
mDNS, Avahi and Docker non-root containers - gnanesh
https://gnaneshkunal.github.io/avahi-docker-non-root.html
======
viraptor
I made a project to solve this issue from the other end in my home network:
[https://gitlab.com/viraptor/docker_mdns](https://gitlab.com/viraptor/docker_mdns)

You can run the app on the host with docker containers and traefik and any
service.local domain configured in labels will be announced via mdns. Services
themselves don't have to be mdns aware and will be registered/removed as they
come up/down. It works without traefik too, but you have to include the port
then as well.

------
pottertheotter
This is timely! I installed Wireshark last night for fun and have been looking
at traffic on my network. There's quite a bit from mDNS, which is all new to
me.

~~~
voltagex_
I can highly recommend taking a look at the traffic going across your network
as well. With an OpenWRT or Ubiquiti router, you may even be able to mirror
your WAN port to something Wireshark can see - it's definitely eye-opening.

~~~
pottertheotter
I've been thinking about getting a Ubiquiti Dream Machine Pro or a similar
setup and would love to look at the traffic there. Right now I just have an
Orbi router with two satellites.

~~~
voltagex_
I'm sure there are cheaper options with a port mirroring function, but one of
the entry level Ubiquiti switches plus a controller running in a VM would
work, too. Hmm, I should definitely investigate cheaper options.

~~~
pottertheotter
Yeah, I've thought about other options, including running a lot of things in a
VM, because of that. Plus I usually like to tinker and learn. But I have so
many other things on my plate right now that I'm not sure I want to take that
on too. So having something that's prosumer that I don't have to mess with as
much would be nice. I just wish I lived somewhere where I could find more
second-hand networking equipment!

------
teddyh
[http://zeroconf.org/](http://zeroconf.org/)

[http://www.dns-sd.org/](http://www.dns-sd.org/)

[http://www.multicastdns.org/](http://www.multicastdns.org/)

------
giancarlostoro
I'm a big fan of Zeroconf / MDNS / Avahi / Bonjour (it has many names due to
the differing packages that can be used for it across platforms). It's a great
way to make any type of service discoverable, whether it's a web service, or
what have you. Having had used something like Eureka from Netflix I think mdns
is way simpler, especially on Linux, if you can install Avahi all you need to
do is write an XML file to a directory and you're broadcasting a service
immediately.

~~~
ken
Zeroconf is fantastic for discovering services, but hardly anyone supports it.
Apple _removed_ it from Safari, 3 years ago [1]. It's been an open feature
request in Chromium for 11 years [2], and in Firefox for 18 years [3].

The only major database I know which supports it is Postgres (it's disabled by
default) [4]. On MySQL, it's an open work item, untouched for 13 years [5].

Last I checked, no major web framework broadcasts its service using Zeroconf.

Zeroconf service broadcast is so easy to implement (really) and such a
tremendous help to users that I don't understand why developers aren't falling
over themselves to implement it.

[1]:
[https://apple.stackexchange.com/questions/299700](https://apple.stackexchange.com/questions/299700)
[2]:
[https://bugs.chromium.org/p/chromium/issues/detail?id=13573](https://bugs.chromium.org/p/chromium/issues/detail?id=13573)
[3]:
[https://bugzilla.mozilla.org/show_bug.cgi?id=173804](https://bugzilla.mozilla.org/show_bug.cgi?id=173804)
[4]: [https://www.postgresql.org/docs/9.1/runtime-config-
connectio...](https://www.postgresql.org/docs/9.1/runtime-config-
connection.html) [5]:
[https://dev.mysql.com/worklog/?sc=id&sd=ASC&pg=3](https://dev.mysql.com/worklog/?sc=id&sd=ASC&pg=3)

~~~
apearson
The browser support you listed is for listing out the available sites. The
browsers still support mdns for name resolution. Zeroconf is used in Google
Cast and Airplay for service discovery.

~~~
ken
As Apple's Bonjour page points out, addressing and naming is only 2/3 of it.
If that's all you support, then you still depend on users knowing the name,
and typing it with no mistakes -- not exactly "zero configuration". 1980's
AppleTalk was better than that.

How do browsers 'support mDNS for name resolution'? Isn't that a feature of
the OS? I can "ping NAS.local" (without a DNS server) just as easily as I can
go to "[http://NAS.local"](http://NAS.local"), and ping.c doesn't appear to
have any mDNS code.

~~~
apearson
Right there still a need for apps and browsers to surface mDNS services but
the parent comment made it seem like the browsers can't use mDNS at all.

