10

avahi-daemon continues to bind to eth0 ports 5353 and 53791. Is there any way to tell avahi-daemon to only bind to localhost and not eth0 ?

/etc/avahi/avahi-daemon.conf

use-ipv4=yes
use-ipv6=no
allow-interfaces=lo
deny-interfaces=eth0

netstat -nap

udp   0   0 0.0.0.0:53791   0.0.0.0:*   3145/avahi-daemon:
udp   0   0 0.0.0.0:5353    0.0.0.0:*   3145/avahi-daemon:
Waleed Bons
  • 101
  • 1
  • 1
  • 3
  • What are you trying to do? (Restricting it to `localhost` strikes me as odd...do you want to disable it completely?) Have you had a look at the output of `avahi-daemon --debug`? – sr_ Jan 20 '13 at 12:02

2 Answers2

9

avahi-daemon implements Zeroconf network configuration protocol. It is useless unless it operates on network interface. You can select on which network interface you want it to run using "allow-interfaces" and "deny-interfaces" directives, but if you do not want to run in on any real network interface (as you seem), then you should not be running it at all, so simply shut it down (for example by putting exit 0 in /etc/default/avahi-daemon) or even better remove the package completely if you do not plan to using it in the future.

It does not make any sense to run it only at lo interface.

Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
Matija Nalis
  • 2,409
  • 23
  • 37
  • 1
    To remove it completely: `sudo apt remove avahi-daemon avahi-discover libnss-mdns` – Ahmad Boorghany Jan 28 '21 at 15:49
  • 1
    Good answer. But the ports are confusing. Port 5353 seems like an official, standard mdns port. But what is port 53791? Or on my system, the other port avahi-daemon is connected to is 48268, so it seems randomized and thus yet more confusing. – nealmcb Jul 25 '21 at 17:46
  • 1
    @nealmcb Thanks. You can find which ports are used by which program by example with `sudo netstat -tulpn`. As to **why** it happens (eg. you're interested in low-level programming methods for avahi-mdns implementation and how it relates to RFC requirements), you should ask a new question (probably on some more programming-related stackexchange site) – Matija Nalis Jul 26 '21 at 07:57
2

according to https://wiki.debian.org/ZeroConf here's an official way to stop and disable avahi-daemon completely:

systemctl stop avahi-daemon.socket
systemctl stop avahi-daemon.service
systemctl disable avahi-daemon

make it bind to lo does not make any sense as pointed out by others in the comments.

Roman Spiak
  • 519
  • 2
  • 9