AirShare Docs
Advanced

Network Setup

Advanced networking configuration for AirShare, including firewalls, routers, and enterprise networks.

Network Setup

Advanced guide to configuring your network for optimal AirShare performance, including firewall rules, router settings, and enterprise network considerations.

Network Requirements

Basic Requirements

For AirShare to work, your network must support:

  • Multicast (mDNS): For device discovery
  • UDP traffic: For QUIC file transfers
  • Same subnet: Devices on same local network
  • Port range: 59875-59925 UDP accessible

Most home networks support these by default. Enterprise networks may require configuration.

Firewall Configuration

Windows Firewall

Allow AirShare Through Firewall

Method 1: Automatic (First Launch)

Windows usually prompts on first launch:

  1. Click "Allow access"
  2. Check both Private and Public networks
  3. Click "Allow"

Method 2: Manual Configuration

If you missed the prompt:

  1. Open Windows Security
  2. Go to Firewall & network protection
  3. Click Allow an app through firewall
  4. Click Change settings (requires admin)
  5. Click Allow another app...
  6. Click Browse and find AirShare.exe
  7. Add and check both Private and Public

Create Specific Port Rules (Advanced)

For more control, create port rules:

Open PowerShell as Administrator:

# Allow QUIC ports (file transfers)
New-NetFirewallRule -DisplayName "AirShare QUIC" -Direction Inbound -Protocol UDP -LocalPort 59875-59925 -Action Allow

# Allow mDNS (device discovery)
New-NetFirewallRule -DisplayName "AirShare mDNS" -Direction Inbound -Protocol UDP -LocalPort 5353 -Action Allow

Or via GUI (Windows Defender Firewall with Advanced Security):

  1. Open Windows Defender Firewall with Advanced Security
  2. Click Inbound RulesNew Rule
  3. Rule Type: Port
  4. Protocol: UDP
  5. Specific local ports: 59875-59925
  6. Action: Allow the connection
  7. Profile: Check all (Domain, Private, Public)
  8. Name: AirShare QUIC
  9. Repeat for port 5353 (mDNS)

macOS Firewall

Allow AirShare

If Firewall is Disabled: No action needed (default)

If Firewall is Enabled:

  1. System SettingsNetworkFirewall
  2. Click Options
  3. Ensure AirShare is in the list and set to Allow
  4. If not listed:
    • Click + button
    • Navigate to /Applications/AirShare.app
    • Add and set to Allow

Application Firewall (ALF) Commands

Terminal commands for advanced users:

# Allow AirShare
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/AirShare.app

# Verify
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getappblocked /Applications/AirShare.app
# Should show: "Firewall is configured to ALLOW"

Linux Firewall

UFW (Ubuntu, Debian, Mint)

Most common Linux firewall:

# Allow AirShare ports for local network
sudo ufw allow from 192.168.0.0/16 to any port 59875:59925 proto udp
sudo ufw allow from 10.0.0.0/8 to any port 59875:59925 proto udp

# Allow mDNS
sudo ufw allow from 224.0.0.0/4 to any port 5353 proto udp

# Reload firewall
sudo ufw reload

# Check status
sudo ufw status

For specific interface (e.g., WiFi):

sudo ufw allow in on wlan0 to any port 59875:59925 proto udp
sudo ufw allow in on wlan0 to any port 5353 proto udp

Firewalld (Fedora, RHEL, CentOS)

# Add AirShare service
sudo firewall-cmd --permanent --new-service=airshare
sudo firewall-cmd --permanent --service=airshare --add-port=59875-59925/udp
sudo firewall-cmd --permanent --service=airshare --set-description="AirShare file transfer"

# Add mDNS
sudo firewall-cmd --permanent --add-service=mdns

# Enable for appropriate zone
sudo firewall-cmd --permanent --zone=home --add-service=airshare
sudo firewall-cmd --permanent --zone=home --add-service=mdns

# Reload
sudo firewall-cmd --reload

# Verify
sudo firewall-cmd --list-all --zone=home

iptables (Advanced)

For systems using iptables directly:

# Allow QUIC ports
sudo iptables -A INPUT -p udp --dport 59875:59925 -j ACCEPT

# Allow mDNS
sudo iptables -A INPUT -p udp --dport 5353 -j ACCEPT

# Save rules (Debian/Ubuntu)
sudo iptables-save > /etc/iptables/rules.v4

# Save rules (RHEL/CentOS)
sudo service iptables save

Router Configuration

Port Forwarding (Usually NOT Needed)

AirShare works on local network and does not require port forwarding.

