Browsing Network Neighbourhood across subnets/VLANs

my 2nd thread, yay me
bcuz of this i used mswords spell checker & tried 2 write english
be nice plz this took me hours 2 write
im not sure this is the best place 4 this thread but I coudnt think of a better 1 since it will prolyl involve code
mods feel free 2 move it

G'day there potential meals, I've got a problem I've been scratching my head over for while now.

Last year I moved in with my girlfriend. No, it's not as much fun as you think.

In fact, I had a big problem and it wasn't deciding who has the "nicest" china and the "nicest" curtains: we both had pretty complex network setups, with our own switches, wireless APs, modems and stuff. So we couldn't just plug everything together otherwise it would've all ended in tears as our three(!) servers fought each other for control of the network. So no, we won't be doing that - and if she ever leaves (pun!) me it's still logically two separate networks that can just be disconnected from each other.

So I took the easy way out: since we had different IP numbering rules (yay DHCP) I used my cheap (but still fully-managed) switch to make two VLANs: I put my network in one, bear-ess_only30%aussie's on the other, and set up packet routing between them. Clever marsupial - or so I thought... before long though, the complaining started:

"Hey bear, I can't see your server (read: media collection) from Network Neighbourhood."
"Yeah that's because network discovery packets don't go across subnets. I can't see your computers from 'my' side either."
By the way, my girlfriend is pretty smart, so she actually knew what that meant.
"How am I meant to watch <some show you ripped from BR in 4K> then?"
Seriously, bear-ess? Maybe you didn't understand...
"Um, just type \\Server.his-side\Media\TV\Some 4K Show (2018) into the address bar?"
Yay circular referencing each other's DNS servers.
"That takes ages with my junk $7 wireless keyboard/controller for PS3 I use as a media box/whatever."
OK, she did understand, and she's got me there.

So I repurposed one of her old computers as a HTPC and mapped network drives to it - and then had to deal with her complaining about replacing her PS3 with an entire computer (noise, power usage, etc.) - so all in all, it's not really ideal. She likes to wander around Network Neighbourhood and click things... and I too like the idea of the clear separation between "stuff that's on my computer" and "stuff that's on the network".

So, onto the question:

How do you make network browsing work across subnets?

Yeah, I know, it isn't easy. Half the Internet is instructions on how to do it that usually don't work for one reason or another. Not to mention this problem has been going on for so long, much of said instructions talk about flooding your network with NetBIOS broadcasts, and setting up the old Computer Browser service. C'mon, we've had WS-Discovery for sixteen years now, it's time to let go... but I've found exactly zero usable information about making this work with Function Discovery. This is odd, since it should be easier than with NetBIOS, because it's ordinary multicast, but (probably for security reasons) Microsoft hard-codes Function Discovery packets to have a TTL/hop limit of 1.

Edit: not to mention there's one or two slight buglets with the Computer Browser service - just display bugs though - that are cured by using Function Discovery.

These are things I have tried over the last year or two that don't work:

1. Running a WINS server
https://docs.microsoft.com/en-us/windows-server/networking/technologies/wins/wins-top
For some reason, this has never worked right for me - I also tried it a few times before we moved in together. It seems to want to run in a Windows domain environment (which I don't have, and I won't force on bear-ess), and needs Windows Server. It also requires NBT (sorta-kinda deprecated), running the Computer Browser service (disabled by default in recent Windows), and generally lots of client side (re)configuration. So I'd rather stick with Function Discovery.

2. Configure a higher TTL/hop limit Function Discovery puts on its packets
ala https://docs.microsoft.com/en-us/windows/win32/upnp/configuration-settings
Unlike the SSDP service (see link above) which has a registry knob to change the TTL, Function Discovery doesn't.

3. Turning on my el-cheapo network switch's multicast stuff
https://www.alliedtelesis.com/sites/default/files/documents/how-alliedware/howto_config_igmp1.pdf
https://www.alliedtelesis.com/sites...e-guides/pimdm_feature_config_guide_final.pdf
I thought this would do the job. In fact, from my understanding of it, it would - if Windows didn't set TTL to 1 on the WS-Discovery packets (that Function Discovery ultimately sends).

4. Implementing a Discovery Proxy
https://docs.microsoft.com/en-us/dotnet/framework/wcf/feature-details/implementing-a-discovery-proxy
Turns out this thing is designed to work with servers and clients that are specifically coded to talk to this proxy, it isn't made to work with Function Discovery - and if I read MSDN right (which I probably didn't), it can't be made to work with it anyway.

5. Any number of WS-Discovery/multicast/UDP proxies/relays/whatever you find on GitHub or SourceForge
https://github.com/mpromonet/ws-discovery
https://github.com/yakovlevdmv/WS-Discovery
https://sourceforge.net/projects/gsoap2/
etc.
Virtually all of these are for Linux-type OSs - and besides, even if they did run on Windows, they'd fight with Windows' own WSDAPI (which Function Discovery is built on top of) for ownership of the UDP ports WS-Discovery uses.

Things I haven't tried because I'm a dumb marsupial:

A. Writing my own WS-Discovery/multicast/UDP proxy/whatever
Trust me you don't wanna see it
Yeah... that didn't work. I started putting something together in Freepascal in March, but when I realised A) WS-Discovery seems to choose UDP ports randomly, B) I'd still have to fight WSDAPI, and C) it was too hard to write (I'm a lazy marsupial too), I chucked it into C:\$RECYCLE.BIN.

B. Wrap/shim the WSDAPI to force a higher TTL
ala https://github.com/stascorp/rdpwrap
I'm too dumb to do this, and it would break every time Microsoft updated WSDAPI (just like the linked RDPWrap does). It would also need client configuration (installing it, firewall, etc).

C. Use something like wintun to catch and modify WS-Discovery packets as they move around
https://git.zx2c4.com/wintun/
I'm WAY too dumb to do this, and still needs installing/configuring.

So... anybody got any ideas? I'll give you all my best gum leaves?

 

ok ive been working on this the past mth or so on & off
i went wit "things i haven't tried... option B" bcuz it seemed cool 2 b up there with stas'm/binarymaster & other "hack the planet" doodz
turns out fd runs thru 4 different windows svcs (fdrespub, fdphost, dashost & spoolsv) so theyll all hav 2 b hooked
on th brite side ive figgered out what parts of wsdapi 2 fiddle 2 make it work (yay x64dbg)
wrapping ws2_32!WSASendTo() to chg the multicast ttl of pkts b4 their sent would fix sending
wsdapi also checks 2 see if packets r linklocal but uses iphlpapi!GetBestRoute2() 4 that so hooking that 2 say "yeah tats a linklocal ip" would work
now all i hav 2 do

is figger out how

 

yep thats a-me
im actualy pretty sh!t with computers so this has me stumped
can script abit but hav never done "real" programming past vb or delphi
yet i can work a disassembler
i blame bein raised on commodore 64

 

it doesn't
& requires windos svr which im tryin 2 avoid

we alredy do that & it works 4 typing in names "\\server.domain" but not 4 browsing

gf has ip6 disabled 4 her own crazy reasons

thanks for trying 2 help tho