did it show?

MoonKnight

@ayansaari

This is my setup and this is the IoT VLAN where the printer is located, and this VLAN is isolated:

This is the only VLAN where I created a rule to allow access to the printer:

and is isolated too.

From my LAN network, I can access the printer without creating any rules. My computer discovers the printer on the IoT VLAN.

But I do have mDNS rule active under Floating rule:

The interfaces is: LAN, FAM and IOT
And I have Avahi installed with the same interfaces active

stephenw10

Yeah, just to prove it out I ran a simple test. Since I don't have anything I can easily use that advertises mDNS I just turned on Publishing in Avahi itself on 4 firewalls:

steve@steve-NUC9i9QNX:~$ mdns-scan
+ 4860 [00:08:a2:xx.xx.xx]._workstation._tcp.local
+ 4860._ssh._tcp.local
+ 4860._sftp-ssh._tcp.local
+ fw1 [00:08:a2:xx.xx.xx]._workstation._tcp.local
+ fw1._ssh._tcp.local
+ fw1._sftp-ssh._tcp.local
+ pfsense [00:01:21:xx.xx.xx]._workstation._tcp.local
+ pfsense._sftp-ssh._tcp.local
+ pfsense._ssh._tcp.local
+ 1100-3 [f0:ad:4e:xx.xx.xx]._workstation._tcp.local
+ 1100-3._sftp-ssh._tcp.local
+ 1100-3._ssh._tcp.local

In that result 4860 is in the same subnet as the client I'm testing from. fw1 is the router on that subnet. pfsense and 1100-3 are other firewalls in different subnets connected to fw1.

You can see the scan tool is able to see all of them no problem.