DLNA across subnets

alibrarydweller · November 12, 2024, 10:58am

I divide my network into subnets by purpose, with 10.100.1.x used for infra and 10.100.2.x used for media. Additionally, I have semi-untrusted devices on Media and so I have firewall rules preventing traffic between the two.

In Infra, I have a NAS. I would like to be able to access files on the NAS over DLNA from Media. For normal TCP traffic I would create a single, precise fw rule allowing access but I believe I need to handle multicast traffic so this won't work.

One possibility seems to be to figure out all the relevant routing and masquerading. Another would be to create a virtual NIC on the NAS and assign that to the Media subnet somehow. I'm not sure how I would do either of these. I only have one physical NIC on the NAS and adding another would be more hassle than I want.

What's my best option?

lleachii · November 12, 2024, 11:06am

By VLAN tagging if you dont have 2 NICs.

brada4 · November 12, 2024, 12:37pm

Best option would be to move untrustable devices to separate network. DLNA uses local broadcast to discover other devices, i.e totally not designed for multiple subnets. You can try to duplicate network broadcasts into other subnet, but it is less walked path than force forwarding multicasts for tv.