Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Zeroconf Multicast DNS with Avahi or systemd-resolved

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
IT-Nerd
Posts: 9
Joined: 2014-03-23 23:44

Zeroconf Multicast DNS with Avahi or systemd-resolved

#1 Post by IT-Nerd »

Hello everyone,

I am trying to setup Zeroconf in a small LAN where machines of Debian 10, other Linux distributions and Windows 10 are cooperating with zero extra configuration with the following requirements:

- Hostname resolution with Multicast DNS (hostname.local should work)
- CUPS printing should be able to share printers and LAN machines being able to discover it via CUPS or Samba share
- In case of Avahi, advertised services should be browsable

I have done it in the past and it was a simple case of installing Avahi on Linux machines along NSS-mDNS packages and setting

Code: Select all

mdns_minimal [NOTFOUND=return]
in hosts entry of

Code: Select all

/etc/nsswitch.conf
, before the dns entry.
Then everything worked as expected. This was at a time around Debian 6 and 7, it worked like a charm. Well not any more...

The resources I followed are the following:
https://wiki.debian.org/ZeroConf
https://wiki.debian.org/SystemPrinting
https://wiki.samba.org/index.php/User_Documentation
https://wiki.archlinux.org/index.php/Avahi
https://wiki.archlinux.org/index.php/CUPS
https://wiki.archlinux.org/index.php/Samba
https://wiki.archlinux.org/index.php/Sy ... olved#mDNS

First I tried to setup CUPS + Samba + Avahi on the machine that has the printer attached with USB. This machine has Arch Linux installed. I started the services:

Code: Select all

cups.service
avahi-daemon.service
smb.service
and I tried to setup the Windows 10 clients. First pitfall is that the machine was no longer listed in the Network of the file browser and it could not be resolved by hostname or hostname.local. Strange...
I started the nmb.service and suddenly Windows 10 machines start to resolve properly with or without .local suffix. Why? Samba nmbd is supposed to be a Netbios name service right? Well I guess thinks has changed somehow and although I never like things that work because ... reasons, I continued to setup the Samba shared printer with all Windows 10 machines. Well nope. The printer server is resolved but no entry in the Windows Network list. Where is it? Well ignoring the recommendations to enable SMBv1 (really?) I realized that modern Windows 10 clients need something called Web Service Discovery. Thankfully there is a Python script which implements just that for Linux host daemon: https://github.com/christgau/wsdd. That concludes my setup for Windows 10 clients, which only need to enable Network sharing and use the Samba shares via credentials. Not so Zeroconf but it is working and the LAN is small. For bigger deployments this does not scale.

Now on to the Debian 10/Linux machines. This is where I cannot make it to work by following the Wiki or manual instructions. On Debian 10 machines I installed the packages:

Code: Select all

avahi-daemon
libnss-mdns
modified /etc/nsswitch.conf and started the avahi-daemon.service. That is what I expected to be enough. It was not. Debian machines do not resolve between them, they do not resolve the Arch Linux printer server and do not resolve any of the Windows 10 machines. No firewall is involved in this testing, apart form the Windows 10 default firewall settings that seem to allow the mDNS traffic. That is very strange, as it used to work out of the box, especially between Avahi running machines. So the Avahi route has issues, I would like some help on how to debug this. Multicast traffic seems to flow on tcpdump.

I tried to check also the systemd-resolved solution for mDNS, recommended by the developers of Avahi as the next version of Zeroconf on systemd enabled Linux systems. You set the directive

Code: Select all

MulticastDNS=yes
in both your systemd-resolved configuration:

Code: Select all

/etc/systemd/resolved.conf
/etc/systemd/resolved.conf.d/<your file here>.conf
and also on the systemd-networkd for your desired interface:

Code: Select all

/etc/systemd/network/<your network interface configuration>.network
and it works!!! Machines with this configuration resolve hostnames between them. At least for a few minutes... It suddenly stop working. I tried

Code: Select all

getent hosts hostname.local
using watch and after a while, resolution just stops working. CUPS printer discovery is also a hit and miss afair. What happened to Zeroconf?

I would greatly appreciate any help and share any logs or configuration files. Thanks in advance.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Zeroconf Multicast DNS with Avahi or systemd-resolved

#2 Post by Head_on_a_Stick »

Check the systemd journal for clues.

Have you symlinked /etc/resolv.conf to systemd-resolved's stub resolver? The man page recommends that mode of operation.
deadbang

IT-Nerd
Posts: 9
Joined: 2014-03-23 23:44

Re: Zeroconf Multicast DNS with Avahi or systemd-resolved

#3 Post by IT-Nerd »

Head_on_a_Stick wrote:Check the systemd journal for clues.

Have you symlinked /etc/resolv.conf to systemd-resolved's stub resolver? The man page recommends that mode of operation.
Yes that is exactly how it is setup, with the uplink method:

Code: Select all

ls -la /etc/resolv.conf 
lrwxrwxrwx 1 root root 32 Feb  6 00:35 /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
I will gather the setup and remove private sensitive info and share it. It is very strange that this broadcast technology fails in the simplest LAN possible.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: Zeroconf Multicast DNS with Avahi or systemd-resolved

#4 Post by Head_on_a_Stick »

IT-Nerd wrote:

Code: Select all

ls -la /etc/resolv.conf 
lrwxrwxrwx 1 root root 32 Feb  6 00:35 /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
That is not the recommended mode of operation, read the man page again. I don't think it will make much difference but it's worth a try.
deadbang

IT-Nerd
Posts: 9
Joined: 2014-03-23 23:44

Re: Zeroconf Multicast DNS with Avahi or systemd-resolved

#5 Post by IT-Nerd »

Head_on_a_Stick wrote:
IT-Nerd wrote:

Code: Select all

ls -la /etc/resolv.conf 
lrwxrwxrwx 1 root root 32 Feb  6 00:35 /etc/resolv.conf -> /run/systemd/resolve/resolv.conf
That is not the recommended mode of operation, read the man page again. I don't think it will make much difference but it's worth a try.
You are right, a link to

Code: Select all

/run/systemd/resolve/stub-resolv.conf
is required instead. Tried it with the Avahi solution and still there is no .local hostname resolution. Thank you for noticing.

I noticed something new, Avahi complaints with this in Linux workstations:

Code: Select all

*** WARNING: Detected another IPv4 mDNS stack running on this host. This makes mDNS unreliable and is thus not recommended. ***
which is not systemd-resolved but Chromium browser. Now I need to find a way to disable that Chromium functionality. It does not scale.

IT-Nerd
Posts: 9
Joined: 2014-03-23 23:44

Re: Zeroconf Multicast DNS with Avahi or systemd-resolved

#6 Post by IT-Nerd »

In case anyone needs to shutdown Google Chrome/Chromium listening on port UDP 5353 here is the solution:

Create the policy file managed_policy.json in the policies/managed directory (this is different per system in Linux with Chromium it is in /etc/chromium/policies/managed/). Put these contents in:

Code: Select all

{ "EnableMediaRouter": false }
and then open URL chrome://flags/ and disable the option Anonymize local IPs exposed by WebRTC.

Post Reply