From kjetil at kjernsmo.net  Thu Jan 21 14:46:24 2021
From: kjetil at kjernsmo.net (Kjetil Kjernsmo)
Date: Thu, 21 Jan 2021 15:46:24 +0100
Subject: Understanding multicasting across VLANs
Message-ID: <2975855.TQGk6oTFT5@owl>

Hi all!

I have set up Gerbera, a DLNA/UPnP server on my internal server, which 
lives in my LAN, and I'm trying to access it from wireless clients, which 
lives in a VLAN. It works fine on wired clients in the LAN, but apparently, 
the UPnP server is not discoverable by any wireless clients, as none of my 
clients find it. UPnP uses the SSDP protocol, which is uses a multicast UDP 
on port 1900.

Schematically, my network looks like this: http://dev.kjernsmo.net/
Nettarkitektur.png
In addition, there is an interface eth2.5 which the Wifi sets up to include 
eth2.*

There was a thread some years ago that looks similar, but I couldn't quite 
make out what I need to do:
https://lists.firehol.org/pipermail/firehol-support/2015-September/
005232.html

Right now, I'm testing with my "VLAN for trusted clients", as it has the 
simplest setup:
interface eth2.4 wifitr
 	  policy accept
	  server multicast accept
 	  client all accept

The "multicast" rule is something I just added, I would have thought it 
wouldn't be needed. 

It also has 
router wifitr2lan inface eth2.4 outface eth1
       policy accept

Is there a way to make this work with Firehol alone? Or am I looking at the 
wrong problem? Are there deeper problems around allowing multicasts across 
subnets that I need to look into?

Cheers,

Kjetil