Help with Avahi mDNS redirector, please

[robca]

I'm trying to set up a mDNS reflector using avahi on Merlin 386.11 (RT-68U). My goal is to enable a WiiM device on a segregated IoT network (per https://www.snbforums.com/threads/mdns-repeater-with-guest-network-vlan.86503/)

I finally realized that Avahi is enabled by default, and I tried editing the /tmp/avahi/avahi-daemon.conf file to add the "[reflector] enable-reflector=yes" configuration. But upon restarting the service with "service restart_mdns", the avahi-daemon.conf file is reverted to the one before I edited it.

How can I edit the Avahi configuration? I even tried adding a /jffs/scripts/avahi-daemon.conf file, but that doesn't work

Can I do what I want (mDNS between vlans) using the built in Avahi, or do I need to follow this tutorial to enable it? https://www.linksysinfo.org/index.p...figuring-a-reflector-aka-mdns-repeater.75706/

 

[ColinTaylor]

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

Use a avahi-daemon.conf.add file.

 

[robca]

Thanks @ColinTaylor . I actually tried using avahi-daemon.conf.add, and avahi-daemon.conf.postconf in /jffs/scripts (where I have other files). Those files are executable, but for some reason it still can't add the redirecto to the /tmp/avahi/avahi-daemon.conf file

Here's the content of my /jffs/scripts, in case I have a typo

admin@RT-AC68U-7BA8:/tmp/home/root# ls -la /jffs/scripts/
drwxr-xr-x    2 admin    root             0 Aug 27 15:26 .
drwxr-xr-x   13 admin    root             0 Aug 27 15:31 ..
-rwxrwxrwx    1 admin    root            33 Aug 27 14:52 avahi-daemon.conf.add
-rwxr-xr-x    1 admin    root            74 Nov 25  2018 dnsmasq.postconf
-rwxr-xr-x    1 admin    root          4831 Dec 30  2022 firewall-start
-rwxr-xr-x    1 admin    root            75 Feb 12  2020 post-mount
-rwxr-xr-x    1 admin    root           109 Jul 30  2022 service-event
-rwxrwxrwx    1 admin    root           962 Dec 26  2022 services-start
-rwxr-xr-x    1 admin    root            43 Feb 27  2019 services-stop
-rwxr-xr-x    1 admin    root            91 Jan 10  2018 smb.postconf
-rwxr-xr-x    1 admin    root           113 Feb 12  2020 unmount
-rwxr-xr-x    1 admin    root            11 Nov 25  2018 wan-start

I looked at the logs while I edited the /tmp/avahi/avahi-daemon.conf file, and I see the first 2 lines below (basically it notices that the file is changed and reloads it?)

I then executed the "service restart_mdns" and I see Avahi restart

Aug 27 15:37:54 avahi-daemon[2271]: Files changed, reloading.
Aug 27 15:37:54 avahi-daemon[2271]: No service file found in /tmp/avahi/services.

