惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
IT之家
IT之家
S
SegmentFault 最新的问题
T
Tailwind CSS Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 司徒正美
J
Java Code Geeks
博客园 - 聂微东
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
The Cloudflare Blog
博客园_首页
大猫的无限游戏
大猫的无限游戏
博客园 - 三生石上(FineUI控件)
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 【当耐特】
腾讯CDC
Apple Machine Learning Research
Apple Machine Learning Research
酷 壳 – CoolShell
酷 壳 – CoolShell
V
V2EX
宝玉的分享
宝玉的分享
小众软件
小众软件
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Hugging Face - Blog
Hugging Face - Blog
月光博客
月光博客
NISL@THU
NISL@THU
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
WordPress大学
WordPress大学
有赞技术团队
有赞技术团队
Blog — PlanetScale
Blog — PlanetScale
aimingoo的专栏
aimingoo的专栏
L
LINUX DO - 热门话题
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
F
Fortinet All Blogs
博客园 - Franky
L
Lohrmann on Cybersecurity
S
Secure Thoughts
量子位
V
Vulnerabilities – Threatpost
Last Week in AI
Last Week in AI
博客园 - 叶小钗
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LINUX DO - 最新话题
I
InfoQ
C
CERT Recently Published Vulnerability Notes
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
G
GRAHAM CLULEY
Cisco Talos Blog
Cisco Talos Blog

