0

On a Debian 6.0.6 system (squeeze) I am having trouble resolving a host using Avahi and IPv4. Here is a sample output:

: nr@homedog 10102 ; avahi-browse -a
+   eth0 IPv6 yorkie [00:1f:3b:d8:67:1d]     Workstation          local
+   eth0 IPv6 homedog [bc:5f:f4:5a:b1:73]    Workstation          local
+   eth0 IPv4 homedog [bc:5f:f4:5a:b1:73]    Workstation          local

Notice that homedog, the local machine, is visible both on IPv6 and IPv4. But yorkie, the remote machine, is visible only on IPv4. And avahi-resolve-host-name -4 yorkie.local hangs with no result.

EDIT: The situation is symmetric: yorkie sees itself on IPv4 and IPv6, but it sees homedog on IPv6 only.

On yorkie, the output from iptables -vnL is

Chain INPUT (policy ACCEPT 109K packets, 98M bytes)
 pkts bytes target     prot opt in     out     source   destination     

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source   destination  

Chain OUTPUT (policy ACCEPT 108K packets, 94M bytes)
 pkts bytes target     prot opt in     out     source   destination

(To make the display fit StackExchange without wrapping, I have taken a couple of liberties with horizontal space.) The display on homedog is identical except for the numbers: for all three, it displays 0 packets and 0 bytes. (I have no clue how to interpret these outputs, but it may be informative that yorkie's current uptime is 41 days and homedog's current uptime is 6 hours.)

I found a closed ticket at http://avahi.org/ticket/297, which suggests that the problem is some sort of firewall configuration. I am a complete novice in this area, and through web search I have been unable to inform myself about how to use the iptables command to diagnose or repair the problem. I found another ticket as Debian bug 547974, but this bug was closed without explaining how to fix the problem.

The hypothesis is that somehow the service-discovery packet is being blocked—I don't know on which machine. Can anyone say how to discover which machine is blocking the packet and how to reconfigure it so Avahi discovers the IPv4 address?

Norman Ramsey
  • 645
  • 2
  • 10
  • 24
  • `iptables -vnL` is a good start at dumping everything in there for IPv4 rules (`ip6tables` is used for IPv6 rules). If `homedog` can see itself on both IPv4 and IPv6, the obvious next step to see where it's broken is to see if `yorkie` can see itself on both IPv4 and IPv6 – DerfK Feb 08 '13 at 23:26
  • @DerfK thanks for helping me improve my question. Visibility is symmetric, but `iptables` shows many more bytes and packets on yorkie. – Norman Ramsey Feb 09 '13 at 01:16
  • Do you actually need IPv4 here? – Michael Hampton Feb 09 '13 at 01:25
  • @Michael, I don't know. I have no particular brief for one or the other, but I can't figure out how to get `ssh` to work with IPv6. I have my `/etc/nsswitch.conf` configured to work with mdns4, but doing `ssh -6 yorkie.local` results in a failure to resolve the hostname. – Norman Ramsey Feb 09 '13 at 02:36
  • If avahi is actually running, `ssh yorkie` _should_ be sufficient. – Michael Hampton Feb 09 '13 at 02:38
  • @Michael, `avahi-resolve-host-name` finds `yorkie.local` (with an IPv6 address) but not `yorkie`. My `/etc/resolv.conf` could be at fault. – Norman Ramsey Feb 09 '13 at 02:40

1 Answers1

0

This one isn't still fully diagnosed, but it was a combination of two problems:

  • On host yorkie, some unknown daemon keeps installing iptables rules. I remove the rules, but eventually they reappear.

  • The more pernicious part: yorkie is connected wirelessly, and **my Verizon ActionTec router was blocking mDNS packets.

With both problems resolved, avahi-browse -a works as expected.

Norman Ramsey
  • 645
  • 2
  • 10
  • 24