Skip to main content
Skip table of contents

How Can I Resolve Delays in Linux Client SSH Connections by Configuring mDNS?


Configuring mDNS (multicast DNS) on a Linux endpoint allows your computer to resolve the hostnames of other devices on the same local network without needing a central DNS server. The most common tool used for configuring mDNS on Linux is Avahi.

Using mDNS can help reduce SSH connection delays caused by the system when trying to resolve local hostnames without the use of a DNS server. By configuring mDNS, these hostnames can be resolved more quickly and efficiently.


To configure Avahi for mDNS on a Linux endpoint computer, do the following:

1. Install the Avahi daemon and its utilities by using the following commands:

 On Debian/Ubuntu:

sudo apt-get update

sudo apt-get install avahi-daemon avahi-utils

 On RHEL/CentOS:

sudo yum update

sudo yum install avahi-daemon avahi-tools

2. Once installation is complete, enable and start the Avahi daemon so that it automatically starts when booting up the computer, by using the following commands:

sudo systemctl enable avahi-daemon

sudo systemctl start avahi-daemon

3. Optionally, configure the Avahi config file by using the following command:

sudo nano /etc/avahi/avahi-daemon.conf

Important sections to review:

 use-ipv4=yes and use-ipv6=yes to enable Avahi on both IPv4 and IPv6.

 allow-interfaces=eth0 if you want to restrict Avahi to specific network interfaces (where eth0 needs to be replaced by your actual network interface).

 deny-interfaces=eth1 to deny Avahi on specific network interfaces.

Save and close the file after making any changes.

4. Restart Avahi by using the following command:

sudo systemctl restart avahi-daemon

5. Check the Avahi status by using the following command:

sudo systemctl status avahi-daemon

6. Configure the firewall:

For Avahi to function as required and allow hostname resolution over the local network, you need to allow traffic on the mDNS port 5353 over UDP by adding the following rules to your firewall:

 For iptables:

sudo iptables -A INPUT -p udp --dport 5353 -j ACCEPT

sudo iptables -A OUTPUT -p udp --dport 5353 -j ACCEPT

 For firewalld:

sudo firewall-cmd --zone=public --add-port=5353/udp --permanent

sudo firewall-cmd --reload

7. Test mDNS:

With Avahi configured, your system can resolve names ending in “.local” without further configuration. For example, you can ping machines by their hostname, by using the following command:

ping <hostname>.local (where “<hostname>“ needs to be replaced by the actual hostname of the computer that you want to ping).

NOTE: Make sure that your firewall settings allow traffic on the mDNS port 5353 over UDP. You can check if traffic is allowed through the mDNS port 5353 by using the following commands:

 For iptables:

sudo iptables -L INPUT -n --line-numbers | grep :5353

 For firewalld:

sudo firewall-cmd --list-all | grep 5353

You can also use the following command to check that Avahi is functioning as required:

avahi-resolve-host-name -4 -n <hostname>.local

where:

- "-4" is a flag that tells avahi-resolve-host-name to use only IPv4 (or use -6 for IPv6).

- "-n" specifies the hostname that you want to resolve to an IP address.

If you managed to resolve the host's IP address, Avahi is functioning as required, and traffic through port 5353 over UDP is allowed. If not, this may indicate issues with the configuration of Avahi or the firewall settings.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close