Reply
New Member
Posts: 10
Registered: ‎10-11-2014
Kudos: 4

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Oh, cool. In that case, I imagine someone could pull libnetfilter_conntrack into udp-broadcast-relay. The libnetfilter_conntrack api doesn't seem to be very well documented though.
Emerging Member
Posts: 107
Registered: ‎07-09-2016
Kudos: 35
Solutions: 4

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

I think I read somewhere that the lib isn't well documented because it's not supposed to be used by anything but conntrack. Programs that need to manipulate the conntrack table are to use the conntrack tools. However, the conntrack tools on EdgeRouter currently do not allow ANY expect entry to be added due to a bug, so I couldn't do any tests.
Emerging Member
Posts: 107
Registered: ‎07-09-2016
Kudos: 35
Solutions: 4

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

...on a side note, the --create parameter is also not well documented. Neither is the expect table.
Emerging Member
Posts: 51
Registered: ‎04-26-2014
Kudos: 16
Solutions: 1

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Any Chanse you could add a couple more options to your bcast solution for broadcast to a subnet. Ie HDHomeRun devices use a discover that is broad cast to 192.168.1.255 udp port 65001
if on a 192.168.1.0/24 network, would need a way to almost nat the 192.168.1.255 to 192.168.2.255 assuming other network was 192.168.2.0/24

New Member
Posts: 10
Registered: ‎10-11-2014
Kudos: 4

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

I haven't tried a hdhomerun directly, but it doesn't sound like anything special. Unless the hdhomerun itself is unhappy about replying across subnets, it should be sufficient to run udp-broadcast-relay or udp-broadcast-relay-redux with port 65001 and the two interfaces specified.
New Member
Posts: 1
Registered: ‎06-27-2016

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

What about mdns repeater for ER-X? I set up a site-to-site VPN using two ER-X, and I would like to see all computers, including Macs, on each site. @britannic

Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

@marushiaru, see post 122 for an ERX version compiled by @spoon25.

 

As for your site to site VPN question, best to experiment. You will need the VPN interface (lt2p0..lt2p10, etc.) for the configuration options. Providing the VPN stays up, the relay should stay bound to the interfaces, otherwise it will probably just die or not even start.

Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

[ Edited ]

Hi All,

I have an edgerouter X,

with port 0 WAN
port 1 Zyxel 1900 managed switch
port 4 AP unify

I have vlans on the router and the same on the switch.

My pc is on VLAN1 (switch0.1)
And my sonos on vlan 20 (switch0.20)

I can (with help from @britannic) use my sonos while my pc is on another vlan
I installed the broadcast relay and

add switch0.1 and switch0.20 ports 1900 and 1901

And yes! SONOS is working over vlans! 

For my chromecast i add ports 8008, 8009 and 5353 to the broadcast relay

After that i changed mdns repeater and add:
swtich0, switch0.1 and switch0.20

 

When i click on mdns reflector (in the configtree) i see only:

- service / mdns / reflector: MDNS rflector service


I disabled the build-in firewall from windows 10 and tried to chromecast a page of google chrome to my chromecast.
I didnt find my chromecast....

Do i have to change something with the option IGMP-proxy on my edgerouter X, or do i have to change something in my managed switch? (didnt had to change my switch for sonos, only the edge X)

My edge X has the following IGMP-proxy options:
- disable
- disable-quickleave
- interface

This is the last part of my vlan network, everything works more than great!
I also checked my firewall rules on my edgerouter, and they are fine for pc, sonos and chromecast (accept all traffic between them)

Somebody an idea?











Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

@pvklink, Alex Jensen has a good write up on EdgeRouters and Chromecast. Let us know if this works out for you.

Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

[ Edited ]

 

 My config dis work for 10 minutes. Then i cleaned my configuration a little bit and it does not work anymore..

Cant find it...

 

mdns {

     reflector

     repeater {

         interface switch0.1

         interface switch0.20

     }

 }

 

igmp-proxy {

     disable

     disable-quickleave

 }

 

name VLAN20_LOCAL {

     default-action drop

     rule 24 {

         action accept

         description "Accept DNS"

         destination {

             port 53

         }

         protocol udp

     }

     rule 25 {

         action accept

         description "Accept DHCP"

         destination {

             port 67

         }

         protocol udp

     }

     rule 26 {

         action accept

         description "Accept MDNS"

         destination {

             port 5353

         }

         log disable

         protocol udp

     }

 }

 name VLAN20_OUT {

     default-action accept

     rule 10 {

         action accept

         description "Accept Established/Related"

         protocol all

         state {

             established enable

             related enable

         }

     }

     rule 20 {

         action accept

         description "Accept Sonos"

         destination {

             address 192.168.1.10

         }

         log disable

         protocol all

         source {

             address 192.168.20.25

         }

     }

     rule 22 {

         action accept

         description "Accept Chromecast"

         destination {

             address 192.168.1.10

         }

         log disable

         protocol all

         source {

             address 192.168.20.23

         }

     }

     rule 40 {

         action drop

         description vlan20_deny_group

         destination {

             group {

                 network-group vlan20_deny_group

             }

         }

         protocol all

     }

 }

 

service {
bcast-relay {
id 1 {
description "Sonos listener"
interface switch0.1
interface switch0.20
port 1900
}
id 2 {
description "Sonos listener 1901"
interface switch0.1
interface switch0.20
port 1901
}
id 3 {
description "Broadcast listener 8008"
interface switch0.1
interface switch0.20
port 8008
}
id 4 {
description "Broadcast listener 8009"
interface switch0.1
interface switch0.20
port 8009
}
id 5 {
description "Broadcast listener 5353"
interface switch0.1
interface switch0.20
port 5353
}
}

