Jack828
Dabbler
- Joined
- Nov 11, 2020
- Messages
- 16
EDIT: This is now also available on my website 
https://jackburgess.dev/blog/truenas-jails-access-via-mdns
Hello folks!
I've done quite a bit ofgoogling duckduckgo-ing on this topic and couldn't find a solution that didn't require adding entries to my hosts file or one that was as plug'n'play as I wanted.
So, I figured out my own way!
This uses zeroconf mDNS to advertise the jail on your local internal network - e.g. you can access your netdata jail at http://netdata.local
I've written a kickstart script that has a handy one-liner in it to get you up and running faster, but I'll explain what the script does in detail here.
Quite a major caveat (for me and my network at least) is that this may not allow resolution of .local domains on Android phones, for a couple of reasons that don't belong here.
This guide also assumes you've got a jail up and running, and a root shell in there already - and that you've set the hostname to something you want.
We'll be using a popular mDNS daemon service Avahi. It is supported on most distributions of pretty much anything.
We'll also require socat, a multipurpose relay tool. This will allow us to access our services on port 80 instead of whatever port they use.
Once those are done, go ahead and enable the services for them all.
Now, avahi comes with two services enabled by default - which I never use. So to keep the network nice and tidy we'll go ahead and remove them.
This directory is where avahi will look for service definitions - if you do want to add other ones, this is where you put it.
We'll add the definition for our service in here too.
And put in
Now avahi knows to respond to mDNS queries with our jail's hostname + what type of service it is running.
To redirect traffic to the correct port, lets setup socat. Like avahi, it already has some instances defined, so open its config file:
And add to the bottom, replacing the word
Finally, we can enable all the services.
And give it a test by connecting to http://hostname.local.
Further reading / tools:
github.com
See what's broadcasting in your network by running
Or you can use dig
Dig also supports single hostname lookup
https://jackburgess.dev/blog/truenas-jails-access-via-mdnsHello folks!
I've done quite a bit of
So, I figured out my own way!
This uses zeroconf mDNS to advertise the jail on your local internal network - e.g. you can access your netdata jail at http://netdata.local
I've written a kickstart script that has a handy one-liner in it to get you up and running faster, but I'll explain what the script does in detail here.
Quite a major caveat (for me and my network at least) is that this may not allow resolution of .local domains on Android phones, for a couple of reasons that don't belong here.
This guide also assumes you've got a jail up and running, and a root shell in there already - and that you've set the hostname to something you want.
We'll be using a popular mDNS daemon service Avahi. It is supported on most distributions of pretty much anything.
We'll also require socat, a multipurpose relay tool. This will allow us to access our services on port 80 instead of whatever port they use.
Code:
root@jail:/ # pkg install -y avahi-app socat
Once those are done, go ahead and enable the services for them all.
dbus is required by avahi.Code:
root@jail:/ # sysrc dbus_enable="YES" root@jail:/ # sysrc avahi_daemon_enable="YES" root@jail:/ # sysrc socat_enable="YES"
Now, avahi comes with two services enabled by default - which I never use. So to keep the network nice and tidy we'll go ahead and remove them.
Code:
root@jail:/ # rm /usr/local/etc/avahi/services/*.service
This directory is where avahi will look for service definitions - if you do want to add other ones, this is where you put it.
We'll add the definition for our service in here too.
Code:
root@jail:/ # nano /usr/local/etc/avahi/services/http.service
And put in
Code:
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_http._tcp</type>
<port>80</port>
</service>
</service-group>
Now avahi knows to respond to mDNS queries with our jail's hostname + what type of service it is running.
To redirect traffic to the correct port, lets setup socat. Like avahi, it already has some instances defined, so open its config file:
Code:
root@jail:/ # nano /usr/local/etc/socat-instances.conf
And add to the bottom, replacing the word
PORT with the numerical value of your port, e.g. 3000Code:
[jailredirect] daemonuser=root flags="tcp-listen:80,reuseaddr,fork tcp:localhost:PORT"
Finally, we can enable all the services.
Code:
root@jail:/ # service dbus start root@jail:/ # service avahi-daemon start root@jail:/ # service socat start jailredirect
And give it a test by connecting to http://hostname.local.
Further reading / tools:
GitHub - alteholz/mdns-scan: repository for mdns-scan
repository for mdns-scan. Contribute to alteholz/mdns-scan development by creating an account on GitHub.
github.com
avahi-browse --resolve _http._tcp on another deviceOr you can use dig
dig @224.0.0.251 -p 5353 -t ptr +short _http._tcp.localDig also supports single hostname lookup
dig @224.0.0.251 -p 5353 +short hostname.local
Last edited:
