diff --git a/bin/mdns-netbsd4be/mdns-advertiser b/bin/mdns-netbsd4be/mdns-advertiser
index ec62a46..8987f16 100755
Binary files a/bin/mdns-netbsd4be/mdns-advertiser and b/bin/mdns-netbsd4be/mdns-advertiser differ
diff --git a/bin/mdns-netbsd4le/mdns-advertiser b/bin/mdns-netbsd4le/mdns-advertiser
index 59f02d0..57e0607 100755
Binary files a/bin/mdns-netbsd4le/mdns-advertiser and b/bin/mdns-netbsd4le/mdns-advertiser differ
diff --git a/bin/mdns/mdns-advertiser b/bin/mdns/mdns-advertiser
index 5d0e23f..6e55d1b 100755
Binary files a/bin/mdns/mdns-advertiser and b/bin/mdns/mdns-advertiser differ
diff --git a/bin/nbns-netbsd4be/nbns-advertiser b/bin/nbns-netbsd4be/nbns-advertiser
index e898e0a..826cf33 100755
Binary files a/bin/nbns-netbsd4be/nbns-advertiser and b/bin/nbns-netbsd4be/nbns-advertiser differ
diff --git a/bin/nbns-netbsd4le/nbns-advertiser b/bin/nbns-netbsd4le/nbns-advertiser
index c93bce2..7ccffe0 100755
Binary files a/bin/nbns-netbsd4le/nbns-advertiser and b/bin/nbns-netbsd4le/nbns-advertiser differ
diff --git a/bin/nbns/nbns-advertiser b/bin/nbns/nbns-advertiser
index d07b240..d615805 100755
Binary files a/bin/nbns/nbns-advertiser and b/bin/nbns/nbns-advertiser differ
diff --git a/build/auto-ip-common.inc b/build/auto-ip-common.inc
index d1ffd40..ddf8767 100644
--- a/build/auto-ip-common.inc
+++ b/build/auto-ip-common.inc
@@ -7,6 +7,18 @@
 #define TC_AUTO_IP_UNUSED
 #endif
 
+#if defined(__NetBSD__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
+#include <net/if_dl.h>
+#include <netinet6/in6_var.h>
+#endif
+
+#ifndef MAX_LINK_IPV4_ADDRS
+#define MAX_LINK_IPV4_ADDRS 8
+#endif
+#ifndef MAX_LINK_IPV6_ADDRS
+#define MAX_LINK_IPV6_ADDRS 8
+#endif
+
 struct iface_context {
     char name[IFNAMSIZ];
     uint32_t ipv4_addr;
@@ -17,6 +29,45 @@ struct iface_context {
 struct iface_context_set {
     struct iface_context contexts[MAX_IFACE_CONTEXTS];
     size_t count;
+    int truncated;
+};
+
+struct link_ipv4_addr {
+    uint32_t addr;
+    uint32_t netmask;
+};
+
+struct link_ipv6_addr {
+    struct in6_addr addr;
+    unsigned int scope_id;
+    int prefix_len;
+    int link_local;
+};
+
+struct link_context {
+    char name[IFNAMSIZ];
+    int flags;
+    unsigned int ifindex;
+    int mdns_ipv4_transport;
+    uint32_t mdns_ipv4_transport_addr;
+    int mdns_ipv6_transport;
+    struct link_ipv4_addr ipv4[MAX_LINK_IPV4_ADDRS];
+    size_t ipv4_count;
+    struct link_ipv6_addr ipv6[MAX_LINK_IPV6_ADDRS];
+    size_t ipv6_count;
+};
+
+struct link_context_set {
+    struct link_context links[MAX_IFACE_CONTEXTS];
+    size_t count;
+    int truncated;
+};
+
+struct ifconf_entry_view {
+    char name[IFNAMSIZ];
+    const struct sockaddr *addr;
+    size_t addr_len;
+    size_t step;
 };
 
 static int TC_AUTO_IP_UNUSED runtime_ipv4_is_usable(uint32_t ipv4_addr) {
@@ -39,6 +90,22 @@ static int TC_AUTO_IP_UNUSED runtime_ipv4_is_usable(uint32_t ipv4_addr) {
     return 1;
 }
 
+static int TC_AUTO_IP_UNUSED runtime_ipv4_is_bindable(uint32_t ipv4_addr) {
+    uint32_t host_order = ntohl(ipv4_addr);
+    unsigned int first_octet = (unsigned int)((host_order >> 24) & 0xff);
+
+    if (ipv4_addr == 0 || host_order == 0xffffffffU) {
+        return 0;
+    }
+    if (first_octet == 0 || first_octet == 127) {
+        return 0;
+    }
+    if (first_octet >= 224) {
+        return 0;
+    }
+    return 1;
+}
+
 static int TC_AUTO_IP_UNUSED iface_flags_are_usable(int flags, int require_running) {
     if ((flags & IFF_UP) == 0) {
         return 0;
@@ -62,8 +129,26 @@ static int TC_AUTO_IP_UNUSED ifreq_table_uses_fixed_entries(size_t ifc_len) {
     return sizeof(struct ifreq) > 64 && ifc_len > 0 && (ifc_len % sizeof(struct ifreq)) == 0;
 }
 
-static size_t TC_AUTO_IP_UNUSED ifreq_entry_size(const struct ifreq *ifr, size_t remaining, int fixed_entries) {
+static size_t TC_AUTO_IP_UNUSED ifreq_sockaddr_len(const struct ifreq *ifr, size_t remaining) {
     size_t sockaddr_len = sizeof(struct sockaddr);
+
+    (void)ifr;
+    if (remaining < IFNAMSIZ + sizeof(struct sockaddr)) {
+        return 0;
+    }
+#if defined(__NetBSD__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
+    if (ifr->ifr_addr.sa_len > sockaddr_len) {
+        sockaddr_len = ifr->ifr_addr.sa_len;
+    }
+#endif
+    if (sockaddr_len > remaining - IFNAMSIZ) {
+        return 0;
+    }
+    return sockaddr_len;
+}
+
+static size_t TC_AUTO_IP_UNUSED ifreq_entry_size(const struct ifreq *ifr, size_t remaining, int fixed_entries) {
+    size_t sockaddr_len;
     size_t step;
     size_t align;
 
@@ -74,14 +159,10 @@ static size_t TC_AUTO_IP_UNUSED ifreq_entry_size(const struct ifreq *ifr, size_t
         return sizeof(*ifr);
     }
 
-    if (remaining < IFNAMSIZ + sizeof(struct sockaddr)) {
+    sockaddr_len = ifreq_sockaddr_len(ifr, remaining);
+    if (sockaddr_len == 0) {
         return 0;
     }
-#if defined(__NetBSD__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
-    if (ifr->ifr_addr.sa_len > sockaddr_len) {
-        sockaddr_len = ifr->ifr_addr.sa_len;
-    }
-#endif
 
     step = IFNAMSIZ + sockaddr_len;
     align = sizeof(long);
@@ -110,6 +191,35 @@ static int TC_AUTO_IP_UNUSED copy_ifreq_entry(struct ifreq *out, const char *cur
     return 0;
 }
 
+static int TC_AUTO_IP_UNUSED ifconf_entry_view_from_cursor(struct ifconf_entry_view *out,
+                                                           const char *cursor,
+                                                           size_t remaining,
+                                                           int fixed_entries) {
+    struct ifreq ifr;
+    size_t addr_len;
+    size_t step;
+
+    if (copy_ifreq_entry(&ifr, cursor, remaining) != 0) {
+        return -1;
+    }
+    step = ifreq_entry_size(&ifr, remaining, fixed_entries);
+    if (step == 0) {
+        return -1;
+    }
+    addr_len = ifreq_sockaddr_len(&ifr, remaining);
+    if (addr_len == 0) {
+        return -1;
+    }
+
+    memset(out, 0, sizeof(*out));
+    memcpy(out->name, ifr.ifr_name, IFNAMSIZ);
+    out->name[IFNAMSIZ - 1] = '\0';
+    out->addr = (const struct sockaddr *)(const void *)(cursor + IFNAMSIZ);
+    out->addr_len = addr_len;
+    out->step = step;
+    return 0;
+}
+
 static int TC_AUTO_IP_UNUSED netmask_prefix_length(uint32_t netmask) {
     uint32_t mask = ntohl(netmask);
     int prefix = 0;
@@ -183,6 +293,148 @@ static int TC_AUTO_IP_UNUSED ipv4_is_rfc1918(uint32_t ipv4_addr) {
     return 0;
 }
 
+static int TC_AUTO_IP_UNUSED ipv4_is_link_local(uint32_t ipv4_addr) {
+    uint32_t host_order = ntohl(ipv4_addr);
+    return ((host_order >> 24) & 0xff) == 169 && ((host_order >> 16) & 0xff) == 254;
+}
+
+static uint32_t TC_AUTO_IP_UNUSED ipv4_link_local_netmask(void) {
+    return htonl(0xffff0000U);
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_is_unspecified_addr(const struct in6_addr *addr) {
+    static const unsigned char zero[16] = {0};
+    return memcmp(addr->s6_addr, zero, sizeof(zero)) == 0;
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_is_loopback_addr(const struct in6_addr *addr) {
+    static const unsigned char loopback[16] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1};
+    return memcmp(addr->s6_addr, loopback, sizeof(loopback)) == 0;
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_is_multicast_addr(const struct in6_addr *addr) {
+    return addr->s6_addr[0] == 0xff;
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_is_link_local_addr(const struct in6_addr *addr) {
+    return addr->s6_addr[0] == 0xfe && (addr->s6_addr[1] & 0xc0) == 0x80;
+}
+
+static int TC_AUTO_IP_UNUSED runtime_ipv6_is_usable(const struct in6_addr *addr) {
+    return !ipv6_is_unspecified_addr(addr) &&
+           !ipv6_is_loopback_addr(addr) &&
+           !ipv6_is_multicast_addr(addr);
+}
+
+static int TC_AUTO_IP_UNUSED runtime_ipv6_is_bindable(const struct in6_addr *addr) {
+    return runtime_ipv6_is_usable(addr) && !ipv6_is_link_local_addr(addr);
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_prefix_length_from_mask(const struct in6_addr *mask) {
+    int prefix = 0;
+    int saw_zero = 0;
+    size_t i;
+
+    for (i = 0; i < sizeof(mask->s6_addr); i++) {
+        unsigned char byte = mask->s6_addr[i];
+        int bit;
+        for (bit = 7; bit >= 0; bit--) {
+            if ((byte & (1U << bit)) != 0) {
+                if (saw_zero) {
+                    return -1;
+                }
+                prefix++;
+            } else {
+                saw_zero = 1;
+            }
+        }
+    }
+    return prefix == 0 ? -1 : prefix;
+}
+
+static int TC_AUTO_IP_UNUSED ipv6_prefix_matches(const struct in6_addr *a,
+                                                 const struct in6_addr *b,
+                                                 int prefix_len) {
+    int full_bytes;
+    int remaining_bits;
+    unsigned char mask;
+
+    if (prefix_len < 0) {
+        return 0;
+    }
+    if (prefix_len == 0) {
+        return 1;
+    }
+    if (prefix_len > 128) {
+        prefix_len = 128;
+    }
+    full_bytes = prefix_len / 8;
+    remaining_bits = prefix_len % 8;
+    if (full_bytes > 0 && memcmp(a->s6_addr, b->s6_addr, (size_t)full_bytes) != 0) {
+        return 0;
+    }
+    if (remaining_bits == 0) {
+        return 1;
+    }
+    mask = (unsigned char)(0xffU << (8 - remaining_bits));
+    return (a->s6_addr[full_bytes] & mask) == (b->s6_addr[full_bytes] & mask);
+}
+
+static int TC_AUTO_IP_UNUSED get_iface_flags(int sockfd, const char *name, int *flags_out) {
+    struct ifreq flags_req;
+
+    memset(&flags_req, 0, sizeof(flags_req));
+    strncpy(flags_req.ifr_name, name, sizeof(flags_req.ifr_name) - 1);
+    if (ioctl(sockfd, SIOCGIFFLAGS, &flags_req) != 0) {
+        return -1;
+    }
+    *flags_out = flags_req.ifr_flags;
+    return 0;
+}
+
+static uint32_t TC_AUTO_IP_UNUSED get_ipv4_netmask(int sockfd, const char *name, uint32_t ipv4_addr) {
+    struct ifreq mask_req;
+
+    if (ipv4_is_link_local(ipv4_addr)) {
+        return ipv4_link_local_netmask();
+    }
+
+    memset(&mask_req, 0, sizeof(mask_req));
+    strncpy(mask_req.ifr_name, name, sizeof(mask_req.ifr_name) - 1);
+    if (ioctl(sockfd, SIOCGIFNETMASK, &mask_req) == 0) {
+        struct sockaddr_in netmask_addr;
+        memset(&netmask_addr, 0, sizeof(netmask_addr));
+        memcpy(&netmask_addr, &mask_req.ifr_addr, sizeof(netmask_addr));
+        if (netmask_addr.sin_family == AF_INET) {
+            return netmask_addr.sin_addr.s_addr;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED get_ipv6_prefix_len(int sockfd6, const char *name, const struct sockaddr_in6 *sin6) {
+#if defined(SIOCGIFNETMASK_IN6)
+    struct in6_ifreq mask_req;
+
+    if (sockfd6 < 0) {
+        return -1;
+    }
+
+    memset(&mask_req, 0, sizeof(mask_req));
+    strncpy(mask_req.ifr_name, name, sizeof(mask_req.ifr_name) - 1);
+    mask_req.ifr_ifru.ifru_addr = *sin6;
+    if (ioctl(sockfd6, SIOCGIFNETMASK_IN6, &mask_req) == 0 &&
+        mask_req.ifr_ifru.ifru_addr.sin6_family == AF_INET6) {
+        return ipv6_prefix_length_from_mask(&mask_req.ifr_ifru.ifru_addr.sin6_addr);
+    }
+#else
+    (void)sockfd6;
+    (void)name;
+    (void)sin6;
+#endif
+    return -1;
+}
+
 static int TC_AUTO_IP_UNUSED iface_context_priority_score(const struct iface_context *ctx) {
     int score = 0;
     int prefix = netmask_prefix_length(ctx->netmask);
@@ -271,6 +523,7 @@ static int TC_AUTO_IP_UNUSED append_iface_context(struct iface_context_set *out,
         }
     }
     if (out->count >= MAX_IFACE_CONTEXTS) {
+        out->truncated = 1;
         return 0;
     }
 
@@ -312,44 +565,27 @@ static int TC_AUTO_IP_UNUSED collect_iface_contexts_with_policy(struct iface_con
     end = cursor + ifc.ifc_len;
     fixed_entries = ifreq_table_uses_fixed_entries((size_t)ifc.ifc_len);
     while (cursor < end) {
-        struct ifreq ifr_entry;
-        struct ifreq flags_req;
-        struct ifreq mask_req;
+        struct ifconf_entry_view entry;
         struct sockaddr_in sin;
         int flags;
-        uint32_t netmask = 0;
         size_t remaining = (size_t)(end - cursor);
-        size_t step;
 
-        if (copy_ifreq_entry(&ifr_entry, cursor, remaining) != 0) {
-            break;
-        }
-        step = ifreq_entry_size(&ifr_entry, remaining, fixed_entries);
-        if (step == 0) {
+        if (ifconf_entry_view_from_cursor(&entry, cursor, remaining, fixed_entries) != 0) {
             break;
         }
 
-        if (ifr_entry.ifr_addr.sa_family == AF_INET) {
-            memset(&flags_req, 0, sizeof(flags_req));
-            strncpy(flags_req.ifr_name, ifr_entry.ifr_name, sizeof(flags_req.ifr_name) - 1);
-            if (ioctl(sockfd, SIOCGIFFLAGS, &flags_req) == 0) {
-                flags = flags_req.ifr_flags;
-                if (iface_flags_are_usable(flags, require_running)) {
-                    memset(&mask_req, 0, sizeof(mask_req));
-                    strncpy(mask_req.ifr_name, ifr_entry.ifr_name, sizeof(mask_req.ifr_name) - 1);
-                    if (ioctl(sockfd, SIOCGIFNETMASK, &mask_req) == 0) {
-                        struct sockaddr_in netmask_addr;
-                        memset(&netmask_addr, 0, sizeof(netmask_addr));
-                        memcpy(&netmask_addr, &mask_req.ifr_addr, sizeof(netmask_addr));
-                        netmask = netmask_addr.sin_addr.s_addr;
-                    }
-                    memset(&sin, 0, sizeof(sin));
-                    memcpy(&sin, &ifr_entry.ifr_addr, sizeof(sin));
-                    append_iface_context(out, ifr_entry.ifr_name, sin.sin_addr.s_addr, netmask, flags);
-                }
-            }
+        if (entry.addr->sa_family == AF_INET && entry.addr_len >= sizeof(sin) &&
+            get_iface_flags(sockfd, entry.name, &flags) == 0 &&
+            iface_flags_are_usable(flags, require_running)) {
+            memset(&sin, 0, sizeof(sin));
+            memcpy(&sin, entry.addr, sizeof(sin));
+            append_iface_context(out,
+                                 entry.name,
+                                 sin.sin_addr.s_addr,
+                                 get_ipv4_netmask(sockfd, entry.name, sin.sin_addr.s_addr),
+                                 flags);
         }
-        cursor += step;
+        cursor += entry.step;
     }
 
     close(sockfd);
@@ -430,6 +666,409 @@ static int TC_AUTO_IP_UNUSED iface_context_cidr(char *out, size_t out_len, const
     return 0;
 }
 
