mDNS reflector problems

On my Dynalink DL-WRX36 router running OpenWRT 23.05.2 I have a main lan, an iot vlan that can access only the internet, and a camera vlan that is blocked from accessing the internet. Firewall rules allow devices on the main lan to access both iot and camera. I also have traffic rules for DHCP and DNS distribution.

I installed Avahi ( avahi-nodbus-daemon and avahi-autoipd with luci-proto-autoip), set retlector to yes. The devices on the iot network that use mDNS discovery work, aside from one protocol in a specific network (using the management app on Android). That same device works as a Chromecast or Airplay device, just cannot be found by the OEM app.

The weird thing is, if I restart the firewall and ahavi-daemon, it works for a while. Then stops working again. When using a Bonjour browser I see that after the firewall//avahi restart all the devices ad services appear immediately, but after a while, only a few devices and services are found, and slowly. It's as if the avahi reflector is only letting some multicast packets thru, or that the trigger for the discovery is not properly sent across vlans.

Do I need to install something else to make Avahi work properly? The Wiki doesn't really mention avahi as a reflector, so it's unclear which of the many packages with "avahi" in the name I really need to install. Info online is outdated, in many cases.

I followed previously posted guidance, but it's not working reliably. A similar thread (mDNS: avahi works once and then never again) has a suggested workaround (add to [server] section:cache-entries-max=0) that doesn't do anything in my case.

Can anyone please help me spot the problem below?

What alternatives to Avahi can I use to just allow mDNS traffic across vlans? There seems to be a few, but most of the documentation focus on having the OpenWRT services being discoverable via mDNS, not as redirector

network


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd78:3416:2b52::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'
	list ports 'lan4:t*'

config bridge-vlan
	option device 'br-lan'
	option vlan '101'
	list ports 'lan2:u*'
	list ports 'lan4:t'

config bridge-vlan
	option device 'br-lan'
	option vlan '102'
	list ports 'lan3:u*'
	list ports 'lan4:t'

config interface 'lan'
	option device 'br-lan.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config interface 'iot'
	option device 'br-lan.101'
	option proto 'static'
	option ipaddr '192.168.10.1'
	option netmask '255.255.255.0'

config interface 'camera'
	option device 'br-lan.102'
	option proto 'static'
	option ipaddr '192.168.20.1'
	option netmask '255.255.255.0'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'
	option peerdns '0'
	list dns '1.1.1.1'
	list dns '1.0.0.1'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'

firewall


config defaults
	option syn_flood '1'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone 'lan'
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'
	list network 'vpn'

config zone 'wan'
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'
	list network 'wan6'

config zone
	option name 'iot'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	list network 'iot'

config zone
	option name 'camera'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	list network 'camera'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config rule
	option name 'IoT_DHCP'
	list proto 'udp'
	option src 'iot'
	option dest_port '67-68'
	option target 'ACCEPT'

config rule
	option name 'IoT_DNS'
	option src 'iot'
	option dest_port '53'
	option target 'ACCEPT'

config rule
	option name 'Allow-IoT-mDNS'
	option family 'ipv4'
	list proto 'udp'
	option src 'iot'
	option src_port '5353'
	list dest_ip '224.0.0.251'
	option dest_port '5353'
	option target 'ACCEPT'

config rule
	option name 'Allow-IOT-mDNS6'
	option family 'ipv6'
	list proto 'udp'
	option src 'iot'
	option src_port '5353'
	list dest_ip 'ff02::fb'
	option dest_port '5353'
	option target 'ACCEPT'

config rule
	option name 'Camera_DHCP'
	list proto 'udp'
	option src 'camera'
	option dest_port '67-68'
	option target 'ACCEPT'

config rule
	option name 'Camera_DNS'
	option src 'camera'
	option dest_port '53'
	option target 'ACCEPT'

config rule
	option name 'Allow-camera-mDNS'
	list proto 'udp'
	option src 'camera'
	option src_port '5353'
	list dest_ip '224.0.0.251'
	option dest_port '5353'
	option target 'ACCEPT'

config forwarding
	option src 'iot'
	option dest 'wan'

config forwarding
	option src 'lan'
	option dest 'iot'

config forwarding
	option src 'lan'
	option dest 'camera'

config rule
	option name 'Allow-camera-NTP'
	list proto 'udp'
	option src 'camera'
	option dest_port '123'
	option target 'ACCEPT'

avahi-daemon.conf

[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=no
check-response-ttl=no
use-iff-running=no
deny-interfaces=wan,wan6