Recent Commits to openclaw:main

test: merge chat side-result checks · openclaw/openclaw@ddd2c2a test: merge cron history checks · openclaw/openclaw@f7eb746 test: merge responsive navigation shell checks · openclaw/openclaw@c2e4b47 docs(changelog): add codex oauth fixes · openclaw/openclaw@628e6cd test: merge navigation routing cases · openclaw/openclaw@5d8cecb Tests: mock channel registry bundled fallback · openclaw/openclaw@2b08233 Secrets: avoid broad web search discovery for single plugin config · openclaw/openclaw@a464f59 test: merge config view browser checks · openclaw/openclaw@20cf511 fix(status): align oauth health with runtime · openclaw/openclaw@eed7116 feat: add macOS screen snapshots for monitor preview (#67954) thanks … · openclaw/openclaw@f377db1 fix: report shared auth scopes in hello-ok (#67810) thanks @BunsDev · openclaw/openclaw@0b6c39b Auto-reply: avoid eager bundled route fallback · openclaw/openclaw@3ea1bf4 Tests: narrow session binding contract setup · openclaw/openclaw@54e4e16 fix(macOS): enable undo/redo in webchat composer text input (#34962) · openclaw/openclaw@00951dc Tests: speed up channel setup promotion · openclaw/openclaw@82b529a Docs: refresh agent instructions · openclaw/openclaw@5775fe2 fix(auth): serialize OAuth refresh across agents to fix #26322 (#67876) · openclaw/openclaw@8e79080 test: allow ollama public surface boundary test · openclaw/openclaw@7d4f1a6 Docs: add test performance guardrails · openclaw/openclaw@89706d3 Tests: restore context-engine usage proof · openclaw/openclaw@e4c4f95 Tests: slim context engine runtime coverage · openclaw/openclaw@74c198f ci: retry failed custom checkouts · openclaw/openclaw@0ee5baf test: trim duplicate provider auth onboarding cases · openclaw/openclaw@1ffc02e matrix: fix sessions_spawn --thread subagent session spawning (#67643) · openclaw/openclaw@1ce2596 test: reduce auth choice fixture churn · openclaw/openclaw@857b9cd test: mock health status config boundaries · openclaw/openclaw@9d5ab4a test: mock onboard config io boundary · openclaw/openclaw@299694d test: mock legacy state plugin boundaries · openclaw/openclaw@2713089 test: mock channel install boundaries · openclaw/openclaw@b945248 test: mock doctor preview channel boundaries · openclaw/openclaw@b1a3ad4 test: trim doctor command hotspots · openclaw/openclaw@c66f16a test: isolate agent auth and spawn hotspots · openclaw/openclaw@9285935 test: stabilize MCP startup disposal race · openclaw/openclaw@dd9d2eb test: merge browser contract server suites · openclaw/openclaw@5817a76 test: narrow ollama provider discovery setup · openclaw/openclaw@a0d9598 build: declare qa-lab aimock runtime dependency · openclaw/openclaw@24431e5 test: speed up safe-bins exec harness · openclaw/openclaw@ee856ab test: preserve tool helpers in embedded runner mocks · openclaw/openclaw@acd86a0 refactor: move memory embeddings into provider plugins · openclaw/openclaw@77e6e4c test: reuse system-run temp fixtures · openclaw/openclaw@7e9ff0f test: trim hotspot wait overhead · openclaw/openclaw@12a59b0 Check: avoid duplicate boundary prep · openclaw/openclaw@baf11b8 test: reduce hotspot fixture overhead · openclaw/openclaw@3a59edd feat(ui): overhaul settings and slash command UX (#67819) thanks @Bun… · openclaw/openclaw@2cfb660 QA Matrix: exit cleanly on failure · openclaw/openclaw@42805d2 QA Matrix: isolate scenario coverage · openclaw/openclaw@7e659e1 Matrix: refresh crypto bootstrap state · openclaw/openclaw@94081d8 QA Lab: add provider registry · openclaw/openclaw@bb7e982 Matrix: add plugin changelog · openclaw/openclaw@4acab55 test: trim more hotspot overhead · openclaw/openclaw@f485311 test: trim remaining hotspot tests · openclaw/openclaw@6ba8626 test: narrow hotspot mocks · openclaw/openclaw@dbc8179 test: isolate gemini embedding request helpers · openclaw/openclaw@cd330f5 test: trim memory and mcp hotspots · openclaw/openclaw@fd48dfa test: slim provider registry mocks · openclaw/openclaw@2e08c77 test: harden Parallels update smoke · openclaw/openclaw@1a98090 feat: default Anthropic to Opus 4.7 · openclaw/openclaw@628b454 fix: harden node-host shell payload mutability checks · openclaw/openclaw@75c551e fix: land node-host approval binding for native binaries (#66731) (th… · openclaw/openclaw@29919bb CI: add daily schedule to CodeQL workflow (#67645) · openclaw/openclaw@69d25f5 fix(gateway): capture config hash after plugin auto-enable to prevent… · openclaw/openclaw@8c11210 fix: repair sanitized replay tool results before send (#67620) (thank… · openclaw/openclaw@c3c7a99 fix: restrict HTML timeout short-circuit to transient statuses · openclaw/openclaw@de129a6 fix: keep TUI watchdog bound to active run (#67401) (thanks @xantorres) · openclaw/openclaw@3525273 Gateway/skills: dedupe skills prefix-match + drop dead fallback on log · openclaw/openclaw@d7f489f Extensions/lmstudio: back off inference preload after consecutive fai… · openclaw/openclaw@b555214 TUI/streaming: add watchdog that resets the activity indicator after … · openclaw/openclaw@f44ab20 Agents/tool-loop: enable unknown-tool stream guard by default · openclaw/openclaw@36ed367 Gateway/skills: invalidate session skills snapshot on config write · openclaw/openclaw@b23d59a fix: classify HTML provider error pages correctly (#67642) (thanks @s… · openclaw/openclaw@e588e90 fix(skills): remove unused model-usage import (#67641) · openclaw/openclaw@55f05df docs(changelog): credit codex fix superseded PRs · openclaw/openclaw@e485f24 fix(openai-codex): normalize stale transport metadata in resolution a… · openclaw/openclaw@90801ba CI: pin Docker-related GitHub Actions (#67632) · openclaw/openclaw@f697b01 Android: modernize WebView and discovery API usage (#67627) · openclaw/openclaw@44a6e50 fix(deps): bump hono to 4.12.14 and @hono/node-server to 1.19.14 (GHS… · openclaw/openclaw@fbccc18 fix(deps): bump dompurify to 3.4.0 (#67614) · openclaw/openclaw@2c2dc00 CI: add explicit permissions to all workflow jobs (fixes code-scannin… · openclaw/openclaw@01b7516 fix: register bundled TTS providers and route overrides correctly (#6… · openclaw/openclaw@6ea3cdd fix: align host tilde paths with OS home (#62804) (thanks @stainlu) · openclaw/openclaw@ecfaf64 fix: flush creds queue before reconnect socket open (#67464) (thanks … · openclaw/openclaw@405c63f fix: strip standalone <function> tool call tags from visible text (#6… · openclaw/openclaw@78df859 fix(agents): preserve cli session metadata before transcript persist … · openclaw/openclaw@898fd04 docs(changelog): move cli transcript entry · openclaw/openclaw@c1817c6 fix(agents): normalize cli transcript api field · openclaw/openclaw@3a3fae0 docs(changelog): note cli transcript persistence · openclaw/openclaw@6c343f1 fix(agents): persist cli transcript turns · openclaw/openclaw@b8ef507 fix(msteams): harden security-sensitive flows (#65841) · openclaw/openclaw@c56b56e [Dashboard] Fix exec approval modal overflow for long command content… · openclaw/openclaw@053c5b0 Docs: remove QA changelog entry · openclaw/openclaw@7fd5771 QA: fix private runtime source loading (#67428) · openclaw/openclaw@d5933af docs(gateway): correct protocol.md schema path, hello-ok example, aut… · openclaw/openclaw@489404d CI: pin Node 22 runners to 22.18.0 · openclaw/openclaw@4ffa621 models.authStatus: normalize provider ids + tighten env-backed escape… · openclaw/openclaw@f2fdb9d Update CHANGELOG.md · openclaw/openclaw@7694a92 test(parallels): clean up npm update guard jobs · openclaw/openclaw@045ea7b Plugins: prefer scanDir override paths · openclaw/openclaw@b2974da fix(dreaming): default storage.mode to "separate" so phase blocks sto… · openclaw/openclaw@8c392f0 fix(memory-core): skip dreaming transcript ingestion via session stor… · openclaw/openclaw@a1b01f0 fix: dedupe replayed exec.finished node events (#67281) · openclaw/openclaw@5dcf526
fix(bonjour): default LAN discovery on macOS only · openclaw/openclaw@ee6052a
steipete · 2026-05-04 · via Recent Commits to openclaw:main

