Bridging LAN and WiFi with Avahi
-
I have an Alix box with VR0 as the LAN and ATH0 as the Wireless AP. Initially I had the WiFi AP open but decided to setup a secured clone of ATH0 as ATH0_wlan1. This allowed me to have a NetGear NAS and SiliconDust TV tuner on the wired LAN accessible over the secured WiFi separately from the open WiFi AP.
Initially everything worked with the LAN network on 192.168.0.* and the Open Wifi on 192.168.1.* - I bridged ATH0_wlan1 to the LAN and didn't setup a separate DHCP server for the secure WiFi - this worked with secured WiFi devices being served up LAN IP addresses. I did not need to set up a separate DCHP server for the secure WiFi AP.
However I was getting two or three error messages every second from the DNSforwarder in the error logs so I worked on the system this weekend and ended up disabling the DNSforwarder and reinstalling Avahi. A couple of days later the secure WiFi AP stopped working and none of the devices on the secure AP worked - I could still log into the open AP however.
Turning on the DHCP server for the secure WiFi AP and assigning addresses in the 192.168.2.* range gets the devices back into the LAN to a degree but Avahi doesn't seem to be working any longer - I can see other PC's but the TV tuner and Squeezebox music server and player can't be seen.
I'm suspecting that Avahi is screwed somehow - when can I find the installation logs for Avahi?
Should I be concerned that Avahi take over an hour to install? So long that the pfSense login times out?
-
However I was getting two or three error messages every second from the DNSforwarder in the error logs
Can you recall or retrieve the text of those error messages?
so I worked on the system this weekend and ended up disabling the DNSforwarder and reinstalling Avahi.
What led you to think Avahi would be the solution?
-
Sorry if the first post was unclear but I'm finding chasing this down this confusing - this sort of thing is not my day job.
I installed Avahi because I have a HDHomeRun TV tuner and NetGear Duo NAS on the wired LAN and I wanted to give the laptops secure access via WiFi - I also want to keep an Open WiFi AP here for friends to use without giving them access to the internal home network. The HDHomeRun must be on the same subnet as the devices accessing it to work - and the pfSense manual suggests bridging is the solution. Another member here suggested installing Avahi to allow devices on the two bridged subnets to see each other - there's a WINS server on the NetGear Duo but it doesn't seem to do much.
So the setup is:
WAN -> PPPOE0(vr2)
LAN -> wired 10baseT (vr0)
WLAN -> open WiFi (ath0)
WLANS -> secure WiFi (ath0_wlan1)with a bridge configured between LAN and WLANS.
Avahi is installed with all interfaces selected to deny except the LAN interface (since LAN and WLANS are supposed to be bridged?) - hopefully a picture is attached of this setup.
Here's the current Avahi startup log in the system log - most recent entries first. What's weird is that Avahi appears to be accessing both vr0 (LAN) and vr2 … vr2 is the WAN.
Apr 10 05:10:31 avahi-daemon[44203]: Failed to add service 'pfsense' of type '_sftp-ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/sftp-ssh.service): Not supported
Apr 10 05:10:31 avahi-daemon[44203]: Failed to add service 'pfsense' of type '_sftp-ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/sftp-ssh.service): Not supported
Apr 10 05:10:31 avahi-daemon[44203]: Failed to add service 'pfsense' of type '_ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/ssh.service): Not supported
Apr 10 05:10:31 avahi-daemon[44203]: Failed to add service 'pfsense' of type '_ssh._tcp', ignoring service group (/usr/local/etc/avahi/services/ssh.service): Not supported
Apr 10 05:10:31 avahi-daemon[44203]: Server startup complete. Host name is pfsense.cande.us. Local service cookie is 3011495928.
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:31 avahi-daemon[44203]: iface.c: avahi_server_add_service() failed: Not supported
Apr 10 05:10:30 avahi-daemon[44203]: Registering HINFO record with values 'I386'/'FREEBSD'.
Apr 10 05:10:30 avahi-daemon[44203]: Registering new address record for 192.168.0.1 on vr0.IPv4.