Aug 27 15:38:08 rc_service: service 2479:notify_rc restart_mdns
Aug 27 15:38:08 custom_script: Running /jffs/scripts/service-event (args: restart mdns)
Aug 27 15:38:08 avahi-daemon[2271]: Got SIGTERM, quitting.
Aug 27 15:38:08 avahi-daemon[2271]: Leaving mDNS multicast group on interface br1.IPv4 with address 192.168.20.1.
Aug 27 15:38:08 avahi-daemon[2271]: Leaving mDNS multicast group on interface br0.IPv4 with address 192.168.1.1.
Aug 27 15:38:08 avahi-daemon[2271]: Leaving mDNS multicast group on interface lo.IPv4 with address 127.0.1.1.
Aug 27 15:38:08 avahi-daemon[2271]: avahi-daemon 0.8 exiting.
Aug 27 15:38:09 avahi-daemon[2487]: Found user 'nobody' (UID 65534) and group 'nobody' (GID 65534).
Aug 27 15:38:09 avahi-daemon[2487]: Successfully dropped root privileges.
Aug 27 15:38:09 avahi-daemon[2487]: avahi-daemon 0.8 starting up.
Aug 27 15:38:09 avahi-daemon[2487]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Aug 27 15:38:09 avahi-daemon[2487]: No service file found in /tmp/avahi/services.
Aug 27 15:38:09 avahi-daemon[2487]: Loading new alias name RT-AC68U.
Aug 27 15:38:09 avahi-daemon[2487]: Joining mDNS multicast group on interface br1.IPv4 with address 192.168.20.1.
Aug 27 15:38:09 avahi-daemon[2487]: New relevant interface br1.IPv4 for mDNS.
Aug 27 15:38:09 avahi-daemon[2487]: Joining mDNS multicast group on interface br0.IPv4 with address 192.168.1.1.
Aug 27 15:38:09 avahi-daemon[2487]: New relevant interface br0.IPv4 for mDNS.
Aug 27 15:38:09 avahi-daemon[2487]: Joining mDNS multicast group on interface lo.IPv4 with address 127.0.1.1.
Aug 27 15:38:09 avahi-daemon[2487]: New relevant interface lo.IPv4 for mDNS.
Aug 27 15:38:09 avahi-daemon[2487]: Network interface enumeration completed.
Aug 27 15:38:09 avahi-daemon[2487]: Registering new address record for 192.168.20.1 on br1.IPv4.
Aug 27 15:38:09 avahi-daemon[2487]: Registering new address record for 192.168.1.1 on br0.IPv4.
Aug 27 15:38:09 avahi-daemon[2487]: Registering new address record for 127.0.1.1 on lo.IPv4.
Aug 27 15:38:09 avahi-daemon[2487]: Registering new address record for 127.0.0.1 on lo.IPv4.
Aug 27 15:38:10 avahi-daemon[2487]: Server startup complete. Host name is RT-AC68U-7BA8.local. Local service cookie is 2667339504.
Aug 27 15:38:10 avahi-daemon[2487]: Alias name "RT-AC68U" successfully established.

I even created a avahi-daemon.postconf like this

#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

pc_append "[reflector]" "enable-reflector=yes" $CONFIG

And I see it run in the log as follows

Aug 27 15:44:25 rc_service: service 3087:notify_rc restart_mdns
Aug 27 15:44:25 custom_script: Running /jffs/scripts/service-event (args: restart mdns)
Aug 27 15:44:25 avahi-daemon[2487]: Got SIGTERM, quitting.
Aug 27 15:44:25 avahi-daemon[2487]: Leaving mDNS multicast group on interface br1.IPv4 with address 192.168.20.1.
Aug 27 15:44:25 avahi-daemon[2487]: Leaving mDNS multicast group on interface br0.IPv4 with address 192.168.1.1.
Aug 27 15:44:25 avahi-daemon[2487]: Leaving mDNS multicast group on interface lo.IPv4 with address 127.0.1.1.
Aug 27 15:44:26 avahi-daemon[2487]: avahi-daemon 0.8 exiting.
Aug 27 15:44:26 custom_script: Running /jffs/scripts/avahi-daemon.postconf (args: /tmp/avahi/avahi-daemon.conf)
Aug 27 15:44:26 avahi-daemon[3096]: Found user 'nobody' (UID 65534) and group 'nobody' (GID 65534).
Aug 27 15:44:26 avahi-daemon[3096]: Successfully dropped root privileges.
Aug 27 15:44:26 avahi-daemon[3096]: avahi-daemon 0.8 starting up.
Aug 27 15:44:26 avahi-daemon[3096]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Aug 27 15:44:26 avahi-daemon[3096]: No service file found in /tmp/avahi/services.
Aug 27 15:44:26 avahi-daemon[3096]: Loading new alias name RT-AC68U.
Aug 27 15:44:26 avahi-daemon[3096]: Joining mDNS multicast group on interface br1.IPv4 with address 192.168.20.1.
Aug 27 15:44:26 avahi-daemon[3096]: New relevant interface br1.IPv4 for mDNS.
Aug 27 15:44:26 avahi-daemon[3096]: Joining mDNS multicast group on interface br0.IPv4 with address 192.168.1.1.
Aug 27 15:44:26 avahi-daemon[3096]: New relevant interface br0.IPv4 for mDNS.
Aug 27 15:44:26 avahi-daemon[3096]: Joining mDNS multicast group on interface lo.IPv4 with address 127.0.1.1.
Aug 27 15:44:26 avahi-daemon[3096]: New relevant interface lo.IPv4 for mDNS.
Aug 27 15:44:26 avahi-daemon[3096]: Network interface enumeration completed.
Aug 27 15:44:26 avahi-daemon[3096]: Registering new address record for 192.168.20.1 on br1.IPv4.
Aug 27 15:44:26 avahi-daemon[3096]: Registering new address record for 192.168.1.1 on br0.IPv4.
Aug 27 15:44:26 avahi-daemon[3096]: Registering new address record for 127.0.1.1 on lo.IPv4.
Aug 27 15:44:26 avahi-daemon[3096]: Registering new address record for 127.0.0.1 on lo.IPv4.
Aug 27 15:44:27 avahi-daemon[3096]: Server startup complete. Host name is RT-AC68U-7BA8.local. Local service cookie is 1601803446.
Aug 27 15:44:27 avahi-daemon[3096]: Alias name "RT-AC68U" successfully established.