@@ -8,11 +8,12 @@ title: "Bonjour discovery"

8899

# Bonjour / mDNS discovery

101011-

OpenClaw uses Bonjour (mDNS / DNSSD) to discover an active Gateway (WebSocket endpoint).

11+

OpenClaw can use Bonjour (mDNS / DNS-SD) to discover an active Gateway (WebSocket endpoint).

1212

Multicast `local.` browsing is a **LAN-only convenience**. The bundled `bonjour`

13-

plugin owns LAN advertising and is enabled by default. For cross-network discovery,

14-

the same beacon can also be published through a configured wide-area DNS-SD domain.

15-

Discovery is still best-effort and does **not** replace SSH or Tailnet-based connectivity.

13+

plugin owns LAN advertising. It auto-starts on macOS hosts and is opt-in on

14+

Linux, Windows, and containerized Gateway deployments. For cross-network discovery, the same

15+

beacon can also be published through a configured wide-area DNS-SD domain. Discovery

16+

is still best-effort and does **not** replace SSH or Tailnet-based connectivity.

16171718

## Wide-area Bonjour (Unicast DNS-SD) over Tailscale

1819

@@ -81,8 +82,8 @@ For tailnet‑only setups:

8182

## What advertises

82838384

Only the Gateway advertises `_openclaw-gw._tcp`. LAN multicast advertising is

84-

provided by the bundled `bonjour` plugin; wide-area DNS-SD publishing remains

85-

Gateway-owned.

85+

provided by the bundled `bonjour` plugin when the plugin is enabled; wide-area

86+

DNS-SD publishing remains Gateway-owned.

86878788

## Service types

8889

@@ -159,13 +160,30 @@ To capture logs:

159160160161

The log includes browser state transitions and result‑set changes.

161162163+

## When to enable Bonjour

164+165+

Bonjour auto-starts for empty-config Gateway startup on macOS hosts because the

166+

local app and nearby iOS/Android nodes commonly rely on same-LAN discovery.

167+168+

Enable Bonjour explicitly when same-LAN auto-discovery is useful on Linux,

169+

Windows, or another non-macOS host:

170+171+

```bash

172+

openclaw plugins enable bonjour

173+

```

174+175+

When enabled, Bonjour uses `discovery.mdns.mode` to decide how much TXT metadata

176+

to publish. The default mode is `minimal`; use `full` only when local clients need

177+

`cliPath` or `sshPort` hints, and use `off` to suppress LAN multicast without

178+

changing plugin enablement.

179+162180

## When to disable Bonjour

163181164-

Disable Bonjour only when LAN multicast advertising is unavailable or harmful.

165-

The common case is a Gateway running behind Docker bridge networking, WSL, or a

166-

network policy that drops mDNS multicast. In those environments the Gateway is

167-

still reachable through its published URL, SSH, Tailnet, or wide-area DNS-SD,

168-

but LAN auto-discovery is not reliable.

