[avahi] breaking avahi through vpn

Sebastien Estienne sebastien.estienne at gmail.com
Sun Feb 12 04:32:03 PST 2006

On 2/12/06, Lennart Poettering <lennart at poettering.net> wrote:
> On Sun, 12.02.06 01:39, Max Kutny (mkutny at gmail.com) wrote:
> Hi!
> > What's the rationale behind skipping POINTOPOINT interfaces? Could it
> > be possible to make avahi more VPN friendly?
> This is slowly becoming an FAQ.
> There are actually two reasons:
> Firstly, mDNS is designed for low latency links such as ethernet or
> WLAN. Some timing limitations make mDNS unreliable across long latency
> links, such as modem or VPN.  (latency must not exceed more than a few
> 10ms) For high latency links we suggest using DNS-SD over traditional
> unicast DNS (aka "wide area bonjour"). Unfortunately, as of now Avahi
> supports Wide-Area-DNS-SD in a read-only fashion only.
> Secondly, mDNS is designed to be used in "trusted" networks
> only. There is a big chance that interfaces with the POINTOPOINT bit
> set are directed to the internet (PPP of some kind), hence we try to
> avoid them like the devil the holy water.
> If you're feeling lucky you can enable mDNS over pointopoint links by
> commenting the line containing "IFF_POINTOPOINT" in
> avahi-core/iface-linux.c and recompiling. YMMV! (We might even make
> this a user configurable option eventually, since so many people ask
> for it.)

what about doing something like the relaying gateways that i suggested
to fill the need for zeroconf with vpn?

Would it work? they wouldn't forward the query, but exchange the
browsing list on a regular basis (or something equivalent)

what are your opinions?

> Lennart
> --
> Lennart Poettering; lennart [at] poettering [dot] net
> ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/
> _______________________________________________
> avahi mailing list
> avahi at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/avahi

Sebastien Estienne

More information about the avahi mailing list