But when I issue a cat /tmp/avahi/avahi-daemon.conf I see

[Server]
host-name=RT-AC68U-7BA8
aliases=RT-AC68U
aliases_llmnr=RT-AC68U
use-ipv4=yes
use-ipv6=no
deny-interfaces=eth0
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3

I can't make sense of this...

 

[robca]

Are those two lines/errors relevant?

Aug 27 15:38:09 avahi-daemon[2487]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Aug 27 15:38:09 avahi-daemon[2487]: No service file found in /tmp/avahi/services.

 

[ColinTaylor]

As per the wiki, .add files go in /jffs/configs. That's all you need, remove any other files you've made. Then reboot the router or restart avahi (service restart_mdns).

 

[robca]

As per the wiki, .add files go in /jffs/configs. That's all you need, remove any other files you've made. Then reboot the router or restart avahi (service restart_mdns).

I'm an idiot!

Not sure what I did wrong with postconf, which should have worked as well, but putting the avahi-daemon.conf.add in the right place worked. Thanks so much for the help and patience, @ColinTaylor

 

[ColinTaylor]

Not sure what I did wrong with postconf, which should have worked as well,

FYI. Your pc_append statement was syntactically incorrect.

 

[robca]

FYI. Your pc_append statement was syntactically incorrect.

Basically, I'm an idiot across the board Today I'd better not operate machinery of any kind... thanks again

 

[device]

Hi All,

Its interesting.... I have an openvpn server with 3 asuswrt connected client in Tun mode site-to-site. I can ping vica versa, works fine.

I tried to setup avahi which seemed to be installed but it was not working.

RT-AC86U with Merlin 386.12_4 amtm entware installed

I installed avahi with opkg following this tutorial: https://www.snbforums.com/threads/avahi-install.10218/

Then I filtered out user=admin in /opt/etc/avahi/avahi-daemon.conf and the daemon started...but:

Dec 25 13:40:46 avahi-daemon[9445]: *** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and *
Dec 25 13:40:46 avahi-daemon[9445]: Host name conflict, retrying with RT-AC86U-virag-2
Dec 25 13:40:47 avahi-daemon[9445]: Host name conflict, retrying with RT-AC86U-virag-3
Dec 25 13:40:48 avahi-daemon[9445]: Host name conflict, retrying with RT-AC86U-virag-4

So the merlin had already had an avahi installed, then I installed it again from opkg :/

How can or how should I decide which one to keep and which one to run?

ps w :

9445 nobody 4744 S avahi-daemon: registering [RT-AC86U-virag-26.virag.local]
9904 admin 5976 S grep avahi
17559 nobody 3176 S avahi-daemon: running [RT-AC86U-virag.local]

service stop_mdns made the trick, but how can this happen? Why are there two installs?

