Welcome to Machine Unix

Search Below

mDNS on OpenIndiana 151a

I stumbled upon the term at work. I knew nothing about it. I got really curious, because I’ve seen it in various places, could not resist and asked around and learned a bit about it.

mDNS, aka multicast DNS is a protocol where you can use DNS related operations when there is no available centralized DNS service. In other words, it lets hosts to see each other or rather determine the IP addresses without needing a dns server installed.  Wikipedia also refers that Apple’s Bonjour service ( more on this later ) and  Linux Avahi service utilizes this protocol.

If you have a small network, or home network you can utilize mDNS very quickly, and since mdns uses .local namespace using it becomes a breeze. So how ?

OpenIndiana ( and possibly Solaris 11 ) comes preinstalled with the service. You need to do only two things to start using

1) Edit /etc/nsswicth.conf by adding mds in relevant fields

2) Enable the relevant SMF Service.

Edit /etc/nsswitch.conf

I already had two zones in my OpenIndiana 151a called “zdev” and “zdev2″. So in each zone I edited nsswitch.conf:

root@zdev2:~# cat /etc/nsswitch.conf | grep mdns

# server lookup.  See resolv.conf(4). For lookup via mdns

# svc:/network/dns/multicast:default must also be enabled. See mdnsd(1M)

hosts:      files dns mdns

ipnodes:   files dns mdns

Enable SMF

Enabled the service in each zone:

root@zde2v:~# svcs -a | grep multicast

online         21:10:40 svc:/network/dns/multicast:default

So, ok files are edited, services are enabled. Then what? Enter .local namespace. From my local Mac Terminal:

Juan K:~ drende$ ssh root@zdev2.local

Password:

Last login: Wed Dec  7 21:54:59 2011 from joyent

OpenIndiana (powered by illumos)    SunOS 5.11    oi_151a    September 2011

root@zdev2:~# exit

There is nothing indicating the existence of either zdev or zdev2 in my local /etc/hosts. I just used the name space and voila. So how does it really work?

We know that by now from our reading different sources in the packet structure the IPv4 address is 224.0.0.251 and it runs on UDP port 5353 by default.

There is an awesome utility called snoop on Solaris systems, lets pick up the multicast traffic:

I have two terminals open one is used for generating some simple traffic to the zones, and the other is logged in to the GZ OpenIndiana snooping the traffic:

TERMINAL 1

Juan K:~ drende$ ping zdev.local

PING zdev.local (192.168.1.202): 56 data bytes

64 bytes from 192.168.1.202: icmp_seq=0 ttl=255 time=0.521 ms

64 bytes from 192.168.1.202: icmp_seq=1 ttl=255 time=0.576 ms

64 bytes from 192.168.1.202: icmp_seq=2 ttl=255 time=0.540 ms

64 bytes from 192.168.1.202: icmp_seq=3 ttl=255 time=0.563 ms

^C

— zdev.local ping statistics —

4 packets transmitted, 4 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 0.521/0.550/0.576/0.021 ms

Juan K:~ drende$ ping zdev2.local

PING zdev2.local (192.168.1.203): 56 data bytes

64 bytes from 192.168.1.203: icmp_seq=0 ttl=255 time=0.169 ms

64 bytes from 192.168.1.203: icmp_seq=1 ttl=255 time=0.549 ms

64 bytes from 192.168.1.203: icmp_seq=2 ttl=255 time=0.443 ms

64 bytes from 192.168.1.203: icmp_seq=3 ttl=255 time=0.540 ms

^C

— zdev2.local ping statistics —

4 packets transmitted, 4 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 0.169/0.425/0.549/0.154 ms

TERMINAL 2

root@oi151a:~# snoop -d e1000g0 udp port 5353

Using device e1000g0 (promiscuous mode)

Juan K -> 224.0.0.251  MDNS C zdev.local. Internet Addr ?

fe80::6233:4bff:fe04:7ffb -> ff02::fb     MDNS C zdev2.local. Internet Addr ?

192.168.1.202 -> 224.0.0.251  MDNS R zdev.local. Internet Addr 192.168.1.202

Juan K -> 224.0.0.251  MDNS C zdev2.local. Internet Addr ?

fe80::6233:4bff:fe04:7ffb -> ff02::fb     MDNS C zdev.local. Internet Addr ?

192.168.1.203 -> 224.0.0.251  MDNS R zdev.local. Internet Addr 192.168.1.203

Ok so now we know how the multicast traffic looks like and how the hosts communicate with each other without needing a centralized dns server, what else can we do with this?

It turns out very plenty. There is a short little documentation about mDNS on Oracle Solaris website. There the documentation talks about how to advertise the resources for DNS. We are going to take a look at the last example, how to advertise a web page so that when you register your page, it will be available on the Bonjour list in Safari and other DNS-SD compatible web clients.

In other words, when you advertise the page every DNS-SD compatible web client will see what is in there. So to see what this meant, I went ahead and installed apache22 on zdev2 to serve a single “It works” page.

root@zdev2:~# pkg install apache

               Packages to install:    20

           Create boot environment:    No

               Services to restart:     3

DOWNLOAD                                  PKGS       FILES    XFER (MB)

Completed                                20/20   2053/2053    28.0/28.0

PHASE                                        ACTIONS

Install Phase                              2933/2933

PHASE                                          ITEMS

Package State Update Phase                     20/20

Image State Update Phase                         2/2

When you hit the IP of the zone, as expected I am getting “It works” page. You can see this in the following Firefox Browser:

 FFX2

The following is the Safari Browser initial Bonjour List:

Bonjour1

So let’s register our web page with dns-sd command:

root@zdev2:~# dns-sd -R “zdev2” _http._tcp . 80 path=/

Registering Service zdev2._http._tcp port 80

path=/

Got a reply for zdev2._http._tcp.local.: Name now registered and active

Now let’s go back to our Safari Bonjour List and see the registration:

Bonjour2

If you were to click “zdev2″ on the browser, the following would be the result:

Bounjour3

This is amazingly cool. I could think of many uses of this. You can probably create a whole website in your intranet and just serve it out of a Illumos powered OpenIndiana zone and do bunch of other things with it. The security of using such a protocol in a decentralized dns environment is left as an exercise to the reader!

Leave a Reply

Your email address will not be published. Required fields are marked *

You can use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>