Spotify Connect with different VLANs does not work even with mDNS

I have spent the past few weeks trying to get Spotify Connect working where my phone with the Spotify is on one VLAN and the Sonos speaker is on another VLAN. Spotify simply does not find the speaker on the other VLAN, although I am able to cast media to my Chromecast with the same VLAN setup. Moreover, the Sonos app is able to play media with the same setup so it's just Spotify Connect not working.

I have read quite a few posts on this, but most of them seem to be related to enabling device discovery in the first place, rather than getting Spotify Connect to work. I have for example read the following posts:

Summary

Any idea why Spotify Connect cannot find the speakers in the other VLAN? All input is appreciated.

Setup:
The Sonos speakers use mDNS and SSDP for discovery, meaning that multicast must be proxied or reflected between the networks so I installed avahi and mcproxy for this purpose (see config below).

This is my network setup:

  • lan_secondary interface: 192.168.98.1/24
  • iot interface: 172.20.3.1/24
  • All devices in both interfaces are connected via wifi and lan_secondary and iot have their own SSIDs. The lan_secondary network has access to the internet and can forward traffic to the iot network. The iot network only has access to the internet and cannot forward traffic to the lan_seconday network.

These are the firewall rules:

config zone
	option name 'lan_second'
	option output 'ACCEPT'
	option forward 'REJECT'
	list network 'lan_secondary'
	option input 'ACCEPT'

config zone
	option name 'iot'
	list network 'iot'
	option output 'ACCEPT'
	option input 'REJECT'
	option forward 'REJECT'

config forwarding
	option src 'lan_second'
	option dest 'wan'

config forwarding
	option src 'lan_second'
	option dest 'iot'

config forwarding
	option src 'iot'
	option dest 'wan'

config rule
	list proto 'tcp'
	option src 'iot'
	option dest 'lan_second'
	option target 'ACCEPT'
	option name 'IoT Sonos to Seconday LAN TCP'
	option dest_port '445 554 1400 1443 3400 3401 3405 3445 3500 3501 3689 4070 4444 5297 5298'

config rule
	option name 'IoT Sonos to Seconday LAN UDP'
	list proto 'udp'
	option src 'iot'
	option dest 'lan_second'
	option target 'ACCEPT'
	option dest_port '136-139 554 1900-1905 5353 6969 30000-65535'

where the list of ports comes from https://support.sonos.com/en-au/article/configure-your-firewall-to-work-with-sonos

This is /etc/avahi/avahi-deamon.conf:

[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no
allow-interfaces=iot,lan_secondary

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

This is /etc/mcproxy.conf:

config mcproxy 'mcproxy_file'
	option disabled '1'
	option respawn '1'
	option file '/etc/mcproxy.conf'

config mcproxy 'mcproxy'
	option disabled '0'
	option respawn '1'
	option protocol 'IGMPv3'

config instance
	option disabled '0'
	option name 'proxy1'
	list upstream 'iot'
	list downstream 'lan_secondary'

config instance
	option disabled '0'
	option name 'proxy2'
	list upstream 'lan_secondary'
	list downstream 'iot'

With this setup, I can ping devices from the lan_secondary network which are connected to the iot network so the mDNS part seems to work as expected. The Sonos app finds the speaker and I am able to cast media via Chromecast.

Any idea why Spotify Connect cannot find the devices?

Allow the chromecast ports in firewall to Spotify Connect work: Bridging mDNS between networks - #15 by castillofrancodamian

TL;DR

config rule
        option target 'ACCEPT'
        option src 'lan'
        option dest 'iot'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Allow-Chromecast'
1 Like

In addition to the Chromecast, I have an Android TV with Spotify. When I connect to the guest network I can see them in the Spotify app on my cell phone, but Spotify Connect does not appear.Does that rule you added allow that? I only have avahi. Is mcproxy also necessary?

I don't even use avahi, look, one thing is Spotify Connect which looks to another device with Spotify Connect and Google Cast, the same device like Android TV also support both if you have Spotify app installed on Android TV:

image

So, what I did:

config rule
        option target 'ACCEPT'
        option src 'lan'
        option dest 'iot'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Allow-Spotify-Connect'

Allow-Chromecast like the last time was a terrible name, maybe Allow-Spotify-Connect is more clear.

My setup:

Zones: iot (br-lan.20 - 192.168.20.1/24), home (br-lan.10 192.168.10.1/24)

Chromecast Audio: 192.168.20.203
Android TV: 192.168.20.243

/etc/config/firewall

config rule
        option name 'Alllow-Spotify-home'
        option src 'home'
        option dest 'iot'
        list dest_ip '192.168.20.203'
        list dest_ip '192.168.20.243'
        option target 'ACCEPT'

config rule
        option name 'Allow-Spotify-iot'
        option src 'iot'
        list src_ip '192.168.20.203'
        list src_ip '192.168.20.243'
        option dest 'home'
        option target 'ACCEPT'

config rule
        option src_port '5353'
        option src '*'
        option name 'Allow-mDNS'
        option target 'ACCEPT'
        option dest_ip '224.0.0.251'
        option dest_port '5353'
        option proto 'udp'

For me allow Chromecast with ports to my home which is a VLAN already separated from my servers works fine, but you can keep the ports.