Thanks for your help!

EDIT:

I got rid of opkg installed avahi. I removed all with their dependencies, now it is running with only one instance. Then I tried to locate the config file it is using, I removed all the .add files and all of them, the only one left is /tmp/avahi/avahi-daemon.conf

If I write different alias like alias=RT-AC86U2 instead of alias=RT-AC86U in the log file it is unchanged if I make it stop with service stop_mdns and start with service start_mdns, the output in /tmp/syslog.log is always:

Dec 25 23:39:36 avahi-daemon[28132]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Dec 25 23:39:37 avahi-daemon[28132]: Alias name "RT-AC86U" successfully established.

Why? Why are there no changes what so ever if I modify the config file? There is something I am missing truly

 

[jksmurf]

Old post but seems the right place for it, so will ask here. Am trying to amend some avahi settings for mDNS as suggested here by @eibgrad

So I recently added this

[reflector]
enable-reflector=yes

to avahi-daemon.conf.add in /jffs/configs, restarted the daemon with service restart_mdns and got this in the automatically-generated avahi-daemon.conf file in the /tmp/avahi directory, so far so good.

[Server]
host-name=RT-AX88U-Pro
aliases=RT-AX88U_Pro
aliases_llmnr=RT-AX88U_Pro
use-ipv4=yes
use-ipv6=no
deny-interfaces=eth0
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3

[reflector]
enable-reflector=yes

However I note the reflector section is new, so it just appends that.

I would now like to add / amend some settings in the [Server] section, so I tried amending avahi-daemon.conf.add to state this:

[Server]
allow-interfaces=br0,br52
#deny-interfaces=eth0

[reflector]
enable-reflector=yes

However in restarting the daemon again it shows this, with clearly TWO [Server] sections, one with a conflicting entry (deny-interfaces=eth0) and one added, but in a second [Server] section?

[Server]
host-name=RT-AX88U-Pro
aliases=RT-AX88U_Pro
aliases_llmnr=RT-AX88U_Pro
use-ipv4=yes
use-ipv6=no
deny-interfaces=eth0
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3

[Server]
allow-interfaces=br0,br52
#deny-interfaces=eth0

[reflector]
enable-reflector=yes

How do I go about getting the final file set up so the one in /tmp/avahi has all correct (and unique) settings?

The .add part of avahi-daemon.conf.add seems to work for adds but not amends?

Thanks!

 

[dave14305]

How do I go about getting the final file set up so the one in /tmp/avahi has all correct (and unique) settings?

This is what the postconf scripts are for. See the Wiki, especially the part about the helper functions like pc_insert.

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

 

[jksmurf]

This is what the postconf scripts are for. See the Wiki, especially the part about the helper functions like pc_insert.

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

Thank you.

I have now read the docs and searched the forum and the internet for how to's.

I have tried to set it up like this, but I am a bit stuck:

• I removed avahi-daemon.conf.add from /jffs/configs so it did not conflict with the postconf.
• I added avahi-daemon.postconf to /jffs/scripts (because that is where the docs say to put it); it has 0755 permissions like other files in that dir.
• In that new file I put the following statements to amend the base config (see above, but without the reflector line).
• I used 3 of the 4 pc_xxxxxxx statements available, just for fun.

