Multicast UDP not working in pasta 20241211 #24871
Description
Issue Description
This has been discussed extensively on IRC with sbrivio and Remco however, pasta 20241211, specifically commit 1db4f773e87fc77eae2c4965a6bb90fcb56a0ff3 causes my TV to not be able to see minidlna running inside a container on my laptop. Minidlna uses Multicast UDP with the SSDP protocol. Running pasta in debug mode shows:
Flow 0 (INI): TAP [172.16.0.11]:45988 -> [239.255.255.250]:1900 => ?
Flow 0 (INI): Invalid endpoint on UDP packet
Flow 0 (FREE): INI -> FREE
Flow 0 (FREE): TAP [172.16.0.11]:45988 -> [239.255.255.250]:1900 => ?
Dropping datagram with no flow TAP 172.16.0.11:45988 -> 239.255.255.250:1900
Steps to reproduce the issue
Run minidlna inside a rootless container with ports 1900/udp and 8200/tcp exposed, try and discover it on the same network which will fail. Downgrading to before commit 1db4f773e87f will allow it to work again.
The Containerfile I am using is this:
FROM docker.io/debian:latest
RUN apt-get update \
&& apt-get install -y --no-install-recommends minidlna \
&& rm -rf /var/lib/apt/lists/* \
&& mkdir -p /var/cache/minidlna /var/log/minidlna /run/minidlna \
&& chown minidlna:minidlna /var/cache/minidlna /var/log/minidlna /run/minidlna
COPY minidlna.conf /etc/minidlna.conf
USER minidlna
ENV LANG=C.UTF-8
EXPOSE 1900/udp
EXPOSE 8200
CMD ["minidlnad", "-S"]
And the minidlna.conf contains:
user=minidlna
friendly_name=MiniDLNA
media_dir=/srv/minidlna
Describe the results you received
TV does not detect minidlna
Describe the results you expected
The TV detecting minidlna
podman info output
host:
arch: amd64
buildahVersion: 1.38.0
cgroupControllers:
- cpu
- io
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.12-3.fc41.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.12, commit: '
cpuUtilization:
idlePercent: 95.02
systemPercent: 1.37
userPercent: 3.6
cpus: 4
databaseBackend: sqlite
distribution:
distribution: fedora
variant: workstation
version: "41"
eventLogger: journald
freeLocks: 2044
hostname: xen
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 6.12.4-200.fc41.x86_64
linkmode: dynamic
logDriver: journald
memFree: 8884027392
memTotal: 16629854208
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.13.1-1.fc41.x86_64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.13.1
package: netavark-1.13.1-1.fc41.x86_64
path: /usr/libexec/podman/netavark
version: netavark 1.13.1
ociRuntime:
name: crun
package: crun-1.19-1.fc41.x86_64
path: /usr/bin/crun
version: |-
crun version 1.19
commit: db31c42ac46e20b5527f5339dcbf6f023fcd539c
rundir: /run/user/1000/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0^20241211.g09478d5-1.fc41.x86_64
version: |
pasta 0^20241211.g09478d5-1.fc41.x86_64
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: /run/user/1000/podman/podman.sock
rootlessNetworkCmd: pasta
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: false
slirp4netns:
executable: ""
package: ""
version: ""
swapFree: 8589930496
swapTotal: 8589930496
uptime: 4h 56m 27.00s (Approximately 0.17 days)
variant: ""
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- docker.io
store:
configFile: /home/matt/.config/containers/storage.conf
containerStore:
number: 3
paused: 0
running: 3
stopped: 0
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/matt/.local/share/containers/storage
graphRootAllocated: 254339448832
graphRootUsed: 151918407680
graphStatus:
Backing Filesystem: btrfs
Native Overlay Diff: "true"
Supports d_type: "true"
Supports shifting: "false"
Supports volatile: "true"
Using metacopy: "false"
imageCopyTmpDir: /var/tmp
imageStore:
number: 10
runRoot: /run/user/1000/containers
transientStore: false
volumePath: /home/matt/.local/share/containers/storage/volumes
version:
APIVersion: 5.3.1
Built: 1732147200
BuiltTime: Thu Nov 21 00:00:00 2024
GitCommit: ""
GoVersion: go1.23.3
Os: linux
OsArch: linux/amd64
Version: 5.3.1Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
Yes
Additional environment details
Fedora 41, podman 5.3.1
Additional information
No response