November 1, 20241 yr Hey there, I am interested in using a docker on my unraid server to deploy a Bonjour gateway/reflector. I have the problem that I want to integrate apple services on my unraid server and most of the network communication doesnt work across subents. I found this guide: bonjour across VLANs but I am not using any VLANs and I dont have the knowledge/experience with them. I tried to chatgpt through the problem but without success. My main goal is to use mDNS reflector from my Router subnet (192.168.100.1/24) to my server subnet (192.168.0.1/24). I have a main connection for the server to 192.168.0.1/24 as 192.168.0.10 (my unraids gui ip) and a seperate port just for a connection to the router subnet. What type of docker network should I use macvlan,ipvlan ? I have no idea. I would prefer to use a separat ip than my unraoid machine to avoid troubleshooting. Is that even a good idea with docker conatiners or should I use a vm ? I would be glad about any advice, tutorials etc. because I really didn't find much about deploying bonjour refelctors. Thanks
November 24, 20241 yr Author On 11/1/2024 at 9:14 PM, bmartino1 said: Yes, Bonjour (Apple's implementation of zero-configuration networking) primarily uses multicast DNS (mDNS) for service discovery, which allows devices to discover each other on the same local network without needing a central directory. However, mDNS typically does not work across subnets because multicast traffic is generally not forwarded by routers. I think I was able to get it to work. I tinkered around a little bit with this docker image and I found out that I had to create bridges over the physical networks. Also I had to use macvlan, which I dont have experience with but my guess is that ipvlans won't work, BUT again, I am not 100% sure. So I dont have the docker running on my router or switch but on my server. So I connected the server to both the subnets I wanted to bridge. So 192.168.100.0/24 (my router/wifi network - only 1 Gbit) and my switch/server/LAN subnet 192.168.0.1/24 (10 - Gbit duplex, main Unraid connection) are on two different server ports eth0 & eth3. I created, or rather I had to create 2 bridges (br0 & br3) to get it to work. But before that I also configured eth3 on Unraid as a standalone port -> bonding=off, bridging=on, static IP inside fritzbox. I the created two docker networks with the macvlan type like in the repo, but slightly changed: "docker network create --driver macvlan --subnet 192.168.0.0/24 --gateway 192.168.0.XXX --opt parent=br0 physical" and "docker network create --driver macvlan --subnet 192.168.100.0/24 --gateway 192.168.100.XXX --opt parent=br3 physical" Then I could give the docker the two macvlan networks via docker compose or in my case a portioner stack and used the avahi image from above as the image the stack has to pull. After that I was able to: - stream audio from my workstation tower (192.168.0.XXX - lan subnet) to a firetv stick (192.168.100.XXX - router/wifi subnet) - stream audio from my iPhone (wifi subnet) via airplay to workstation tower to Shairport4w (lan subnet) - start iTunes Sync/Backup of my iPhone wirelessly, which unfortunately fails ... I am currently working on this, but I was unfortunately not lucky. It transferred 10s if not 100s of GB wirelessly but always fails at the end. I used a windows10 vm with iTunes on my server, but I will try libImobiledevice inside a docker in the future. Maybe this works, I will write an update. This was also my intended use case, because I am sick of having iTunes backups scattered over multiple devices. On 11/1/2024 at 9:14 PM, bmartino1 said: To enable Bonjour across subnets, you have a few options: (none that i'm aware exist in unraid...) mDNS Relay: Some routers support mDNS relay, which forwards mDNS packets between different subnets. Check your router’s documentation to see if this feature is available and how to configure it. Unfortunately I have a fritzbox as a router and a mikrotik switch. So no options there, that is why I wanted my server to do this job, which it does now. On 11/1/2024 at 9:14 PM, bmartino1 said: Avahi: If you're using a Linux-based network, you can install Avahi, which is a mDNS/DNS-SD implementation. You can configure it to relay mDNS packets between different subnets. I did 0 configuration of Avahi, if you have suggestions to solve my iTunes problem I would be glad ! But for all other airplay/cast applications it just worked. On 11/1/2024 at 9:14 PM, bmartino1 said: Bonjour Gateway: Some specialized software solutions act as a Bonjour gateway, allowing service discovery across subnets. Can Avahi be counted as one ? Is there an alternative ? I couldn't find much. On 11/1/2024 at 9:14 PM, bmartino1 said: Static IP Addresses: For critical services, consider using static IP addresses or DNS entries that are accessible across the network without relying solely on Bonjour. I take that as a prerequisite for all my network device All use DHCP and critical ones get a static lease from either my mikrotik or my fritzbox. On 11/1/2024 at 9:14 PM, bmartino1 said: Do you use or have an apple router? I'm not sure how else to use apple technolgy as it is useing muticast packets which are single subnet only.... There is an apple router I didn't know that ... No only Mobile devices and Macs. And I want to backup all of the wirelessly ... ! Thanks for your answer ! Glad about any future advices
November 24, 20241 yr Community Expert Just put everything in the same subnet and call it a day, whatever reason you'd have had to separate them is moot now.
