10532
Comment:
|
10806
Added steps for stopping & disabling Avahi.
|
Deletions are marked like this. | Additions are marked like this. |
Line 58: | Line 58: |
Avahi The Avahi daemon can be temporarily stopped by running: {{{ systemctl stop avahi-daemon.socket systemctl stop avahi-daemon.service }}} It can be disabled (prevented from starting at bootup) by running: {{{ systemctl disable avahi-daemon }}} |
Translation(s): none
Automatic local network configuration and discovery for Debian
This page exists to track and coordinate support for zeroconf networking, mdns, etc in Debian. These technologies allow a machine to be added to a local network and automatically obtain an IP address (without using a dhcp server), and discover services such as printers, file shares, and web servers on the local network, without any special configuration or centralised network management.
Quick start for your machine
To try this on your machine, try installing these packages:
apt-get install avahi-daemon avahi-discover libnss-mdns
Now run avahi-discover.
See below for additional stuff to try.
Status
Place a ({*}) in front of things that are in Debian and ready for wide use, ({o}) in front of things still in progress, and (/!\) in front of things that should be used with some caution.||
avahi |
works great, current best of breed mdns service publication and discovery framework. |
avahi-autoipd |
An alternative to the zeroconf package, it integrates with dhcp3-client to remove the zeroconf IP when a real IP is assigned. |
zeroconf |
works ok for most, but many people don't like its behavior of "hiding" the primary IP address in ifconfig (bug 307480), and it may break other things. Many people can happily use mdns w/o zeroconf. In /etc/defaults/zeroconf it's possible disable zeroconf, black-list interfaces and have zeroconf only use interfaces that isn't set up by DHCP. |
libnss-mdns |
new version uploaded that works with no manual config. |
libapache2-mod-dnssd |
lets avahi publish info about apache2 web server. No config needed for basic publication. |
openssh-server |
avahi-daemon has an example file to publish a ssh server. Should ssh automatically add this file to /etc/avahi/services, so if the user installs avahi it will get published? |
rhythmbox |
can publish/browse DAAP music shares using avahi, tested and works. |
banshee |
support DAAP with avahi, through the banshee-daap Debian package. |
service-discovery-applet |
Available, but not installed automatically with rest of gnome. |
epiphany-browser |
Browse local web sites via "local sites" bookmarks. Uses gnome-vfs2's dns-sd layer. Tested and works |
gnome-vfs |
supports mdns browsing in Nautilus (sftp, webdav and ftp) and provides a generic mdns/dns-sd layer to applications. |
? gnome-games |
supposed to support howl, and there's an avahi patch |
? kde |
supposed to have excellent support throughout for mdns, can someone verify all the KDE stuff listed here works in Debian? |
vlc |
supposed to support mdns publishing of video streams, is this enabled in debian? -- VLC in debian also supports bonjour services via playlist (ctrl-p then manage->service discovery->bonjour services) needs to be tested, I don't know how to publish streams |
ekiga (aka gnomemeeting 2.0) |
Publishes SIP and H323 contacts with Avahi |
gobby |
supports collaborative text editing, uses Avahi's compatibility layer |
wzdftpd |
The SVN trunk contains a Zerconf module which supports Avahi, Bonjour and Howl (so not in Debian yet?) |
daapd |
not in Debian yet, RFP bug filed (359771). Does it support avahi, or only howl? |
mt-daapd |
Are in testing and working. Non-free source removed. ITPs filed (285789); has non-free mdns server embedded that needs to be removed. Patches to use avahi are available and work-for-me |
vino |
GNOME vnc server, has avahi support and is in debian, not tested yet |
apt-zeroconf |
decentralised apt cache, under development, not in Debian yet (announcement) |
distcc |
Debian version has bug when client machine has any ipv6 addresses, fixed upstream. otherwise supports ipv6. Thundering herd problem with server slot allocation, often causes distcc to complain and too much to be compiled locally. (patch attempted, no bug reported) Lennart Poettering announcement |
The avahi walk of fame is a comprehensive list of all sorts of software that can be made to use avahi.
Other possible things that could be set up to publish services include: ntp server ISC ntpd patch GNOME time-admin patch, dns server, ftp server, mail server (for ssmtp automatic relay?), cups print server, gaim, scanner, proxy configuration.
Web applications like SquirrelMail should ship with <?IfModule> sections for mod_dnssd in their apache.conf fragments.