+static int TC_AUTO_IP_UNUSED link_context_priority_score(const struct link_context *ctx) {
+    int score = 0;
+
+    if (ctx->ipv4_count > 0) {
+        if (ipv4_is_rfc1918(ctx->ipv4[0].addr)) {
+            score -= 4000;
+        }
+        if (ipv4_is_link_local(ctx->ipv4[0].addr)) {
+            score += 200;
+        }
+    } else {
+        score += 1000;
+    }
+    if (iface_name_is_strong_lan(ctx->name)) {
+        score -= 3000;
+    } else if (iface_name_is_likely_lan(ctx->name)) {
+        score -= 2500;
+    }
+    if (iface_name_is_likely_wan_or_tunnel(ctx->name)) {
+        score += 5000;
+    }
+    if ((ctx->flags & IFF_RUNNING) == 0) {
+        score += 500;
+    }
+    return score;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_compare(const struct link_context *a, const struct link_context *b) {
+    int a_score = link_context_priority_score(a);
+    int b_score = link_context_priority_score(b);
+    int name_cmp;
+
+    if (a_score != b_score) {
+        return a_score < b_score ? -1 : 1;
+    }
+    name_cmp = strcmp(a->name, b->name);
+    if (name_cmp != 0) {
+        return name_cmp;
+    }
+    if (a->ipv4_count > 0 && b->ipv4_count > 0 && a->ipv4[0].addr != b->ipv4[0].addr) {
+        return ntohl(a->ipv4[0].addr) < ntohl(b->ipv4[0].addr) ? -1 : 1;
+    }
+    return 0;
+}
+
+static void TC_AUTO_IP_UNUSED sort_link_contexts(struct link_context_set *set) {
+    size_t i;
+
+    for (i = 1; i < set->count; i++) {
+        struct link_context current = set->links[i];
+        size_t j = i;
+        while (j > 0 && link_context_compare(&current, &set->links[j - 1]) < 0) {
+            set->links[j] = set->links[j - 1];
+            j--;
+        }
+        set->links[j] = current;
+    }
+}
+
+static struct link_context TC_AUTO_IP_UNUSED *find_or_add_link_context(struct link_context_set *out,
+                                                                      const char *name,
+                                                                      int flags) {
+    size_t i;
+    struct link_context *ctx;
+
+    for (i = 0; i < out->count; i++) {
+        if (strcmp(out->links[i].name, name) == 0) {
+            if (out->links[i].flags == 0) {
+                out->links[i].flags = flags;
+            }
+            return &out->links[i];
+        }
+    }
+    if (out->count >= MAX_IFACE_CONTEXTS) {
+        out->truncated = 1;
+        return NULL;
+    }
+    ctx = &out->links[out->count++];
+    memset(ctx, 0, sizeof(*ctx));
+    strncpy(ctx->name, name, sizeof(ctx->name) - 1);
+    ctx->flags = flags;
+    return ctx;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_ipv4(const struct link_context *ctx, uint32_t addr) {
+    size_t i;
+
+    for (i = 0; i < ctx->ipv4_count; i++) {
+        if (ctx->ipv4[i].addr == addr) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_ipv6(const struct link_context *ctx, const struct in6_addr *addr) {
+    size_t i;
+
+    for (i = 0; i < ctx->ipv6_count; i++) {
+        if (memcmp(&ctx->ipv6[i].addr, addr, sizeof(*addr)) == 0) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED append_link_ipv4(struct link_context_set *out,
+                                             const char *name,
+                                             uint32_t ipv4_addr,
+                                             uint32_t netmask,
+                                             int flags) {
+    struct link_context *ctx;
+    size_t pos;
+
+    if (!runtime_ipv4_is_bindable(ipv4_addr)) {
+        return 0;
+    }
+    ctx = find_or_add_link_context(out, name, flags);
+    if (ctx == NULL || link_context_has_ipv4(ctx, ipv4_addr)) {
+        return 0;
+    }
+    if (ctx->ipv4_count >= MAX_LINK_IPV4_ADDRS) {
+        out->truncated = 1;
+        return 0;
+    }
+    pos = ctx->ipv4_count++;
+    ctx->ipv4[pos].addr = ipv4_addr;
+    ctx->ipv4[pos].netmask = netmask;
+    ctx->mdns_ipv4_transport = 1;
+    if (ctx->ipv4_count == 1) {
+        ctx->flags = flags;
+    }
+    return 1;
+}
+
+static int TC_AUTO_IP_UNUSED append_link_ipv6_with_transport(struct link_context_set *out,
+                                                            const char *name,
+                                                            const struct in6_addr *addr,
+                                                            int prefix_len,
+                                                            unsigned int scope_id,
+                                                            int flags,
+                                                            int mdns_ipv6_transport) {
+    struct link_context *ctx;
+    size_t pos;
+
+    if (!runtime_ipv6_is_usable(addr)) {
+        return 0;
+    }
+    ctx = find_or_add_link_context(out, name, flags);
+    if (ctx == NULL || link_context_has_ipv6(ctx, addr)) {
+        return 0;
+    }
+    if (ctx->ipv6_count >= MAX_LINK_IPV6_ADDRS) {
+        out->truncated = 1;
+        return 0;
+    }
+    if (ctx->ifindex == 0 && scope_id != 0) {
+        ctx->ifindex = scope_id;
+    }
+    if (mdns_ipv6_transport) {
+        ctx->mdns_ipv6_transport = 1;
+    }
+    pos = ctx->ipv6_count++;
+    ctx->ipv6[pos].addr = *addr;
+    ctx->ipv6[pos].scope_id = scope_id;
+    ctx->ipv6[pos].prefix_len = prefix_len >= 0 && prefix_len <= 128 ? prefix_len : -1;
+    ctx->ipv6[pos].link_local = ipv6_is_link_local_addr(addr);
+    return 1;
+}
+
+static int TC_AUTO_IP_UNUSED append_link_ipv6(struct link_context_set *out,
+                                             const char *name,
+                                             const struct in6_addr *addr,
+                                             int prefix_len,
+                                             unsigned int scope_id,
+                                             int flags) {
+    return append_link_ipv6_with_transport(out, name, addr, prefix_len, scope_id, flags, 1);
+}
+
+static int TC_AUTO_IP_UNUSED link_ipv6_addr_is_samba_bindable(const struct link_ipv6_addr *addr) {
+    return addr->prefix_len >= 0 && runtime_ipv6_is_bindable(&addr->addr);
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_samba_address(const struct link_context *ctx) {
+    size_t i;
+
+    if (ctx->ipv4_count > 0) {
+        return 1;
+    }
+    for (i = 0; i < ctx->ipv6_count; i++) {
+        if (link_ipv6_addr_is_samba_bindable(&ctx->ipv6[i])) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_advertisable_ipv4(const struct link_context *ctx) {
+    return ctx->ipv4_count > 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_advertisable_ipv6(const struct link_context *ctx) {
+    size_t i;
+
+    for (i = 0; i < ctx->ipv6_count; i++) {
+        if (link_ipv6_addr_is_samba_bindable(&ctx->ipv6[i])) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_advertisable_address(const struct link_context *ctx) {
+    return link_context_has_advertisable_ipv4(ctx) ||
+           link_context_has_advertisable_ipv6(ctx);
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_mdns_ipv4_transport(const struct link_context *ctx) {
+    return ctx->mdns_ipv4_transport && ctx->ipv4_count > 0;
+}
+
+static void TC_AUTO_IP_UNUSED disable_link_contexts_mdns_ipv4_transport(struct link_context_set *set) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        set->links[i].mdns_ipv4_transport = 0;
+        set->links[i].mdns_ipv4_transport_addr = 0;
+    }
+}
+
+static int TC_AUTO_IP_UNUSED link_context_has_mdns_ipv6_transport(const struct link_context *ctx) {
+    return ctx->mdns_ipv6_transport && ctx->ifindex != 0 && ctx->ipv6_count > 0;
+}
+
+static void TC_AUTO_IP_UNUSED disable_link_contexts_mdns_ipv6_transport(struct link_context_set *set) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        set->links[i].mdns_ipv6_transport = 0;
+    }
+}
+
+static int TC_AUTO_IP_UNUSED link_context_is_advertise_eligible(const struct link_context *ctx) {
+    return link_context_has_advertisable_address(ctx);
+}
+
+static void TC_AUTO_IP_UNUSED filter_advertise_link_contexts(struct link_context_set *out,
+                                                             const struct link_context_set *in) {
+    size_t i;
+
+    memset(out, 0, sizeof(*out));
+    for (i = 0; i < in->count; i++) {
+        if (!link_context_is_advertise_eligible(&in->links[i])) {
+            continue;
+        }
+        if (out->count >= MAX_IFACE_CONTEXTS) {
+            out->truncated = 1;
+            break;
+        }
+        out->links[out->count++] = in->links[i];
+    }
+    sort_link_contexts(out);
+}
+
+static int TC_AUTO_IP_UNUSED link_context_identity_equal(const struct link_context *a,
+                                                        const struct link_context *b) {
+    size_t i;
+
+    if (strcmp(a->name, b->name) != 0 ||
+        a->flags != b->flags ||
+        a->ifindex != b->ifindex ||
+        a->mdns_ipv4_transport != b->mdns_ipv4_transport ||
+        a->mdns_ipv6_transport != b->mdns_ipv6_transport ||
+        a->ipv4_count != b->ipv4_count ||
+        a->ipv6_count != b->ipv6_count) {
+        return 0;
+    }
+    for (i = 0; i < a->ipv4_count; i++) {
+        if (a->ipv4[i].addr != b->ipv4[i].addr ||
+            a->ipv4[i].netmask != b->ipv4[i].netmask) {
+            return 0;
+        }
+    }
+    for (i = 0; i < a->ipv6_count; i++) {
+        if (memcmp(&a->ipv6[i].addr, &b->ipv6[i].addr, sizeof(a->ipv6[i].addr)) != 0 ||
+            a->ipv6[i].scope_id != b->ipv6[i].scope_id ||
+            a->ipv6[i].prefix_len != b->ipv6[i].prefix_len ||
+            a->ipv6[i].link_local != b->ipv6[i].link_local) {
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_set_contains(const struct link_context_set *set,
+                                                      const struct link_context *ctx) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        if (link_context_identity_equal(&set->links[i], ctx)) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_sets_equal(const struct link_context_set *a,
+                                                    const struct link_context_set *b) {
+    size_t i;
+
+    if (a->count != b->count) {
+        return 0;
+    }
+    for (i = 0; i < a->count; i++) {
+        if (!link_context_set_contains(b, &a->links[i])) {
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_ipv4_cidr(char *out,
+                                                   size_t out_len,
+                                                   const struct link_ipv4_addr *addr) {
+    char ip_buf[INET_ADDRSTRLEN];
+    int written;
+
+    written = snprintf(out,
+                       out_len,
+                       "%s/%d",
+                       ipv4_to_string(addr->addr, ip_buf, sizeof(ip_buf)),
+                       netmask_prefix_length(addr->netmask));
+    if (written < 0 || (size_t)written >= out_len) {
+        return -1;
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED link_context_ipv6_cidr(char *out,
+                                                   size_t out_len,
+                                                   const struct link_ipv6_addr *addr) {
+    char ip_buf[INET6_ADDRSTRLEN];
+    int written;
+
+    if (inet_ntop(AF_INET6, &addr->addr, ip_buf, sizeof(ip_buf)) == NULL) {
+        return -1;
+    }
+    if (addr->prefix_len < 0 || addr->prefix_len > 128) {
+        return -1;
+    }
+    written = snprintf(out, out_len, "%s/%d", ip_buf, addr->prefix_len);
+    if (written < 0 || (size_t)written >= out_len) {
+        return -1;
+    }
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED print_smb_link_bind_tokens(FILE *stream, const struct link_context_set *set) {
+    int wrote = 0;
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        size_t j;
+        const struct link_context *ctx = &set->links[i];
+        for (j = 0; j < ctx->ipv4_count; j++) {
+            char cidr[INET_ADDRSTRLEN + 4];
+            if (link_context_ipv4_cidr(cidr, sizeof(cidr), &ctx->ipv4[j]) != 0) {
+                return -1;
+            }
+            if (wrote && fputc(' ', stream) == EOF) {
+                return -1;
+            }
+            if (fputs(cidr, stream) == EOF) {
+                return -1;
+            }
+            wrote = 1;
+        }
+        for (j = 0; j < ctx->ipv6_count; j++) {
+            char cidr[INET6_ADDRSTRLEN + 5];
+            if (!link_ipv6_addr_is_samba_bindable(&ctx->ipv6[j])) {
+                continue;
+            }
+            if (link_context_ipv6_cidr(cidr, sizeof(cidr), &ctx->ipv6[j]) != 0) {
+                return -1;
+            }
+            if (wrote && fputc(' ', stream) == EOF) {
+                return -1;
+            }
+            if (fputs(cidr, stream) == EOF) {
+                return -1;
+            }
+            wrote = 1;
+        }
+    }
+    if (!wrote) {
+        return -1;
+    }
+    if (fputc('\n', stream) == EOF) {
+        return -1;
+    }
+    return 0;
+}
+
 static int TC_AUTO_IP_UNUSED print_iface_context_cidrs(FILE *stream, const struct iface_context_set *set) {
     size_t i;
 
@@ -454,6 +1093,178 @@ static int TC_AUTO_IP_UNUSED print_iface_context_cidrs(FILE *stream, const struc
     return 0;
 }
 
