Re: Routing iTunes sharing across subnets using OpenBSD

Mon, 22 Oct 2007 03:34:12 -0700 

On 22/10/2007, at 12:41 AM, Arnaud Bergeron wrote:


2007/10/21, Damon Schultz <[EMAIL PROTECTED]>:

Greetings,

How would one go about routing multicast DNS packets (e.g. used for
iTunes sharing neighbourhood discovery) between two different subnets
sharing an OpenBSD router and secured by ipsec(4)?

So far from multicast(4) I have determined I need to /sbin/sysctl
net.inet.ip.mforwarding=1 and I will most likely need to NAT the
packets to alter their source address using pf(4) to fool the mDNS
client into believing the peers are on the same subnet - but it's
what comes inbetween about which I'm not certain.

Do I need to employ mrouted(8)?

This is my first foray into the bizarre world of IP multicasting...
All the HOWTOs I've seen so far describing how to share iTunes
libraries across different subnets (e.g. http://wiki.mt-daapd.org/
wiki/SSH_Tunnel ) employ an ssh tunnel and a client-side mDNS proxy
but I can't help but feel that with a network under my control and
OpenBSD routing everything there must be a more elegant solution?

Any assistance or advice will be appreciated.


For iTunes sharing you will need a protocol forwarder listening on
both networks and pasing the traffic.  You don't need this in the
general case of multicast IP traffic, but iTunes has special provision
to not share across networks.

For the software to do that, I know Network Beacon but it only works
on OS X.  You may also be able to use howl (which is in ports) to
advertise the iTunes shares of one network on the other.


Thanks for your response.
I'm aware that iTunes filters traffic outside of its subnet, I'm thinking a pf.conf(5) rule something like
nat on enc0 inet proto udp from $subnet_A to 224/4 port = 5353 -> $subnet_B_gateway static-port
might successfully fool iTunes into not filtering the traffic. This wouldn't successfully route the packet, however, as my routing table shows 

        224/4   127.0.0.1
which I guess means that multicasted traffic needs the assistance of mrouted(8) or the like to find its destination. Or could I use the route-to option in pf.conf(5) to do this without the complication of running a multicast routing daemon, something like
pass in on enc0 route-to ( enc0 $subnet_B ) inet from $subnet_A to 224/4
I'll experiment with that a bit, but any assistance in the mean time would be appreciated. 

Regards,
Damon

Reply via email to