The DebianInstaller supports installation using a network ssh console, but you have to work out what IP to log into. Wouldn't it be nice if this was published as an mdns service?
turning it off
Several people have expressed that they would appreciate a way to turn all of this stuff off, either at the package level (apt-get install disable-zeroconf) and/or temporarily when on an untrusted network.
There should be a well-documented way to do that.
- Avahi
- The Avahi daemon can be temporarily stopped by running:
systemctl stop avahi-daemon.socket systemctl stop avahi-daemon.service
It can be disabled (prevented from starting at bootup) by running:systemctl disable avahi-daemon
- The Avahi daemon can be temporarily stopped by running:
zeroconf task
Once we have a fully working and widely used set of packages, it should be possible to add a task to tasksel to offer zeroconf networking support to new Debian installs. Selecting the task alone would enable resolving mdns names and avahi-daemon. Selecting the task and the desktop task would ensure that the desktop supports zeroconf networking (if it doesn't by default). Selecting the task and a web or print server would make sure that avahi was set up to publish those servers. But print server cupsys has own mechanisms for this to work.
Currently, the desktop task installs avahi and services for the desktop.
discussion
Here is a very interesting blog entry by Jim Gettys, who is working on the one laptop per child project about some of the issues they face: OLPC and system management:
Imagine an apartment building with kids from several schools; we want them to be able to go home at night, and, without any additional infrastructure, work together as they need to. [...] We also need to rethink how we configure much of our infrastructure pieces to be much less dependent the the conventional central, always available servers. Here are a couple examples: we want IM to always be available; but do so even without global connectivity or fixed servers. And every kid should be able to publish content on their laptop, (potentially) available to others anywhere. [...] So one aspect of this is that we probably want to rethink the configuration of (and sometimes modify) many of our existing services, to allow them to be used in a much more ad-hoc, mobile, opportunistic fashion.
Relating some of these challanges back to Debian and ZeroConf stuff is very interesting. -- JoeyHess
Confidential to ?LoyeYoung: I've moved your various comments which you interspersed throughout this page to here, where they belong. This page is primarily for tracking how Debian supports mdns and zeroconf stuff, and not for arguments about it, so I won't respond in detail. (Suffice to say that I disagree with most of your opinions, and furthermore think that many of your assertians are just plain wrong (for example, systems that use avahi do not automatically make connections to each other).) Please don't clutter the top of the page with personal opinions in future. Also, the semi-personal attacks (ie "stretch of the truth that borders on the irresponsible") are not appreciated. -- JoeyHess
?LoyeYoung Comment: Be sure you do all this behind a firewall in a trusted environment.
?LoyeYoung |
mDNS is a bad idea, and avahi is a bad implementation of it. Avahi works great for discovering printers, so using the client libraries is sometimes useful. But if you plan on having the printer around a while, it's much less trouble just to give the printers fixed IP addresses. Computers who find each other via avahi automatically establish connections, independently of the interface configurations and irrespective of the network administrator's setup. Some advocates of avahi will tell you that you can just disable it in a configuration file, but the thing doesn't go away that easily. Bottom line: If you are going to share files at a LAN party or if you are going to a hacker convention, it's awesome but otherwise you'd be better off using your router's on-board dhcp server to assign IP addresses. |
?LoyeYoung |
"Integrates with dhcp3-client" is a stretch of the truth that borders on irresponsible. "Hijacks DHCP" would be a more accurate description. Essentially, zeroconf aka avahi-autoipd is a parallel system for obtaining IP addresses without telling the human beings. Do NOT install avahi-autoipd in environments that require security, that require stable networking, or that do not have a well-configured firewall protecting the hosts that are exposing themselves with avahi-autoipd. |
?LoyeYoung |
Is "no manual configuration" a feature or a bug? |
||
openssh-server |
?LoyeYoung Comment -- The answer to your question is NO! |
gnome-vfs |
?LoyeYoung Comment: This is an example of rampant dependency inflation. Even if you want gnome-vfs to support avahi/mdns, gnome-vfs not depend on avahi. |
?LoyeYoung Comment: Has anyone stopped to think that people might NOT want their contacts automatically published with Avahi, even if Avahi is installed on the machine?
?LoyeYoung Comment: So now everyone is going to be an untrusted respository? (Maybe the folks migrating from Windows have an emotional need to attract viruses.)
Maybe you are not familiar with the strong crypto SecureApt uses to validate every package download? -- JoeyHess
?LoyeYoung Comment: Yeah, like an easy way to "aptitude purge" all this stuff without breaking the system. Making sure that avahi packages are NEVER more than a "suggests" dependency would be a good start.