+static int TC_AUTO_IP_UNUSED collect_link_contexts_with_policy(struct link_context_set *out, int require_running) {
+    int sockfd = -1;
+    int sockfd6 = -1;
+    char buffer[8192];
+    struct ifconf ifc;
+    char *cursor;
+    char *end;
+    int fixed_entries;
+
+    memset(out, 0, sizeof(*out));
+
+    sockfd = socket(AF_INET, SOCK_DGRAM, 0);
+    if (sockfd < 0) {
+        perror("socket interface enumeration");
+        return -1;
+    }
+    sockfd6 = socket(AF_INET6, SOCK_DGRAM, 0);
+
+    memset(&ifc, 0, sizeof(ifc));
+    ifc.ifc_len = sizeof(buffer);
+    ifc.ifc_buf = buffer;
+    if (ioctl(sockfd, SIOCGIFCONF, &ifc) < 0) {
+        perror("ioctl(SIOCGIFCONF)");
+        if (sockfd6 >= 0) {
+            close(sockfd6);
+        }
+        close(sockfd);
+        return -1;
+    }
+
+    cursor = ifc.ifc_buf;
+    end = cursor + ifc.ifc_len;
+    fixed_entries = ifreq_table_uses_fixed_entries((size_t)ifc.ifc_len);
+    while (cursor < end) {
+        struct ifconf_entry_view entry;
+        int flags = 0;
+        size_t remaining = (size_t)(end - cursor);
+
+        if (ifconf_entry_view_from_cursor(&entry, cursor, remaining, fixed_entries) != 0) {
+            break;
+        }
+
+        if (get_iface_flags(sockfd, entry.name, &flags) != 0) {
+            cursor += entry.step;
+            continue;
+        }
+        if (!iface_flags_are_usable(flags, require_running)) {
+            cursor += entry.step;
+            continue;
+        }
+
+        if (entry.addr->sa_family == AF_INET && entry.addr_len >= sizeof(struct sockaddr_in)) {
+            struct sockaddr_in sin;
+            memset(&sin, 0, sizeof(sin));
+            memcpy(&sin, entry.addr, sizeof(sin));
+            append_link_ipv4(out,
+                             entry.name,
+                             sin.sin_addr.s_addr,
+                             get_ipv4_netmask(sockfd, entry.name, sin.sin_addr.s_addr),
+                             flags);
+        } else if (entry.addr->sa_family == AF_INET6 && entry.addr_len >= sizeof(struct sockaddr_in6)) {
+            struct sockaddr_in6 sin6;
+            int prefix_len;
+
+            memset(&sin6, 0, sizeof(sin6));
+            memcpy(&sin6, entry.addr, sizeof(sin6));
+            prefix_len = get_ipv6_prefix_len(sockfd6, entry.name, &sin6);
+            append_link_ipv6_with_transport(out,
+                                            entry.name,
+                                            &sin6.sin6_addr,
+                                            prefix_len,
+                                            (unsigned int)sin6.sin6_scope_id,
+                                            flags,
+                                            sockfd6 >= 0);
+#if defined(AF_LINK) && (defined(__NetBSD__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__))
+        } else if (entry.addr->sa_family == AF_LINK && entry.addr_len >= sizeof(struct sockaddr_dl)) {
+            const struct sockaddr_dl *sdl = (const struct sockaddr_dl *)entry.addr;
+            struct link_context *ctx = find_or_add_link_context(out, entry.name, flags);
+            if (ctx != NULL && ctx->ifindex == 0) {
+                ctx->ifindex = (unsigned int)sdl->sdl_index;
+            }
+#endif
+        }
+        cursor += entry.step;
+    }
+
+    if (sockfd6 >= 0) {
+        close(sockfd6);
+    }
+    close(sockfd);
+    {
+        size_t i;
+        size_t write_i = 0;
+        for (i = 0; i < out->count; i++) {
+            if (out->links[i].ipv4_count == 0 && out->links[i].ipv6_count == 0) {
+                continue;
+            }
+            if (out->links[i].ifindex == 0) {
+                out->links[i].ifindex = if_nametoindex(out->links[i].name);
+            }
+            if (write_i != i) {
+                out->links[write_i] = out->links[i];
+            }
+            write_i++;
+        }
+        out->count = write_i;
+    }
+    sort_link_contexts(out);
+    return 0;
+}
+
+static int TC_AUTO_IP_UNUSED collect_usable_link_contexts(struct link_context_set *out) {
+    if (collect_link_contexts_with_policy(out, 1) != 0) {
+        return -1;
+    }
+    if (out->count > 0) {
+        return 0;
+    }
+    if (collect_link_contexts_with_policy(out, 0) != 0) {
+        return -1;
+    }
+    if (out->count > 0) {
+        fprintf(stderr, "auto-ip: no IFF_RUNNING usable address links found; using IFF_UP fallback links\n");
+    }
+    return 0;
+}
+
+static void TC_AUTO_IP_UNUSED log_link_contexts(const char *prefix, const struct link_context_set *set) {
+    size_t i;
+
+    fprintf(stderr, "%s: links=%lu\n", prefix, (unsigned long)set->count);
+    for (i = 0; i < set->count; i++) {
+        size_t j;
+        char transport_ip_buf[INET_ADDRSTRLEN];
+        const struct link_context *ctx = &set->links[i];
+        fprintf(stderr, "%s: link[%lu] iface=%s flags=0x%x ifindex=%u mdns_ipv4=%d mdns_ipv4_addr=%s mdns_ipv6=%d score=%d ipv4=%lu ipv6=%lu\n",
+                prefix,
+                (unsigned long)i,
+                ctx->name,
+                (unsigned int)ctx->flags,
+                ctx->ifindex,
+                ctx->mdns_ipv4_transport,
+                ctx->mdns_ipv4_transport_addr != 0 ? ipv4_to_string(ctx->mdns_ipv4_transport_addr, transport_ip_buf, sizeof(transport_ip_buf)) : "(auto)",
+                ctx->mdns_ipv6_transport,
+                link_context_priority_score(ctx),
+                (unsigned long)ctx->ipv4_count,
+                (unsigned long)ctx->ipv6_count);
+        for (j = 0; j < ctx->ipv4_count; j++) {
+            char ip_buf[INET_ADDRSTRLEN];
+            char mask_buf[INET_ADDRSTRLEN];
+            fprintf(stderr, "%s: link[%lu].ipv4[%lu]=%s netmask=%s\n",
+                    prefix,
+                    (unsigned long)i,
+                    (unsigned long)j,
+                    ipv4_to_string(ctx->ipv4[j].addr, ip_buf, sizeof(ip_buf)),
+                    ipv4_to_string(ctx->ipv4[j].netmask, mask_buf, sizeof(mask_buf)));
+        }
+        for (j = 0; j < ctx->ipv6_count; j++) {
+            char ip_buf[INET6_ADDRSTRLEN];
+            const char *printed = inet_ntop(AF_INET6, &ctx->ipv6[j].addr, ip_buf, sizeof(ip_buf));
+            fprintf(stderr, "%s: link[%lu].ipv6[%lu]=%s/%d scope=%u link_local=%d\n",
+                    prefix,
+                    (unsigned long)i,
+                    (unsigned long)j,
+                    printed != NULL ? printed : "invalid",
+                    ctx->ipv6[j].prefix_len,
+                    ctx->ipv6[j].scope_id,
+                    ctx->ipv6[j].link_local);
+        }
+    }
+}
+
 static void TC_AUTO_IP_UNUSED log_iface_contexts(const char *prefix, const struct iface_context_set *set) {
     size_t i;
 
diff --git a/build/mdns-advertiser.c b/build/mdns-advertiser.c
index d430989..6c3e327 100644
--- a/build/mdns-advertiser.c
+++ b/build/mdns-advertiser.c
@@ -27,11 +27,12 @@
 #define MDNS_PORT 5353
 #endif
 #define MDNS_GROUP "224.0.0.251"
+#define MDNS_GROUP_V6 "ff02::fb"
 #define BUF_SIZE 1500
 #define MAX_NAME 256
 #define MAX_LABEL 63
 #define MAX_TXT_STRING 255
-#define ANNOUNCE_INTERVAL 30
+#define STARTUP_BURST_COUNT 4
 #define MODEL_TXT_PREFIX "model="
 #define ADISK_DEFAULT_DISK_KEY "dk0"
 #define ADISK_SYS_ADVF "0x1010"
@@ -59,12 +60,12 @@
 #define SNAPSHOT_CAPTURE_STEP_SECONDS 5
 #endif
 #define TAKEOVER_RETRY_COUNT 6
-#define STARTUP_BURST_COUNT 7
 #define MAX_IFACE_CONTEXTS 16
 #define AUTO_IP_STABILIZE_SECONDS 3
 #define AUTO_IP_STARTUP_POLL_SECONDS 2
 #define AUTO_IP_STABLE_POLL_SECONDS 30
 #define ADVERTISER_VERSION_CODE 2104
+#define DNS_SD_SERVICE_ENUMERATION_NAME "_services._dns-sd._udp.local."
 
 #define DNS_TYPE_A 1
 #define DNS_TYPE_PTR 12
@@ -73,15 +74,38 @@
 #define DNS_TYPE_SRV 33
 #define DNS_TYPE_ANY 255
 #define DNS_CLASS_IN 1
+#define DNS_CLASS_ANY 255
 #define DNS_CLASS_CACHE_FLUSH 0x8000
+#define DNS_CLASS_QU 0x8000
 #define DNS_CLASS_IN_UNIQUE (DNS_CLASS_IN | DNS_CLASS_CACHE_FLUSH)
 #define MDNS_REPLY_UNICAST 1
 #define MDNS_REPLY_MULTICAST 2
+#define MDNS_REPLY_LEGACY_UNICAST 4
 #define DNS_FLAG_QR 0x8000
+#define DNS_FLAG_TC 0x0200
 #define DNS_FLAG_AA 0x0400
+#define LEGACY_UNICAST_TTL_MAX 10
+#define TC_KNOWN_ANSWER_DEFER_MS 450
+#define MDNS_MULTICAST_RESPONSE_DELAY_MIN_MS 20
+#define MDNS_MULTICAST_RESPONSE_DELAY_MAX_MS 120
+#define PLANNED_RR_MAX 192
+#define PLANNED_RDATA_MAX 1024
+
+#if !defined(IPV6_JOIN_GROUP) && defined(IPV6_ADD_MEMBERSHIP)
+#define IPV6_JOIN_GROUP IPV6_ADD_MEMBERSHIP
+#endif
+#if !defined(IPV6_LEAVE_GROUP) && defined(IPV6_DROP_MEMBERSHIP)
+#define IPV6_LEAVE_GROUP IPV6_DROP_MEMBERSHIP
+#endif
 
 static volatile sig_atomic_t g_stop = 0;
 
+#if defined(__GNUC__)
+#define MDNS_UNUSED __attribute__((unused))
+#else
+#define MDNS_UNUSED
+#endif
+
 #ifndef TC_VA_COPY
 #if defined(va_copy)
 #define TC_VA_COPY(dst, src) va_copy(dst, src)
@@ -126,50 +150,25 @@ static int timestamped_write_message(FILE *stream, const char *message) {
 
 static int timestamped_vfprintf(FILE *stream, const char *format, va_list ap) {
     char stack_message[4096];
-    char *message = stack_message;
-    va_list sizing_ap;
-    va_list format_ap;
     int result;
 
     if (stream != stderr && stream != stdout) {
         return vfprintf(stream, format, ap);
     }
 
-    TC_VA_COPY(sizing_ap, ap);
-    result = vsnprintf(stack_message, sizeof(stack_message), format, sizing_ap);
-    va_end(sizing_ap);
+    result = vsnprintf(stack_message, sizeof(stack_message), format, ap);
     if (result < 0) {
         return result;
     }
-
     if ((size_t)result >= sizeof(stack_message)) {
-        size_t message_size = (size_t)result + 1;
-        message = malloc(message_size);
-        if (message == NULL) {
-            (void)timestamped_write_message(stream, stack_message);
-            (void)timestamped_write_message(stream, "\n[log message truncated: allocation failed]\n");
-            fflush(stream);
-            return result;
-        }
-        TC_VA_COPY(format_ap, ap);
-        result = vsnprintf(message, message_size, format, format_ap);
-        va_end(format_ap);
-        if (result < 0) {
-            free(message);
-            return result;
-        }
+        stack_message[sizeof(stack_message) - 2] = '\n';
+        stack_message[sizeof(stack_message) - 1] = '\0';
     }
 
