-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is for avahi-0.6.31-26.1.x86_64 from OpenSuSE "Leap" 42.1. I've written a set of simple test scripts that check if daemons are functioning, restarting them if not. The one for avahi-daemon basically does: (illustrated executing on host kermit) dig -p 5353 +short @kermit kermit.local. A No RR's are returned and the query times out. In syslog I see "Received packet from invalid interface." If I ask about Kermit but executing on any different host, the correct content is returned, and similarly for all pairs of hosts on my net: a unicast query to the execution host yields nothing, but to a different host is answered reliably. Every query fails/succeeds equally, e.g. an AAAA record, or asking for the PTR at _ssh._tcp.local. It fails/succeeds equally when the IPv4 or IPv6 address of the server is used. Multicast queries to 224.0.0.251 and ff02::fb are answered even from the execution host.
I tracked this down to (source)/avahi-core/server.c ; see dispatch_packet() in that file. The AvahiIfIndex (believed same as /sys/class/net/${IFC}/ifindex) is 1, identifying lo (loopback) on my machine, and its i->announcing flag is zero (as it should be). But the contingency at the start of this subroutine causes packets received from non-announcing interfaces to be tossed with the "invalid interface" message, explaining the symptom. But I don't see how multicast packets escape the ax. I wish a distinction could be made between interfaces (e.g. lo) whose address should not be announced, versus deny-interfaces members. There's a second issue which I should mention, though it may be hard to fix. On my net, Linux boxes generally have a fixed IP gotten by DHCP, plus a RFC 4862 address (prefix + EUI-64). Avahi-daemon lets the kernel pick which one to send from. "dig", but not Perl's Net::DNS::Resolver, rejects packets from other than the address it sent the (unicast) query to, and so from half the machines, Avahi responses are rejected noisily by "dig" but are functional on other software. I wish that avahi-daemon would respond to unicast queries (of course not multicast) using the source address in the query packet. /etc/avahi/avahi-daemon.conf follows, with comments removed. Changes from (source>/avahi-daemon/avahi-daemon.conf are noted. [server] use-ipv4=yes use-ipv6=yes # Local mod, turned on allow-interfaces=wlan0 # Local mod to explicitly allow wlan0 ratelimit-interval-usec=1000000 ratelimit-burst=1000 [wide-area] enable-wide-area=yes [publish] publish-a-on-ipv6=yes # Local mod, turned on [reflector] # no reflector [rlimits] rlimit-core=0 rlimit-data=4194304 rlimit-fsize=0 rlimit-nofile=768 rlimit-stack=4194304 rlimit-nproc=3 - -- James F. Carter Email: j...@jfcarter.net Web: http://www.math.ucla.edu/~jimc (q.v. for PGP key) -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEwCO3Ffd4f3UN9nvKddigLE9RfKkFAlkXWG0ACgkQddigLE9R fKkRpwgAnKNuIOiIABXHFV18dHNb3PSWdRdxCUJ8i8AOQspVw0fl/z7jjtOryuWn BqqLUdZGBpPXLTLX6h7V9cBwClJE3bx6xyoMR1aXgRIrZnONtoSY/OhSP01GBrq/ JC6PIqrodIePWl/1OQm9NkiotILFFMzl/Y9exXxqcQyExOmZM33BKvwzu7GIBAIf nUj1SnBVV7YNoXgv0IJMiL5nDcupwXlfCYbbyXivJyvpGf+T/5HNBxBXjV3K1A+b cRhIShbILFtbB6wYh27A2+rQaTlRqC60jdg4iKqXe2zuSdknTklPHepTN6y6Zyni dAWeYbfXY68zAXcj9IPpylxbrDro+g== =fNbk -----END PGP SIGNATURE----- _______________________________________________ avahi mailing list avahi@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/avahi