Routing Chromecast across VLANs

Solved
EricNathan
Here to help

Routing Chromecast across VLANs

Has anyone been able to figure out how to route Chromecast broadcasts from one VLAN to a maobile device on another VLAN? I'm working with an MX64.

1 Accepted Solution
MatsLarson
Here to help


@CharlesIsWorkin wrote:

I was looking at doing this too. Did you every figure it out, Eric?

There are some interesting responses in this reddit post.

 

https://www.reddit.com/r/meraki/comments/bkd949/one_device_available_on_multiple_ssids/


It can be done as long as the wireless clients are all bridged through to the MX by enabling Bonjour Forwarding on the MX under Security Appliance & SD-WAN > Firewall with the Chromecast VLAN set as the "Service VLANs" and the mobile device VLAN set as the "Client VLANs" with Services set to "All services"

 

I've noticed there is sometimes a delay of up to 10 minutes before the clients are able to detect the casting devices, but it does work.

 

If you're using Meraki NAT or some other type of IP assignment for the SSIDs other than bridge, you may be able to get it working by configuring Bonjour Forwarding at the MR rather than the MX, but be aware that this will lead to a lot of junk "Source IP or VLAN Mismatch" errors in your MX event logs, as the MR is then essentially spoofing traffic from one VLAN to the other. If you have the VLANs bridged to the MX and the MX handling the forwarding, it's smart enough to suppress those events.

View solution in original post

7 Replies 7
BrechtSchamp
Kind of a big deal

From this reddit post I read mDNS is the culprit keeping it from working across subnets:

https://www.reddit.com/r/Chromecast/comments/454fsi/chromecast_across_subnetsvlans_pfsense/

 

I have no Chromecast myself so I can't test it but you might be able to leverage the Bonjour Forwarding feature in the MX to make it work:

https://documentation.meraki.com/MX/Other_Topics/Configuring_Bonjour_forwarding_for_the_MX_Security_...

 

Don't forget to also open up TCP 5556 and TCP 5558 from your Chromecast segment to your source device segment as mentioned in the Reddit.

 

Hope that helps.

Uberseehandel
Kind of a big deal


@EricNathan wrote:

Has anyone been able to figure out how to route Chromecast broadcasts from one VLAN to a maobile device on another VLAN? I'm working with an MX64.


Rather than "kick against the pricks", because I've been there with an otherwise nice Juniper SRX, I am not going to even attempt routing Chromecast broadcasts on an MX, because the MX is deficient as far as Multicast and IGMP Proxies/Reflectors are concerned.

 

In fact there is no way to get an MX to handle the flavour of multicast used by content providers to distribute programs (subscription TV).This is commonplace in Britain, Europe and much of East Asia. It is not commonly encountered in the US, although I'm aware of some services that use IP4 Multicast that requires the use of an IGMP proxy on the router in the subscriber's premises.

 

Chromecast also uses Multicast. Routing multicast requires feature enablement on the MX which has not occurred despite repeated requests. Strangely, the switches do handle multicast traffic properly (IGMP snooping).

 

The good news is that there is a solution.

 

We installed a security appliance, switch and WiFi access points and VLANned the heck out of the new network, as it is designed to handle all the goats and bad boys - smart appliances, smart TVs, security kit, Chromecast, Bonjour, guest WiFi etc.

 

Instead of connecting to the VDSL modem, the MX now connects to a LAN port on the third party security appliance, which passes the MX traffic through to the Internet. Rather than allow devices (typically phones) connected to a MX VLAN access to the third party network, I grabbed some smartphones that are now used as if they were remote controllers for Chromecast. I'll admit it is an affluent solution to an affluent problem. They can be switched off once the Chromecast device has started casting.

 

This works, security is improved, We have not had a repeat of the power company's smart meter trying to get to the Internet (which is what kicked off the redesign in the first place).

 

Interestingly, I have a neighbour who turns off his computer system at night, including the router/modem. This causes his smart TV to try and get to the internet via our guest WiFi network, all night. This turned up on an exception report and it has been permanently blocked, although it keeps trying. Smart TVs do the weirdest stuff.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
CharlesIsWorkin
Building a reputation

I was looking at doing this too. Did you every figure it out, Eric?

There are some interesting responses in this reddit post.

 

https://www.reddit.com/r/meraki/comments/bkd949/one_device_available_on_multiple_ssids/

MatsLarson
Here to help


@CharlesIsWorkin wrote:

I was looking at doing this too. Did you every figure it out, Eric?

There are some interesting responses in this reddit post.

 

https://www.reddit.com/r/meraki/comments/bkd949/one_device_available_on_multiple_ssids/


It can be done as long as the wireless clients are all bridged through to the MX by enabling Bonjour Forwarding on the MX under Security Appliance & SD-WAN > Firewall with the Chromecast VLAN set as the "Service VLANs" and the mobile device VLAN set as the "Client VLANs" with Services set to "All services"

 

I've noticed there is sometimes a delay of up to 10 minutes before the clients are able to detect the casting devices, but it does work.

 

If you're using Meraki NAT or some other type of IP assignment for the SSIDs other than bridge, you may be able to get it working by configuring Bonjour Forwarding at the MR rather than the MX, but be aware that this will lead to a lot of junk "Source IP or VLAN Mismatch" errors in your MX event logs, as the MR is then essentially spoofing traffic from one VLAN to the other. If you have the VLANs bridged to the MX and the MX handling the forwarding, it's smart enough to suppress those events.

EricNathan
Here to help

Yes, this has been my experience as well. It seems to depend on the app and how often it looks for Chromecast devices. Apps like Vudu seem to update quickly, but Netflix has been very problematic. So, I gave in and added the Chromecast device to my main network. Since I wrote this post, I’ve purchased an Apple TV and it works perfectly with the Bonjour gateway. I suspect that’s because Apple created Bonjour.

MatsLarson
Here to help


@EricNathan wrote:

Yes, this has been my experience as well. It seems to depend on the app and how often it looks for Chromecast devices. Apps like Vudu seem to update quickly, but Netflix has been very problematic. So, I gave in and added the Chromecast device to my main network. Since I wrote this post, I’ve purchased an Apple TV and it works perfectly with the Bonjour gateway. I suspect that’s because Apple created Bonjour.


I had assumed the delay was because I didn't bother to set up a return route, ie setting a 2nd entry with the mobile client as the "Service" and the Chromecast as the "Client," meaning the client's active queries aren't forwarded the other direction and it has to wait passively for the Chromecast to announce its presence periodically before it's detected. I left it as is because I didn't want to forward any more traffic between the VLANs than was strictly necessary to get it working, but the fact that it works more quickly with an Apple device throws a bit of a wrench in that theory, as I don't see a reason they would behave in any significantly different way. It's possible the AppleTV simply announces more frequently, unfortunately I don't have any AppleTV devices to run packet captures and narrow down a difference in behavior. 

Murph
Conversationalist

Murph_0-1625883659742.png

 

Having this worked for me, thanks all

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels