You are here: Home » Topic » Share through WAN port?

Share through WAN port?

This topic contains 11 replies, has 2 voices, and was last updated by  rpedde 10 years, 11 months ago.

Viewing 12 posts - 1 through 12 (of 12 total)
  • Author
    Posts
  • #1474

    dantidote
    Participant

    In my dorm i use a linksys router connected to my server and my laptop. The router is hooked up to the wall via the WAN port. I can access the Firefly server on my LAN, but would like to be able to access it other places in the dorm. Preferrably, I’d like to keep the router inbetween myself and the rest of the network. I’ve tried opening ports(3689 and 5353), but havent had any success, i’m sure i’m missing someting. Any help?

    #11137

    rpedde
    Participant

    @dantidote wrote:

    In my dorm i use a linksys router connected to my server and my laptop. The router is hooked up to the wall via the WAN port. I can access the Firefly server on my LAN, but would like to be able to access it other places in the dorm. Preferrably, I’d like to keep the router inbetween myself and the rest of the network. I’ve tried opening ports(3689 and 5353), but havent had any success, i’m sure i’m missing someting. Any help?

    You need something to advertise the daap server on the remote network. The best tool for that is probably Network Beacon on the mac, or Rendezvous proxy for windows.

    Check out this page http://wiki.mt-daapd.org/wiki/SSH_Tunnel and look at the section on advertising your server on remote networks.

    — Ron

    #11138

    dantidote
    Participant

    Ok, well I’m finally back in school now, and i just want to make sure I got all this figured out.

    Firstly, Do I need to forward 5353?

    Secondly there are 2 shares appearing in iTunes, the rendezvous proxy works, but the firefly one is using the wrong IP therefore nobody can connect to it over the WAN. Can I disable the firefly mDNS? using -m right? On my windows box, how can I make the service always use -m?

    #11139

    rpedde
    Participant

    @dantidote wrote:

    Ok, well I’m finally back in school now, and i just want to make sure I got all this figured out.

    Firstly, Do I need to forward 5353?

    Secondly there are 2 shares appearing in iTunes, the rendezvous proxy works, but the firefly one is using the wrong IP therefore nobody can connect to it over the WAN. Can I disable the firefly mDNS? using -m right? On my windows box, how can I make the service always use -m?

    no, you dont’ need to forward 5353. that’s the rendezvous proxy.

    Did you read the ssh tunnel article?

    Inside your own network, don’t use rendezvous proxy. Use the default mdns responder.

    Inside your network, you have a server ip address like 192.168.0.10 or something. The public side of your router has an isp assigned ip address, like 10.2.84.82 or something. On your router, forward 3689 from the outside to 192.68.0.10 on 3689 so you have port forwarding for the daap connection.

    When you are outside of your local net, then set mdns proxy to advertise for 10.2.84.82:3689 (the public side of your router).

    that’s really all there is to it.

    — Ron

    #11140

    dantidote
    Participant

    Yeah, I understand all the port forwarding and mDNS proxy. The problem is the server is showing up twice even on the external network, but people can only connect to the proxy so I want to stop/hide firefly’s bonjour forever. (I can still connect to the proxy on the internal net without a problem.) I hope this makes sense.

    #11141

    dantidote
    Participant

    Ok, I got it all figured out.
    To always disable firefly’s bonjour there’s a small registry hack.
    If anyone’s interested:

    Open up regedit.
    1. Go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesFirefly Media Server

    2. Add -m to the end of the “ImagePath” string.

    Now only the proxy shows up in the sources list 🙂

    Thanks so much Ron, everything works perfectly!

    #11142

    dantidote
    Participant

    Dang, well now that rendezvous proxy has taken over, i need to get it to run as a windows service, so it can run without me logging in. This is a problem because it’s a Java app. I think i need to create a java wrapper, but that confuses the hell out of me.
    Are there any other mdns proxies out there as an exe?
    can i drop rendezvousproxy and instead compile mdnsproxyresponder for windows?
    or would it be easier just to make the move to linux?

    #11143

    rpedde
    Participant

    @dantidote wrote:

    Dang, well now that rendezvous proxy has taken over, i need to get it to run as a windows service, so it can run without me logging in. This is a problem because it’s a Java app. I think i need to create a java wrapper, but that confuses the hell out of me.
    Are there any other mdns proxies out there as an exe?
    can i drop rendezvousproxy and instead compile mdnsproxyresponder for windows?
    or would it be easier just to make the move to linux?

    Okay, I see what you are saying now. Is your daap server the router? I’m not sure why it would see two advertisements outside your network unless your router was forwarding outbound mdns. Which it shouldn’t because it’s natted. Oh well.

