[avahi] breaking avahi through vpn

Sun Feb 12 06:30:40 PST 2006

On 2/12/06, Lennart Poettering <lennart at poettering.net> wrote:
> On Sun, 12.02.06 01:39, Max Kutny (mkutny at gmail.com) wrote:
>
> Hi!
>
> > What's the rationale behind skipping POINTOPOINT interfaces? Could it
> > be possible to make avahi more VPN friendly?
>
> This is slowly becoming an FAQ.
>
> There are actually two reasons:
>
> Firstly, mDNS is designed for low latency links such as ethernet or
> WLAN. Some timing limitations make mDNS unreliable across long latency
> links, such as modem or VPN.  (latency must not exceed more than a few
> 10ms) For high latency links we suggest using DNS-SD over traditional
> unicast DNS (aka "wide area bonjour"). Unfortunately, as of now Avahi
> supports Wide-Area-DNS-SD in a read-only fashion only.
>
> Secondly, mDNS is designed to be used in "trusted" networks
> only. There is a big chance that interfaces with the POINTOPOINT bit
> set are directed to the internet (PPP of some kind), hence we try to
> avoid them like the devil the holy water.
>
> If you're feeling lucky you can enable mDNS over pointopoint links by
> commenting the line containing "IFF_POINTOPOINT" in
> avahi-core/iface-linux.c and recompiling. YMMV! (We might even make
> this a user configurable option eventually, since so many people ask
> for it.)

Btw we could make it configurable (disable by default) marking it
dangerous and unreliable to use as more and more people are interested
in this feature and as the latencies on some dedicated link may be low
enought.

I could wrote this patch if we decide that it makes sense and document
the problems related to this.
>
> Lennart
>
> --
> Lennart Poettering; lennart [at] poettering [dot] net
> ICQ# 11060553; GPG 0x1A015CC4; http://0pointer.net/lennart/
> _______________________________________________
> avahi mailing list
> avahi at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/avahi
>

--
Sebastien Estienne