#!/bin/sh
CONFIG=$1
source /usr/sbin/helper.sh

# Adds a space, then a [reflector] section, then the enable-reflector line
# If you use this, do not use the avahi-daemon.conf.add file as well
pc_append " " "$CONFIG"
pc_append "[reflector]" "$CONFIG"
pc_append "enable-reflector=yes" "$CONFIG"

# Inserts an "allow-interfaces" line after "use-ipv6=no", then amends the "deny-interfaces" line
pc_insert "use-ipv6=no" "allow-interfaces=br0,br52" "$CONFIG"
pc_replace "deny-interfaces=eth0" "#deny-interfaces=eth0" "$CONFIG"

I tried to ensure the script was executable with:

chmod a+rx /jffs/scripts/*

I then ran:

service restart_mdns

I then ran:

cat /tmp/avahi/avahi-daemon.conf

to check the resulting file.

It did not add, append or insert anything.

Could someone point out where I am going wrong here please?

 

[dave14305]

It did not add, append or insert anything.

Test it manually by running it:

/jffs/scripts/avahi-daemon.postconf /tmp/avahi/avahi-daemon.conf

Look in the syslog for how it ran earlier:

grep avahi-daemon.postconf /jffs/syslog.log

Then some other ideas, depending on how you created the file

ls -l /jffs/scripts/avahi-daemon.postconf
dos2unix /jffs/scripts/avahi-daemon.postconf
service restart_mdns

 

[ColinTaylor]

@jksmurf Why are you adding the allow-interfaces line? It should not be necessary.

 

[bennor]

@jksmurf Why are you adding the allow-interfaces line? It should not be necessary.

Likely stems from the other running discussion...

Trying to understand Guest Network Pro limitations

Using an AX-86U Pro on FW 3006.102.4_beta1, I'm experimenting with Guest Network Pro and VLANs and I must be missing something. I've created a VLAN (tagged as 3) and set ethernet port 3 as an access port tagged with that VLAN. I've then created a new guest network with that same VLAN, turned on...

www.snbforums.com

And my post in it at the following link where the allow-interfaces was mentioned as a suggestion to try based on a post on another site about trying to get Chromecast to work across subnets.
https://www.snbforums.com/threads/t...work-pro-limitations.94438/page-2#post-953109

 

[ColinTaylor]

Likely stems from the other running discussion...

Trying to understand Guest Network Pro limitations

Using an AX-86U Pro on FW 3006.102.4_beta1, I'm experimenting with Guest Network Pro and VLANs and I must be missing something. I've created a VLAN (tagged as 3) and set ethernet port 3 as an access port tagged with that VLAN. I've then created a new guest network with that same VLAN, turned on...

www.snbforums.com

And my post in it at the following link where the allow-interfaces was mentioned as a suggestion to try based on a post on another site about trying to get Chromecast to work across subnets.
https://www.snbforums.com/threads/t...work-pro-limitations.94438/page-2#post-953109

I don't know anything about how the VLANs work in the 3006.102 firmware, but unless something has changed the default behaviour is to allow all interfaces. That's why you don't need an allow-interfaces line, but you do need a deny-interfaces line for the WAN interface.

But like I said, maybe that's not the case in his firmware. It's easy to check that by looking in the System Log for the New relevant interface lines when avahi-daemon starts up.

 

[jksmurf]

That's why you don't need an allow-interfaces line, but you do need a deny-interfaces line for the WAN interface.

But like I said, maybe that's not the case in his firmware. It's easy to check that by looking in the System Log for the New relevant interface lines when avahi-daemon starts up.

Thanks for stepping in and having a look at this Colin.

Simply put the enable-reflector=yes line actually worked perfectly (see referenced thread) for the Guest-IoT interface (together with the firewall-start iptables amendments), but did not work for Primary-IoT despite what I believe were correct iptables lines in the linked thread. I have no idea why.

@bennor was trying to help by offering a potential ahavi amendment that may have worked for others, at least some time ago.

If it could be established the reason for the Primary-IoT interface not working was simply some other constraint attributable to the Primary network, a constraint not present in the Guest Network, or some incorrect syntax in my firewall-start amendments, then the avahi file needs no amendment.

I’m simply not in a position to make any determination either way. @dave14305 was simply trying to help me with ways to amend the avahi files.

