mDNS repeater with guest network/vlan

[robca]

I have been happily using a guest network to isolate my IoT devices on a separate VLAN across two different RT68U routers with Merlin. For more info, see here https://www.snbforums.com/threads/rt-ac68u-guest-networks-in-ap-mode-using-vlan-and-iptables.64172/

I have now installed a new device which uses mDNS to be discovered by its app (a WiiM Pro network streamer). In order for that app/device to work together, it has to be discoverable using mDNS https://forum.wiimhome.com/threads/app-option-for-fixed-ip-devices-on-another-network.127/

According to the WiiM forum, I need to "mDNS repeater plus fw rules for mDNS multicast on 5353 work well on edgerouter.". I understand the second part (firewall rules for mDNS multicast in 5353), but I'm not sure how I can setup a mDNS repeater between my vlans

Thanks in advance for any pointer to solve this

 

[ColinTaylor]

From memory I think you need to add the following lines to /tmp/avahi/avahi-daemon.conf.

[reflector]
enable-reflector=yes

 

[robca]

From memory I think you need to add the following lines to /tmp/avahi/avahi-daemon.conf.

[reflector]
enable-reflector=yes

Thanks!

I never used Avahi before. I'm assuming I will need to enable the service in entware following something like thishttps://www.linksysinfo.org/index.php?threads/avahi-tutorial-configuring-a-reflector-aka-mdns-repeater.75706/

Is there any other Avahi tutorial I should look at instead?

EDIT: it looks as if Avahi is already running on the Asuswrt Merlin firmware. Ok, that makes things easier

 

[robca]

Just in case anyone else reads this in the future.

My main network is br0, IoT vlan is br1. WiiM uses fixed IP 192.168.20.170

Must add avahi-daemon.conf.add file to /jffs/configs to change the avahi configuration and enable the redirector

admin@RT-AC68U-7BA8:/tmp/home/root# cat /jffs/configs/avahi-daemon.conf.add

[reflector]
enable-reflector=yes

Then add the ability for devices on the main LAN to access WiiM and finally allow multicast to work across vlans (br0 and br1). I'm using a script in /jffs/scripts/firewall-start and added

# WiiM configuration begins
# make WiiM reachable from LAN (one way)
iptables -D FORWARD -i br0 -o br1 -d 192.168.20.170 -j ACCEPT >/dev/null 2>&1
iptables -I FORWARD -i br0 -o br1 -d 192.168.20.170 -j ACCEPT

# forward multicast on port 5353 between networks
iptables -D INPUT -i br1 -p udp -m multiport --dport 5353 -j ACCEPT >/dev/null 2>&1
iptables -I INPUT -i br1 -p udp -m multiport --dport 5353 -j ACCEPT
iptables -D INPUT -i br1 -p tcp -m multiport --dport 5353 -j ACCEPT >/dev/null 2>&1
iptables -I INPUT -i br1 -p tcp -m multiport --dport 5353 -j ACCEPT
#end WiiM configuration

I'm deleting the rule from iptables in case firewall-start is called once more, to avoid problems (the -D lines)

I can now use the WiiM app on the main lan controlling WiiM on the IoT network.