1 (edited by philsson 2012-02-21 23:35:57)

Topic: Multicast problem on pseudobridge

I have a little problem, before trying to change the configuration too much I thought of asking for a little help here.
I have configured a bridge (pseudo) on an TP-Link WR740n router which is connecting to my AP on a Linksys WRT320N running tomato. To this bridge I have a computer connected on one of the ethernet ports. I have complete access to the whole LAN between all computers and all services (as far as I have tested it). The problem is the machine connected on the bridge runs some services that multicast, for example UPNP Client/Server connected to the TV, Airfoilspeakers/Shairport/Airplay, Appletalk, Samba etc. These services are not available if I do not browse for a known adress. Most programs don't allow this, but only connect to selfdiscovered devices. The machine on the bridge is getting an IP from DHCP on the AP thou. I am a little confused, please help me out.

EDIT: Everything configured according to this guide
This is a copy of my firewall settings

config 'defaults'
    option 'syn_flood' '1'
    option 'input' 'ACCEPT'
    option 'output' 'ACCEPT'
    option 'forward' 'ACCEPT'

config 'zone'
    option 'name' 'lan'
    option 'input' 'ACCEPT'
    option 'output' 'ACCEPT'
    option 'forward' 'ACCEPT'
    option 'network' 'lan wwan'
    option 'masq' '1'
    option 'mtu_fix' '1'

config 'zone'
    option 'name' 'wan'
    option 'network' 'wan'
    option 'output' 'ACCEPT'
    option 'masq' '1'
    option 'mtu_fix' '1'
    option 'input' 'ACCEPT'
    option 'forward' 'ACCEPT'

config 'forwarding'
    option 'src' 'lan'
    option 'dest' 'wan'

config 'rule'
    option 'name' 'Allow-DHCP-Renew'
    option 'src' 'wan'
    option 'proto' 'udp'
    option 'dest_port' '68'
    option 'target' 'ACCEPT'
    option 'family' 'ipv4'

config 'rule'
    option 'name' 'Allow-Ping'
    option 'src' 'wan'
    option 'proto' 'icmp'
    option 'icmp_type' 'echo-request'
    option 'family' 'ipv4'
    option 'target' 'ACCEPT'

config 'rule'
    option 'name' 'Allow-DHCPv6'
    option 'src' 'wan'
    option 'proto' 'udp'
    option 'src_ip' 'fe80::/10'
    option 'src_port' '547'
    option 'dest_ip' 'fe80::/10'
    option 'dest_port' '546'
    option 'family' 'ipv6'
    option 'target' 'ACCEPT'

config 'rule'
    option 'name' 'Allow-ICMPv6-Input'
    option 'src' 'wan'
    option 'proto' 'icmp'
    list 'icmp_type' 'echo-request'
    list 'icmp_type' 'destination-unreachable'
    list 'icmp_type' 'packet-too-big'
    list 'icmp_type' 'time-exceeded'
    list 'icmp_type' 'bad-header'
    list 'icmp_type' 'unknown-header-type'
    list 'icmp_type' 'router-solicitation'
    list 'icmp_type' 'neighbour-solicitation'
    option 'limit' '1000/sec'
    option 'family' 'ipv6'
    option 'target' 'ACCEPT'

config 'rule'
    option 'name' 'Allow-ICMPv6-Forward'
    option 'src' 'wan'
    option 'dest' '*'
    option 'proto' 'icmp'
    list 'icmp_type' 'echo-request'
    list 'icmp_type' 'destination-unreachable'
    list 'icmp_type' 'packet-too-big'
    list 'icmp_type' 'time-exceeded'
    list 'icmp_type' 'bad-header'
    list 'icmp_type' 'unknown-header-type'
    option 'limit' '1000/sec'
    option 'family' 'ipv6'
    option 'target' 'ACCEPT'

config 'include'
    option 'path' '/etc/firewall.user'

Re: Multicast problem on pseudobridge

OpenWrt / Should I expect a media server to be seen across a wireless bridge? - #26

Re: Multicast problem on pseudobridge

thank you fyi, that was exactly what I was looking for. Unfortunately I don't get it to work. Neither bonjour, samba, upnp etc works. sad..
Will look it through again and see if I did miss something.