 

[ColinTaylor]

I’m simply not in a position to make any determination either way. @dave14305 was simply trying to help me with ways to amend the avahi files.

Dave's comments are still totally valid, especially if you want to make other changes to avahi-daemon.conf. My point was specifically about changing the allow-interfaces line. As I said, all you need to do is look at the System Log to determine whether you need to make that change.

 

[jksmurf]

Test it manually by running it:

/jffs/scripts/avahi-daemon.postconf /tmp/avahi/avahi-daemon.conf

Thank you Dave. It says not found? Not sure why, the file is in there?

xxxxxxx@RT-AX88U-Pro:/tmp/home/root# /jffs/scripts/avahi-daemon.postconf /tmp/avahi/avahi-daemon.conf
-sh: /jffs/scripts/avahi-daemon.postconf: not found

[EDIT] Looking at Dos2Unix, probably because I committed the cardinal sin of creating it in Windows then dragging it in WinSCP to the /jffs/scripts dir. I thought I had copied an existing file within jffs/scripts to avoid this, but maybe not.

Look in the syslog for how it ran earlier:

grep avahi-daemon.postconf /jffs/syslog.log

Then some other ideas, depending on how you created the file

This one just says running.

xxxxxxx@RT-AX88U-Pro:/tmp/home/root# grep avahi-daemon.postconf /jffs/syslog.log
Apr 27 06:33:53 custom_script: Running /jffs/scripts/avahi-daemon.postconf (args: /tmp/avahi/avahi-daemon.conf)

ls -l /jffs/scripts/avahi-daemon.postconf
dos2unix /jffs/scripts/avahi-daemon.postconf
service restart_mdns

So this worked to make the avahi-daemon amendments.
Is the Dos2Unix conversion now permanent (should be)?

xxxxxxx@RT-AX88U-Pro:/tmp/home/root# ls -l /jffs/scripts/avahi-daemon.postconf
-rwxr-xr-x    1 xxxxxxx  root           534 Apr 26 14:08 /jffs/scripts/avahi-daemon.postconf
xxxxxxx@RT-AX88U-Pro:/tmp/home/root# dos2unix /jffs/scripts/avahi-daemon.postconf
xxxxxxx@RT-AX88U-Pro:/tmp/home/root# service restart_mdns

File output.

Done.
xxxxxxx@RT-AX88U-Pro:/tmp/home/root# cat /tmp/avahi/avahi-daemon.conf
[Server]
host-name=RT-AX88U-Pro
aliases=RT-AX88U_Pro
aliases_llmnr=RT-AX88U_Pro
use-ipv4=yes
use-ipv6=no
allow-interfaces=br0,br52
#deny-interfaces=eth0
ratelimit-interval-usec=1000000
ratelimit-burst=1000

[publish]
publish-a-on-ipv6=no
publish-aaaa-on-ipv4=no

[wide-area]
enable-wide-area=yes

[rlimits]
rlimit-core=0
rlimit-data=4194304
rlimit-fsize=0
rlimit-nofile=768
rlimit-stack=4194304
rlimit-nproc=3

[reflector]
enable-reflector=yes
xxxxxxx@RT-AX88U-Pro:/tmp/home/root#

Dave's comments are still totally valid, especially if you want to make other changes to avahi-daemon.conf. My point was specifically about changing the allow-interfaces line. As I said, all you need to do is look at the System Log to determine whether you need to make that change.

Thank you and understood Colin.

TBH if I didn't need to make any more changes to avahi-daemon.conf than the reflector line in the avahi-daemon,config.add file I would be more than happy.

However absent the firewall-start changes working for that one Primary-IoT interface (despite Guest-IoT working perfectly), I started looking at modifications to avahi. I would much rather just leave it alone. Maybe there is some other 'blocker' in Primary I am unaware of, that needs to be toggled off, I don't know, just grasping at straws at this point.

 

[jksmurf]

That's why you don't need an allow-interfaces line, but you do need a deny-interfaces line for the WAN interface.

