I recently got mDNS working across multiple VLANs, but the solution has me puzzled…
I’ve got a Ubiquiti EdgeRouter 10X with the latest firmware. The switch0 (LAN) is the untagged network, and the switch0.10 VLAN is the GUEST network and the switch0.20 VLAN is the IOT network. mDNS repeaters are configured for switch0, switch0.10 and switch0.20.
With this config, mDNS was not working. I would see mDNS requests go out from the esphome server, and I would see replies come back from the espdevice, but esphome & Home Assistant acted like they didn’t see the replies. esphome showed the device offline, and HA didn’t auto discover it.
Talked with a friend who has other Ubiquiti hardware, and he said his didn’t work until he added a rule to the IOT_LOCAL FW policy to allow mDNS traffic directly to the gateway. I did the same, and Voila!! esphome & Home Assistant could see/discover the device. Neither of us could explain WHY this rule seemed necessary.
The part that I don’t understand is, if I could see the mDNS replies on the LAN network, why did the server not see them. The replies had source id = esp device, and dest = 224.0.0.251. From what (little) I’ve read, I thought devices on the network should gather all replies to 224.0.0.251 and cache them to reduce network load, but the Ubuntu 22.04 servers hosting esphome & HA didn’t seem to do that.
The only significant difference I saw in tcpdump output was that before the IOT_LOCAL rule, when a request went out, the only reply I saw was from the espdevice itself. Once the IOT_LOCAL rule was added, I then began to see additional replies from each of the network gateways. That is, for each request that went out, I’d see a reply with the esp device as the source addr, and a reply with the IOT gateway as the source, and a reply with the LAN gateway as the source.
Do the mDNS services simply drop all replies that do not originate on the local subnet? I know the packets are not routeable, but I expected that if a reply made onto the local subnet that the services on that network would cache them, regardless of source address.
Thanks in advance for any insight…