Iptables port 5353 -

John Summerfield debian at herakles.homelinux.org
Mon Nov 5 23:16:18 UTC 2007 

Bob Goodwin wrote:
> John Summerfield wrote:
>> Steven Stern wrote:
>>
>>> 5353 is used by Windows dynamic DNS. If you're not supporting dynamic
>>> DNS on your local network, you can continue to drop/ignore the packets.
>>> They're needed only by a DNS/DHCP server.
>>
>> I don't think so.
>>
>> Google combinations of "udp port 5353" "zeroconf rfc" "zeroconf" 
>> "bonjour" and "rendezvous."
>>
>>
>> I have it open, but then I see the occasional Mac. I don't think Linux 
>> (yet) actively uses it; Windows XP does not, unless one downloads some 
>> software from Apple.
>>
>> I think Windows addresses the same sorts of problems with uPnP.
>>
>>
> It appears that the stimulus for this is my daughters Apple Mac which 
> sends 224.0.0.251 and my computer tries to respond on port 5353.  Her 
> computer runs dhcp connecting directly via an ethernet cable to the 
> wireless router since it is on her desk.
> 
> I guess then the question is if I open 5353 will she have access to my 
> DNS?  Is this an indication that her computer needs that access?  Would 
> it benefit?
> 
> It's simple enough to try it but I still wont know if it accomplishes 
> anything.
> 
> I would think she must have access to the DNS server provided by 
> Wildblue but it's been a year and a half since we set that one up and I 
> don't recall what was done and I am lost whenever I use her Mac ...
> 
> Bob Goodwin
> 

Apple uses udp port 5353 as part of its aim to have its computers to 
configure themselves. One can, in principal, attach Apple Mac and other 
compliant devices into a switch and they will all find each other. Sally 
can share her photos, Jason his music an printer, and many other 
services, and everyone will find everything. Including compliant printers.

Apple called the feaure "Rendezvous" (let's get together), then 
"Bonjour" (Good day as in "hello"). The generic term is "zero 
configuration" and one can learn more from zeroconf.org.

There are Internet standards for zeroconf, and Apple releases its 
bonjour source code.


Linux participates to the extent that it can broadcast services, but 
more work needs to be done before it "just works" as well as OS X does.

I generally enable it, in hopes that one day it will be useful.


fwiw the mdns protocol governing UDP port 5353 is based on the dns 
protocol governing UDP port 53.


zeroconf is not a substitute for dhcp; lacking a DHCP server, Macs 
default to self-assigned IP addresses, but they will use both if they can.




-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

Please do not reply off-list

More information about the fedora-list mailing list