- This topic has 11 replies, 3 voices, and was last updated 3 years, 5 months ago by
.
-
Posts
-
This is a continuation of the thread I started here:
https://forums.nomachine.com/topic/how-to-disable-mdns-traffic(Apologizes for starting a new thread, but the original was closed since it took too long for me to respond, and I didn’t see a way to message a moderator to ask about re-opening it).
Summary of the issue is that we are detecting mDNS queries originating from our Server being sent to multicast address 224.0.0.251 (port 5353 UDP). Queries are searching for _nomachine._tcp.local. We aren’t sure why this traffic is happening since ‘EnableNetworkBroadcast 0’ is set in server.cfg.
First suggestion in original thread was to update NoMachine. We have updated from NoMachine Terminal Server version 6.7.6-11 to the latest version 6.11.2-1.
The second suggestion was to “uncheck the box ‘Advertize this computer…’ in the player’s services panel on each host”. I was not able to find this setting on the server side. Opening the “NoMachine Service Status” menu on the server, I do not have the button to go to “Server Preferences” which I believe is where this setting is changed (see attached image). On the client side, I do have this setting and have it disabled on my own computer.
Is there anything else I could check?
Attachments:
Hello bsper2,
Please make sure that you have restarted nxserver after disabling broadcasting by setting configuration key in server.cfg:
EnableNetworkBroadcast 0Restarting nxserver after such change is required.
Please do the following steps on all hosts where you want to disable broadcast feature.In case restarting nxserver didnt help, please refer to an article on how to enable debug:
How to gather debug logs for support requests
1 .Enable debug on the server machine and then do:
sudo /etc/NX/nxserver --restartThen please check if you reproduced issue. Then please gather logs either manually or by executing:
sudo /etc/NX/nxserver --debug --collect2. Please send to us server.cfg file.
3. Can you please tell us how do exactly you check that
Please send the logs and server.cfg file to forum[at]nomachine[dot]com using the title of this forum’s thread as the mail’s subject.
About second suggestion to disable broadcasting from GUI by uncheck the box “Advertize this computer…” in the player’s services,
looks like you have set key ‘EnableServerPreferences’ to 0 in/usr/NX/etc/node.cfg.Please make sure that this key is set to ‘1’ and restart nxserver to be able to see “Server Preferences”
# grep EnableServerPreferences /usr/NX/etc/node.cfg EnableServerPreferences 1Thanks for the assistance.
Can confirm that nxserver has been restarted after setting ‘EnableNetworkBroadcast 0’ in server.cfg
My environment requires change control, so I will be seeking approval to make changes to the debug level as well as setting ‘EnableServerPreferences 1’ in node.cfg. Once the change is approved I will email the server.cfg and log files as requested.
Testing can be done with tcpdump. I run ‘tcpdump -ani eno2 port 5353’ (where eno2 is my interface name), and this is the type of output I get:
10:29:08.286066 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)
10:29:08.286081 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)
10:29:08.286083 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)
10:29:09.286597 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)
10:29:09.286610 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)
10:29:09.286613 IP 10.156.1.13.mdns > 224.0.0.251.mdns: 0 PTR (QM)? _nomachine._tcp.local. (39)After turning on EnableServerPreferences in node.cfg and opening the Server Preferences window, I can confirm that the “Advertise this compute on the local network” was already unchecked.
Next I will collect the logs and config and send a message to the email you provided. Will update ticket if we have a break-through.
Hello bsper2,
I assume ‘10.156.1.13’ is the server host where you had disabled mDNS broadcasting. Those logs, suggest it is mDNS discovery.
To disable discovery on clients, select Player preferences -> Privacy -> Don’t show other computers on the network.
The important thing is that you apply them an all machines of your network on which you dont want to have mDNS.
Hello irek,
Correct 10.156.1.13 is the server where I have tried to disable the network broadcasts.
I’ve logged into all five of our servers running NoMachine and confirmed that the “Don’t show other computers on the network” player preferences setting was already unchecked. Also verified all servers had the “Advertise this compute on the local network” setting unchecked.
Also made sure this was turned off on the one client desktop which is sitting on the same network that the NoMachine servers sit on. All other clients which connect to these NoMachine servers are on a separate network. They come in through a tunnel with a firewall setup between them which will block all broadcast traffic. So I wouldn’t expect the broadcasts coming from the servers are a response to some type of network traffic they are receiving.
Hello bsper2,
We could not reproduce this issue in your evironment.
Please gather logs and send them to us. Please follow the article on how to enable debug:
https://www.nomachine.com/DT10O00163 (“How to gather debug logs for support requests”)
Then please do:
sudo /etc/NX/nxserver --restartand reproduce the problem. Then please gather the logs either manually or by executing:
sudo /etc/NX/nxserver --debug --collectPlease send the logs to forum[at]nomachine[dot]com using the title of this forum’s thread as the mail’s subject.
Ok, I’ve put in a request to get this log information cleared for sending outside our environment. If that goes through I will send the logs.
Hello bsper2,
I’ve logged into all five of our servers running NoMachine and confirmed that the “Don’t show other computers on the network” player preferences setting was already unchecked. Also verified all servers had the “Advertise this compute on the local network” setting unchecked.
It’s correct that the key “Advertise this compute on the local network” is unchecked.
However, another key “Don’t show other computers on the network” should be checked.
So please change that to be checked (like in the screenshot 2).
To stop all MDNS traffic, you should have on player’s services panel on each host like screenshot 1,
and on the Player preferences like screenshot 2.Are all your players and servers set to this?
The important thing is that you apply them an all machines of your network on which you don’t want to have mDNS.
Attachments:
Ok, I did have the “Don’t show other computers on the network” unchecked. It looks like this is a per user setting, getting controlled by ~/.nx/config/player.cfg
I have many users connecting to these NoMachine servers, so I am looking for a way to set this across all users.
I see the setting key would be:
<option key=”Discover other NoMachine servers in the network” value=”false” />What is the best way to set that for all users? I looked to see if there was a system wide player.cfg file, or some setting in node.cfg or server.cfg but didn’t have much luck. Really want to avoid having to alter each users player.cfg file in place and maintain that setting change.
Hello bsper2,
unfortunately there is no other way.
It’s a client side setting, the only option is to change the CFG of all clients, wherever they are.
Maybe the best thing for you could be distributing a CFG for all users, so they could copy it in $HOME/.nx/config
on their side.
Please also remember to change that setting on server side for each and every user in their “$HOME/.nx/config” directory.
This topic was marked as solved, you can't post.