 

 

 

Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Post your full configuration (use: “show configuration” to hide sensitive info), zip it and attach it to your post . Also, describe the network set up (hardware, what’s connected to what port, how the VLANs are configured in the external managed switch, etc.).

Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

[ Edited ]

Here my configurationfile.

 

I have configured my edgerouter X,  Zyxel GS1900-24E and Unify AP and need help with chromecast.

It sometimes work. And there is a pattern. When i start chromebrowser on my pc, and start casting, it does not find my chromecast. When i start home on my mobile device(on same vlan as chromecast) (and do nothing but starting it up....) my pc directly finds chromecast !

This always works ! i can put my mobile of then... I want it to work without my mobile...

 

My config

I configured vlans on my router, and on my switch and every client gets a ip adres from a dhcp server. Each vlan has its own dhcp range. Every client gets the right ip-adres/range so part of my vlans work! and also my rules work between vlans...

 

Port 0 edgerouter is WAN

Port 1-4 are part of switch0 with vlan1,10,20,30,40  (i dont use vlan20 and 30)

 

Port 1 is a zyxel 1900 managed switchOn port 1 

 

vlans on router en switch

Vlan 1 - mgt vlan                  ip range 192.168.1.0

Vlan 10 - Business vlan                      192.168.10.0

Vlan 20 media vlan                             192.168.20.0

Vlan 30 gaming                                   192.168.30.0

Vlan 40 guest                                      192.168.40.0.

 

 

My pc is on vlan 1 

Chromecast en sonos on vlan 20 

Sonos works between vlan 1 and vlan20  I addes some rules and made a bcast relay between pc(switch0.1) and sonos(switch0.20)

Chromecast, works sometimes.. 

 

on my switch i changed  (disabling this all does make any difference)

- mutlicast igmp snooping state enabled, v3 enabled

- vlan1 igmp state enabled and igmp querirer enabled  and version 3 enabled (pc is in this vlan)

- vlan20 igmp state enabled and igmp querier enabled  and version 3 enabled(chromecast is in this vlan)

 

i can add sccreendumps of the switch (igmp) setting (5 schreens)

 

my unify AP is connected tot eth4. It has sids for different vlans, that is workig great, each sid gets its own ip-range/vlan....

 

Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

You have a complex setup. My recommendation is that you set up a couple of additional test VLANs, without firewalling and then get chromecast working. Once it is, then start adding in firewall rules, one step at a time and see what breaks.

 

I would also recommend you add "enable-default-log" to your firewall rulesets:

 

set firewall name <ruleset name> enable-default-log

 

Then you can track what is being blocked in /var/log/messages with:

 

show log tail

Here's an example of a packet dropped by a firewall rule:

 

Oct 20 19:08:10 unms-server kernel: [ext-loc-IPv4-default-D]IN=eth1 OUT= MAC=01:00:5e:00:00:fb:04:18:d6:f0:76:9e:08:00 src=192.168.100.1 DST=224.0.0.251 LEN=632 TOS=0x00 PREC=0x00 TTL=1 ID=51833 DF PROTO=UDP SPT=5353 DPT=5353 LEN=612
Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Ok, i will add the logs!

 

The chromecast does work, only it takes  long time that the chromecast appears when i click CAST in google chrome... After the chromecast is found, next searches goes faster....

New Member
Posts: 3
Registered: ‎10-28-2017

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Many thanks to @britannic for this solution. I've been running it for a while with no problems and can now discover various devices across my VLANs that none of the built-in mechanisms could.

 

Is there any news on integrating this into the stock firmware? I'd love to avoid having to re-install after every firmware upgrade.

Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

I removed the firewall rules. Problem still exist that it takes a long time to discover the chromevast between vlans. When i start the google home app from a mobile device in the same vlan it discovers the chromecast directly!

When i start cast discovery from my pc from another vlan Immediately after the previous discovery(mobile in same vlan) chromecast appears directly in the other vlan!

It seams that the app on the mobile device triggers something that the pc in the other vlan needs, only what?

 

I disabled the firewall rules...

Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

I used tcpdump (native on the router) and WireShark (for PCs, etc.) to figure out the issues on my VLANs and then used the findings to optimize my network configuration. Let us know what you find using those tools. You can also capture a PCAP file using either tool and post it so we can use it to replay snapshots of your net traffic to give you some feedback.

 

WireShark

 

tcpdump cheat sheet

 

 

Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

[ Edited ]

Ok, my chromecast works!

I like to stream from my pc(192.168.10.1) in vlan1 to my chromecast in vlan20 (ip -192.168.20.23)

Problem was a firewall rule, rule 50 in vlan20_out. When i disable this, it works!

