Question about mDNS Relay and SSDP Relay
I am new to networking, and am having trouble understanding the implications of this Firewalla article's advice about SSDP relay and mDNS relay to allow devices to be discoverable across networks.
The guide seems to imply that it is preferable to not to enable SSDP relay and mDNS relay on the VLAN with the iPhone. I.e., it should only be enabled on that VLAN if it doesn't work without it being enabled. I assume that this is because it creates additional exposure on that VLAN to devices on other VLANs.
With my limited knowledge about networking, I am left wondering how much additional exposure this creates. I.e., if these relays are enabled, what remaining benefit does the VLAN provide?
The answer is probably obvious to people with a networking background, but for noobs like me it is unclear.
-
SSDP and mDNS are typically used for device discovery. You would want to enable the relays if you have apps that are having trouble discovering services on another VLAN.
SSDP and mDNS do not themselves make the services on another VLAN available. The application typically makes a separate connection to the service after discovery, and that connection is controlled by the Firewalla firewall (since it is between VLANs). So, enabling SSDP and mDNS do not by themselves create much additional exposure, since they are only handling the service discovery part.
Please sign in to leave a comment.
Comments
3 comments