Translation(s): none
An account of the Avahi (zeroconf, Apple Bonjour) framework provided by Debian. Based on the packages distributed with Debian 10 (buster) and later.
Contents
Introduction
Avahi technology is dependent on the mDNS and DNS-SD protocols and allows machines to
- publish services and hosts running on a local network, and
- discover services and hosts running on a local network.
Both functions are implemented without having to configure a DNS sever. Instead, computers on a network create their own local DNS records and store them in a cache located in memory.The registration of local IP addresses and static services is done by avahi-daemon using mDNS/DNS-SD.
When a host wants to know the IP address of another host on the local network it queries all hosts. In other words, the query is multicasted. The host that has that network name responds to the query using a multicast message that contains it’s IP address. All other hosts see this response and update their caches.
The local network is assumed to be trusted. A firewall should should permit multicast traffic on port 5353.
Installation of Avahi is straightforward and generally maintenance-free afterwards.
apt install avahi-daemon
Machines that have cups installed will already have avahi-daemon as a recommended package.
Avahi Utilities
Basically, avahi-daemon will quietly get on with its job of publishing and discovering network services and hosts and most users will require little more from it apart from hostname resolution.
However, it is sometimes desirable to interact directly with avahi-daemon and, for that purpose, avahi-utils is available. The package is not installed on a default Debian system, so
apt install avahi-utils
The utilities are
Other packages (GUI) of interest are
Hostname Resolution
mDNS hosts on a network have a hostname of the form
<host>.local
The .local suffix is a TLD reserved for hostnames and services that can be resolved to an IP address through mDNS/DNS-SD. The mDNS resolver (avahi-daemon) on a client registers hosts to have the .local suffix.
Hostname resolution involves the system's Name Service Switch (NSS) facility and is performed by libnss-mdns, a package recommended by avahi-daemon. Otherwise do
apt install libnss-mdns
As explained in /usr/share/doc/libnss-mdns/README.Debian, the package's post-installation script alters a line in /etc/nsswitch.conf to read
hosts: files mdns4_minimal [NOTFOUND=return] dns
The mDNS domain .local is where hosts on the network reside and mdns4_minimal handles queries only for that domain. Hostname resolution takes place automatically with commands such as
ping <host>.local ssh <host>.local nmap <host>.local
To resolve a hostname to an IPv4 address with avahi-resolve:
avahi-resolve -n -4 <host>.local
The reverse process is performed with
avahi-resolve -a 192.168.7.235
avahi-resolve obtains an IP address or hostname directly from the mDNS multicast from hosts. It does not use the NSS functionality of libnss-mdns.
Using avahi-browse
For a complete view of services and hosts on the network:
avahi-browse -art | less
An entry from the output of one such command will be used to illustrate the common features of any entry.
= eth0 IPv4 Music Player @ desktop Music Player Daemon local hostname = [desktop.local] address = [192.168.7.20] port = [6600] txt = []
Music Player Daemon is the friendly service name. The service is running on port 6600 of the machine desktop.local with an IPv4 address 192.168.7.20. The text record (txt =) in this case is empty. If a service name is not available it will be replaced by the service type. All this information is published and will be available to a client wishing to access the service.
A list of all the service names known to avahi-daemon is given by
avahi-browse --dump-db
Executing
avahi-browse --dump-db -k
gives a list of matching service types, application protocol names. The service type _mpd._tcp matches the human-readable Music Player Daemon. This service can specifically be browsed for with
avahi-browse -rt _mpd._tcp
Or, in general:
avahi-browse -rt <service-type>
Display service types of services discovered on the network:
avahi-browse -kat
Debian Package Integration with Avahi
Some indication of the Debian packages that support service publication and discovery may be gleaned from libavahi-client3:
apt rdepends libavahi-client3
An incomplete list of packages that co-operate with avahi-daemon to give service publication and discovery is:
Disabling avahi-daemon
With root privileges, to disable temporarily:
systemctl disable avahi-daemon.service avahi-daemon.socket systemctl stop avahi-daemon.service avahi-daemon.socket
To re-enable:
systemctl enable avahi-daemon.service avahi-daemon.socket systemctl start avahi-daemon.service avahi-daemon.socket
To disable permanently (will remain disabled after reboot):
systemctl disable avahi-daemon.service avahi-daemon.socket systemctl stop avahi-daemon.service avahi-daemon.socket systemctl mask avahi-daemon.service avahi-daemon.socket
Registering a New Service in Avahi
avahi-daemon will publish local services set up according to .service files placed in the directory /etc/avahi/services. This is independent of the services published from what the system is already aware of on the network.
An example is ssh. openssh-server does not advertise via mDNS but can be induced to by the .service file provided in /usr/share/doc/avahi-daemon/examples/.
Printing and Scanning Services
The Debian printing and scanning systems support discovery of printing and scanning services on the network and over USB.
Printing services are published by a CUPS server and any moderd printer on the network. They are shown on discovery as having a service type of _ipp._tcp and/or _ipps._tcp.
avahi-browse -rt _ipp._tcp
A scanning service is generally observed to be published by a modern MFD scanning device and shown on discovery as having a service type of _uscan._tcp. libsane1 and sane-airscan provides backends for scanner discovery using avahi-daemon and the escl protocol.
avahi-browse -rt _uscan._tcp