Multicast DNS
Encyclopedia
Multicast DNS is a way of using familiar DNS
programming interfaces, packet formats and operating , in a small network where no conventional DNS server has been installed.
The mDNS protocol is used by Apple's Bonjour
and Linux Avahi
service discovery systems
of a host without the help of a centralized DNS server.
A machine looking for a given host sends a mDNS multicast query message.
The corresponding host replies with a multicast message announcing itself.
With this, all machines in the subnet can update their mDNS cache with the host's information.
A host can clear its announcement to a network by sending a response packet with a Time To Live (TTL) equal to zero.
MDNS uses the reserved namespace
The query message is similar to the host discovery message, but the
Its structure is based on the DNS packet format.
It is built out of 2 parts: header and data.
The flags are all
The data is The UTF-8
list of the parts of the name preceeded by the length of the item.
In a question, the name is terminated with a 0x00 and followed by
00 00 00 00 00 01 00 00 00 00 00 00 07 61 70 70
6c 65 74 76 05 6c 6f 63 61 6c 00 00 01 00 01
In the header,
In the data, the string
The name is followed by hex 00 00 01 00 01.
The queried device can respond:
00 00 84 00 00 00 00 01 00 00 00 02 07 41 70 70
6c 65 54 56 05 6c 6f 63 61 6c 00 00 01 80 01 00
00 00 78 00 04 99 6d 07 5a c0 0c 00 1c 80 01 00
00 00 78 00 10 fe 80 00 00 00 00 00 00 02 23 32
ff fe b1 21 52 c0 0c 00 2f 80 01 00 00 00 78 00
08 c0 0c 00 04 40 00 00 08
In the header,
The data is built out of 3 items: the answer and 2 additional records.
The answer consists of:
The first additional record is:
The second additional record is:
browser on a freshly started machine which has no mDNS cache will fire a DNS based Service Discovery (DNS-SD) request in the form of an UDP packet with a payload such as:
00000 00 00 00 00 00 02 00 05 00 00 00 00 09 5f 73 65 ............._se
00010 72 76 69 63 65 73 07 5f 64 6e 73 2d 73 64 04 5f rvices._dns-sd._
00020 75 64 70 05 6c 6f 63 61 6c 00 00 0c 00 01 01 62 udp.local......b
00030 c0 16 00 0c 00 01 c0 0c 00 0c 00 01 00 00 11 94 ................
00040 00 14 0c 5f 77 6f 72 6b 73 74 61 74 69 6f 6e 04 ..._workstation.
00050 5f 74 63 70 c0 23 c0 0c 00 0c 00 01 00 00 11 94 _tcp.#..........
00060 00 07 04 5f 72 66 62 c0 4f c0 0c 00 0c 00 01 00 ..._rfb.O.......
00070 00 11 94 00 07 04 5f 73 73 68 c0 4f c0 0c 00 0c ......_ssh.O....
00080 00 01 00 00 11 94 00 0c 09 5f 73 66 74 70 2d 73 ........._sftp-s
00090 73 68 c0 4f c0 0c 00 0c 00 01 00 00 11 94 00 09 sh.O............
000a0 06 5f 6f 64 69 73 6b c0 4f ._odisk.O
A possible answer to this request could be:
00000 00 00 84 00 00 01 00 03 00 00 00 00 09 5f 73 65 ............._se
00010 72 76 69 63 65 73 07 5f 64 6e 73 2d 73 64 04 5f rvices._dns-sd._
00020 75 64 70 05 6c 6f 63 61 6c 00 00 0c 00 01 c0 0c udp.local.......
00030 00 0c 00 01 00 00 00 0a 00 13 0b 5f 61 66 70 6f ..........._afpo
00040 76 65 72 74 63 70 04 5f 74 63 70 c0 23 c0 0c 00 vertcp._tcp.#...
00050 0c 00 01 00 00 00 0a 00 07 04 5f 66 74 70 c0 46 .........._ftp.F
00060 c0 0c 00 0c 00 01 00 00 00 0a 00 07 04 5f 73 6d ............._sm
00070 62 c0 46 b.F
indicating that the corresponding machine provides Apple Filing Protocol
, File Transfer Protocol and SAMBA
file sharing.
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
programming interfaces, packet formats and operating , in a small network where no conventional DNS server has been installed.
The mDNS protocol is used by Apple's Bonjour
Bonjour (software)
In computing, Bonjour is Apple Inc.'s trade name for its implementation of Zeroconf, a group of technologies that includes service discovery, address assignment, and name resolution...
and Linux Avahi
Avahi (software)
Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. It is licensed under the GNU Lesser General Public License ....
service discovery systems
Host Discovery
Using mDNS allows to determine the IP addressIP address
An Internet Protocol address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing...
of a host without the help of a centralized DNS server.
A machine looking for a given host sends a mDNS multicast query message.
The corresponding host replies with a multicast message announcing itself.
With this, all machines in the subnet can update their mDNS cache with the host's information.
A host can clear its announcement to a network by sending a response packet with a Time To Live (TTL) equal to zero.
MDNS uses the reserved namespace
.local
.Service discovery
DNS-SD allows to build a list of hosts providing a given service.The query message is similar to the host discovery message, but the
QTYPE
is 0x000C (PTR) instead of 0x0001 (A).Packet Structure
The mDNS Ethernet frame is a multicast UDP packet to:- MAC address
01:00:5E:00:00:FB
- IPv4 address
224.0.0.251
or IPv6 addressFF02::FB
- UDP port
5353
Its structure is based on the DNS packet format.