So with the postconf now working (thanks to Dave), I did a bit more testing and as usual Colin is correct.

There is no difference whether I use avahi-daemon.conf.add (with these lines it), which makes this one change to avahi-daemon.conf:

[reflector]
enable-reflector=yes

or the version in my avahi-daemon.postconf which makes these three changes:

allow-interfaces=br0,br52,br53
#deny-interfaces=eth0

[reflector]
enable-reflector=yes

With the Google Chromecast on IoT:

• both versions work for casting IoT-IoT (expected), Guest-IoT
• neither version works for casting Primary-IoT

Here is my firewall-start for completeness

#!/bin/sh

if [ -x /opt/bin/tailscale ]; then tailscale down; tailscale up; fi # Added by TAILMON
sh /jffs/scripts/firewall start skynetloc=/tmp/mnt/DIVEXT4/skynet # Skynet

# Added by KM to allow access to the Home Assistant Server from any client on the Primary Network
iptables -I FORWARD -i br0 -s 192.168.9.0/24 -d 192.168.53.13 -j ACCEPT
# This line probably not be required as you only really want one way access; this goes the other way
# iptables -I FORWARD -i br53 -s 192.168.53.13 -d 192.168.9.0/24 -j ACCEPT

# Added by KM to allow Guest access to Chromecast with Google TV from any client on the Guest Network
iptables -I FORWARD -i br52 -s 192.168.52.0/24 -d 192.168.53.239 -j ACCEPT
# This line probably not be required as you only really want one way access; this goes the other way
# iptables -I FORWARD -i br53 -s 192.168.53.239 -d 192.168.52.0/24 -j ACCEPT

# Added by KM to allow User access to Chromecast with Google TV from any client on the Primary Network
iptables -I FORWARD -i br0 -s 192.168.9.0/24 -d 192.168.53.239 -j ACCEPT
# This line probably not be required as you only really want one way access; this goes the other way
# iptables -I FORWARD -i br53 -s 192.168.53.239 -d 192.168.9.0/24 -j ACCEPT

# Added by KM as Trial (only) for Primary-IoT
# iptables -I FORWARD -i br0 -s 192.168.9.0/24 -d 192.168.53.0/24 -j ACCEPT
# iptables -I FORWARD -i br53 -s 192.168.53.0/24 -d 192.168.9.0/24 -j ACCEPT

# Restart firewall-start with service restart_firewall

The syslog:

xxxxx@RT-AX88U-Pro:/tmp/home/root# grep avahi-daemon.postconf /jffs/syslog.log
Apr 27 06:33:53 custom_script: Running /jffs/scripts/avahi-daemon.postconf (args: /tmp/avahi/avahi-daemon.conf)
Apr 27 06:40:17 custom_script: Running /jffs/scripts/avahi-daemon.postconf (args: /tmp/avahi/avahi-daemon.conf)

brctl show:

ASUSWRT-Merlin RT-AX88U_PRO 3006.102.4_beta2 Sat Apr 19 16:20:12 UTC 2025
xxxxxxxx@RT-AX88U-Pro:/tmp/home/root# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.e89c2589edf8       no              eth1
                                                        eth3
                                                        eth4
                                                        eth5
                                                        eth6
                                                        eth7
                                                        wds0.0.1
                                                        wds1.0.1
br52            8000.a29c2589edf9       no              eth1.52
                                                        eth3.52
                                                        eth4.52
                                                        eth5.52
                                                        eth6.52
                                                        eth7.52
                                                        wds0.0.1.52
                                                        wds1.0.1.52
                                                        wl0.1
                                                        wl1.1
br53            8000.a29c2589edfa       no              eth1.53
                                                        eth2
                                                        eth3.53
                                                        eth4.53
                                                        eth5.53
                                                        eth6.53
                                                        eth7.53
                                                        wds0.0.1.53
                                                        wds1.0.1.53
                                                        wl0.2
xxxxxxxx@RT-AX88U-Pro:/tmp/home/root#