182+

Leave Bonjour disabled when LAN multicast advertising is unnecessary, unavailable,

183+

or harmful. The common cases are non-macOS servers, Docker bridge networking,

184+

WSL, or a network policy that drops mDNS multicast. In those environments the

185+

Gateway is still reachable through its published URL, SSH, Tailnet, or wide-area

186+

DNS-SD, but LAN auto-discovery is not reliable.

169187170188

Prefer the existing environment override when the problem is deployment-scoped:

171189

@@ -177,8 +195,8 @@ That disables LAN multicast advertising without changing plugin configuration.

177195

It is safe for Docker images, service files, launch scripts, and one-off

178196

debugging because the setting disappears when the environment does.

179197180-

Use plugin configuration only when you intentionally want to turn off the

181-

bundled LAN discovery plugin for that OpenClaw config:

198+

Use plugin configuration when you intentionally want to turn off the bundled LAN

199+

discovery plugin for that OpenClaw config:

182200183201

```bash

184202

openclaw plugins disable bonjour

@@ -193,8 +211,8 @@ and the LAN, so advertising from the container rarely makes discovery work.

193211194212

Important gotchas:

195213196-

- Disabling Bonjour does not stop the Gateway. It only stops LAN multicast

197-

advertising.

214+

- Bonjour auto-starts on macOS hosts and is opt-in elsewhere. Leaving it

215+

disabled does not stop the Gateway; it only skips LAN multicast advertising.

198216

- Disabling Bonjour does not change `gateway.bind`; Docker still defaults to

199217

`OPENCLAW_GATEWAY_BIND=lan` so the published host port can work.

200218

- Disabling Bonjour does not disable wide-area DNS-SD. Use wide-area discovery

@@ -226,8 +244,8 @@ If a node no longer auto-discovers the Gateway after Docker setup:

226244

- Cross-network clients: Tailnet MagicDNS, Tailnet IP, SSH tunnel, or

227245

wide-area DNS-SD

228246229-

4. If you deliberately enabled Bonjour in Docker with

230-

`OPENCLAW_DISABLE_BONJOUR=0`, test multicast from the host:

247+

4. If you deliberately enabled the Bonjour plugin in Docker and forced advertising

248+

with `OPENCLAW_DISABLE_BONJOUR=0`, test multicast from the host:

231249232250

```bash

233251

dns-sd -B _openclaw-gw._tcp local.

@@ -261,13 +279,14 @@ sequences (e.g. spaces become `\032`).

261279

- This is normal at the protocol level.

262280

- UIs should decode for display (iOS uses `BonjourEscapes.decode`).

263281264-

## Disabling / configuration

282+

## Enabling / disabling / configuration

265283284+

- macOS hosts auto-start the bundled LAN discovery plugin by default.

285+

- `openclaw plugins enable bonjour` enables the bundled LAN discovery plugin on hosts where it is not default-enabled.

266286

- `openclaw plugins disable bonjour` disables LAN multicast advertising by disabling the bundled plugin.

267-

- `openclaw plugins enable bonjour` restores the default LAN discovery plugin.

268287

- `OPENCLAW_DISABLE_BONJOUR=1` disables LAN multicast advertising without changing plugin config; accepted truthy values are `1`, `true`, `yes`, and `on` (legacy: `OPENCLAW_DISABLE_BONJOUR`).

269288

- `OPENCLAW_DISABLE_BONJOUR=0` forces LAN multicast advertising on, including inside detected containers; accepted falsy values are `0`, `false`, `no`, and `off`.

270-

- When `OPENCLAW_DISABLE_BONJOUR` is unset, Bonjour advertises on normal hosts and auto-disables inside detected containers.

289+

- When the Bonjour plugin is enabled and `OPENCLAW_DISABLE_BONJOUR` is unset, Bonjour advertises on normal hosts and auto-disables inside detected containers.

271290

- `gateway.bind` in `~/.openclaw/openclaw.json` controls the Gateway bind mode.

272291

- `OPENCLAW_SSH_PORT` overrides the SSH port when `sshPort` is advertised (legacy: `OPENCLAW_SSH_PORT`).

273292

- `OPENCLAW_TAILNET_DNS` publishes a MagicDNS hint in TXT when mDNS full mode is enabled (legacy: `OPENCLAW_TAILNET_DNS`).