-    if (timestamped_write_message(stream, message) != 0) {
-        if (message != stack_message) {
-            free(message);
-        }
+    if (timestamped_write_message(stream, stack_message) != 0) {
         return -1;
     }
     fflush(stream);
-    if (message != stack_message) {
-        free(message);
-    }
     return result;
 }
 
@@ -290,6 +289,7 @@ struct service_record {
 struct service_record_set {
     struct service_record records[SNAPSHOT_MAX_RECORDS];
     size_t count;
+    int truncated;
 };
 
 struct service_type_set {
@@ -297,26 +297,65 @@ struct service_type_set {
     size_t count;
 };
 
-struct query_answer_routes {
-    int smb_ptr;
-    int smb_srv;
-    int smb_txt;
-    int host_a;
-    int adisk_ptr;
-    int adisk_srv;
-    int adisk_txt;
-    int device_info_ptr;
-    int device_info_srv;
-    int device_info_txt;
-    int airport_ptr;
-    int airport_srv;
-    int airport_txt;
-    int snapshot_ptr[SNAPSHOT_MAX_RECORDS];
-    int snapshot_srv[SNAPSHOT_MAX_RECORDS];
-    int snapshot_txt[SNAPSHOT_MAX_RECORDS];
-    int snapshot_a[SNAPSHOT_MAX_RECORDS];
+struct mdns_socket_pair {
+    int ipv4_fd;
+    int ipv6_fd;
+};
+
+struct mdns_membership_delta {
+    uint32_t ipv4[MAX_IFACE_CONTEXTS];
+    size_t ipv4_count;
+    unsigned int ipv6_ifindex[MAX_IFACE_CONTEXTS];
+    char ipv6_name[MAX_IFACE_CONTEXTS][IFNAMSIZ];
+    size_t ipv6_count;
+};
+
+
+struct planned_rr {
+    char owner[MAX_NAME];
+    uint16_t type;
+    uint16_t rrclass;
+    uint32_t ttl;
+    uint8_t rdata[PLANNED_RDATA_MAX];
+    uint16_t rdlength;
+    int routes;
+};
+
+struct planned_rr_set {
+    struct planned_rr records[PLANNED_RR_MAX];
+    size_t count;
+    int truncated;
+};
+
+struct response_question_section {
+    const uint8_t *bytes;
+    size_t len;
+    uint16_t count;
+};
+
+struct stored_question_section {
+    uint8_t bytes[BUF_SIZE];
+    size_t len;
+    uint16_t count;
+};
+
+struct deferred_response {
+    int active;
+    int sockfd;
+    long long due_ms;
+    uint16_t response_id;
+    int use_snapshot_records;
+    struct sockaddr_storage multicast_dest;
+    socklen_t multicast_dest_len;
+    struct sockaddr_storage source;
+    socklen_t source_len;
+    struct stored_question_section questions;
+    struct planned_rr_set planned;
 };
 
+static struct deferred_response g_deferred_response;
+static const unsigned int g_startup_burst_offsets_ms[STARTUP_BURST_COUNT] = {0, 1000, 3000, 7000};
+
 static int name_equals(const char *a, const char *b);
 static int build_instance_fqdn(char *out, size_t out_len, const char *instance_name, const char *service_type);
 static int open_mdns_socket(int shared_bind, int log_bind_errors, uint32_t ipv4_addr, const char *socket_role);
@@ -332,6 +371,7 @@ static int add_rr_txt_strings(uint8_t *buf, size_t *off, size_t cap, const char
                               const char **strings, size_t string_count);
 static int add_rr_srv(uint8_t *buf, size_t *off, size_t cap, const char *owner, const char *target, uint16_t port, uint32_t ttl);
 static int add_rr_a(uint8_t *buf, size_t *off, size_t cap, const char *owner, uint32_t ipv4_addr, uint32_t ttl);
+static int add_rr_aaaa(uint8_t *buf, size_t *off, size_t cap, const char *owner, const struct in6_addr *ipv6_addr, uint32_t ttl);
 
 struct dns_header {
     uint16_t id;
@@ -360,12 +400,64 @@ static const char *ipv4_to_string(uint32_t ipv4_addr, char *out, size_t out_len)
 
 #include "auto-ip-common.inc"
 
+static uint32_t link_preferred_ipv4_source(const struct link_context *link);
+static int link_set_has_ipv4_membership(const struct link_context_set *set, uint32_t ipv4_addr);
+static int source_matches_link_ipv4_subnet(uint32_t source_ipv4_addr, const struct link_context *link);
+static int flush_deferred_response_if_due(long long now_ms);
+static long long deferred_response_adjust_wait_ms(long long now_ms, long long wait_ms);
+static void clear_deferred_response_for_sockfd(int sockfd);
+
 typedef int (*mdns_collect_iface_contexts_fn)(struct iface_context_set *out, void *userdata);
+typedef int (*mdns_collect_link_contexts_fn)(struct link_context_set *out, void *userdata);
 typedef void (*mdns_sleep_fn)(unsigned int seconds, void *userdata);
 
+static void derive_usable_iface_contexts_from_links(struct iface_context_set *out,
+                                                    const struct link_context_set *links) {
+    size_t i;
+
+    memset(out, 0, sizeof(*out));
+    out->truncated = links->truncated;
+    for (i = 0; i < links->count; i++) {
+        size_t j;
+        const struct link_context *link = &links->links[i];
+        for (j = 0; j < link->ipv4_count; j++) {
+            (void)append_iface_context(out,
+                                       link->name,
+                                       link->ipv4[j].addr,
+                                       link->ipv4[j].netmask,
+                                       link->flags);
+        }
+    }
+    sort_iface_contexts(out);
+}
+
 static int collect_usable_iface_contexts_provider(struct iface_context_set *out, void *userdata) {
+    struct link_context_set links;
+
+    (void)userdata;
+    memset(&links, 0, sizeof(links));
+    if (collect_usable_link_contexts(&links) != 0) {
+        return -1;
+    }
+    derive_usable_iface_contexts_from_links(out, &links);
+    return 0;
+}
+
+static int collect_usable_link_contexts_provider(struct link_context_set *out, void *userdata) {
+    (void)userdata;
+    return collect_usable_link_contexts(out);
+}
+
+static int collect_usable_advertise_link_contexts_provider(struct link_context_set *out, void *userdata) {
+    struct link_context_set all_links;
+
     (void)userdata;
-    return collect_usable_iface_contexts(out);
+    memset(&all_links, 0, sizeof(all_links));
+    if (collect_usable_link_contexts(&all_links) != 0) {
+        return -1;
+    }
+    filter_advertise_link_contexts(out, &all_links);
+    return 0;
 }
 
 static void mdns_sleep_provider(unsigned int seconds, void *userdata) {
@@ -402,7 +494,7 @@ static int wait_for_auto_iface_contexts_with_provider(struct iface_context_set *
     return -1;
 }
 
-static int wait_for_auto_iface_contexts(struct iface_context_set *out, const char *role) {
+static int MDNS_UNUSED wait_for_auto_iface_contexts(struct iface_context_set *out, const char *role) {
     return wait_for_auto_iface_contexts_with_provider(out,
                                                      role,
                                                      collect_usable_iface_contexts_provider,
@@ -410,6 +502,51 @@ static int wait_for_auto_iface_contexts(struct iface_context_set *out, const cha
                                                      NULL);
 }
 
+static int wait_for_auto_link_contexts_with_provider(struct link_context_set *out,
+                                                     const char *role,
+                                                     mdns_collect_link_contexts_fn collect_contexts,
+                                                     mdns_sleep_fn sleep_fn,
+                                                     void *userdata) {
+    struct link_context_set first;
+
+    if (collect_contexts == NULL || sleep_fn == NULL) {
+        return -1;
+    }
+
+    memset(out, 0, sizeof(*out));
+    while (!g_stop) {
+        memset(&first, 0, sizeof(first));
+        if (collect_contexts(&first, userdata) == 0 && first.count > 0) {
+            fprintf(stderr, "%s auto-ip: first usable address link observed; waiting %ds for network stabilization\n",
+                    role, AUTO_IP_STABILIZE_SECONDS);
+            sleep_fn(AUTO_IP_STABILIZE_SECONDS, userdata);
+            if (collect_contexts(out, userdata) == 0 && out->count > 0) {
+                sort_link_contexts(out);
+                return 0;
+            }
+            fprintf(stderr, "%s auto-ip: usable address links disappeared during stabilization; retrying\n", role);
+        }
+        sleep_fn(AUTO_IP_STARTUP_POLL_SECONDS, userdata);
+    }
+    return -1;
+}
+
+static int wait_for_auto_link_contexts(struct link_context_set *out, const char *role) {
+    return wait_for_auto_link_contexts_with_provider(out,
+                                                    role,
+                                                    collect_usable_link_contexts_provider,
+                                                    mdns_sleep_provider,
+                                                    NULL);
+}
+
+static int wait_for_auto_advertise_link_contexts(struct link_context_set *out, const char *role) {
+    return wait_for_auto_link_contexts_with_provider(out,
+                                                    role,
+                                                    collect_usable_advertise_link_contexts_provider,
+                                                    mdns_sleep_provider,
+                                                    NULL);
+}
+
 static int print_auto_ip_cidrs_with_provider(FILE *stream,
                                              mdns_collect_iface_contexts_fn collect_contexts,
                                              void *userdata) {
@@ -426,6 +563,10 @@ static int print_auto_ip_cidrs_with_provider(FILE *stream,
     if (contexts.count == 0) {
         return EXIT_AUTO_IP_UNAVAILABLE;
     }
+    if (contexts.truncated) {
+        fprintf(stderr, "auto-ip: usable IPv4 context list exceeded static capacity\n");
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
     sort_iface_contexts(&contexts);
     if (print_iface_context_cidrs(stream, &contexts) != 0) {
         return EXIT_AUTO_IP_PROBE_FAILED;
@@ -433,6 +574,111 @@ static int print_auto_ip_cidrs_with_provider(FILE *stream,
     return EXIT_OK;
 }
 