It is built out of 2 parts: header and data.
offset (bytes) | 0 | 1 |
---|---|---|
0 | ID = 0x0000 | |
2 | Flags | |
4 | QDCOUNT | |
6 | ANCOUNT | |
8 | NSCOUNT | |
10 | ARCOUNT | |
12 | Data |
The flags are all
0
except for:
- the first bit, Query/Response (QR), which is
0
for a query and1
for a response - the sixth bit, Authoritative Answer (AR), which is equal to the bit QR
The data is The UTF-8
UTF-8
UTF-8 is a multibyte character encoding for Unicode. Like UTF-16 and UTF-32, UTF-8 can represent every character in the Unicode character set. Unlike them, it is backward-compatible with ASCII and avoids the complications of endianness and byte order marks...
list of the parts of the name preceeded by the length of the item.
In a question, the name is terminated with a 0x00 and followed by
QTYPE
which is 0x0001 for a host address, and QCLASS
which is 0x0001 for Internet.Example: Host Discovery
Trying aping
to appletv.local
will force the computer to send a mDNS question with UDP payload:00 00 00 00 00 01 00 00 00 00 00 00 07 61 70 70
6c 65 74 76 05 6c 6f 63 61 6c 00 00 01 00 01
In the header,
Flags
are zero, QDCOUNT
is 1 and all other counts are zero.In the data, the string
appletv
is preceeded by its length 0x07 and local
by 0x05.The name is followed by hex 00 00 01 00 01.
The queried device can respond:
00 00 84 00 00 00 00 01 00 00 00 02 07 41 70 70
6c 65 54 56 05 6c 6f 63 61 6c 00 00 01 80 01 00
00 00 78 00 04 99 6d 07 5a c0 0c 00 1c 80 01 00
00 00 78 00 10 fe 80 00 00 00 00 00 00 02 23 32
ff fe b1 21 52 c0 0c 00 2f 80 01 00 00 00 78 00
08 c0 0c 00 04 40 00 00 08
In the header,
Flags
has bits QR
and AR
set, ANCOUNT
is 1, ARCOUNT
is 2 and all other counts are zero.The data is built out of 3 items: the answer and 2 additional records.
The answer consists of:
- the string
AppleTV
, preceeded by its length0x07
, the stringlocal
, preceeded by length0x05
, and end of string delimiter0x00
- the type
0x0001
, address (A) - the class
0x8001
, Ethernet, with MSB set (mDNS-specific) - the Time To Live (TTL)
0x00007800
- the length
0x0004
- the IP address
0x996D075A
The first additional record is:
- a link to the name at position 12,
0xC00C
- the type
0x001C
, IPv6 address (AAAA) - the class
0x8001
, Ethernet - the TTL
0x00007800
- the length
0x0010
- the IP address
0xFE80000000000000022332FFFEB12152
The second additional record is:
- a link to the name at position 12,
0xC00C
- the type
0x002F
, name section (NSEC) - the class
0x8001
, Ethernet - the TTL
0x00007800
- the length
0x0008
- the block and bitmap
0xC00C000440000008
Example: Service discovery
Launching a Bonjour or AvahiAvahi (software)
Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery. It is licensed under the GNU Lesser General Public License ....
browser on a freshly started machine which has no mDNS cache will fire a DNS based Service Discovery (DNS-SD) request in the form of an UDP packet with a payload such as:
00000 00 00 00 00 00 02 00 05 00 00 00 00 09 5f 73 65 ............._se
00010 72 76 69 63 65 73 07 5f 64 6e 73 2d 73 64 04 5f rvices._dns-sd._
00020 75 64 70 05 6c 6f 63 61 6c 00 00 0c 00 01 01 62 udp.local......b
00030 c0 16 00 0c 00 01 c0 0c 00 0c 00 01 00 00 11 94 ................
00040 00 14 0c 5f 77 6f 72 6b 73 74 61 74 69 6f 6e 04 ..._workstation.
00050 5f 74 63 70 c0 23 c0 0c 00 0c 00 01 00 00 11 94 _tcp.#..........
00060 00 07 04 5f 72 66 62 c0 4f c0 0c 00 0c 00 01 00 ..._rfb.O.......
00070 00 11 94 00 07 04 5f 73 73 68 c0 4f c0 0c 00 0c ......_ssh.O....
00080 00 01 00 00 11 94 00 0c 09 5f 73 66 74 70 2d 73 ........._sftp-s
00090 73 68 c0 4f c0 0c 00 0c 00 01 00 00 11 94 00 09 sh.O............
000a0 06 5f 6f 64 69 73 6b c0 4f ._odisk.O
A possible answer to this request could be:
00000 00 00 84 00 00 01 00 03 00 00 00 00 09 5f 73 65 ............._se
00010 72 76 69 63 65 73 07 5f 64 6e 73 2d 73 64 04 5f rvices._dns-sd._
00020 75 64 70 05 6c 6f 63 61 6c 00 00 0c 00 01 c0 0c udp.local.......
00030 00 0c 00 01 00 00 00 0a 00 13 0b 5f 61 66 70 6f ..........._afpo
00040 76 65 72 74 63 70 04 5f 74 63 70 c0 23 c0 0c 00 vertcp._tcp.#...
00050 0c 00 01 00 00 00 0a 00 07 04 5f 66 74 70 c0 46 .........._ftp.F
00060 c0 0c 00 0c 00 01 00 00 00 0a 00 07 04 5f 73 6d ............._sm
00070 62 c0 46 b.F
indicating that the corresponding machine provides Apple Filing Protocol
Apple Filing Protocol
The Apple Filing Protocol is a network protocol that offers file services for Mac OS X and original Mac OS. In Mac OS X, AFP is one of several file services supported including Server Message Block , Network File System , File Transfer Protocol , and WebDAV...
, File Transfer Protocol and SAMBA
Samba (software)
Samba is a free software re-implementation, originally developed by Andrew Tridgell, of the SMB/CIFS networking protocol. As of version 3, Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain...
file sharing.