You are not logged in.

#1 2021-06-17 00:39:01

bigoten
Member
Registered: 2018-01-17
Posts: 13

Avahi Zeroconf and VPN

Hi, I have a problem that I could not solve after trying to find a solution online for hours. I am hoping someone can point me in the right direction. Many thanks in advance.

I am running Arch Linux on a Dell desktop and recently installed a wireless printer (Canon Satera MF232w). After installing the right drivers, I used Avahi Zeroconf to find the printer in CUPS. I realized that I had to turn of my VPN (nordvpn) for CUPS to show the printer. Only after the installation was a breeze.
However, after a reboot I realized that the printer is not accessible. Nordvpn starts on boot through systemctl. I have to turn the VPN off (nordvpn d) and then Avahi Zeroconf Browser lists my printer. Once I put the VPN back on Avahi still shows the printer and it is still ready to use.

How can I set things so that both Avahi and nordvpn start on boot and the printer is accessible?
I tried editing avahi-daemon.service to added After=nordvpnd.service and Wants=nordvpnd.service under [Unit], hoping that the precedence would do the trick. It did not work.
I also tried to delay the startup of nordvpnd.service by adding ExecStartPre=/bin/sleep 10 to its [Service]. That also did not work.

Can someone help me?
Thanks a lot,
bigoten

Offline

#2 2021-06-17 07:00:12

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 21,427

Re: Avahi Zeroconf and VPN

If you use a VPN you have "by definition" no normal access to your local network. A googler shows you should be able to whitelist your local subnet: https://askubuntu.com/a/1279835

Offline

#3 2021-06-17 07:46:56

bigoten
Member
Registered: 2018-01-17
Posts: 13

Re: Avahi Zeroconf and VPN

Hey, thanks for replying.
I had already tried this, I did not mention it, sorry. That did not work, unfortunately.
I ran the command as a regular user (not sudo).

An important edit to my OP:
After I reconnect NordVPN, Avahi Zeroconf browser still displays my printer. However, printing stops working (from CUPS: "Unable to locate printer").
I must again stop the VPN, and the the printing job finds its way to my printer (at 192.168.11.2).....
I am using the IPP Everywhere driver for the printer, fwiw.

Thanks,
bigoten

Offline

#4 2021-06-17 07:54:59

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 21,427

Re: Avahi Zeroconf and VPN

Well and did you whitelist 192.168.11.0/24 in that case? Everything you posted so far points to that whitelist not being set up properly.

Last edited by V1del (2021-06-17 07:55:37)

Offline

#5 2021-06-17 08:22:18

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: Avahi Zeroconf and VPN

mDNS / zeroconf needs you to exclude a specific IP address from the VPN:
https://en.wikipedia.org/wiki/Multicast_DNS
IPv4 224.0.0.251
IPv6 ff02::fb (you should be able to exempt the complete ff02:: prefix)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Online

#6 2021-06-17 09:57:36

bigoten
Member
Registered: 2018-01-17
Posts: 13

Re: Avahi Zeroconf and VPN

@V1del:
I did whitelist 192.168.11.0/24:

nordvpn settings

Technology: OpenVPN
Protocol: UDP
Firewall: enabled
Kill Switch: disabled
CyberSec: enabled
Obfuscate: enabled
Notify: enabled
Auto-connect: enabled
IPv6: disabled
DNS: disabled
Whitelisted subnets:
	192.168.11.0/24

@progandy:
Sorry but how can I do what you suggest? I don't know how. I tried using NordVPN's function

nordvpn whitelist add subnet .......

but that did not work....

Offline

#7 2021-06-17 10:10:58

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: Avahi Zeroconf and VPN

I do not use nordvpn, but probably like this (you might also have to whitelist the port)

nordvpn whitelist add subnet 224.0.0.251/24
nordvpn whitelist add port 5353

Last edited by progandy (2021-06-17 10:22:32)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Online

#8 2021-06-18 00:11:50

bigoten
Member
Registered: 2018-01-17
Posts: 13

Re: Avahi Zeroconf and VPN

Thanks progandy, you were correct. Problem solved!
For future reference, here's how my VPN settings look like after this:

nordvpn settings

Technology: OpenVPN
Protocol: UDP
Firewall: enabled
Kill Switch: disabled
CyberSec: enabled
Obfuscate: enabled
Notify: enabled
Auto-connect: enabled
IPv6: disabled
DNS: disabled
Whitelisted ports:
         5353 (UDP|TCP)
Whitelisted subnets:
	192.168.11.0/24
	224.0.0.0/24

Offline

Board footer

Powered by FluxBB