Skip to content

net/avahi-reflector: add Avahi mDNS/DNS-SD reflector plugin#5217

Open
cayossarian wants to merge 4 commits intoopnsense:masterfrom
LegoTypes:add-avahi-reflector
Open

net/avahi-reflector: add Avahi mDNS/DNS-SD reflector plugin#5217
cayossarian wants to merge 4 commits intoopnsense:masterfrom
LegoTypes:add-avahi-reflector

Conversation

@cayossarian
Copy link

Summary

Adds a new plugin that runs avahi-daemon in reflector mode, proxying mDNS/DNS-SD traffic across VLANs for cross-subnet service discovery.

  • Full mDNS/DNS-SD support — unlike existing plugins that rebroadcast raw mDNS packets, Avahi participates in the mDNS protocol natively, handling A/AAAA record queries, DNS-SD browsing, and service enumeration. This enables reliable hostname resolution and Bonjour discovery (AirPlay, AirPrint, HomeKit, etc.) across network segments.
  • MVC GUI with interface selection, IPv4/IPv6 toggles, reflector enable, cross-IP-version reflection, and service-type filters
  • Dashboard widget showing service status, uptime, memory usage, and automatic detection of UDP port 5353 conflicts with other processes
  • Configd integration for start/stop/restart/status via the standard OPNsense service framework
  • Jinja2 templates generating avahi-daemon.conf and rc.conf.d from model settings
  • Depends on the avahi-app package (installed automatically)

Why a new plugin?

Existing mDNS plugins forward raw multicast packets between interfaces. This works for basic announcement reflection but does not handle full DNS-SD browse/resolve flows or A/AAAA hostname queries. Avahi's built-in reflector mode operates at the protocol level, correctly proxying service discovery and name resolution — which is required for many modern Bonjour-based workflows (e.g., AirPlay, AirPrint, Thread/Matter via Home Assistant).

Test plan

  • Deployed on OPNsense 25.1 with 4 VLANs (IoT, Trusted, Server, Management)
  • Verified cross-VLAN AirPrint discovery and printing
  • Verified cross-VLAN Thread/Matter device visibility in Home Assistant
  • Confirmed dashboard widget displays status, uptime, memory, and port conflict detection
  • Tested start/stop/restart via GUI and pluginctl
  • Verified clean avahi-daemon logs with no reflector errors
  • Confirmed no interference when other processes are not bound to port 5353

cayossarian and others added 4 commits February 12, 2026 14:02
New plugin that runs avahi-daemon in reflector mode, proxying
multicast DNS and DNS Service Discovery traffic across VLANs.
Provides a GUI for configuration, a dashboard status widget, and
a diagnostics API endpoint.

Depends on the avahi-app FreeBSD package.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix dashboard widget: use framework getMarkup/createTable pattern,
  ajaxCall instead of non-existent ajaxGet, correct updateTable
  signature with table ID, and use text-success/text-danger icons
  instead of non-existent label-opnsense--success CSS classes
- Fix widget metadata XML structure to match framework expectations
  (AvahiReflector wrapper element, filename, endpoints)
- Remove non-existent sessionClose() call from diagnosticsAction
- Replace hardcoded mdns-repeater conflict check with dynamic
  port 5353 detection via sockstat
- Remove silent mdns-repeater stop from start/restart actions
- Add conflict and Monit guidance to Enable help text

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ments

Add health check script for Monit to detect avahi-daemon slot pool
exhaustion and trigger automatic restarts. The reflector's hardcoded
100-slot pool for legacy unicast reflection can be exhausted by mDNS
traffic bursts, causing reflected services to go offline for hours.

Changes:
- Add avahi_slot_check.sh: stateful syslog scanner with offset+inode
  tracking, exits non-zero on slot errors for Monit integration
- Add healthcheck configd action for manual testing
- Extend status.py with slot error summary (today's count, last error
  timestamp, process start time) in a new health section
- Rework dashboard widget: proper BaseTableWidget API usage (getMarkup,
  createTable, ajaxCall), correct OPNsense CSS badge classes, health
  and last restart rows promoted to top of widget, PID/memory removed
- Fix widget metadata XML structure to match OPNsense conventions
  (widget wrapper element, filename, endpoints)
- Auto-show advanced mode on settings page when reflect_filters has
  values, so configured filters are visible without manual toggle
Use colored circle indicator with combined status/health line instead
of badge labels. Remove uptime row (redundant with last restart).
Show reflector as plain text instead of highlighted badge.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Development

Successfully merging this pull request may close these issues.

1 participant