Ever since I’ve set up my home network, Home Sharing hasn’t worked between our Apple TV and my desktop computer. It’s been a minor annoyance that I really didn’t look into before now, but I had some time yesterday to troubleshoot it and get it working just in time to watch Little Women, which Julia had just bought and downloaded from iTunes. Below is how I got it back up and running.
I was pretty sure that the problem was because the Apple TV (wireless) and the desktop (wired) were on separate VLANs, and thus my firewall was blocking connectivity. This theory was bolstered by the fact that other devices on the wireless network, like Julia’s iPhone, could connect and use AirPlay no problem. I did some digging and discovered this page which listed the ports used by Apple TV, which seemed like a good start. Ports 5353 (mDNS/Bonjour) and 3689 (DAAP) seemed promising, so I took a look at the firewall logs to see if there was any traffic on these ports that was being blocked. Strangely, though, there was not: the only thing showing up in my logs was the occasional packet from the WAN being dropped. Clearly, more investigating was required.
Not being a networking expert by any means, I started to delve into the mDNS protocol, which Apple uses (implemented as Bonjour) for discovering devices on the network that have services like sharing. I used Wireshark to capture packets on both my desktop and laptop, which is on the wireless VLAN, to see what I could find. mDNS traffic was working correctly, but not across network segments: my laptop and the Apple TV could identify each other via mDNS, but my desktop could not. Since I didn’t see any drops in my firewall logs, something else was causing the problem.
Eventually, I came across this post, which solved the problem: EdgeOS does not forward mDNS traffic across networks by default, and an mDNS reflector is required. Although that post discussed options like manually installing mdns-repeater, as of EdgeOS 1.3.0 the Avahi repeater is built in, and all that is required is a simple configuration change:
set service mdns reflector
I turned that on, and immediately started seeing mDNS packets dropped in my firewall logs between network segments. This was even better than I expected: I was worried that enabling the reflector would instantly enable forwarding between all my network segments, including the WAN, and I didn’t want that. Fortunately, though, I could still block that traffic at the firewall to allow only the communication I wanted. I wrote rules to enable mDNS traffic between my LAN and WLAN networks over both IPv4 and IPv6, and all of a sudden I could see Home Sharing devices. It took unblocking traffic over port 3689 between those networks as well before Home Sharing would work, but once that was done, success!
With that done, there’s no longer any functionality that isn’t working on my network as expected. So as they say, if it ain’t broke, mess with it until it is.
1 comment
Comments are closed.