I have a bridge interface using lan and wireless interfaces. mDNS (tested using chromecast discovery) fails. Internal interface rules are set to allow all incoming. For what little I was able to find out, I think it is getting picked up by NAT. However I can not get NAT to ignore mDNS packets. The traffic does show up in the firewall log as `SINGLE:NO_TRAFFIC`
Where's your IP address(es) configured? On the physical bridge member(s) or on the bridge itself?
It MUST be on the bridge, otherwise multicast will fail. Documented property of the FreeBSD network stack, not a bug. Working this way since if_bridge(4) was introduced.
IP/DHCP is configured on the bridge interface not it's members. It is why I'm so confused. Shouldn't it just work :shrug:
Did you set the system tunables as documented here?
https://docs.opnsense.org/manual/how-tos/lan_bridge.html
And does your NAT rule say "source - any" or "source - LAN net"? You need the latter ...
I missed the tunables. I changed them to the correct settings. I also modified the NAT rules to use source 'LAN net'. I can now find Chromecast. Thank you for your help. Oddly though WLAN does not work for Chromecast even though NAT has the same rule for it
Possibly your access point does not handle multicast correctly, then.
I use a wireless card which forms that second member of the bridge. An wireless ap hocked up to lan works though. So if I can't fix the wireless card, I'll just drop it for a wireless ap
Wireless support is not OPNsense's strong point ;)