Spotify Connect with different VLANs does not work even with mDNS

kman · August 27, 2023, 6:49pm

I have spent the past few weeks trying to get Spotify Connect working where my phone with the Spotify is on one VLAN and the Sonos speaker is on another VLAN. Spotify simply does not find the speaker on the other VLAN, although I am able to cast media to my Chromecast with the same VLAN setup. Moreover, the Sonos app is able to play media with the same setup so it's just Spotify Connect not working.

I have read quite a few posts on this, but most of them seem to be related to enabling device discovery in the first place, rather than getting Spotify Connect to work. I have for example read the following posts:

Summary

Any idea why Spotify Connect cannot find the speakers in the other VLAN? All input is appreciated.

Setup:
The Sonos speakers use mDNS and SSDP for discovery, meaning that multicast must be proxied or reflected between the networks so I installed avahi and mcproxy for this purpose (see config below).

This is my network setup:

lan_secondary interface: 192.168.98.1/24
iot interface: 172.20.3.1/24
All devices in both interfaces are connected via wifi and lan_secondary and iot have their own SSIDs. The lan_secondary network has access to the internet and can forward traffic to the iot network. The iot network only has access to the internet and cannot forward traffic to the lan_seconday network.

These are the firewall rules:

config zone
	option name 'lan_second'
	option output 'ACCEPT'
	option forward 'REJECT'
	list network 'lan_secondary'
	option input 'ACCEPT'

config zone
	option name 'iot'
	list network 'iot'
	option output 'ACCEPT'
	option input 'REJECT'
	option forward 'REJECT'

config forwarding
	option src 'lan_second'
	option dest 'wan'

config forwarding
	option src 'lan_second'
	option dest 'iot'

config forwarding
	option src 'iot'
	option dest 'wan'

config rule
	list proto 'tcp'
	option src 'iot'
	option dest 'lan_second'
	option target 'ACCEPT'
	option name 'IoT Sonos to Seconday LAN TCP'
	option dest_port '445 554 1400 1443 3400 3401 3405 3445 3500 3501 3689 4070 4444 5297 5298'

config rule
	option name 'IoT Sonos to Seconday LAN UDP'
	list proto 'udp'
	option src 'iot'
	option dest 'lan_second'
	option target 'ACCEPT'
	option dest_port '136-139 554 1900-1905 5353 6969 30000-65535'

where the list of ports comes from https://support.sonos.com/en-au/article/configure-your-firewall-to-work-with-sonos

This is /etc/avahi/avahi-deamon.conf:

[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no
allow-interfaces=iot,lan_secondary

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

This is /etc/mcproxy.conf:

config mcproxy 'mcproxy_file'
	option disabled '1'
	option respawn '1'
	option file '/etc/mcproxy.conf'

config mcproxy 'mcproxy'
	option disabled '0'
	option respawn '1'
	option protocol 'IGMPv3'

config instance
	option disabled '0'
	option name 'proxy1'
	list upstream 'iot'
	list downstream 'lan_secondary'

config instance
	option disabled '0'
	option name 'proxy2'
	list upstream 'lan_secondary'
	list downstream 'iot'

With this setup, I can ping devices from the lan_secondary network which are connected to the iot network so the mDNS part seems to work as expected. The Sonos app finds the speaker and I am able to cast media via Chromecast.

Any idea why Spotify Connect cannot find the devices?

webysther · April 14, 2024, 6:46am

Allow the chromecast ports in firewall to Spotify Connect work: Bridging mDNS between networks - #15 by castillofrancodamian

TL;DR

config rule
        option target 'ACCEPT'
        option src 'lan'
        option dest 'iot'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Allow-Chromecast'

castillofrancodamian · April 14, 2024, 11:25pm

In addition to the Chromecast, I have an Android TV with Spotify. When I connect to the guest network I can see them in the Spotify app on my cell phone, but Spotify Connect does not appear.Does that rule you added allow that? I only have avahi. Is mcproxy also necessary?

webysther · April 16, 2024, 10:34am

I don't even use avahi, look, one thing is Spotify Connect which looks to another device with Spotify Connect and Google Cast, the same device like Android TV also support both if you have Spotify app installed on Android TV:

So, what I did:

Follow the recommended setup for mDNS for Google Cast work, which is umdns: https://openwrt.org/docs/guide-user/network/zeroconfig/zeroconf
Open the ports for Spotify Connect from the VLAN you want to see:

config rule
        option target 'ACCEPT'
        option src 'lan'
        option dest 'iot'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Allow-Spotify-Connect'

Allow-Chromecast like the last time was a terrible name, maybe Allow-Spotify-Connect is more clear.

My setup:

Zones: iot (br-lan.20 - 192.168.20.1/24), home (br-lan.10 192.168.10.1/24)

Chromecast Audio: 192.168.20.203
Android TV: 192.168.20.243

/etc/config/firewall

config rule
        option name 'Alllow-Spotify-home'
        option src 'home'
        option dest 'iot'
        list dest_ip '192.168.20.203'
        list dest_ip '192.168.20.243'
        option target 'ACCEPT'

config rule
        option name 'Allow-Spotify-iot'
        option src 'iot'
        list src_ip '192.168.20.203'
        list src_ip '192.168.20.243'
        option dest 'home'
        option target 'ACCEPT'

config rule
        option src_port '5353'
        option src '*'
        option name 'Allow-mDNS'
        option target 'ACCEPT'
        option dest_ip '224.0.0.251'
        option dest_port '5353'
        option proto 'udp'

For me allow Chromecast with ports to my home which is a VLAN already separated from my servers works fine, but you can keep the ports.