But i wonder if my vlans are save at this way!

 

What i want:

vlan1 (my pc, switch, accespoint etc.) my pc may access everything!

vlan20 (mediadevices, nas, sonos, chromecast and tablets, phones etc.)

They can all see each other and go to the internet, They can't communicate with my vlan1

but sonos and chromecast device have to respond to apps (sonos or chromecast calls) from the managed pc from vlan1

 

I thougt that i added enough rules before rule 50 tot make chromecast work, but when i disable rule50 it works!

 

part of my config...

 

firewall {

    all-ping enable

    broadcast-ping disable

    group {

        address-group vlan20_media_ip {

            address 239.255.255.250

            address 255.255.255.255

            address 192.168.20.25

            address 192.168.20.23

            address 192.168.1.10

            description "access voor chromecast ip"

        }

        network-group vlan20_deny_group {

            description vlan20_deny_group

            network 192.168.1.0/24

            network 192.168.10.0/24

            network 192.168.30.0/24

            network 192.168.40.0/24

        }

        port-group vlan20_media {

            description "access voor chromecast port"

            port 1900

            port 1901

            port 5353

        }

    }

    ipv6-receive-redirects disable

    ipv6-src-route disable

    ip-src-route disable

    log-martians enable

    name VLAN20_LOCAL {

        default-action accept

        rule 10 {

            action accept

            description "Accept Established/Related"

            log disable

            protocol all

            state {

                established enable

                invalid disable

                new disable

                related enable

            }

        }

        rule 20 {

            action drop

            description "Drop invalid packets"

            log disable

            protocol all

            state {

                established disable

                invalid enable

                new disable

                related disable

            }

        }

        rule 30 {

            action accept

            description "Allow access media ip"

            destination {

                group {

                    address-group vlan20_media_ip

                }

            }

            log disable

            protocol all

        }

        rule 40 {

            action accept

            description "Allow access media ports"

            destination {

                group {

                    port-group vlan20_media

                }

            }

            log disable

            protocol all

        }

        rule 50 {

            action accept

            description "Accept DNS"

            destination {

                port 53

            }

            protocol udp

        }

        rule 60 {

            action accept

            description "Accept DHCP"

            destination {

                port 67

            }

            protocol udp

        }

    }

    name VLAN20_OUT {

        default-action accept

        rule 10 {

            action accept

            description "Accept Established/Related"

            protocol all

            state {

                established enable

                related enable

            }

        }

        rule 20 {

            action drop

            description "Drop invalid packets"

            log disable

            protocol all

            state {

                established disable

                invalid enable

                new disable

                related disable

            }

        }

        rule 30 {

            action accept

            description "Allow access media ip"

            destination {

                group {

                    address-group vlan20_media_ip

                }

            }

            log disable

            protocol all

        }

        rule 40 {

            action accept

            description "Allow access media ports"

            destination {

                group {

                    port-group vlan20_media

                }

            }

            log disable

            protocol all

        }

        rule 50 {

            action drop

            description "Deny lan access"

            destination {

                group {

                    network-group vlan20_deny_group

                }

            }

            disable

            log enable

            protocol all

            source {

                group {

                }

            }

        }

    }

        }

    }

}

interfaces {

    ethernet eth0 {

        address 192.168.178.3/24

        description Internet

        duplex auto

        firewall {

            in {

                name WAN_IN

            }

            local {

                name WAN_LOCAL

            }

        }

        speed auto

    }

    ethernet eth1 {

        description Local

        duplex auto

        speed auto

    }

    switch switch0 {

        description Local

        mtu 1500

        switch-port {

            interface eth1 {

                vlan {

                    pvid 1

                    vid 10

                    vid 20

                    vid 30

                }

            }

            vlan-aware enable

        }

        vif 1 {

            address 192.168.1.1/24

            description 1

            mtu 1500

        }

        vif 20 {

            address 192.168.20.1/24

            description 20

            firewall {

                in {

                    name VLAN20_OUT

                }

                local {

                    name VLAN20_LOCAL

                }

            }

            mtu 1500

        }

    }

}

 

 

Established Member
Posts: 1,408
Registered: ‎10-01-2014
Kudos: 695
Solutions: 66

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

Since ubnt-bcast-relay is working and this is really a firewall rules question, recommend you post your question as a new topic in the main forum. To help debug your rules before you post, set the default log rule for all of your rulesets:

 

set firewall name <rule name> enable-default-log
set firewall ipv6-name <rule name> enable-default-log

and include the subsequent logs for the problem rulesets in your new post topic.

Please help the community find useful posts and solutions by using the "Kudos" and "Accept as Solution" buttons!
Emerging Member
Posts: 98
Registered: ‎06-03-2017
Kudos: 2
Solutions: 3

Re: Multicast, Sonos, Phorus & Play-Fi Broadcast 255.255.255.255:<port> Discovery Solution

[ Edited ]

ok, i will!

Is logging all the rules of vlan20 enough?

 

How do i get the content from the logging?

putty, show log and then cut and paste ?

Reply