+static int link_contexts_need_ipv4_socket(const struct link_context_set *set);
+static int link_contexts_need_ipv6_socket(const struct link_context_set *set);
+
+static int print_smb_bind_interfaces_with_provider(FILE *stream,
+                                                   mdns_collect_link_contexts_fn collect_contexts,
+                                                   void *userdata) {
+    struct link_context_set links;
+    size_t i;
+    int has_samba_address = 0;
+
+    if (collect_contexts == NULL) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+
+    memset(&links, 0, sizeof(links));
+    if (collect_contexts(&links, userdata) != 0) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    if (links.count == 0) {
+        return EXIT_AUTO_IP_UNAVAILABLE;
+    }
+    sort_link_contexts(&links);
+    for (i = 0; i < links.count; i++) {
+        if (link_context_has_samba_address(&links.links[i])) {
+            has_samba_address = 1;
+            break;
+        }
+    }
+    if (!has_samba_address) {
+        return EXIT_AUTO_IP_UNAVAILABLE;
+    }
+    if (links.truncated) {
+        fprintf(stderr, "auto-ip: Samba bind interface list exceeded static capacity\n");
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    if (print_smb_link_bind_tokens(stream, &links) != 0) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    return EXIT_OK;
+}
+
+static int print_mdns_socket_families_with_provider(FILE *stream,
+                                                    mdns_collect_link_contexts_fn collect_contexts,
+                                                    void *userdata) {
+    struct link_context_set all_links;
+    struct link_context_set links;
+    int need_ipv4;
+    int need_ipv6;
+
+    if (collect_contexts == NULL) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+
+    memset(&all_links, 0, sizeof(all_links));
+    memset(&links, 0, sizeof(links));
+    if (collect_contexts(&all_links, userdata) != 0) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    if (all_links.count == 0) {
+        return EXIT_AUTO_IP_UNAVAILABLE;
+    }
+    filter_advertise_link_contexts(&links, &all_links);
+    if (all_links.truncated || links.truncated) {
+        fprintf(stderr, "auto-ip: mDNS socket family link list exceeded static capacity\n");
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    if (links.count == 0) {
+        return EXIT_AUTO_IP_UNAVAILABLE;
+    }
+    sort_link_contexts(&links);
+    need_ipv4 = link_contexts_need_ipv4_socket(&links);
+    need_ipv6 = link_contexts_need_ipv6_socket(&links);
+    if (!need_ipv4 && !need_ipv6) {
+        return EXIT_AUTO_IP_UNAVAILABLE;
+    }
+    if (need_ipv4 && fputs("ipv4", stream) == EOF) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    if (need_ipv6) {
+        if (need_ipv4 && fputc(' ', stream) == EOF) {
+            return EXIT_AUTO_IP_PROBE_FAILED;
+        }
+        if (fputs("ipv6", stream) == EOF) {
+            return EXIT_AUTO_IP_PROBE_FAILED;
+        }
+    }
+    if (fputc('\n', stream) == EOF) {
+        return EXIT_AUTO_IP_PROBE_FAILED;
+    }
+    return EXIT_OK;
+}
+
+static int open_dualstack_mdns_sockets(int shared_bind,
+                                       struct link_context_set *links,
+                                       int log_bind_errors,
+                                       struct mdns_socket_pair *out);
+static void close_mdns_socket_pair(struct mdns_socket_pair *sockets);
+static int set_outbound_multicast_interface(int sockfd, uint32_t ipv4_addr, const char *socket_role,
+                                            int log_success, int log_errors);
+static int set_outbound_multicast_interface6(int sockfd, unsigned int ifindex, const char *socket_role,
+                                             int log_success, int log_errors);
+static void drop_mdns_multicast_group_best_effort(int sockfd, uint32_t ipv4_addr, const char *socket_role);
+static void drop_mdns_multicast_group6_best_effort(int sockfd, unsigned int ifindex, const char *ifname,
+                                                   const char *socket_role);
+
 static void log_startup_config(const struct config *cfg, int shared_bind, int auto_ip) {
     char ipv4_buf[INET_ADDRSTRLEN];
 
@@ -595,6 +841,7 @@ static struct service_record *find_or_add_record(struct service_record_set *set,
         return record;
     }
     if (set->count >= SNAPSHOT_MAX_RECORDS) {
+        set->truncated = 1;
         return NULL;
     }
     record = &set->records[set->count++];
@@ -665,10 +912,14 @@ static void usage(const char *prog) {
             "       %s --save-snapshot <path> [--save-all-snapshot <path>] [airport identity options]\n"
             "       %s --save-airport-snapshot <path> --instance <name> --host <label> [airport identity options]\n"
             "       %s --print-auto-ip-cidrs\n"
+            "       %s --print-smb-bind-interfaces\n"
+            "       %s --print-mdns-socket-families\n"
             "       %s --version\n"
             "Options:\n"
-            "  --auto-ip          Serve every usable live IPv4 interface and track IP changes\n"
+            "  --auto-ip          Serve every usable live address link and track IP changes\n"
             "  --print-auto-ip-cidrs Print usable live IPv4 CIDRs and exit 0, or exit 11 if none exist\n"
+            "  --print-smb-bind-interfaces Print live IPv4/IPv6 address CIDRs for Samba interfaces\n"
+            "  --print-mdns-socket-families Print required mDNS UDP socket families for live advertise links\n"
             "  --version          Print advertiser version code and exit\n"
             "  --save-all-snapshot <path> Capture raw LAN-wide mDNS records into a snapshot file\n"
             "  --save-snapshot <path> Capture Apple mDNS records into a snapshot file; without --load-snapshot, capture and exit\n"
@@ -698,7 +949,7 @@ static void usage(const char *prog) {
             "  --airport-port <p> _airport._tcp service port (default: 5009)\n"
             "  --port <port>      Service port (default: 445)\n"
             "  --ttl <seconds>    Record TTL (default: 120)\n",
-            prog, prog, prog, prog, prog);
+            prog, prog, prog, prog, prog, prog, prog);
 }
 
 static int append_bytes(uint8_t *buf, size_t *off, size_t cap, const void *src, size_t len) {
@@ -1359,8 +1610,8 @@ static int add_service_record_answers(uint8_t *buf, size_t *off, size_t cap, con
     return 0;
 }
 
-static int add_snapshot_host_a_record(uint8_t *buf, size_t *off, size_t cap, const struct service_record *record,
-                                      uint32_t response_ipv4_addr, uint32_t ttl, int *answers) {
+static int MDNS_UNUSED add_snapshot_host_a_record(uint8_t *buf, size_t *off, size_t cap, const struct service_record *record,
+                                                  uint32_t response_ipv4_addr, uint32_t ttl, int *answers) {
     if (record->host_fqdn[0] == '\0') {
         return 0;
     }
@@ -1375,6 +1626,64 @@ static int add_snapshot_host_a_record(uint8_t *buf, size_t *off, size_t cap, con
     return 0;
 }
 
+static int append_host_address_records(uint8_t *buf,
+                                       size_t *off,
+                                       size_t cap,
+                                       const char *owner,
+                                       const struct link_context *link,
+                                       int include_a,
+                                       int include_aaaa,
+                                       uint32_t ttl,
+                                       int *answers) {
+    size_t i;
+
+    if (owner == NULL || owner[0] == '\0' || link == NULL) {
+        return 0;
+    }
+    if (include_a) {
+        for (i = 0; i < link->ipv4_count; i++) {
+            if (add_rr_a(buf, off, cap, owner, link->ipv4[i].addr, ttl) != 0) {
+                return -1;
+            }
+            *answers += 1;
+        }
+    }
+    if (include_aaaa) {
+        for (i = 0; i < link->ipv6_count; i++) {
+            if (!link_ipv6_addr_is_samba_bindable(&link->ipv6[i])) {
+                continue;
+            }
+            if (add_rr_aaaa(buf, off, cap, owner, &link->ipv6[i].addr, ttl) != 0) {
+                return -1;
+            }
+            *answers += 1;
+        }
+    }
+    return 0;
+}
+
+static int add_snapshot_host_address_records(uint8_t *buf,
+                                             size_t *off,
+                                             size_t cap,
+                                             const struct service_record *record,
+                                             const struct link_context *link,
+                                             int include_a,
+                                             int include_aaaa,
+                                             uint32_t ttl,
+                                             int *answers) {
+    if (record->host_fqdn[0] == '\0') {
+        return 0;
+    }
+    if (append_host_address_records(buf, off, cap, record->host_fqdn, link, include_a, include_aaaa, ttl, answers) != 0) {
+        fprintf(stderr,
+                "mdns snapshot rr failure: rr=ADDR type=%s instance=%s host=%s port=%u txt_count=%lu packet_len=%lu\n",
+                record->service_type, record->instance_fqdn, record->host_fqdn,
+                (unsigned int)record->port, (unsigned long)record->txt_count, (unsigned long)*off);
+        return -1;
+    }
+    return 0;
+}
+
 static int add_rr_ptr(uint8_t *buf, size_t *off, size_t cap, const char *owner, const char *target, uint32_t ttl) {
     size_t rdlength_pos;
     size_t rdata_start;
@@ -1495,6 +1804,18 @@ static int add_rr_a(uint8_t *buf, size_t *off, size_t cap, const char *owner, ui
     return 0;
 }
 
+static int add_rr_aaaa(uint8_t *buf, size_t *off, size_t cap, const char *owner, const struct in6_addr *ipv6_addr, uint32_t ttl) {
+    if (encode_name(buf, off, cap, owner) != 0 ||
+        append_u16(buf, off, cap, DNS_TYPE_AAAA) != 0 ||
+        append_u16(buf, off, cap, DNS_CLASS_IN_UNIQUE) != 0 ||
+        append_u32(buf, off, cap, ttl) != 0 ||
+        append_u16(buf, off, cap, 16) != 0 ||
+        append_bytes(buf, off, cap, ipv6_addr->s6_addr, 16) != 0) {
+        return -1;
+    }
+    return 0;
+}
+
 static int hex_encode_bytes_len(char *out, size_t out_len, const char *bytes, size_t src_len) {
     static const char hex[] = "0123456789abcdef";
     size_t i;
@@ -1712,8 +2033,12 @@ static int load_snapshot_file(const char *path, struct service_record_set *out)
                 fclose(fp);
                 return -1;
             }
-            if (out->count >= SNAPSHOT_MAX_RECORDS ||
-                build_instance_fqdn(current.instance_fqdn, sizeof(current.instance_fqdn), current.instance_name, current.service_type) != 0 ||
+            if (out->count >= SNAPSHOT_MAX_RECORDS) {
+                out->truncated = 1;
+                fclose(fp);
+                return -1;
+            }
+            if (build_instance_fqdn(current.instance_fqdn, sizeof(current.instance_fqdn), current.instance_name, current.service_type) != 0 ||
                 build_host_label_from_fqdn(current.host_label, sizeof(current.host_label), current.host_fqdn) != 0) {
                 fclose(fp);
                 return -1;
@@ -1776,7 +2101,11 @@ static int load_snapshot_file(const char *path, struct service_record_set *out)
     return out->count > 0 ? 0 : -1;
 }
 
