Hello everyone.
I have OpenWRT 21.02.3 on a Netgear R7800.
I have segmented my network to lan and iot zones.
Lan can access wan and iot network,
while iot can only access lan and not wan.
I have the following problem:
When I access e.g my Mi devices through Mi Home android app, if I am connected to iot wifi it shows that I am connected locally. If I try through lan wifi there is no connection and I cannot access my devices.
Same with my pet feeder app.
Now, if I enable wan access to iot then I can connect to my devices through internet as expected.
Why I cannot connect locally though from another subnet?
There are 3 common ways apps can communicate with their respective devices:
direct tcp/ip
mdns/zeroconfig
could relay
The first method often works across subnets, but you must have the ability to specify the IP address of the target device.
The second method generally only works on the same subnet, although sometimes you can use mdns reflectors/repeaters to access across subnets. By default, though, access will not be possible when on a different network.
The third will typically use the internet, regardless if you are locally connected, local but on another subnet, or in a remote location.
Some systems will use a combination of methods, too.
Your devices appear to use mdns (or similar “same subnet” techniques) and cloud relay. So if you don’t have a connection to the internet and you aren’t on the same subnet, no connectivity is possible.
Thank you very much for the thorough explanation.
From this reading, it seems that I have to setup mDNS/zeroconfig properly.
How can I achieve this, since following the above AVAHI guide didn't solve my issue.
That is, i have installed avahi-daemon, enabled the reflector and chose the lan and iot (br-lan and wlan1-2 respectively) as the allowed interfaces. I also set the firewall rule. Am I missing something obvious here?
Not all devices use standard mdns based protocols. Some are similar, but if they aren’t actually mdns, the Avahi reflector may not work.
See if there is information about your devices and the relevant protocols in the documentation or their website (or user forums for those products) - that may help you find a solution.
I see. Thanks for the information. So instead of avahi, do I have other solutions to try? I suppose trying a couple of these would be faster, since I do not know if these informations you are referring to are publicly available.
You will want to know what technology is being used so that you can use the right packages or techniques to get the routing to work properly (or to find info from other people who have those devices). Otherwise you might find that you spend a lot of time messing around with no improvement in the situation.
I’d help more, but it is likely quite specific to those devices.
I understand. Thank you very much. Just for reference the devices that cannot be accessed are the Xiaomi Mi (gateway and roborock), an iseebiz camera pet feeder and a gree climate unit. All of these support local control when internet is not available. I will try to find some info e.g from home assistant forums. Could I use any tools on router e.g tcpdump and look for something specific?