I don’t usually does this but this worked and i have yet to find this specification for Bonjour (allowing IoT network to access 224.0.0.251, but blocking everything else to the private network). THANK YOU!!!! PS i hope you got the mosquito!
So essentially, you have to allow multicast through the firewall for mdns (multicast dns)/bonjour to work. IMO if you want a robustly secure white-listed network, don't put home consumer entertainment/amusement devices on it. Even if the devices themselves remain secure, the users for those devices will be your weakest link.
Great video! But what if the apple tv net is on the other side of a layer 2 openvpn tunnel between two sites? How can multicast be propagated through the tunnel given that the layer 2 is not enough?
Thanks for the info. I did a Google search and it seems all you really need is UDP/5353 to 224.0.0.251, so if you are really trying to lock your network down that is what you need (works for my network).
I've noticed that Chromecast discovery is super slow across different subnets. Sometimes it takes several minutes for my laptop that is on vlan1 to discovery my TV on vlan2. Haven't found a way to speed this up.
That's interesting and not something I have come across yet. What is the network layout and hardware? Possibly blocked traffic by the switch? Good luck!
@@RocketCityTech I haven't seen anything that looks like it's being blocked. It works, but it takes at least two minutes before it discovers any devices.
@@ramblinman7153 If the Chromecasts are connected via WiFi, the access points themselves could be playing with that traffic as well, causing the delay. Some will disable or throttle out of the box. A good test would be a device you can connect to the wired network, like a TV with baked in Chromoecast, and see if there is any difference.
@@RocketCityTech Seems to be a problem with VLC player as opposed to anything on the network. Chrome browser, UA-cam and my Android phone show the device immediately. VLC player only shows the chromecast as an audio only device. If I leave VLC player open for 10 minutes or so, it finally shows up.
if you have a samsung tv (my model is q90r) you might have a problem with popup (allow/deny device) that shows up all the time specially when you open facebook app on your phone. this is actually facebook app issue and not from your tv. and to fix this problem block port 8001. just sharing what i found out on shark and what FB is doin . so now you can enjoy watchin your tv and phone without having any annoying popups.
Holy bejesus! Skip to 17 minutes in if you want to hear the actual issue without a ton of fluff.
Literally at 4:30 in and started reading comments to find out when the fluff finished. You're the real hero here. :-)
@@divingmundz 7:03 for me
Oh thank god!! you saved me!!
You have separate interfaces for every networks, why don't you use VLAN instead?
Good content!! This is just what I was looking for!
I don’t usually does this but this worked and i have yet to find this specification for Bonjour (allowing IoT network to access 224.0.0.251, but blocking everything else to the private network). THANK YOU!!!! PS i hope you got the mosquito!
Glad it helped, and thanks for watching! Yes, I think I eventually got it haha!
So essentially, you have to allow multicast through the firewall for mdns (multicast dns)/bonjour to work. IMO if you want a robustly secure white-listed network, don't put home consumer entertainment/amusement devices on it. Even if the devices themselves remain secure, the users for those devices will be your weakest link.
Killer2600 you're absolutely correct.
Great video! But what if the apple tv net is on the other side of a layer 2 openvpn tunnel between two sites? How can multicast be propagated through the tunnel given that the layer 2 is not enough?
You just blew my mind.
Thanks for the info. I did a Google search and it seems all you really need is UDP/5353 to 224.0.0.251, so if you are really trying to lock your network down that is what you need (works for my network).
Excellent, thanks for sharing with us!
I've noticed that Chromecast discovery is super slow across different subnets. Sometimes it takes several minutes for my laptop that is on vlan1 to discovery my TV on vlan2. Haven't found a way to speed this up.
That's interesting and not something I have come across yet. What is the network layout and hardware? Possibly blocked traffic by the switch? Good luck!
@@RocketCityTech I haven't seen anything that looks like it's being blocked. It works, but it takes at least two minutes before it discovers any devices.
@@ramblinman7153 If the Chromecasts are connected via WiFi, the access points themselves could be playing with that traffic as well, causing the delay. Some will disable or throttle out of the box. A good test would be a device you can connect to the wired network, like a TV with baked in Chromoecast, and see if there is any difference.
@@RocketCityTech Seems to be a problem with VLC player as opposed to anything on the network. Chrome browser, UA-cam and my Android phone show the device immediately. VLC player only shows the chromecast as an audio only device. If I leave VLC player open for 10 minutes or so, it finally shows up.
if you have a samsung tv (my model is q90r) you might have a problem with popup (allow/deny device) that shows up all the time specially when you open facebook app on your phone. this is actually facebook app issue and not from your tv. and to fix this problem block port 8001. just sharing what i found out on shark and what FB is doin . so now you can enjoy watchin your tv and phone without having any annoying popups.
Nice info, thanks for sharing, and thanks for watching!
Horrible explanation