-static int send_query_question(int sockfd, const struct sockaddr_in *dest, const char *qname, uint16_t qtype) {
+static int send_query_question_any(int sockfd,
+                                   const struct sockaddr *dest,
+                                   socklen_t dest_len,
+                                   const char *qname,
+                                   uint16_t qtype) {
     uint8_t packet[BUF_SIZE];
     struct dns_header hdr;
     size_t off = sizeof(hdr);
@@ -1789,7 +2118,11 @@ static int send_query_question(int sockfd, const struct sockaddr_in *dest, const
         append_u16(packet, &off, sizeof(packet), DNS_CLASS_IN) != 0) {
         return -1;
     }
-    return sendto_retry(sockfd, packet, off, 0, (const struct sockaddr *)dest, sizeof(*dest)) >= 0 ? 0 : -1;
+    return sendto_retry(sockfd, packet, off, 0, dest, dest_len) >= 0 ? 0 : -1;
+}
+
+static int send_query_question(int sockfd, const struct sockaddr_in *dest, const char *qname, uint16_t qtype) {
+    return send_query_question_any(sockfd, (const struct sockaddr *)dest, sizeof(*dest), qname, qtype);
 }
 
 static void parse_txt_rdata(struct service_record *record, const uint8_t *rdata, size_t rdlength) {
@@ -1946,6 +2279,58 @@ static int collect_mdns_responses(int sockfd, int seconds, struct service_record
     return 0;
 }
 
+static int collect_mdns_responses_pair(const struct mdns_socket_pair *sockets,
+                                       int seconds,
+                                       struct service_record_set *set,
+                                       struct service_type_set *service_types) {
+    time_t deadline = time(NULL) + seconds;
+
+    while (time(NULL) < deadline) {
+        fd_set rfds;
+        struct timeval tv;
+        uint8_t packet[BUF_SIZE];
+        int maxfd = -1;
+        int selected;
+
+        FD_ZERO(&rfds);
+        if (sockets->ipv4_fd >= 0) {
+            FD_SET(sockets->ipv4_fd, &rfds);
+            if (sockets->ipv4_fd > maxfd) {
+                maxfd = sockets->ipv4_fd;
+            }
+        }
+        if (sockets->ipv6_fd >= 0) {
+            FD_SET(sockets->ipv6_fd, &rfds);
+            if (sockets->ipv6_fd > maxfd) {
+                maxfd = sockets->ipv6_fd;
+            }
+        }
+        if (maxfd < 0) {
+            return -1;
+        }
+        tv.tv_sec = 1;
+        tv.tv_usec = 0;
+        selected = select(maxfd + 1, &rfds, NULL, NULL, &tv);
+        if (selected <= 0) {
+            continue;
+        }
+        if (sockets->ipv4_fd >= 0 && FD_ISSET(sockets->ipv4_fd, &rfds)) {
+            ssize_t nread = recvfrom(sockets->ipv4_fd, packet, sizeof(packet), 0, NULL, NULL);
+            if (nread > 0) {
+                (void)parse_snapshot_rrs(packet, (size_t)nread, set, service_types);
+            }
+        }
+        if (sockets->ipv6_fd >= 0 && FD_ISSET(sockets->ipv6_fd, &rfds)) {
+            ssize_t nread = recvfrom(sockets->ipv6_fd, packet, sizeof(packet), 0, NULL, NULL);
+            if (nread > 0) {
+                (void)parse_snapshot_rrs(packet, (size_t)nread, set, service_types);
+            }
+        }
+    }
+
+    return 0;
+}
+
 static int mac_equals(const char *a, const char *b) {
     size_t ai = 0;
     size_t bi = 0;
@@ -2071,6 +2456,7 @@ static int filter_records_by_host(struct service_record_set *out, const struct s
             continue;
         }
         if (out->count >= SNAPSHOT_MAX_RECORDS) {
+            out->truncated = 1;
             break;
         }
         out->records[out->count++] = *record;
@@ -2115,6 +2501,93 @@ static int capture_mdns_snapshot_raw(struct service_record_set *out, uint32_t ip
     return out->count > 0 ? 0 : -1;
 }
 
+static void scoped_mdns_dest6_for_link(struct sockaddr_in6 *out,
+                                       const struct sockaddr_in6 *base,
+                                       const struct link_context *link) {
+    *out = *base;
+    if (link != NULL) {
+        out->sin6_scope_id = link->ifindex;
+    }
+}
+
+static void send_capture_query_to_all_links(const struct mdns_socket_pair *sockets,
+                                            const struct link_context_set *links,
+                                            const struct sockaddr_in *dest4,
+                                            const struct sockaddr_in6 *dest6,
+                                            const char *qname,
+                                            uint16_t qtype) {
+    size_t i;
+
+    for (i = 0; i < links->count; i++) {
+        uint32_t ipv4_source = link_preferred_ipv4_source(&links->links[i]);
+        if (sockets->ipv4_fd >= 0 && link_context_has_mdns_ipv4_transport(&links->links[i]) &&
+            ipv4_source != 0 &&
+            set_outbound_multicast_interface(sockets->ipv4_fd, ipv4_source, "capture", 0, 0) == 0) {
+            (void)send_query_question_any(sockets->ipv4_fd,
+                                          (const struct sockaddr *)dest4,
+                                          sizeof(*dest4),
+                                          qname,
+                                          qtype);
+        }
+        if (sockets->ipv6_fd >= 0 && link_context_has_mdns_ipv6_transport(&links->links[i]) &&
+            set_outbound_multicast_interface6(sockets->ipv6_fd, links->links[i].ifindex, "capture", 0, 0) == 0) {
+            struct sockaddr_in6 scoped_dest;
+            scoped_mdns_dest6_for_link(&scoped_dest, dest6, &links->links[i]);
+            (void)send_query_question_any(sockets->ipv6_fd,
+                                          (const struct sockaddr *)&scoped_dest,
+                                          sizeof(scoped_dest),
+                                          qname,
+                                          qtype);
+        }
+    }
+}
+
+static int capture_mdns_snapshot_links_raw(struct service_record_set *out,
+                                           const struct link_context_set *links) {
+    struct mdns_socket_pair sockets;
+    struct link_context_set socket_links;
+    struct sockaddr_in mdns_dest4;
+    struct sockaddr_in6 mdns_dest6;
+    size_t i;
+    struct service_type_set service_types;
+
+    memset(out, 0, sizeof(*out));
+    memset(&service_types, 0, sizeof(service_types));
+    socket_links = *links;
+    sockets.ipv4_fd = -1;
+    sockets.ipv6_fd = -1;
+    if (open_dualstack_mdns_sockets(1, &socket_links, 1, &sockets) != 0) {
+        return -1;
+    }
+
+    memset(&mdns_dest4, 0, sizeof(mdns_dest4));
+    mdns_dest4.sin_family = AF_INET;
+    mdns_dest4.sin_port = htons(MDNS_PORT);
+    mdns_dest4.sin_addr.s_addr = inet_addr(MDNS_GROUP);
+
+    memset(&mdns_dest6, 0, sizeof(mdns_dest6));
+    mdns_dest6.sin6_family = AF_INET6;
+    mdns_dest6.sin6_port = htons(MDNS_PORT);
+    (void)inet_pton(AF_INET6, MDNS_GROUP_V6, &mdns_dest6.sin6_addr);
+
+    send_capture_query_to_all_links(&sockets, &socket_links, &mdns_dest4, &mdns_dest6, "_services._dns-sd._udp.local.", DNS_TYPE_PTR);
+    (void)collect_mdns_responses_pair(&sockets, SNAPSHOT_CAPTURE_STEP_SECONDS, out, &service_types);
+
+    for (i = 0; i < service_types.count; i++) {
+        send_capture_query_to_all_links(&sockets, &socket_links, &mdns_dest4, &mdns_dest6, service_types.types[i], DNS_TYPE_PTR);
+    }
+    (void)collect_mdns_responses_pair(&sockets, SNAPSHOT_CAPTURE_STEP_SECONDS, out, &service_types);
+
+    for (i = 0; i < out->count; i++) {
+        send_capture_query_to_all_links(&sockets, &socket_links, &mdns_dest4, &mdns_dest6, out->records[i].instance_fqdn, DNS_TYPE_SRV);
+        send_capture_query_to_all_links(&sockets, &socket_links, &mdns_dest4, &mdns_dest6, out->records[i].instance_fqdn, DNS_TYPE_TXT);
+    }
+    (void)collect_mdns_responses_pair(&sockets, SNAPSHOT_CAPTURE_STEP_SECONDS, out, &service_types);
+    close_mdns_socket_pair(&sockets);
+
+    return out->count > 0 ? 0 : -1;
+}
+
 static int prepare_loaded_snapshot_for_advertising(const struct config *cfg, const struct service_record_set *loaded,
                                                    struct service_record_set *out) {
     char matched_host[MAX_LABEL + 1];
@@ -2145,6 +2618,23 @@ static int capture_mdns_snapshot_raw_with_retry(struct service_record_set *out,
     return -1;
 }
 
