How to set up remote access to ones music server without ssh

Whenever one wants to access a firefly server that is not on the same subnet as the player the Achilles heel of the otherwise very simple and efficient Bonjour network discovery shows: Multicast packets are usually not forwarded across different subnets and hence the server is not found.

So what can one do then? If all subnets are controlled by the user then he can try to configure all involved routers to forward/repeat multicast packets. This is however not supported by all routers and some implementations are faulty. Also this is no option when the user needs to cross subnets where he is not admin or if the internet has to be used.

In such cases the only solution, unless the player supports a manual way to specify the IP of the server (most as e.g. the Roku Soundbridges dont), is to fake a network bacon on the subnet of the player so that it learns the IP of the server.

Prerequisites

• ensure the mt-daapd daemon is properly configured with a playback password and running
• ensure your router (where your firefly server runs) is configured to forward port 3689 to the computer firefly runs on
• ensure you have access to a computer on the network where your player is

Broadcast the IP of your server on the player network

There are more than one way to accomplish this. The easiest is to make use of RendezvousProxy, which is part of a the iLeech package on sourceforge:

http://ileech.sourceforge.net/index.php?content=RendezvousProxy-Download

Its a small java program where you need to put in the IP or DNS of the server and it will broadcast it as if it was on the local subnet of the player.

Steps to reproduce

1. Start the RendezvousProxy on any PC in the players network (needs java)

2. Go to settings and add a new protocol: "_rsp._tcp." (exactly the part between the "")
3. Add the IP and port of your remote mediaserver under that service, e.g. 1.2.3.4:3689
4. Check If on the firewall or NAT router on the server side a port forward has been properly set by putting that address (e.g. 1.2.3.4:3689) in a webbrowser (and see if a password prompt comes).
5. reboot the player device or computer.

Voila, it should be running.

Possible problems and things to observe

• Make sure a playback password is set in mt-daapd, otherwise you share your music world-wide, which is probably a copyright infringement in your country.
• Some players like the ones from Roku will require you to reenter the password on every reboot or power loss
• The password is transmitted in cleartext and mt-daapd has not been developed with remote streaming in mind so there has been no thorough security inspection. This is not 100% safe.

Other resources

Additional information on this subject and the possible security implications can be found in the forum: http://forums.fireflymediaserver.org/viewtopic.php?t=5374