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

Restarting avahi

Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Got SIGTERM, quitting.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Leaving mDNS multicast group on interface br-lan.102.IPv4 with address 192.168.20.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Leaving mDNS multicast group on interface br-lan.101.IPv4 with address 192.168.10.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Leaving mDNS multicast group on interface br-lan.1.IPv4 with address 192.168.1.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Leaving mDNS multicast group on interface wan.IPv4 with address 67.185.193.74.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: Leaving mDNS multicast group on interface lo.IPv4 with address 127.0.0.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[27698]: avahi-daemon 0.8 exiting.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Found user 'nobody' (UID 65534) and group 'nogroup' (GID 65534).
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Successfully dropped root privileges.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: avahi-daemon 0.8 starting up.
Tue Mar 12 16:18:34 2024 daemon.warn avahi-daemon[32084]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: No service file found in /etc/avahi/services.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Joining mDNS multicast group on interface br-lan.102.IPv4 with address 192.168.20.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: New relevant interface br-lan.102.IPv4 for mDNS.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Joining mDNS multicast group on interface br-lan.101.IPv4 with address 192.168.10.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: New relevant interface br-lan.101.IPv4 for mDNS.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Joining mDNS multicast group on interface br-lan.1.IPv4 with address 192.168.1.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: New relevant interface br-lan.1.IPv4 for mDNS.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Joining mDNS multicast group on interface lo.IPv4 with address 127.0.0.1.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: New relevant interface lo.IPv4 for mDNS.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Network interface enumeration completed.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::44ab:f8ff:fe47:cddf on phy0-ap3.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::48ab:f8ff:fe47:cddf on phy0-ap2.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4cab:f8ff:fe47:cddf on phy0-ap1.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4cab:f8ff:fe47:cde0 on phy1-ap1.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4eab:f8ff:fe47:cddf on phy0-ap0.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4eab:f8ff:fe47:cde0 on phy1-ap0.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4eab:f8ff:fe47:cdde on br-lan.102.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for 192.168.20.1 on br-lan.102.IPv4.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4eab:f8ff:fe47:cdde on br-lan.101.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for 192.168.10.1 on br-lan.101.IPv4.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fd78:3416:2b52::1 on br-lan.1.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for 2601:602:a000:75bf::1 on br-lan.1.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for 192.168.1.1 on br-lan.1.IPv4.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for fe80::4eab:f8ff:fe47:cdde on br-lan.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for ::1 on lo.*.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering new address record for 127.0.0.1 on lo.IPv4.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Server startup complete. Host name is RobcaWRX36.local. Local service cookie is 2243767611.
Tue Mar 12 16:18:34 2024 daemon.info avahi-daemon[32084]: Registering HINFO record with values 'AARCH64'/'LINUX'.

Update:

I removed Avahi, tried umdns but that seems to work only to announce the router via mDNS, doesn't seem to work as reflector/repeater.

Didn't want to use mdnsd, seems way too big for what I need. Even if my router has the memory, didn't seem appropriate.

Installed mdns-repeater, which is old and not updated anymore, but works by far the best. Below is my configuration file. It has been working fine, much faster discovery for all devices in the network, including the WiiM Pro that has been causing me all sorts of problems.

I used the avahi reflector in my previous Asus MerlinWRT router without problems, so it looks as if there are problems with the latest version of Avahi in OpenWRT (version 0.8-8)

mdns_repeater

config mdns_repeater 'main'
	list interface 'br-lan.1'
	list interface 'br-lan.101'
	list interface 'br-lan.102'
1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.