Sometimes the Spotify app on Windows can't see the devices, but on Android Smartphone on same VLAN works just fine, I have this kind of problem on Windows always.

These are my current configuration files:

/etc/config/network
config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.20.1'
        option netmask '255.255.255.0'
        option defaultroute '0'

config interface 'invitados'
        option proto 'static'
        option device 'br-invitados'
        option ipaddr '192.168.60.1'
        option netmask '255.255.255.0'
        option defaultroute '0'
/etc/config/wireless
config wifi-device 'radio0'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
        option band '2g'
        option htmode 'HE20'
        option country 'AR'
        option cell_density '1'
        option channel '6'

config wifi-iface '2g_lag'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'LAG'
        option encryption 'psk2+ccmp'
        option ifname '2g_lag'
        option key 'pass'
        option macaddr 'random'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option country 'AR'
        option cell_density '0'

config wifi-iface '5g_lag'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'Jitter'
        option encryption 'psk2+ccmp'
        option ifname '5g_jitter'
        option key 'pass'
        option macaddr 'random'

config wifi-iface '2g_invitados'
        option device 'radio0'
        option mode 'ap'
        option ssid 'Invitados'
        option encryption 'psk2+ccmp'
        option ifname '2g_invitados'
        option key 'pass'
        option network 'invitados'
        option macaddr 'random'

config wifi-iface '5g_invitados'
        option device 'radio1'
        option mode 'ap'
        option ssid 'Invitados'
        option encryption 'psk2+ccmp'
        option ifname '5g_invitados'
        option key 'pass'
        option network 'invitados'
        option macaddr 'random'
/etc/config/firewall
config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'wg0'

config forwarding
        option src 'lan'
        option dest 'wan'

config zone
        option name 'invitados'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'invitados'

config forwarding
        option src 'invitados'
        option dest 'wan'

config rule
        option name 'DNS y DHCP para invitados'
        option src 'invitados'
        option dest_port '53 67 68'
        option target 'ACCEPT'

config rule
        list dest_ip '224.0.0.251'
        option dest_port '5353'
        option target 'ACCEPT'
        option src 'invitados'
        list proto 'tcp'
        list proto 'udp'
        option name 'mDNS-Invitados'
        option family 'ipv4'

config rule
        option target 'ACCEPT'
        option src 'invitados'
        option dest 'lan'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Chromecast para Invitados'
/etc/avahi/avahi-daemon.conf
[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

I have Spotify installed on the Android TV device. The Android cell phone connected to the "Invitados" network sees the Google Cast service, Spotify Connect, Tidal and YouTube. The PC with Windows and Arch Linux also connected to "Invitados" does not see any Google Cast devices (Spotify app, Tidal Web and Youtube as proof) or Spotify Connect.

EDIT: After waiting a few seconds when opening the Spotify and Tidal Web app on PC, Google Cast and Spotify Connect appear. It seems that it takes a while to recognize them. Although the Chromecast does not appear in Spotify on PC. On Tidal Web if I don't press "Cast" in the context menu in Google Chrome, the Google Cast button does not appear.

Do you recommend stopping using avahi and replacing it with another one or is there a configuration problem?

look here for working Spotify and Airplay:

I find a simpler and better solution:

config udp_broadcast_relay_redux 
       option id 1 
       option port 5353  
       list network lan 
       list network home   
       list network iot
  • Modifiy lan, home and iot with the name of you VLAN
  • Keep id unique
  • Add the port you need, but in this case chromecast start working across VLAN

Why do you say it's a simpler and better solution? What benefit or problem does it solve compared to Avahi? My concern is that a family member hasn't been able to send content while on the guest network, and I thought there might be something wrong with my settings. Here's my current setup:

/etc/config/firewall (extend)
config zone
	option name 'invitados'
	option input 'DROP'
	option output 'ACCEPT'
	option forward 'DROP'
	list network 'invitados'

config forwarding
	option src 'invitados'
	option dest 'wan'

config rule
	option name 'DNS y DHCP para invitados'
	option src 'invitados'
	option dest_port '53 67 68'
	option target 'ACCEPT'

config rule
	list dest_ip '224.0.0.251'
	option dest_port '5353'
	option target 'ACCEPT'
	option src 'invitados'
	list proto 'tcp'
	list proto 'udp'
	option name 'mDNS-Invitados'

config rule
	option target 'ACCEPT'
	option src 'invitados'
	option dest 'lan'
	list proto 'tcp'
	list proto 'udp'
	option dest_port '1900 5353 8008 8009 8443 32768-61000'
	option name 'Chromecast para Invitados'
/etc/avahi/avahi-daemon.conf (extend)
[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

Avahi don't worked to me, after a few days the relay also not worked, there's something wrong in my network, I need to investigate more

1 Like