Apple Event: May 7th at 7 am PT
Ever since upgrading to Yosemite, my Norton firewall tells me that a computer with this IP is trying to run discoveryd on UDP port 5353 (bonjour). Is this something that Yosemite needs that I need to unblock?
MacBook Pro with Retina display, OS X Yosemite (10.10)
On one machine I upgraded from Mavericks 10.9.5 I found that the Mac firewall was blocking discoveryd and this apparently prevented my Bonjour attached printers from working. I did a whole lot of messing around, but it seems that enabling it in the firewall allowed me to bring them back. On another machine I similarly upgraded this didn't happen - discoveryd is not listed as a service to block/allow in the firewall.
(Of course, sometimes we go down a rathole and come to the wrong conclusion, so treat this as a possible solution to printer problems.)
I found something else on the web indicating that discoveryd had replaced mDNSResponder; apparently it is necessary. Not sure about your case; you will probably want to find the machine w/ addr 224.0.0.251.
Enabling discoveryd in my firewall fixed my printer not being seen as connected. I would like to know if doing this has opened me up to to malware/viruses etc.
Your not alone. I'm having the same issue with Yosemite and Norton on a Mac Pro and a MacBook Pro. Not sure whether it's printer-related or not. Hoping an Apple tech gives a definitive answer.
Is your computer connected directly to the Internet (i.e. straight to your cable modem), or are you using a router (e.g. Airport Extreme)? If the latter, generally you don't need to run a firewall on your machine and block stuff (especially with Norton!), if you don't have port forwarding turned on at the router.
Hoping an Apple tech gives a definitive answer.
FYI, do not expect an answer from Apple techs here - these are user to user forums.
I'm not chiming in as I'm not having the problem and it isn't my area of expertise; however, one note: personally, I would not have Norton installed.
From Wikipedia…
Local subnetwork
Addresses in the range of 224.0.0.0 to 224.0.0.255 are individually assigned by IANA and designated for multicasting on the local subnetwork only. For example, the Routing Information Protocol (RIPv2) uses 224.0.0.9, Open Shortest Path First (OSPF) uses 224.0.0.5 and 224.0.0.6, and Zeroconf mDNS uses 224.0.0.251. Routers must not forward these messages outside the subnet in which they originate.
https://en.wikipedia.org/wiki/Multicast_address
In short 224.0.0.251 is something on your local network attempting to 'discover' the locally available services via mDNS. If you use Norton or any other firewall to block it the services on that machine won't be discovered & you will need to manually configure them, then you will also need to ensure the ports in question are not blocked for the specific services.
I spoke to tech support today, who told me that discoveryd is a safe process in the OS and I should just allow it the next time the message comes up. Not only 224.0.0.251, but also ff02::fb.
My machine too, in Yosemite.
discoveryd
224.0.0.251
ff02::fb.
Been driving me nuts. Thank you so much for doing to work and letting us know!
Took me a while to add the discoveryd exception to the firewall SO here are the exact steps to add discoveryd to your firewall on a mac pro 10.10.2 yosemite:
This makes no sense. discoveryd should already be OK for whatever it needs to from the OS X Firewall.
The only things that might have issues with it are 3rd party Firewalls like Norton, which are being stupid. Yes, stupid, as it's just WRONG behavior. One of the main reasons 3rd party AV and Firewall products are not recommended; they cause more problems than they solve. There is NO NEED for a third party firewall on OS X.
Computer on 224.0.0.251 trying to access /usr/libexec/discoveryd
