2mmanu Posted Friday at 04:16 PM Posted Friday at 04:16 PM Hello everyone, I’m testing a configuration with two Wi-Fi segments on my Keenetic Hero: Home (192.168.2.0/24) IoT (192.168.3.0/24) Goal: HomeKit devices connected to IoT should announce themselves via mDNS and be discoverable from Home. No reverse opening: Home should not announce itself to IoT, and devices in IoT should not initiate communication toward Home. Current setup: Relay multicast DNS enabled on both segments (Home and IoT). Firewall Home → IoT: ALLOW on “Any IP protocol”. Problem: Even with this configuration, devices in IoT are still not discovered from Home via dns-sd -B _hap._tcp. Questions: Does the IoT segment need an explicit firewall rule to allow UDP to 224.0.0.251:5353 for the relay to pick up and forward mDNS packets? Does Keenetic’s mDNS Relay act as a true proxy between segments, or is there additional configuration required? Is it possible to limit the relay to one-way (IoT → Home) to avoid reverse discovery? Any advice or insights from the community or Keenetic team would be greatly appreciated. Thanks in advance! Quote
Question
2mmanu
Hello everyone,
I’m testing a configuration with two Wi-Fi segments on my Keenetic Hero:
Home (192.168.2.0/24)
IoT (192.168.3.0/24)
Goal:
HomeKit devices connected to IoT should announce themselves via mDNS and be discoverable from Home.
No reverse opening: Home should not announce itself to IoT, and devices in IoT should not initiate communication toward Home.
Current setup:
Relay multicast DNS enabled on both segments (Home and IoT).
Firewall Home → IoT: ALLOW on “Any IP protocol”.
Problem:
Even with this configuration, devices in IoT are still not discovered from Home via
dns-sd -B _hap._tcp.Questions:
Does the IoT segment need an explicit firewall rule to allow UDP to
224.0.0.251:5353for the relay to pick up and forward mDNS packets?Does Keenetic’s mDNS Relay act as a true proxy between segments, or is there additional configuration required?
Is it possible to limit the relay to one-way (IoT → Home) to avoid reverse discovery?
Any advice or insights from the community or Keenetic team would be greatly appreciated.
Thanks in advance!
0 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.