Only needed if:

  • Devices are on different network segments
  • Corporate network with strict routing

If needed, forward ports:

  • 59875-59925 UDP for QUIC
  • To the device's local IP address

Multicast/mDNS Configuration

Enable mDNS/Multicast

Most routers allow multicast by default. If not:

  1. Access router admin panel (usually 192.168.1.1 or 192.168.0.1)
  2. Look for:
    • Multicast Filtering → Disable
    • IGMP Snooping → Enable
    • Multicast Rate → Set to maximum
  3. Save and reboot router

AP Isolation

Access Point (AP) Isolation prevents devices from seeing each other.

Disable AP Isolation:

  1. Router admin panel
  2. Wireless Settings → Advanced
  3. Find "AP Isolation" or "Client Isolation"
  4. Disable it
  5. Save and reboot
Guest Networks: Guest WiFi usually has AP Isolation enabled. Don't use guest network for AirShare.

WiFi Settings for Best Performance

Optimize router WiFi settings:

Channel Selection

2.4 GHz:

  • Use channels: 1, 6, or 11 (non-overlapping)
  • Avoid auto-select if neighbors use same channels

5 GHz:

  • Use DFS channels if available (more channels)
  • Auto-select usually fine

Channel Width

  • 20 MHz: Maximum compatibility, slower
  • 40 MHz: Faster, good for 2.4 GHz
  • 80 MHz: Much faster, 5 GHz only (recommended)
  • 160 MHz: Fastest, WiFi 6 only

Recommendation: 80 MHz on 5 GHz for best speed

Band Steering

  • Enable if you want automatic 5 GHz preference
  • Disable if you want manual control

QoS (Quality of Service)

Prioritize AirShare traffic:

  1. Enable QoS in router settings
  2. Add rule for:
    • Protocol: UDP
    • Ports: 59875-59925
    • Priority: High
  3. Or prioritize by device MAC address

Enterprise & Corporate Networks

Common Enterprise Network Issues

1. Multicast Blocked

Many corporate networks block multicast:

Symptoms:

  • Devices don't discover each other
  • Empty Radar

Solutions:

  • Request network admin to allow mDNS on local subnet
  • Use static device entry (future AirShare feature)
  • Use separate network for AirShare

2. VLAN Segmentation

Devices on different VLANs can't discover each other:

Symptoms:

  • Some devices appear, others don't
  • Inconsistent discovery

Solutions:

  • Request same VLAN for all devices
  • Configure mDNS reflector/repeater on network
  • Use mDNS gateway

3. Strict Firewall Policies

Corporate firewalls may block QUIC:

Solutions:

  • Request firewall exception for ports 59875-59925 UDP
  • Whitelist AirShare executable
  • Use during off-VPN hours

4. 802.1X Authentication

Enterprise WiFi with certificate authentication:

Usually works, but verify:

  • mDNS is allowed on authenticated network
  • No additional client isolation
  • Check with IT department

Working with IT Departments

When requesting AirShare network access:

Information to provide:

Application: AirShare
Purpose: Secure local file transfer
Protocol: QUIC over UDP
Ports Required: 59875-59925 (UDP)
Discovery: mDNS (port 5353 UDP)
Traffic: Local network only, no internet
Security: TLS 1.3 encryption, SHA-256 verification
Comparison: Similar to Apple AirDrop

Firewall rules needed:

Inbound UDP: ports 59875-59925
Inbound UDP: port 5353 (mDNS)
Allow multicast: 224.0.0.251 (mDNS)
Same subnet communication

VPN Considerations

How VPNs Affect AirShare

VPN active = Different network segment

Impact:

  • ❌ Can't discover devices not on VPN
  • ❌ Can't transfer to/from non-VPN devices
  • ✅ Can discover other devices on VPN (if VPN allows local traffic)

Split Tunneling

Allow local network traffic while on VPN:

Windows (OpenVPN):

# Edit .ovpn config file, add:
route-nopull
route VPN_GATEWAY_IP 255.255.255.255
route 192.168.0.0 255.255.0.0 net_gateway
route 10.0.0.0 255.0.0.0 net_gateway

macOS/Linux: Depends on VPN client. Look for "Split Tunneling" or "Local Network Access" settings.

