New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mDNS sends reply to multicast instead of unicast if request source port is 5353 (breaks avahi-resolve) (IDFGH-5375) #7124
Comments
Note that neither request sets the unicast response bit. I don't know if the fact that a unicast response is forced when an alternate port is used is per spec or not. esp-idf/components/mdns/mdns.c Lines 1334 to 1337 in 21ecef5
|
Thanks for sharing the detailed report, we will look into. |
Thanks again for this report and sharing the analysis, this is helpful 👍 The actual difference between the The mDNS library doesn't (correctly) support both scenarios, trying to comply with full featured mDNS responder and at the same time responds to lwip mDNS queries introduced Here's a quick fix, which should work for both queriers:
|
Thank you very much for looking into it. My conclusions probably threw a bunch of red herrings on your path, sorry for that. I confirm that the patch works. I tested on Linux with every tool I could think of (avahi-resolve, dig, ping, Chrome, Firefox). All successfully resolve the name of the patched device. At the same time the unpatched device is not resolved. Just in case I also booted Windows and tested there (ping, Chrome, Edge) - works like a charm using whatever native thing that does mDNS on Windows. Unfortunately I don't have any Apple devices, so can't test with Mac or iOS. Side note: dig is just a diagnostic tool, but the system name resolver on Linux uses avahi (most frequently, systemd also has something which I haven't tested), so if that doesn't resolve my device's name it's quite unfortunate. Can't access the web interface by name, can't ping to verify connectivity. If I access the HTTPS web interface by IP, the certificate no longer applies so the browser is screaming murder and hackers (and not using the stored password)... |
Thanks for reporting, the fix on master branch is available f601cb0. We are back porting the fix to release/4.3 and release/4.2. Thanks. |
Great news! Can't test/confirm with master, as it's frankly a pain in the butt to build. Waiting for the backports. |
Thanks for being patient while waiting for the fix, fix on release/4.2 has been available 93921e0, feel free to reopen if the issue still happens. Thanks. |
Environment
Problem Description
The mDNS resolution of device name to IP has stopped working in v4.2.1 (don't remember in which version it was OK, maybe v4.0?). Specifically, the ESP IDF mDNS service responds to queries from
avahi-resolve -n -4 UBIK-71F164.local
with a packet destined to the multicast group 224.0.0.251 which is not received byavahi-resolve
. As a result avahi-resolve doesn't resolve the name.As contrast, running
dig +short -p 5353 @224.0.0.251 UBIK-71F164.local
does resolve the name perfectly. Details and packet capture below.NB! The problem raises only 2 minutes after ESP32 boots, probably because on boot mDNS broadcasts the relevant info which gets cached by my machine.
The network setup is fairly common, a Technicolor domestic router/AP with ESP32 connected via WiFi and my computer via Ethernet.
Expected Behavior
Running
avahi-resolve
2 minutes after ESP32 boot resolves the name to IP:Actual Behavior
avahi-resolve
fails to resolve the name:At the same time
dig
correctly resolves the name:Steps to reproduce
avahi-resolve -n -4 <name>.local
Code to reproduce this issue
Debug Logs
There is nothing relevant to mDNS in the ESP32 logs.
Initial analysis
A screenshot from Wireshark shows two different mDNS queries (request-response pairs):
First query-response pair is from running
dig +short -p 5353 @224.0.0.251 UBIK-71F164.local
which successfully resolves the name. You can see that the request's source port is a random ephemeral port 44238. The response is sent as unicast to source IP of resolve query (192.168.224.100). All good.Second query-response pair is from running
avahi-resolve -n -4 UBIK-71F164.local -v
which fails. The request's source port is 5353. The response is sent to multicast group 224.0.0.251 instead of source IP of resolve query. Not good.The packet capture for those 4 packets is here:
packetcapture.zip
I can trace the problem in mDNS source code to this line, which seems to make a decision to "flush" the response if source port is 5353:
esp-idf/components/mdns/mdns.c
Line 1254 in 21ecef5
The text was updated successfully, but these errors were encountered: