UDP Broadcast Relay

[mahescho]

Just want to thank you for this great plugin. You made my day. Sonos and CIFS/SMB lookups perfectly work across VLANs.

[cossali98]

Good evening,
I'm having some troubles with this plugin.
Here it's my network configuration:
LAN: 10.172.1.x
IoT: 10.172.10.x
GUEST: 10.172.20.x

I'm trying to transmit the audio from my phone on LAN network to the Google Mini in IoT network and I've configured the plugin as described in the second post (see the attached screen) but it's not working, instead I can transmit audio from Guest network without problem.
I've tried also with different phones

According to my firewall rules the LAN network can go everywhere, the GUEST network can go to Internet and to IoT net but not to LAN and the IoT can go only to internet.

Anyone can help me?
Thanks in advance

[marjohn56]

You need to add a rule to allow the specific device on the IoT network to talk to the LAN network; So in the IoT VLAN firewall rules, add a pass rule for the host device with the destination being your LAN, direction is 'in'. You cannot specify as specific port as the host device will use whatever port it feels like.

[Greelan]

Hi @marjohn56

First, thanks for this plugin. I’ve been using it for mDNS relay (Bonjour, AirPrint) across two VLANs, with success for the most part.

I have noticed, however, that from time to time the mDNS traffic will stop being relayed between VLANs. udpbroadcastrelay is still shown as running in the OPNsense dashboard, but the traffic is not being relayed. A restart of the plugin brings it back.

I had noticed previously similar behaviour with mdns-repeater, which is what prompted me to try udpbroadcastrelay (also I eventually want to get it working with Sonos).

It happens every few days. I’ve been trying to see whether the behaviour is associated with any other particular event in OPNsense, but I can’t pinpoint a pattern. Sometimes I have noticed it follows interfaces being detached/attached, but most recently it happened without any apparent trigger.

So I was wondering whether this is known behaviour? Even if not, would you have any suggestions on how I might configure OPNsense to monitor the plugin (eg through monit) to restart it when this behaviour occurs? I could probably just implement a daily cronjob to restart the plugin, but if possible I’d like something a little more refined (ie that only restarts it when needed).

Thanks in advance

[marjohn56]

It's not a known behaviour, mine runs day in day out without issues. Are you saying that UDPBroadcast shuts down, or just that there are no packets being sent out?


Best way of testing is using wireshark to check the packets on both networks segments.

[Greelan]

Thanks for the response. The plugin is still running, packets are just not being relayed.

But further investigation suggests the issue may be switch or AP related. I will keep looking into it

[blacksteel1288]

@marjohn56 Is it possible to use the SSDP broadcast settings along with the uPNP plugin?  If so, what is a working set of configs?

I need both, and currently I'm only able to run one or the other, not both at the same time.

[marjohn56]

UDP uses port 1900, so you cannot also use UDPBR on the same port. You could use both if UDPR was relaying a different port.

[utahbmxer]

Thank you for this plug-in!!  Now I can put my Minecraft server in my DMZ and still have my kids find the server without having to fuss in the server lists!

[fctr]

Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you! Thank you!

And for those wondering, here's what you need to add for Apple TV Home Sharing:

Enabled	Interfaces	Multicast Addresses	Source Address	Listen Port	ID	Description	Use ID as TTL
X	WAN,LAN	224.0.0.251	1.1.1.1	5353	1	iTunes	X

[Mks]

Hi all, thanks.

I did not expect that within my lifetime I'll be able to get my cross VLAN DLNA streaming working.
Thanks to that it works now

My setup

Enabled	Interfaces	Multicast Addresses	Source Address	Listen Port	ID	Description	Use ID as TTL
X	VLAN10,VLAN15	239.255.255.250	empty	1900	1	SSDP multicast	X

Firewall rule for the Multicast on VLAN where the server is located.
Firewall rule from Clients to Server.

br

[tokade]

Hi Mks,

could you please post your

Firewall rule for the Multicast on VLAN where the server is located.
Firewall rule from Clients to Server.

Mine isn't working yet.

Thx and kind regards
Torsten

[Mks]

Hi Torsten

VLAN10 (DLNA Server)
VLAN25 (DLNA Clients)

Protocol/Source/Port/Destination/Port
VLAN10:
IPv4 UDP/VLAN10 net/*/239.255.255.250/1900
VLAN25:
IPv4 TCP-UDP/IPs-StreamingClients/*/IP-StreamingServer/StreamingPorts (in case of synology 50001,50002)

Explenation:
The server sends regular multicasts on port 1900 with information (IP & Port) where the server is located.
Each Client which receives the message could connect to the server

br

[marjohn56]

You only need to add one rule.. ( as a rule! ). Say for example you are using Sky Q, port 1900 239.255.255.250, it's the same as Sonos. All you need to add is one rule from the server LAN/VLAN allowing traffic back to your client LAN/VLAN.

As you do not know what port the server will use to send traffic back to the client(s) you will need to add a rule that allows any port, but you limit that rule to the server address only, hence the server must live at a fixed IP.

So for example here's mine. This is the single rule on the server side IoT VLAN allowing traffic from the server to the primary VLAN.

Action: Pass
Quick: Enabled
Interface: VLANIOT ( must be your IoT or Server VLAN )
Direction: In
TCP/IP Version: IPv4
Protocol: Any
Source: Single Host or Network
10.4.15.91  ( This is the IP of my Sky Q box, it should be the server IP of whatever your server is.
Destination: QPVLAN ( My Primary VLAN - Select yours )
Destination Port Range: Any Any
Description: Sky Relay ( call yours whatever you like )

That's it, simples.

[Zavation]

Thanks for pointing this thread out marjohn56. Feel free to delete the thread I created originally.

I've had a read through this thread, however havn't had much luck in figuring out what's not allowing devices to discover my Virgin Media chromecast.

I've installed the devel version of UDP Broadcast relay (encase there are any additional features).

To allow for ease of testing, I've created allow all rules (IPv4 & IPv6) between the vlans, and as far as I can see no traffic is being blocked by rules etc... If I can at least get my phone connected, I'll then restrict the rules.

To further troubleshooting, I've ran UDP Broadcast Relay manually and can see MDNS broadcasts being relayed between the vlans. I can confirm this as I've ran Wireshark on both LAN & IOT Vlan's and can see the MDNS broadcasts. The interesting bit, is if I run Youtube app on my phone, I see the broadcast being replicated across the vlan, my Virgin media box (in IOT VLAN) answering the MDNS query, the answer then coming back to my LAN Vlan, and my phone never picks the answer backup. Its as if its ignored. If I leave wireshark running on the LAN vlan, I can intermittently see broadcasts originating from my Virgin Media box as it contains the answers for the MDNS queries.

As for settings for UDP Broadcast relay:
Interfaces: IOT & LAN Vlans
Multicast Address: 224.0.0.251
Source Address: 1.1.1.1
Port: 5353
ID: 1
Use ID as TTL: Tried both enabled & disabled.

As the broadcasts are originating from the interface IP of the vlan, this I hope removes the issue with Chromecasts not responding back to devices on different networks.

I saw you mentioned about snooping being enabled on your switch marjohn56, so i thought I'd check mine and as far as I can see such features are already disabled.