multicast dns
 

UDP port 5353 is open on my computer. Do I need this port open? I know what dns is but have no idea what a multicast DNS is. I assume it is something of a group like nature.

My network has been very laggish and connections often timeout.

Apparently I cannot block access to this port lol I know that my computer needs the dns in order to access the web but I always thought by default it used port 53. Not port 5353. I did not change it from 53 to 5353. How can I change it back?

mDNS isn't really that like DNS; it uses a DNS-like protocol, although it is broadcast from devices advertising their capabilities. It also has a variety of names. Avahi, Bonjour and others are all implementations of broadly the same thing, although different versions may have slightly different capabilities.

You may not need any of this if you have configured all of the networking stuff (router, printer, file server...whatever is relevant) manually, but, if you are relying on automatic configuration of any of this stuff, it'll stop wotking once you block this protocol.

What have you done to pin this down? It really shouldn't have anything to do with mDNS unless eg, the primary DNS server is set to something that doesn't exist (or is only intermittently accessible), and you are falling over from the primary to the secondary.

Mind you, that can be done without mDNS, so0 it is still not clear that mDNS is the only possible cause.

I don't know why you can't block this port. What iptables rules did you use, there might have been an error?

The default for dns is port 53. You probably haven't changed that, but that's unconnected with mDNS (although, if something that doesn't listen on 53 uses mDNS to tell the rest of the network that it does listen on port 53, that could be problematic, but you don't need to block mDNS to cure that, just configure the devices that advertise resources to advertise them correctly).

I tried blocking port 5353 but I guess that's the DNS my laptop is using. I used iptables -A INPUT -p udp -j DROP to drop all incoming I reset my iptables then rebooted. I was not able access the net.

My DNS originally was bound to tcp port 53. Then all of the sudden a local server on port 53 appeared. Now its gone and 5353 is open on the udp side. How do I manually change it back? What file do I have to edit?

This sounds like IP6 to me. It does use Multicasting, with such a large address space to consider. Check to see how this is implemented, does your local router have this enabled? My2cents

I think this is when I was running 12.xx. I have been using Lubuntu recently. My laptop crapped out and I had to buy a new one. I really didn't feel like installing Arch again. But I upgraded from 11.10 to 12.04 and the port 5353 was open once again. I think it has something to do with how 12 is set up. I reinstalled 11.10 and stuck with it. No more open port 5353.

Anyway, my wireless drivers dont agree with the newer kernel. I will never ever buy a Toshiba again. Thanks