Re: Bonjour traffic

akanarya · ‎04-18-2021

Hi,

My backbone switch is constantly producing traffic from switch itself to 224.0.0.251:5353 in every 5 seconds.

I learned that it is bonjour traffic which i dont need.

Therefore i globally disabled bonjour discovery from the switch but i couldnt stop the generated traffic.

I tried to enable discovery to another dummy vlan (which is not routed) as control table interface but it didnt help.

I see the traffic on management vlan again.

Swith is SG550XG-24T and firmware is 2.5.5.47.

I discovered the problem through my firewall machine logs.

There is an interesting thing:

#show services tcp-udp

Type Local IP address Remote IP address Service name State
---- --------------------- --------------------- ------------ -----------

......

UDP6 All-5353 Bonjour

I dont know it is related or not. But I dont have ip6 conf by default.

Thanks

akanarya · ‎04-19-2021

any comment?

akanarya · ‎04-20-2021

I started to think that it is a firmware bug.

I have same problems with 350 series edge switches which have same firmware version.

I applied an access list to all switch ports to deny port 5353.

But this is a dirty hack for me and it is annoying.

cyberconsultants · ‎04-20-2021

Interested in this discussion.

How have you confirmed this as Bonjour traffic specifically? Asking only because mDNS/DNS-SD/Avahi all utilize port 5353 for multicast discovery/zeroconf.

akanarya · ‎04-20-2021

Infact I am not sure it is Bonjour or not

I didnt inspect the packet. All I see is a traffic to 224.0.0.251:5353.

But I didnt see any setting for mDNS or Avahi in my switch.

So I concentrated on Bonjour, maybe I am wrong.

Bonjour traffic

Cisco Business Product Family

Cisco Switching Product Family