SSDP/DLNA across different subnets

Started by ricksense, September 29, 2023, 10:36:20 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 29, 2023, 10:36:20 AM
SSDP/DLNA across different subnets
Hi everyone

Is there a way to make SDDP (DLNA discovery) work across different subnets on Opnsense?

Thanks
September 30, 2023, 10:23:47 AM #1
By looking it up on internet, it seems that there is no way to make it work on OPNsense unfortunately.
September 30, 2023, 12:05:27 PM #2
Does the udpbroadcast relay plugin not do what you want?
September 30, 2023, 04:42:53 PM #3 Last Edit: September 30, 2023, 04:45:14 PM by ricksense
it doesn't apparently

Here is the UDP broadcast relay setup:



The DLNA server runs on a linux machine on the LAN. The DLNA client runs on a PC on the GUEST (192.168.80.100).

I set a floating rule to allow traffic:




Thanks
September 30, 2023, 06:18:48 PM #4
I'd move the firewall rule to the network the casting device is on and create a pass rule from the casting device IP, to the Network you want it to go to.

I've done exactly this to allow my SkyQ boxes (UK TV) to be discoverable on my main VLAN (they are on their own VLAN).

Failing that, ask in the udpbroadcastrelay thread.
September 30, 2023, 09:15:02 PM #5
Quote from: Taunt9930 on September 30, 2023, 06:18:48 PM
I'd move the firewall rule to the network the casting device is on and create a pass rule from the casting device IP, to the Network you want it to go to.

I've done exactly this to allow my SkyQ boxes (UK TV) to be discoverable on my main VLAN (they are on their own VLAN).

Failing that, ask in the udpbroadcastrelay thread.

The machine in which the server runs (Jellyfin on LAN subnet) has already  unrestricted access to the GUEST subnet, and I created a rule to allow the client on the GUEST subnet to access the server.

I runs also Wireshark on the client machine (A windows PC in which I installed kodi) and got this result:



So, if I got it right, it is receiving the SSDP broadcast but still can't communicate

If I put the machines on the same interface/subnet the DLNA discovery works.
For the record, everything is running on a Virtual environment, my VMware workstation.
September 30, 2023, 09:36:09 PM #6 Last Edit: September 30, 2023, 09:38:53 PM by Patrick M. Hausen
The floating rule does not match, because this is not unicast traffic. Start with permitting from any to any port 1900 and if that works, use a packet trace again to watch what is involved in a successful communication.

The destination is not LAN net. The destination is the multicast address you see in your packet trace.

The alias "LAN net" does not mean "whatever might end up on that interface". It means "whatever has a unicast destination address matching the network configured on the LAN interface". So if e.g. LAN is 192.168.1.1/24 then LAN net is 192.168.1.0/24 and nothing else.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 01, 2023, 10:07:18 AM #7
Quote from: Patrick M. Hausen on September 30, 2023, 09:36:09 PM
The floating rule does not match, because this is not unicast traffic. Start with permitting from any to any port 1900 and if that works, use a packet trace again to watch what is involved in a successful communication.

The destination is not LAN net. The destination is the multicast address you see in your packet trace.

The alias "LAN net" does not mean "whatever might end up on that interface". It means "whatever has a unicast destination address matching the network configured on the LAN interface". So if e.g. LAN is 192.168.1.1/24 then LAN net is 192.168.1.0/24 and nothing else.

To make it even easier, I set any to any to any port for both interfaces/subnets. Still nothing unfortunately.

Thanks
October 01, 2023, 10:11:40 AM #8
Quote from: ricksense on October 01, 2023, 10:07:18 AM
Quote from: Patrick M. Hausen on September 30, 2023, 09:36:09 PM
The floating rule does not match, because this is not unicast traffic. Start with permitting from any to any port 1900 and if that works, use a packet trace again to watch what is involved in a successful communication.

The destination is not LAN net. The destination is the multicast address you see in your packet trace.

The alias "LAN net" does not mean "whatever might end up on that interface". It means "whatever has a unicast destination address matching the network configured on the LAN interface". So if e.g. LAN is 192.168.1.1/24 then LAN net is 192.168.1.0/24 and nothing else.

To make it even easier, I set any to any to any port for both interfaces/subnets. Still nothing unfortunately.

Thanks

Did you note what Patrick said about the destination?
October 01, 2023, 10:32:44 AM #9
Quote from: Taunt9930 on October 01, 2023, 10:11:40 AM

Did you note what Patrick said about the destination?

Are you telling me that this setup is not enough to make it work?






Thank you
Print
Go Up Pages1
User actions