November 24, 20241 yr Author 6 minutes ago, Kilrah said: Just put everything in the same subnet and call it a day, whatever reason you'd have had to separate them is moot now. Actually it is not that simple ! There is reason for multiple subnets, because it is not possible to use a 10gbe managed switch as just an unmanaged one connected to a fritzbox. For some reason DHCP calls vanish, I wasn't able to get it to work that way. For example Truenas was able to communicate a static IP with the fritzbox over the mikrotik (only one subnet), but DHCP didn't work. Unraid wasn't even able to even communicate the self set static IP with my router so it just assigned 169.XXXs.Trust me, maybe you haven't ran into problems with one subnet but I have ! Maybe my setup is weird, but at that point I thought a 10Gbe switch is enough (which in my set up was) but I will upgrade my router in the next year to a mikrotik box too.
November 24, 20241 yr Community Expert glad this can help yes the aviah docker can run as a gateway will get more data to you. yes apple has netowrk device such as wifi router i believe they call them airports... example: https://support.apple.com/en-us/112419 *and there a pain to get advance features working... fun with Fritz boxes. Could be a vlan /mesh issues too so let see if i can assist furrther with some q/a and info on the zeroconf. so far, it looks like you havedone a good job setting up Avahi to bridge Bonjour/mDNS across two subnets with macvlan networks in Docker. Here’s how you can assist further: 1. Clarify Avahi's Role as a Bonjour Gateway Yes, Avahi acts as a Bonjour Gateway. It relays mDNS packets between subnets, allowing devices to discover services on different subnets. This setup is a perfect example of how Avahi can help with multicast issues. Addressing iTunes Backup Issues The user is facing issues with iTunes backups failing at the end. Here are suggestions: Check Packet Fragmentation: Wireless networks can sometimes fragment packets when transferring large files. Ensure that the MTU (Maximum Transmission Unit) on the involved interfaces (both br0 and br3) is consistent and compatible. Run: ip link set dev br0 mtu 1500 and similar for br3, ensuring alignment. Increase Avahi’s Verbosity: Run the Avahi container with higher logging verbosity to detect potential mDNS bottlenecks. docker run -d --net=host --name=avahi flungo/avahi-daemon --debug Check logs for any signs of failed mDNS advertisements. Check for Resource Limitations: The Windows VM hosting iTunes may have resource constraints. Ensure the VM has adequate CPU, memory, and network throughput. Alternatively, replace the Windows VM with libimobiledevice in Docker. Here's a minimal configuration: version: '3.3' services: libimobiledevice: image: droidian/libimobiledevice container_name: libimobiledevice privileged: true devices: - "/dev/bus/usb:/dev/bus/usb" network_mode: host Use this container to handle backups via command-line utilities like idevicebackup2. Test Backup Without Avahi: Temporarily remove Avahi from the equation and attempt the backup over a single subnet. This can confirm if the issue lies in the network bridging. in avia docker configurations recomends: Enhancing Reliability Enable mDNS Caching: To reduce mDNS traffic load, you can enable caching in Avahi. Add the following to the avahi-daemon.conf file (modify via bind-mount in the Docker container): [server] allow-interfaces=br0,br3 cache-entries-max=4096 Static Routing Between Subnets: If you control the Mikrotik switch, you can configure static routes between subnets. This ensures that devices can communicate directly without relying solely on mDNS: Example for Mikrotik /ip route add dst-address=192.168.100.0/24 gateway=192.168.0.1 Repeat for the other direction. Alternative Tools for Bonjour Bridging If Avahi doesn’t meet expectations: nss-mdns: An mDNS resolver for Linux systems. While not a replacement for Avahi, it works in tandem to ensure discovery reliability. OpenWRT with Bonjour Relay: Use an OpenWRT device (or VM/container) configured with mdns-repeater to forward mDNS traffic across subnets. *VM router/forbiden router dhcp realy and use its features... Future Considerations Centralize DHCP/Static Reservations: While the user already employs static leases, consolidating these configurations in either the Mikrotik or Fritzbox could simplify future adjustments. Upgrade Hardware if Possible: Mikrotik switches and Fritzbox routers are good, but enterprise-grade gear (e.g., Ubiquiti, pfSense, or OpenWRT-capable devices) would provide more granular control over routing and mDNS forwarding. Suggested Action Items: Verify MTU settings on all interfaces. Experiment with libimobiledevice for iTunes backups. Enable caching and verbosity in the Avahi container. Add static routes between subnets as a fallback. Update the forum post with these solutions to help other users experiencing similar issues. Let me know if you’d like detailed configurations or further clarifications!
