CubelaPetar/notes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c83d178b7709663439b6e20d29156ab80d9f3005
notes/projects/gg/avahi_mdns-reflector/20250718-overview.md
Petar Cubela b79839500c 20250720 regular commit
2025-07-20 22:29:13 +02:00

4.0 KiB
Raw Blame History

Here's a structured summary of your network requirements and design, incorporating your latest updates and clarifications:

Network Overview

1. VLANs and Subnets

VLAN Subnet Gateway IP Avahi Server IP mDNS Proxy IP
15 172.16.19.0/255.255.252.0 172.16.19.254 172.16.19.250 172.16.19.251
19 192.168.151.0/255.255.252.0 192.168.151.254 192.168.151.250 192.168.151.251
7 172.16.111.0/255.255.248.0 172.16.111.254 172.16.111.250 172.16.111.251

Note: All VLANs are routed via the Sophos XGS4300, which acts as the DHCP server for all VLANs.

2. Avahi Server Configuration

  • Local Avahi Servers:
    • VLAN 15: Runs Avahi on 172.16.19.250 for local discovery.
    • VLAN 19: Runs Avahi on 192.168.151.250 for local discovery.
    • VLAN 7: Runs Avahi on 172.16.111.250 for local discovery.
  • Central Avahi Server (mDNS Proxy):
    • IPs: 172.16.19.251, 192.168.151.251, 172.16.111.251 (untagged interfaces for each VLAN).
    • Configuration: 
      [reflector]
enable-reflector=yes
#reflect-ipv=no
#reflect-filters=_airplay._tcp.local,_raop._tcp.local
    • Purpose: Acts as a central mDNS reflector to forward traffic between VLANs, enabling Apple devices in VLANs 15/19 to discover Apple TVs in VLAN 7.

3. mDNS Proxy VM (Central Avahi Server)

  • OS: Debian.
  • Network Configuration:
    • Uses /etc/network/interfaces to assign static IPs for each VLAN (ending in .251).
    • Interfaces are untagged (virtual) for each VLAN.
  • Function:
    • Forwards mDNS traffic between VLANs (e.g., _airplay._tcp.local, _raop._tcp.local).
    • Ensures Apple devices in VLANs 15/19 can discover Apple TVs in VLAN 7 via Bonjour.

4. ESXi and VLAN Management

  • Hyper-Visor: ESXi.
  • vSwitch Configuration:
    • Each VLAN is assigned a virtual port group with the corresponding subnet.
    • VMs (Avahi servers, mDNS proxy, etc.) are assigned to the appropriate VLAN port group.
  • IP Assignment:
    • VMs use static IPs (.250 for local Avahi servers, .251 for central Avahi server).

5. Switch Configuration

  • Switches: Managed Level 2 switches.
  • IGMP Snooping:
    • Recommendation: Enable IGMP snooping on all switches.
    • Rationale:
      • While mDNS (Bonjour) uses UDP and not IGMP, other multicast services (e.g., 546/udp for DHCPv6, 80/443 for HTTP/HTTPS) may rely on IGMP.
      • IGMP snooping prevents unnecessary multicast traffic flooding, improving network efficiency.
    • Note: If only mDNS is used, IGMP snooping is not strictly required, but enabling it is beneficial for future scalability.

Key Considerations

  • Resource Allocation for VMs:
    • Avahi Servers (VLANs 15, 19, 7): Minimal resources (1 vCPU, 512MB RAM).
    • Central Avahi Server (mDNS Proxy): Slightly higher resources (2 vCPUs, 1GB RAM) due to traffic forwarding.
  • Firewall Rules:
    • Ensure UDP ports 80, 443, 546/udp, 546/tcp are open between VLANs 15/19 and VLAN 7.
    • Allow mDNS traffic (UDP 5353) for Bonjour discovery.
  • Testing:
    • Use avahi-browse on Apple devices to verify Apple TV discovery.
    • Test service ports (e.g., curl http://<AppleTV-IP>:80) to confirm connectivity.

Summary of Design

  • VLAN Isolation: Each VLAN operates independently with its own subnet and Avahi server.
  • Central mDNS Proxy: Acts as a bridge for Bonjour discovery between VLANs, enabling cross-VLAN service discovery.
  • Network Efficiency: IGMP snooping is enabled to optimize multicast traffic handling.
  • Scalability: The design supports future additions (e.g., more Apple devices, services) without overhauling the architecture.

Let me know if youd like a diagram or Debian interface configuration examples! 🚀

Reference in New Issue View Git Blame Copy Permalink