Recommendation: Disconnect from VPN for local transfers, or configure split tunneling.

Advanced Network Scenarios

Multiple Network Interfaces

If you have multiple network adapters (Ethernet + WiFi):

AirShare behavior:

  • Binds to all interfaces
  • Discovers on all networks
  • Transfers on the interface used for discovery

Recommendation: Disable unused interfaces during transfer for consistency.

Static IP Configuration

For stable connections, use static IPs:

Windows:

  1. Settings → Network & Internet → Change adapter options
  2. Right-click network → Properties
  3. IPv4 → Properties
  4. Use the following IP address:
    • IP: 192.168.1.100 (example)
    • Subnet: 255.255.255.0
    • Gateway: 192.168.1.1

macOS:

  1. System Settings → Network
  2. Select connection → Details
  3. TCP/IP → Configure IPv4: Manually
  4. Set IP, Subnet, Router

Linux:

# Via nmcli (NetworkManager)
sudo nmcli con mod CONNECTION_NAME ipv4.addresses 192.168.1.100/24
sudo nmcli con mod CONNECTION_NAME ipv4.gateway 192.168.1.1
sudo nmcli con mod CONNECTION_NAME ipv4.method manual
sudo nmcli con up CONNECTION_NAME

Subnet Mask Configuration

Devices must be on same subnet:

Valid scenarios:

  • ✅ Device A: 192.168.1.100/24, Device B: 192.168.1.200/24
  • ✅ Device A: 10.0.0.50/24, Device B: 10.0.0.100/24

Invalid scenarios:

  • ❌ Device A: 192.168.1.100/24, Device B: 192.168.2.100/24 (different subnet)
  • ❌ Device A: 10.0.0.50/24, Device B: 172.16.0.50/24 (different network)

Network Diagnostics

Check AirShare Network Status

In AirShare:

  1. Radar → Tools → Network Diagnostics
  2. View:
    • Local IP address(es)
    • Active QUIC port
    • mDNS status
    • Network interfaces

Test mDNS Discovery

Linux/macOS:

# Install avahi-utils (Linux) or already included (macOS)
avahi-browse -a

# Should show AirShare services like:
# _airshare._udp

Windows:

# Install Bonjour SDK or use "Discovery - DNS-SD Browser"
# Look for _airshare._udp services

Test UDP Port Accessibility

From receiver (listen):

# Linux/macOS
nc -u -l 59875

From sender (send):

# Linux/macOS  
echo "test" | nc -u RECEIVER_IP 59875

If receiver sees "test", UDP is working.

Check Network Connectivity

# Ping test (ICMP)
ping OTHER_DEVICE_IP

# Traceroute (check hops)
traceroute OTHER_DEVICE_IP  # Linux/macOS
tracert OTHER_DEVICE_IP     # Windows

# Ensure only 1 hop (direct connection)

Troubleshooting Network Issues

"No devices found"

  1. Check same network: Verify both devices on same WiFi/network name
  2. Disable VPN: Temporarily disconnect VPN
  3. Check firewall: Ensure AirShare allowed
  4. Check router settings: Disable AP isolation, enable multicast
  5. Restart router: Simple but often effective

"Connection refused"

  1. Firewall blocking: Check port 59875-59925 UDP is allowed
  2. Network segmentation: Devices may be on different VLANs
  3. NAT issues: Rare, but check router NAT settings

"Transfer drops frequently"

  1. Network instability: Check WiFi signal strength
  2. Interference: Use 5 GHz or change channel
  3. Congestion: Reduce other network activity
  4. Hardware: Router overheating, restart it

Best Practices

Network Best Practices

  1. Use dedicated network: Separate network for heavy transfers
  2. Update router firmware: Fixes bugs and improves performance
  3. Document firewall rules: Keep record of what you allowed
  4. Test before large transfers: Verify connectivity first
  5. Monitor network: Use router admin to check congestion
  6. Segment if needed: IoT devices on separate network
  7. Regular reboots: Restart router monthly for best performance

Next Steps

Performance Optimization

Get the fastest possible transfer speeds with AirShare optimization tips and best practices.