You're are correct, mDNS name resolution is an OS feature and to the
browser/program/app it makes no difference.

~~~
goont
Notably Android doesn't support mDNS as part of general hostname resolution.
(There is the NSD API available but you have to explicitly use it, and the
browsers do not.)

------
L3viathan
> If it is IPv6, it's nearly impossible to remember the address.

Why should that be the case? If you have 1000 nodes, you could organize your
network such that node one gets prefix::00:01, node two gets prefix::00:02,
node 138 gets prefix::01:38, etc.

There is so much space in IPv6 that you can group things more logically than
was ever doable in the IPv4 world.

------
ac29
"But still, on most of the local systems, we don't have a DNS server and we
have to remember the IP addresses of the systems."

Perhaps I'm misunderstanding this, but why would your systems not have access
to a local DNS server? My routers respond just fine to DNS queries for
"hostname.local"-like requests without using something like mDNS.

~~~
rlpb
This only works if your router arranges this through its DHCP server, and even
then only if everything on your network uses DHCP and the DNS server supplied
by it. This is not widely the case, and with devices that roam across wifi
networks it's likely not even true for your devices. mDNS provides peer-to-
peer discovery that does not require any supporting network infrastructure.

~~~
ac29
There's no reason this requires DHCP, or even for the DNS server to be on the
router. You could assign static IPs everywhere and still have the DNS server
perform lookups to its hosts file.

~~~
rlpb
Yes, of course. I took it as a given that any alternative solution would have
to be automatic and so manual configuration of hosts wasn't an option. If you
think it is an option, then the answer to your question is obvious: mDNS does
it automatically, so you don't have to maintain the mapping and it works for
automatic IP address assignments.

------
badrabbit
This is such a pet-peeve for me. A noisy network service turned on by default
where most users won't use it,but all users are exposed to the network through
it. (Edit: I mean in most Linux Distros not in this example, of course I have
no problem with anyone intentionally doing anything to their own system)

In my opinion, modern systems shouldn't run services in case something needs
them, they should be dynamically loaded and unloaded (isn't this what dbus is
for??). If Chrome needs mDNS it can ask for it. If network resources are
accessed at login, the login processes can request avahi to be loaded and then
unloaded once they're done. What really feels like insult to injury is how
systemd was forced on unwilling users because of features like this, yet
avahi,cups,etc... Just sit there idle even if you didn't start any application
that has a need for them.

I think maybe I am seeing it from the wrong perspective?

~~~
dreamcompiler
> This is such a pet-peeve for me. A noisy network service...

Complaints like this about mDNS are my pet peeve. Back in the day networks
were 1000 times slower and we had Appletalk and dynamic peer-to-peer LAN
networking was absolutely effortless. It was plug-and-play, networking-for-
dummies easy. And nobody had to explain to their Mom over the phone what an IP
address was.

But Appletalk was chatty and that bugged people with large enterprise LANs. So
Apple turned it off and invented mDNS which was less chatty and used modern
DNS protocols. It made LAN setup about half as easy as Appletalk but by that
time everybody had gotten used to typing IP addresses into their printers as
if that was "normal." Or they just gave up on peer-to-peer connections
entirely.

So now not many people use mDNS and it's not nearly as chatty as Appletalk and
our networks are 1000 times faster and a tiny bit of LAN traffic is nothing;
_nothing_ compared to the value mDNS would bring if people just used it. But
no. Let's complain about how chatty it is and continue using LANs full of
multi-teraflop computers that have no way to ask their neighbors what their
damned IP addresses are.

Yes I'm bitter.

~~~
badrabbit
Look, I will never ever use mDNS. I have never ever needed to use mDNS because
I don't mind using an IP address. We have our preferences but why are you
forcing your preference on people?

I am very bitter about this too. I turn on a computer and it broadcasts
excessive details about itself to anyone that will listen to it.it does things
I did not ask it to do and refuses to do things I need it to do because people
like you think there is one way everyone should do things.

What on earth is stopping you from turning on Avahi and using mDNS right now?
Clicking on a checkbox in system settings? What else is there to it?

I will continue to complain on how chatty this and a plethora of other things
are. Actually their chattiness is not the issue, the fact that they sent even
one packet of that protocol is my issue, or more importantly that they
listened on that port offerinf network services on my client computer. So, now
when there's a vulnerability abusing that service, a service no one uses, well
too bad then right? A network service is an exposure, people/apps should opt
into not opt out of exposures!

