Hello Maw On 2/12/06, Max Kutny <[EMAIL PROTECTED]> wrote: > Hi Lennart, > > I have several hosts on a public LAN tight together via a private VPN. > Once I got service discovery working on public LAN I chose to switch > to more secure environment and tried to setup discovery over the > private network. Unfortunately it didn't work for me. > > Digging a bit I stumbled over a mail > (http://lists.freedesktop.org/archives/avahi/2005-July/000075.html) > saying that avahi treats interface with POINTOPOINT flag set as > irrelevant. Although, VPN tunnels are organized exactly with this flag > set: > 7: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100 > link/[65534] > > Manually crafting and sending UDP packet with destination > "224.0.0.251.5353" shows that it successfully gets broadcasted via VPN > tunnels. > > What's the rationale behind skipping POINTOPOINT interfaces? Could it > be possible to make avahi more VPN friendly? >
Yes, avahi doesn't handle iface that have the PTP flag on them. As far as i remember the rationale with not supporting vpn was the timing issues. Mdns was design to work on lan (latency below 1ms), so it expects to have answers in timeframe that is not compatible with vpn (wan, latencies that are often more than 50ms) So mdns may not run reliably over vpn. We see a growing need to support vpn, but the best solution may be to implement realying gateway gateway A would answers on vpn A about services discovered by gateway B on vpn B gate A and gate B would exchange their browsing list over unicast. I think that samba offer such a solution for Netbios browing. This would be the reflector for vpns. > Thanks. > > -- Max > _______________________________________________ > avahi mailing list > [email protected] > http://lists.freedesktop.org/mailman/listinfo/avahi > -- Sebastien Estienne
_______________________________________________ avahi mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/avahi