    As far as the java thing, I have no idea at all. I tend to avoid java. 🙂

    As far as moving to linux goes, I’m not sure what that buys on on the server. You could at least control ttl that way and not have the natted advertisement appear on the outside network, but that’s about it, I think.

    #11144

    dantidote
    Participant

    When I enable multicast on the router, the server’s mdns is automagically pushed through somehow. Whatever.

    Thanks so much man, you’re really pumping out some quality software, AND you’re super helpful on the forums. Much respect.

    #11145

    rpedde
    Participant

    @dantidote wrote:

    When I enable multicast on the router, the server’s mdns is automagically pushed through somehow. Whatever.

    Thanks so much man, you’re really pumping out some quality software, AND you’re super helpful on the forums. Much respect.

    I’m assuming this is a campus resnet or something? Kind of nice that the it staff enabled multicast. They don’t usually do that. :), but it’s kind of biting you.

    I don’t really see a way around it that’s very good. Even if you turn off the built-in mdns, when you are behind the firewall you need to use the internal address, which will be propagated out to everyone else. And even if you were to get the java dingus to run as a service, you wouldn’t be able to connect to it using that proxied advertisement from inside the firewall.

    Maybe the easiest thing is to change the server name to something like “whatever server – internal”, and then set up your bonjour proxy to use “whatever server – external” or something so you can tell them apart.

    I could probably add a knob to control TTL, so you could set the TTL on the built-in so it wouldn’t advertise past your router, but that wouldn’t be until next nightlies.

    — Ron

    #11146

    dantidote
    Participant

    Heres a tricky one:
    The server is all set up and it works just fine. I just found out that I’m not broadcasting to the whole building because there are 5 different subnets, and apparently i can only see and share to my subnet. I talked with the network engineer and this was what he said:

    Dan,
    Our Resnet network consists of the following subnets.
    ID Subnet IP Address Mask Router
    71 resnet-wads-g1 141.219.224.0 23 M160
    72 resnet-wads-2 141.219.226.0 23 M160
    73 resnet-wads-3 141.219.228.0 23 M160
    74 resnet-wads-4 141.219.230.0 23 M160
    75 resnet-wads-5 141.219.232.0 23 M160
    76 resnet-wmcnair 141.219.234.0 23 M160
    77 resnet-emcnair 141.219.76.0 22 M160
    78 resnet-dhh 141.219.236.0 22 M160
    79 resnet-heights 141.219.80.0 22 M160

    A ‘broadcast’ or SMB share should work only within the local subnet.

    Generally multicast will work across any of these subnets. IF the
    application sets the TTL short, or a group for local it may not traverse
    the network beyond a local subnet.

    Can I somehow share to the whole building even though we’re all on different subnets?

    #11147

    rpedde
    Participant

    @dantidote wrote:

    Heres a tricky one:
    The server is all set up and it works just fine. I just found out that I’m not broadcasting to the whole building because there are 5 different subnets, and apparently i can only see and share to my subnet. I talked with the network engineer and this was what he said:

    Dan,
    Our Resnet network consists of the following subnets.
    ID Subnet IP Address Mask Router
    71 resnet-wads-g1 141.219.224.0 23 M160
    72 resnet-wads-2 141.219.226.0 23 M160
    73 resnet-wads-3 141.219.228.0 23 M160
    74 resnet-wads-4 141.219.230.0 23 M160
    75 resnet-wads-5 141.219.232.0 23 M160
    76 resnet-wmcnair 141.219.234.0 23 M160
    77 resnet-emcnair 141.219.76.0 22 M160
    78 resnet-dhh 141.219.236.0 22 M160
    79 resnet-heights 141.219.80.0 22 M160

    A ‘broadcast’ or SMB share should work only within the local subnet.

    Generally multicast will work across any of these subnets. IF the
    application sets the TTL short, or a group for local it may not traverse
    the network beyond a local subnet.

    Can I somehow share to the whole building even though we’re all on different subnets?

    It’s the second one — it’s a local multicast address. From the RFC:

    The range of addresses between 224.0.0.0 and 224.0.0.255, inclusive,
    is reserved for the use of routing protocols and other low-level
    topology discovery or maintenance protocols, such as gateway discovery
    and group membership reporting. Multicast routers should not forward
    any multicast datagram with destination addresses in this range,
    regardless of its TTL.

    mDNS uses 224.0.0.251, so that’s the issue. You can’t really get around that without switch reconfiguration, so the netsec guy is telling you that you are SOL.

Viewing 12 posts - 1 through 12 (of 12 total)

The forum ‘Setup Issues’ is closed to new topics and replies.