Sometimes the Spotify app on Windows can't see the devices, but on Android Smartphone on same VLAN works just fine, I have this kind of problem on Windows always.

castillofrancodamian · May 10, 2024, 11:40pm

These are my current configuration files:

/etc/config/network

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.20.1'
        option netmask '255.255.255.0'
        option defaultroute '0'

config interface 'invitados'
        option proto 'static'
        option device 'br-invitados'
        option ipaddr '192.168.60.1'
        option netmask '255.255.255.0'
        option defaultroute '0'

/etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
        option band '2g'
        option htmode 'HE20'
        option country 'AR'
        option cell_density '1'
        option channel '6'

config wifi-iface '2g_lag'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'LAG'
        option encryption 'psk2+ccmp'
        option ifname '2g_lag'
        option key 'pass'
        option macaddr 'random'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option country 'AR'
        option cell_density '0'

config wifi-iface '5g_lag'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'Jitter'
        option encryption 'psk2+ccmp'
        option ifname '5g_jitter'
        option key 'pass'
        option macaddr 'random'

config wifi-iface '2g_invitados'
        option device 'radio0'
        option mode 'ap'
        option ssid 'Invitados'
        option encryption 'psk2+ccmp'
        option ifname '2g_invitados'
        option key 'pass'
        option network 'invitados'
        option macaddr 'random'

config wifi-iface '5g_invitados'
        option device 'radio1'
        option mode 'ap'
        option ssid 'Invitados'
        option encryption 'psk2+ccmp'
        option ifname '5g_invitados'
        option key 'pass'
        option network 'invitados'
        option macaddr 'random'

/etc/config/firewall

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'wg0'

config forwarding
        option src 'lan'
        option dest 'wan'

config zone
        option name 'invitados'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'invitados'

config forwarding
        option src 'invitados'
        option dest 'wan'

config rule
        option name 'DNS y DHCP para invitados'
        option src 'invitados'
        option dest_port '53 67 68'
        option target 'ACCEPT'

config rule
        list dest_ip '224.0.0.251'
        option dest_port '5353'
        option target 'ACCEPT'
        option src 'invitados'
        list proto 'tcp'
        list proto 'udp'
        option name 'mDNS-Invitados'
        option family 'ipv4'

config rule
        option target 'ACCEPT'
        option src 'invitados'
        option dest 'lan'
        option family 'ipv4'
        list proto 'tcp'
        list proto 'udp'
        option dest_port '8008 8009 8443 32768-61000'
        option name 'Chromecast para Invitados'

/etc/avahi/avahi-daemon.conf

[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

I have Spotify installed on the Android TV device. The Android cell phone connected to the "Invitados" network sees the Google Cast service, Spotify Connect, Tidal and YouTube. The PC with Windows and Arch Linux also connected to "Invitados" does not see any Google Cast devices (Spotify app, Tidal Web and Youtube as proof) or Spotify Connect.

EDIT: After waiting a few seconds when opening the Spotify and Tidal Web app on PC, Google Cast and Spotify Connect appear. It seems that it takes a while to recognize them. Although the Chromecast does not appear in Spotify on PC. On Tidal Web if I don't press "Cast" in the context menu in Google Chrome, the Google Cast button does not appear.

Do you recommend stopping using avahi and replacing it with another one or is there a configuration problem?

Blowfly · January 4, 2025, 12:30am

look here for working Spotify and Airplay:

webysther · January 31, 2025, 5:20pm

I find a simpler and better solution:

Install the package: https://openwrt.org/packages/pkgdata/udp-broadcast-relay-redux
Use this for mdns:

config udp_broadcast_relay_redux 
       option id 1 
       option port 5353  
       list network lan 
       list network home   
       list network iot

Modifiy lan, home and iot with the name of you VLAN
Keep id unique
Add the port you need, but in this case chromecast start working across VLAN

castillofrancodamian · March 12, 2025, 4:06am

Why do you say it's a simpler and better solution? What benefit or problem does it solve compared to Avahi? My concern is that a family member hasn't been able to send content while on the guest network, and I thought there might be something wrong with my settings. Here's my current setup:

/etc/config/firewall (extend)

config zone
	option name 'invitados'
	option input 'DROP'
	option output 'ACCEPT'
	option forward 'DROP'
	list network 'invitados'

config forwarding
	option src 'invitados'
	option dest 'wan'

config rule
	option name 'DNS y DHCP para invitados'
	option src 'invitados'
	option dest_port '53 67 68'
	option target 'ACCEPT'

config rule
	list dest_ip '224.0.0.251'
	option dest_port '5353'
	option target 'ACCEPT'
	option src 'invitados'
	list proto 'tcp'
	list proto 'udp'
	option name 'mDNS-Invitados'

config rule
	option target 'ACCEPT'
	option src 'invitados'
	option dest 'lan'
	list proto 'tcp'
	list proto 'udp'
	option dest_port '1900 5353 8008 8009 8443 32768-61000'
	option name 'Chromecast para Invitados'

/etc/avahi/avahi-daemon.conf (extend)

[server]
#host-name=foo
#domain-name=local
use-ipv4=yes
use-ipv6=yes
check-response-ttl=no
use-iff-running=no

[publish]
publish-addresses=yes
publish-hinfo=yes
publish-workstation=no
publish-domain=yes
#publish-dns-servers=192.168.1.1
#publish-resolv-conf-dns-servers=yes

[reflector]
enable-reflector=yes
reflect-ipv=no

[rlimits]
#rlimit-as=
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=30
rlimit-stack=4194304
rlimit-nproc=3

webysther · March 19, 2025, 7:08pm

Avahi don't worked to me, after a few days the relay also not worked, there's something wrong in my network, I need to investigate more