November 24, 20241 yr Community Expert 3 minutes ago, blacklight said: Actually it is not that simple ! There is reason for multiple subnets, because it is not possible to use a 10gbe managed switch as just an unmanaged one connected to a fritzbox. For some reason DHCP calls vanish, I wasn't able to get it to work that way. For example Truenas was able to communicate a static IP with the fritzbox over the mikrotik (only one subnet), but DHCP didn't work. Unraid wasn't even able to even communicate the self set static IP with my router so it just assigned 169.XXXs.Trust me, maybe you haven't ran into problems with one subnet but I have ! Maybe my setup is weird, but at that point I thought a 10Gbe switch is enough (which in my set up was) but I will upgrade my router in the next year to a mikrotik box too. sounds like the mikrotek needs aditional config to use 1 subnet... I did work as a ISP and used simlar hardware... While the current setup works, resolving the DHCP and subnet communication issues on the Mikrotik switch will simplify operations. Testing DHCP relay and static IP configurations will likely address the user's immediate concerns until they upgrade to a Mikrotik router. issues with DHCP and subnetting on a 10GbE Mikrotik switch paired with a Fritzbox router point to potential misconfigurations or limitations in the network setup. Here are actionable steps and considerations to address the problem: Diagnose DHCP Issues The primary issue seems to be the failure of DHCP traffic to traverse between the Fritzbox and the 10GbE Mikrotik switch. DHCP Relay Configuration: If the Mikrotik switch is Layer 3-capable, ensure it is configured to forward DHCP requests to the Fritzbox. This feature is typically called DHCP relay or helper: /ip dhcp-relay add name=relay1 interface=<10GbE Switch Interface> dhcp-server=<Fritzbox IP> Replace <10GbE Switch Interface> and <Fritzbox IP> with the correct values. Bridge VLAN Filtering: Ensure the Mikrotik switch is correctly bridging VLANs, if applicable. If VLAN filtering is misconfigured, DHCP requests could be dropped. Use: /interface bridge vlan add bridge=<bridge-name> vlan-ids=<vlan-id> tagged=<ports> Replace <bridge-name>, <vlan-id>, and <ports> as needed. Firewall Rules: Check for any Mikrotik firewall rules that might block DHCP (UDP port 67/68). Add rules to explicitly allow this traffic: /ip firewall filter add chain=forward protocol=udp dst-port=67-68 action=accept Static IP Configuration The user mentioned issues with Unraid failing to communicate with the Fritzbox when using a static IP. This could result from a misaligned gateway or subnet mask configuration. Verify that the static IP on Unraid is in the same subnet as the Fritzbox’s DHCP pool. Example: If the Fritzbox is at 192.168.0.1/24, Unraid should have an IP like 192.168.0.100 with: Subnet mask: 255.255.255.0 Gateway: 192.168.0.1 DNS: 192.168.0.1 or public DNS (e.g., 8.8.8.8). If the static IP is set on the Mikrotik side, ensure it doesn’t conflict with Fritzbox’s DHCP pool. Simplified Networking as a Temporary Fix While moving everything into one subnet isn't ideal for this user, testing the setup on a single subnet can help isolate issues. Use a Flat Network Temporarily: Set the Mikrotik switch to act as an unmanaged switch (pure Layer 2 mode) and connect all devices to the same subnet. This can help determine whether the issue is with the subnet configuration or the DHCP relay setup. On Mikrotik: /interface bridge add name=flat-bridge /interface bridge port add interface=<ports> bridge=flat-bridge Replace <ports> with the relevant interfaces. Plan for Router Upgrades The user plans to upgrade their router to a Mikrotik device. Once the new router is in place, the following can be configured: Centralized DHCP: The Mikrotik router can handle DHCP for all subnets, simplifying the setup and eliminating reliance on the Fritzbox for DHCP. Routing Between Subnets: The Mikrotik router can route traffic between subnets more effectively. /ip route add dst-address=192.168.100.0/24 gateway=192.168.0.1 mDNS and Bonjour Bridging: The Mikrotik router supports mdns-repeater, which can bridge Bonjour traffic between subnets if Avahi is not preferred. Recommendations for Future Stability Network Segmentation: Keep subnet separation for performance and security. Use a Mikrotik router for routing between subnets instead of relying solely on the switch. Simplify Fritzbox’s Role: Use the Fritzbox primarily for internet access and as a backup DHCP server if needed. Upgrade to RouterOS 7: If using a Mikrotik device, ensure it's running RouterOS 7 for better performance and features.
November 24, 20241 yr Author 1 minute ago, bmartino1 said: While the current setup works, resolving the DHCP and subnet communication issues on the Mikrotik switch will simplify operations. I haven't had any problems since I am using 2 subnets. Both DHCP leases work immediately on the router and the switch. I also won't likely change back. Literally everything I used despite the airplay stuff works with ip calls and therefore is simple to use by a user like me. 4 minutes ago, bmartino1 said: DHCP relay Trust me ... I tried everything, also a DHCP relay, which dind't work ! And most certainly is wrong in this use case because why should there be a relay INSIDE one subnet ? DHCP leases normally propagate in one subnet without problems ... Thanks for the concerns but I dont want to change the network ! I want to solve the issue without pulling out the root and planting a new tree !! 8 minutes ago, bmartino1 said: This could result from a misaligned gateway or subnet mask configuration. nop tested and checked everything 100s of times. 9 minutes ago, bmartino1 said: The user plans Chatgpt ? Guys thanks anyway, but please don't consider my network as a variable but rather as a constant ... I put enough time into networking
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.