We run an L2TP-over-IPSEC VPN at home to allow remote access to our data and computers. On my server, I'm running forked-daapd, an itunes daap server for Linux. It's a great tool and I would really suggest checking it out.
This works perfectly when I'm in the house, but what if I want to access my iTunes library externally? Bonjour traffic, along with most multicast traffic usually doesn't travel over VPNs, unless you're using OpenVPN.
The solution is to use SSH tunneling. This means if you have an SSH gateway to your network, you could use that instead of a VPN.
First you have to grab the bonjour record of your library using avahi-browse on the linux box hosting your library.
Step 1: Browsing for your service
the -a means browse for all services, and the -r means resolve them.
You will likely see one of the services looks like this:
= eth0 IPv4 Music on server iTunes Audio Access local hostname = [server.local] address = [10.0.1.111] port =  txt = ["ffid=some_number" "Password=true/false" "Version=some_number" "iTSh Version=some_number" "mtd-version=some_number" "Machine Name=Music on server" "Machine ID=some_number" "Database ID=some_number" "txtvers=some_number"]
You'll need to copy the bit between the square brackets in the txt argument for the next step.
Step 2: Setting up the SSH Tunnel
As my portable computer is a mac, I made a quick and easy script to make the tunnel and advertise the mDNS service.
With the following contents
#!/bin/sh dns-sd -P "Music on server" _daap._tcp local 3689 localhost.local. \ 127.0.0.1 "ffid=some_number" "Password=true/false" "Version=some_number" "iTSh Version=some_number" "mtd-version=some_number" "Machine Name=Music on server" "Machine ID=some_number" "Database ID=some_number" "txtvers=some_number" ssh -C -N -L 3689:localhost:3689 [email protected]
Obviously, you will need to change the variables to the ones copied in the previous step for your library to register correctly, and remember to put in your password for SSH (it sometimes becomes obscured by all the debug data outputted by dns-sd, but if you just type it into the terminal regardless of if debug has been echoed out as SSH is the last running command)
Remember to make the script executable
chmod +x itunesmap.sh
And run it
If everything has worked, your library should now show up in iTunes and you can listen to music remotely over the VPN or SSH.Published 2016-09-03