Apr 10 05:10:30 avahi-daemon[44203]: Registering new address record for fe80::20d:b9ff:fe16:714c on vr0..
Apr 10 05:10:30 avahi-daemon[44203]: Registering new address record for fe80::20d:b9ff:fe16:714e on vr2..
Apr 10 05:10:30 avahi-daemon[44203]: Network interface enumeration completed.
Apr 10 05:10:30 avahi-daemon[44203]: New relevant interface vr0.IPv4 for mDNS.
Apr 10 05:10:30 avahi-daemon[44203]: Joining mDNS multicast group on interface vr0.IPv4 with address 192.168.0.1.
Apr 10 05:10:30 avahi-daemon[44203]: New relevant interface vr0.IPv6 for mDNS.
Apr 10 05:10:30 avahi-daemon[44203]: Joining mDNS multicast group on interface vr0.IPv6 with address fe80::20d:b9ff:fe16:714c.
Apr 10 05:10:30 avahi-daemon[44203]: New relevant interface vr2.IPv6 for mDNS.
Apr 10 05:10:30 avahi-daemon[44203]: Joining mDNS multicast group on interface vr2.IPv6 with address fe80::20d:b9ff:fe16:714e.
Apr 10 05:10:30 avahi-daemon[44203]: Loading service file /usr/local/etc/avahi/services/ssh.service.
Apr 10 05:10:30 avahi-daemon[44203]: Loading service file /usr/local/etc/avahi/services/sftp-ssh.service.
Apr 10 05:10:30 avahi-daemon[44203]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Apr 10 05:10:30 avahi-daemon[44203]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Apr 10 05:10:30 avahi-daemon[44203]: avahi-daemon 0.6.29 starting up.
-
The error message that I was getting in the system log is this - "dnsmasq[36402]: failed to send packet: Host is down" - they have started appearing again now that I enable the DNSforwarder again although, so far only a couple of them today.
-
Avahi allows mDNS to work on two separate subnets. You need to select those interfaces that you want to have Avahi share mDNS information. So you will need to select the LAN and WLANs in order for it to work.
Do you know if your devices rely on mDNS?
-
The Avahi page seems to suggest that you must select the interfaces that you don't want Avahi to listen to - so I had highlighted the WAN and loopback interfaces leaving the WiFi and LAN interfaced "unselected" - thus letting Avahi work on the LAN and WiFi interfaces … is that correct?
I don't know exactly what the SiliconDust tuner needs as all I can get out of them is "must be on the same subnet".
However all this is mote at the moment because the Alix box bricked when I run the latest update. I'm unconvinced at this point that the current Avahi runs on an Alix board because the installation takes several hours on the Alix system and reboots - whereas installing Avahi on my other boxes does not reboot them.
One interesting thing that I noticed with Avahi this morning (working on an Intel PC box) was that it can't be removed by selecting "Reset Factory Default" from the pfSense menu - pfSense reset everything as expected but looking at the logs I found the Avahi had started up (sans GUI interface) when the system rebooted. I had to reconfigure everything of course but Avahi had survived the reset.
I plan to reflash the Alix system and start over.
-
The Avahi page seems to suggest that you must select the interfaces that you don't want Avahi to listen to - so I had highlighted the WAN and loopback interfaces leaving the WiFi and LAN interfaced "unselected" - thus letting Avahi work on the LAN and WiFi interfaces … is that correct?
You are correct in your assumption. I had it backwards. The selected interfaces are the don't interfaces.
However, in the screen shot you posted the only unselected interface was the LAN.
-
LOL - yea, that's one of those gray areas. Since I had bridged the WiFi and LAN I found that the WiFi devices were pulling addresses from the LAN DHCP server and assumed that since the two interfaces were bridged then Avahi should only listen on the LAN address. I tried to talk myself into believing that it needed to listen on both bridged interfaces but could not convince myself.
And talking of gray areas - in the Status : Services page, the Description for Avahi is always "Not available" which I assume refers to the description, not the service since that always shows as running.
-
I was able to install Avahi on the Alix box (running 2.01) after disabling the RDD graphing so I suspect that it may simply have been a lack of free memory that was causing the problem.