[avahi] Re: [avahi-commits] r646 - in /trunk: avahi-core/core.h avahi-core/server.c avahi-core/socket.c avahi-core/socket.h avahi-daemon/avahi-daemon.conf avahi-daemon/main.c docs/TODO

Marc Krochmal marc at apple.com
Thu Sep 29 10:23:14 PDT 2005 


On Sep 29, 2005, at 9:59 AM, Lennart Poettering wrote:

> Nice to know that someone from Apple takes so much interest in Avahi
> that he takes notice of every commit. ;-)

Avahi is an exciting development for mDNS-SD so I'm interested.



> I wonder if it is a good idea to put such a requirement in an RFC (or
> spec). This is clearly an implementation issue and not a specification
> issue. Whether REUSEADDR/REUSEPORT is set or not, doesn't change the
> protocol behaviour at all, so I guess a SHOULD is what should be put
> here, if at all.
>
> Linux doesn't implement REUSEPORT, and I guess some embedded TCP/IP
> stacks don't implement either REUSEPORT or REUSEADDR, so I think it is
> very odd to require this feature in the spec. In addition the exact
> behaviour of REUSEADDR/REUSEPORT is not well the defined. (we already
> had a discussion about that)
>
> In short: please change this MUST to a SHOULD and please refer to
> REUSEADDR in addition to REUSEPORT.

OK, I agree that it should be a SHOULD.  I'll make a note to change it.



> Hrm. You know that I don't think that mDNS is reliable when multiple
> stacks run on the same host. I hope I already made my reasoning for
> that clear.

Well I didn't spell out *all* the details, but this is what I said...

"Regarding the statement on Avahi's web site, I've spoken to Lennart  
who works on Avahi about it since I think he's overstating the  
fallout.  While Lennart is correct that two responders on the same  
machine could conflict, since they might have different known answer  
lists and one responder could steal the unicast responses of the  
other responder, these issues won't actually result in the protocols  
failing, since mDNS is resilient to packet loss, so it can cope with  
these conflicts.  While it's suboptimal to have multiple responders  
on the same machine, you should be able to run Avahi, Howl, and  
Bonjour on the same Linux machine without any problems."




> The reason why I added this disallow-other-stacks option was primarily
> security. Some guy came up on IRC and needed a way to make sure that
> all mDNS traffic sent out from or recieved by the local machine was
> done through Avahi and *only* through Avahi. Blocking port 5353 for
> other apps by not setting REUSEADDR is an efficient way to do this.

Interesting.  OK that makes sense, but I just fear that setting this  
by default would break some applications that have embedded versions  
of mDNS.  I've talked to many developers over the years and have  
tried to convince them that using a single mDNSResponder was a good  
idea, but they still insisted on embedding the code into their  
application, so it would be unfortunate if those applications now  
stopped working because Avahi was installed.  It would also be nice  
to have Avahi and Darwin mdnsd running on the same machine without  
any *major* conflicts.




>> Could you at least set SO_REUSEADDR by default?
>
> Ok, I did so in r652.
>
> BTW, could you please reply to commits directly to the main mailing
> list instead of just me?

Sure, no problem.  Obviously some e-mails are only meant for you  
alone, but for the rest I can respond to the list.



> I modified the configuration of avahi-commits now in away that it sets
> a Reply-To: header pointing to the main mailing list. If you don't
> object I will forward all older mails to the main mailing list now?

Sure, go ahead.

-Marc

More information about the avahi mailing list