Forward mdns Traffic 224.0.0.251 same VLAN on GS1900-24HP
Freshman Member
Good morning everyone,
I am currently having trouble getting mDNS (e.g., for Matter/HomeKit) to work reliably in my network and would appreciate your support.
Setup:
- Switch: Zyxel GS1900-24HP
- Multiple WLAN access points NWA220AX-6E, connected to the switch (ports 1–3)
- WLAN clients (including an iPhone) in VLAN 64 (10.0.64.0/20)
- Matter Bridge also in VLAN 64, connected to the switch (port 24)
- VLAN configuration:
- AP ports: VLAN 64 tagged
- Matter Bridge port: VLAN 64 untagged, PVID 64
The goal is to enable mDNS (224.0.0.251 / _matter._tcp.local, etc.) between WLAN clients and the Matter Bridge.
Observed behavior:
- The iPhone sends mDNS queries (confirmed via Wireshark by Port Mirroring , e.g.
_matterc._udp.local) - The Matter bridge is not discovered
- No relevant traffic is seen on the Matter Bridge(
tcpdump -i eth0 port 5353)
Analysis (Port Mirroring):
I used port mirroring on the switch to narrow down the issue:
- Mirror Port 2 (AP port) → PC (Port 5)
→ mDNS queries from the iPhone are visible - Mirror Port 24 (Matter Bridge) → PC (Port 5)
→ no mDNS traffic visible - Mirror Port 1 (another AP) → PC (Port 5)
→ also no mDNS traffic from the iPhone visible
Steps already taken:
- Disabled/Enable IGMP Snooping → no change
- Verified VLAN configuration → consistent
- Checked AP configuration (isolation, multicast, etc.) → no obvious issues, Traffic left the AP, can the th e traffic on Switch Port 2
Current assumption:
The mDNS traffic reaches the switch (visible on the AP port), but is not forwarded to other ports within the same VLAN (e.g., port 24).
This suggests a potential issue with multicast or link-local multicast handling (especially 224.0.0.251) on the switch.
Questions:
- Is this behavior known or expected for the GS1900?
- Is there a way to reliably flood link-local multicast (224.0.0.0/24)?
- Are there hidden settings (e.g., via CLI) that affect this behavior?
Thank you very much for your help!
All Replies
-
Hi @Yannick2026
May we check the layer 2 connection works between the iPhone and the Matter Bridge? Can the iPhone ping the Matter Bridge?
Also, could you help to collect the GS1900 tech support for us to check? Path: Maintenance > Configuration > Backup > Select HTTP and Tech Support > click Apply to collect and download.
Zyxel Melen0 -
Hey, the iphone (10.0.64.251) can ping the matter bridge (10.0.64.102).
The log is attached.
Thank you very much!0 -
Hi @Yannick2026
Thanks for the file! I found your configuration enables DoS function. Could you help to disable it first?
Zyxel Melen0
Zyxel Employee
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 223 Nebula Ideas
- 129 Nebula Status and Incidents
- 6.6K Security
- 630 USG FLEX H Series
- 354 Security Ideas
- 1.8K Switch
- 85 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 300 Service & License
- 492 News and Release
- 92 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 109 Security Highlight
