How to jail miniDLNA with NAT

Hi I'm trying to set up a miniDLNA server inside a jail. When it's inside a jail, my LAN clients cannot access it. But if miniDLNA is installed outside of the jail, my LAN clients can successfully access it.

My jail has it's private IP (192.168.60.3) address on host's lo1 interface. I then attempt to use `pf` in host to direct traffic to the jail with miniDLNA:

Code:
    rdr proto tcp from any to any port 8200 -> 192.168.60.3
    rdr proto udp from any to any port 1900 -> 192.168.60.3

UDP port 1900 is for uPnP. TCP 8200 is for miniDLNA's simplistic status web page. I can access the web page from LAN, using host's IP: http://<bsd_host>:8200. And in the jail, miniDLNA can receive UDP port 1900 traffic which I sent from LAN.

However, DLNA clients just CANNOT find the media resources when it's running in jail!
 
However, DLNA clients just CANNOT find the media resources when it's running in jail!
DLNA discovers resources by using broadcasts. Those broadcasts don't traverse your NAT.
 
DLNA discovers resources by using broadcasts. Those broadcasts don't traverse your NAT.

Broadcast or multicast? I thought DLNA was multicast based. Ether way you are still right (unless using a router that can be, and has been, configured to route multicast). ((And in a L2 switched environment, without multicast lan optimizations turned on, multicast is forwarded like broadcast.))
 
Broadcast or multicast? I thought DLNA was multicast based.
You are correct, it's multicast, not broadcast.

Ether way you are still right (unless using a router that can be, and has been, configured to route multicast).
Indeed, the issue remains the same, it doesn't traverse the NAT so the DLNA receiver never gets the discovery request.
 
Can the jail not have an IP address on the same subnet as other devices on the LAN? Why not? I was trying (unsuccessfully) to configure an epair interface to be on the same subnet as my LAN; however, when I do that, I am unable to talk to the jail or LAN. If it could be on the same subnet, then the multicast wouldn't be an issue, right?

This is what I want to do:

I want to assign it an IP in my network treating it as a separate host.
 
Last edited:
Back
Top