3

I have two sites with non-overlapping networks, connected with a WireGuard site-to-site VPN. Routes to the other sites are configured in the default routers and distributed to clients over DHCP. IPv4 and IPv6 traffic works between networks.

On both VPN gateways, avahi-daemon functions as mDNS repeater (enable-reflector=yes) between the local network and the WireGuard tunnel, and smcroute is set up to forward routable SSDP multicast packets (sent to 239.255.255.250, ff05::c, ff08::c) from the local network to the WireGuard tunnel and vice versa. This works well, both MDNS and SSDP packets travel from one network to the other, I checked it with Wireshark.

On Windows 10 21H2, mDNS name resolution of .local Domains works well across both networks.

In VLC, multimedia devices on both networks are found with mDNS as well as UPnP (SSDP) and can be accessed.

However, Windows Explorer only shows devices from the local network.

I checked and tried the following things:

  • The Function Discovery Resource Publication service (FDResPub) is enabled and running.
  • The Function Discovery Provider Host service (fdPHost) is enabled and running (although to my understanding this is not necessary for service discovery).
  • Network discovery and file and printer sharing are both turned on for the active network profile (Private) in advanced sharing settings.
  • Windows firefall is disabled for testing and no other firewall products are installed.

Pressing Ctrl+F5 in Network view in Windows Explorer, I can see SSDP M-SEARCH requests being sent to the multicast addresses 239.255.255.250 and ff02::c. The IPv6 address ff02::c is a link-local multicast address and is not routed to the other network, but the request sent to 239.255.255.250 does reach the other network, and answers from devices there reach the local network. But these devices are not displayed in Windows Explorer.

The Documentation of Windows UPnP APIs has configuration settings that can be changed with registry values. Most of the mentioned registry keys exist, but none of the values are set. The values DownloadScope and ReceiveScope both default to 1, which allows discovery of hosts in private subnets. I added both DWORD values to the registry, set them to 1, and restarted. However, Windows Explorer still only shows computers from the same subnet.

The UPnPDeviceFinder can be used from PowerShell to list UPnP devices (UPnP Discovery on Windows PowerShell):

$ssdpFinder = New-Object -ComObject 'UPnP.UPnPDeviceFinder'
$ssdpFinder.FindByType('ssdp:all', 0)

This does find UPnP devices from both local and remote network, also with DownloadScope and ReceiveScope unspecified in the registry. However, the IPv6 SSDP M-SEARCH requests are sent to ff02::c even with DownloadScope and ReceiveScope both explicitly set to 1 and thus shall not be routed to other networks.

Two questions:

  • How can Windows 10 be configured so that Windows Explorer shows devices from other networks discovered over WS-Discovery / UPnP / SSDP in Network view?
  • How can Windows 10 (UPnPDeviceFinder, Windows Explorer) be configured to broadcast IPv6 SSDP M-SEARCH requests to ff05::c or ff08::c instead of ff02::c, so that the multicast messages may be routed to other networks?
Greg Askew
  • 39,132
x-ray
  • 168

1 Answers1

1

AFAIK (at least on Win 98/2k/XP) Windows Explorer use NetBIOS Broadcast to found neighbours. To work in multiple subnets, each subnet elect local browser and one network wide master browser, local browsers from different subnets can found other using WINS server (or by broadcast).

  1. Configure some Windows Server or SAMBA server as WINS server for all hosts. (I do it in enterprise network in presence of Active Directory)
  2. Configure at least one Windows or nmbd/smbd server in each subnet local browser / master browser .

In this scenario each subnet elect local network browser, using WINS its found all others, elect master browser and build global (for WINS server) network neighborhood. I got success on this scenario.

Other scenario to install Windows server or nmbd on gateways to become multihomed in two (or more) subnets. Its again must elect master browser. But I not reach success in this way.

UPD: AFAIK Windows workstation unable to be master browser.

UPD2:

Windows 10 and Master Browser

Windows 10 has broken master browser, but win election as new version. disable master browser on Win 10

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\Browser\Parameters MaintainServerList=Off

SAMBA

Important: According this post in lists.samba.org Network browsing in S4 SAMBA 4 unable to work as master browser. SAMBA 3 or Windows Server PDC needed.

Network Browsing in SAMBA 3

For samba server smb.conf folowing parameters related to topic

  • domain master
  • enhanced browsing
  • local master
  • nbtd:wins_prepend1Bto1Cqueries
  • os level
  • preferred master
  • remote browse sync
  • wins server
  • wins support

As computers need to be authenticated on samba, probably need to allow anonymous access, by something like:

guest ok = yes
guest account = nobody
map to guest = Bad User
restrict anonymous = 0
mmv-ru
  • 724