Mandos-client doesn't discover server, only explicit connection works

Teddy Hogeborn teddy at recompile.se
Fri Aug 8 18:24:27 CEST 2014 

Erik Logtenberg <erik at logtenberg.eu> writes:

> > That *is* odd.  How about publishing the service manually, using
> > this command:
> > 
> > avahi-publish --service Mandos _mandos._tcp 36941
> > 
> > (Adjust the port number to match the port number in the debug
> > output.  If a "Local name collision" occurs, change the service name
> > from "Mandos" to "Mandos#2" or something.)
>
> Avahi-publish works on the server:
>
> [root at mandostest ~]# avahi-publish --service Mandos _mandos._tcp 57019
> Established under name 'Mandos'
>
> And avahi-browse, also on the server in a separate terminal, detects it:
>
> [root at mandostest ~]# avahi-browse --all --terminate
> +   eth0 IPv4 Mandos                                        _mandos._tcp
>         local
> +   eth0 IPv4 mandosclient [52:54:00:a6:98:55]              Workstation
>          local
> +   eth0 IPv4 mandostest [52:54:00:5c:d2:65]                Workstation
>          local

OK, that's good.  So the question is, why doesn't it work from Mandos?
Hmm...  Does your Avahi daemon listen on IPv6?  If it doesn't, that
might explain it; Mandos sends an IPv6 service to Avahi to be published,
but Avahi doesn't listen on an IPv6 address, so no IPv6 clients can see
it.

Come to think of it, you are sure that both the server and client has
IPv6 addresses, right?  What does "ip addr list" show?

> However, on the client avahi-browse still doesn't see it:
>
> [root at mandosclient ~]# avahi-browse --all
> +   eth0 IPv4 mandosclient [52:54:00:a6:98:55]              Workstation
>          local
>
> And thus also mandos-client stays the same.

Hmm, that is a separate problem.  For Mandos, and Zeroconf service
discovery in general, to work, they need to be in the same ethernet
broadcast domain.  If they were, they should have been able to see each
other; at least the other's "Workstation" service should be visible from
both sides.  I suspect that they are not really connected on that level.
You will have to investigate your virtual host setup, I guess.

/Teddy Hogeborn

-- 
The Mandos Project
http://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20140808/d2d2cf47/attachment.sig>

More information about the Mandos-Dev mailing list