+static int capture_mdns_snapshot_links_with_retry(struct service_record_set *out,
+                                                  const struct link_context_set *links) {
+    time_t deadline = time(NULL) + SNAPSHOT_CAPTURE_TIMEOUT_SECONDS;
+
+    do {
+        if (capture_mdns_snapshot_links_raw(out, links) == 0) {
+            return 0;
+        }
+        if (time(NULL) >= deadline) {
+            break;
+        }
+        sleep(SNAPSHOT_CAPTURE_RETRY_INTERVAL_SECONDS);
+    } while (time(NULL) < deadline);
+
+    return -1;
+}
+
 static int service_records_match(const struct service_record *a, const struct service_record *b) {
     return strcmp(a->service_type, b->service_type) == 0 &&
            strcmp(a->instance_fqdn, b->instance_fqdn) == 0 &&
@@ -2164,8 +2654,12 @@ static void append_snapshot_records_unique(struct service_record_set *dst, const
                 break;
             }
         }
-        if (!exists && dst->count < SNAPSHOT_MAX_RECORDS) {
-            dst->records[dst->count++] = src->records[i];
+        if (!exists) {
+            if (dst->count < SNAPSHOT_MAX_RECORDS) {
+                dst->records[dst->count++] = src->records[i];
+            } else {
+                dst->truncated = 1;
+            }
         }
     }
 }
@@ -2196,40 +2690,40 @@ static int capture_mdns_snapshot_auto_with_provider(struct service_record_set *o
     memset(out, 0, sizeof(*out));
     for (i = 0; i < contexts->count; i++) {
         struct service_record_set captured;
-        struct service_record_set filtered;
         char ip_buf[INET_ADDRSTRLEN];
         memset(&captured, 0, sizeof(captured));
-        memset(&filtered, 0, sizeof(filtered));
         fprintf(stderr, "snapshot capture: probing auto-ip context iface=%s ip=%s\n",
                 contexts->contexts[i].name,
                 ipv4_to_string(contexts->contexts[i].ipv4_addr, ip_buf, sizeof(ip_buf)));
         if (capture_context(&captured, &contexts->contexts[i], userdata) == 0) {
-            if (require_trusted_snapshot &&
-                prepare_loaded_snapshot_for_advertising(cfg, &captured, &filtered) != 0) {
-                fprintf(stderr,
-                        "snapshot capture: auto-ip context iface=%s ip=%s did not match local AirPort identity; trying next context\n",
-                        contexts->contexts[i].name,
-                        ipv4_to_string(contexts->contexts[i].ipv4_addr, ip_buf, sizeof(ip_buf)));
-                continue;
-            }
             append_snapshot_records_unique(out, &captured);
-            fprintf(stderr, "snapshot capture: accepted auto-ip context iface=%s ip=%s records=%lu\n",
+            fprintf(stderr, "snapshot capture: merged auto-ip context iface=%s ip=%s records=%lu\n",
                     contexts->contexts[i].name,
                     ipv4_to_string(contexts->contexts[i].ipv4_addr, ip_buf, sizeof(ip_buf)),
                     (unsigned long)captured.count);
-            return out->count > 0 ? 0 : -1;
         }
     }
-    return -1;
-}
-
-static int capture_mdns_snapshot_auto_with_retry(struct service_record_set *out,
-                                                const struct iface_context_set *contexts,
-                                                const struct config *cfg,
-                                                int require_trusted_snapshot) {
-    return capture_mdns_snapshot_auto_with_provider(out,
-                                                   contexts,
-                                                   cfg,
+    if (out->count == 0) {
+        return -1;
+    }
+    if (require_trusted_snapshot) {
+        struct service_record_set filtered;
+        memset(&filtered, 0, sizeof(filtered));
+        if (prepare_loaded_snapshot_for_advertising(cfg, out, &filtered) != 0) {
+            fprintf(stderr, "snapshot capture: merged auto-ip records did not match local AirPort identity\n");
+            return -1;
+        }
+    }
+    return 0;
+}
+
+static int MDNS_UNUSED capture_mdns_snapshot_auto_with_retry(struct service_record_set *out,
+                                                            const struct iface_context_set *contexts,
+                                                            const struct config *cfg,
+                                                            int require_trusted_snapshot) {
+    return capture_mdns_snapshot_auto_with_provider(out,
+                                                   contexts,
+                                                   cfg,
                                                    require_trusted_snapshot,
                                                    capture_mdns_snapshot_context_raw,
                                                    NULL);
@@ -2305,6 +2799,22 @@ static void sleep_millis(unsigned int delay_ms) {
     (void)usleep((useconds_t)delay_ms * 1000U);
 }
 
+static unsigned int random_multicast_response_delay_ms(void) {
+    static int seeded = 0;
+    unsigned int span;
+
+    if (!seeded) {
+        srand((unsigned int)(time(NULL) ^ (time_t)getpid()));
+        seeded = 1;
+    }
+    span = (MDNS_MULTICAST_RESPONSE_DELAY_MAX_MS - MDNS_MULTICAST_RESPONSE_DELAY_MIN_MS) + 1U;
+    return MDNS_MULTICAST_RESPONSE_DELAY_MIN_MS + (unsigned int)(rand() % (int)span);
+}
+
+static void delay_multicast_query_response(void) {
+    sleep_millis(random_multicast_response_delay_ms());
+}
+
 static long long monotonic_millis(void) {
     struct timeval tv;
 
@@ -2409,6 +2919,28 @@ static int set_outbound_multicast_interface(int sockfd, uint32_t ipv4_addr, cons
     return 0;
 }
 
+static void configure_unicast_response_hop_limit4(int sockfd) {
+#ifdef IP_TTL
+    int ttl = 255;
+    if (setsockopt(sockfd, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)) < 0) {
+        fprintf(stderr, "warning: mdns socket: IP_TTL=255 failed: %s\n", strerror(errno));
+    }
+#else
+    (void)sockfd;
+#endif
+}
+
+static void configure_unicast_response_hop_limit6(int sockfd) {
+#ifdef IPV6_UNICAST_HOPS
+    int hops = 255;
+    if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &hops, sizeof(hops)) < 0) {
+        fprintf(stderr, "warning: mdns socket: IPV6_UNICAST_HOPS=255 failed: %s\n", strerror(errno));
+    }
+#else
+    (void)sockfd;
+#endif
+}
+
 static int configure_multicast_socket_options(int sockfd) {
     int yes;
 
@@ -2416,6 +2948,7 @@ static int configure_multicast_socket_options(int sockfd) {
     (void)setsockopt(sockfd, IPPROTO_IP, IP_MULTICAST_TTL, &yes, sizeof(yes));
     yes = 1;
     (void)setsockopt(sockfd, IPPROTO_IP, IP_MULTICAST_LOOP, &yes, sizeof(yes));
+    configure_unicast_response_hop_limit4(sockfd);
     return 0;
 }
 
@@ -2505,9 +3038,9 @@ static int iface_context_set_has_ipv4(const struct iface_context_set *set, uint3
     return 0;
 }
 
-static int prepare_mdns_auto_socket_for_contexts(int sockfd,
-                                                const struct iface_context_set *old_contexts,
-                                                const struct iface_context_set *new_contexts) {
+static int MDNS_UNUSED prepare_mdns_auto_socket_for_contexts(int sockfd,
+                                                            const struct iface_context_set *old_contexts,
+                                                            const struct iface_context_set *new_contexts) {
     size_t i;
 
     if (new_contexts->count == 0) {
@@ -2551,9 +3084,9 @@ static void drop_mdns_multicast_group_best_effort(int sockfd, uint32_t ipv4_addr
 #endif
 }
 
-static void retire_mdns_auto_socket_contexts(int sockfd,
-                                             const struct iface_context_set *old_contexts,
-                                             const struct iface_context_set *new_contexts) {
+static void MDNS_UNUSED retire_mdns_auto_socket_contexts(int sockfd,
+                                                         const struct iface_context_set *old_contexts,
+                                                         const struct iface_context_set *new_contexts) {
     size_t i;
 
     for (i = 0; i < old_contexts->count; i++) {
@@ -2631,7 +3164,7 @@ static int open_auto_mdns_socket(int shared_bind, const struct iface_context_set
     return sockfd;
 }
 
-static int acquire_mdns_auto_socket(int shared_bind, const struct iface_context_set *set) {
+static int MDNS_UNUSED acquire_mdns_auto_socket(int shared_bind, const struct iface_context_set *set) {
     static const unsigned int retry_delays_ms[TAKEOVER_RETRY_COUNT] = {0, 100, 200, 300, 400, 500};
     size_t i;
     int sockfd;
@@ -2683,618 +3216,2069 @@ static int acquire_mdns_auto_socket(int shared_bind, const struct iface_context_
     return -1;
 }
 
-static void format_dest_addr(const struct sockaddr_in *dest, char *buf, size_t buf_size) {
-    char ipbuf[INET_ADDRSTRLEN];
-
-    snprintf(buf, buf_size, "%s:%u",
-             ipv4_to_string(dest->sin_addr.s_addr, ipbuf, sizeof(ipbuf)),
-             (unsigned int)ntohs(dest->sin_port));
+static int link_has_any_mdns_transport(const struct link_context *link) {
+    return link_context_has_mdns_ipv4_transport(link) ||
+           link_context_has_mdns_ipv6_transport(link);
 }
 
-static void log_packet_build_failure(const char *stage, const char *step, size_t packet_len, int answers,
-                                     int use_snapshot_records) {
-    fprintf(stderr,
-            "mdns packet build failure: stage=%s step=%s packet_len=%lu answers=%d records=%s\n",
-            stage,
-            step,
-            (unsigned long)packet_len,
-            answers,
-            use_snapshot_records ? "snapshot" : "generated");
-}
+static void compact_link_contexts_for_mdns_transport(struct link_context_set *set) {
+    size_t i;
+    size_t write_i = 0;
 
-static void log_snapshot_record_build_failure(const char *stage, const char *step, size_t record_index,
-                                              const struct service_record *record, size_t packet_len, int answers) {
-    fprintf(stderr,
-            "mdns snapshot build failure: stage=%s step=%s record_index=%lu type=%s instance=%s host=%s port=%u txt_count=%lu packet_len=%lu answers=%d\n",
-            stage,
-            step,
-            (unsigned long)record_index,
-            record->service_type,
-            record->instance_fqdn,
-            record->host_fqdn,
-            (unsigned int)record->port,
-            (unsigned long)record->txt_count,
-            (unsigned long)packet_len,
-            answers);
+    for (i = 0; i < set->count; i++) {
+        if (!link_has_any_mdns_transport(&set->links[i])) {
+            continue;
+        }
+        if (write_i != i) {
+            set->links[write_i] = set->links[i];
+        }
+        write_i++;
+    }
+    set->count = write_i;
 }
 
-static void log_packet_send_failure_detail(const char *stage, const struct sockaddr_in *dest, size_t packet_len,
-                                           int answers, int use_snapshot_records, int saved_errno) {
-    char destbuf[64];
-
-    format_dest_addr(dest, destbuf, sizeof(destbuf));
-    fprintf(stderr,
-            "mdns packet send failure: stage=%s dest=%s packet_len=%lu answers=%d records=%s errno=%d (%s)\n",
-            stage,
-            destbuf,
-            (unsigned long)packet_len,
-            answers,
-            use_snapshot_records ? "snapshot" : "generated",
-            saved_errno,
-            strerror(saved_errno));
+static int link_ipv4_source_score(uint32_t ipv4_addr) {
+    if (ipv4_is_rfc1918(ipv4_addr)) {
+        return 0;
+    }
+    if (!ipv4_is_link_local(ipv4_addr)) {
+        return 100;
+    }
+    return 200;
 }
 
-static int send_dns_packet(const char *stage, int sockfd, const uint8_t *buf, size_t packet_len,
-                           const struct sockaddr_in *dest, int answers, int use_snapshot_records) {
-    static int logged_success_announcement = 0;
-    static int logged_success_reply = 0;
-
-    ssize_t sent;
-    int saved_errno;
+static uint32_t link_preferred_ipv4_source(const struct link_context *link) {
+    size_t i;
+    uint32_t best = 0;
+    int best_score = 0;
 
-    errno = 0;
-    sent = sendto_retry(sockfd, buf, packet_len, 0, (const struct sockaddr *)dest, sizeof(*dest));
-    saved_errno = errno;
-    if (sent < 0) {
-        errno = saved_errno;
-        log_packet_send_failure_detail(stage, dest, packet_len, answers, use_snapshot_records, saved_errno);
-        return -1;
+    if (link == NULL || link->ipv4_count == 0) {
+        return 0;
     }
-
-    if (strcmp(stage, "query_response") == 0) {
-        if (!logged_success_reply) {
-            char destbuf[64];
-            format_dest_addr(dest, destbuf, sizeof(destbuf));
-            fprintf(stderr,
-                    "mdns packet send success: stage=%s dest=%s packet_len=%lu answers=%d\n",
-                    stage, destbuf, (unsigned long)packet_len, answers);
-            logged_success_reply = 1;
+    if (link->mdns_ipv4_transport_addr != 0) {
+        return link->mdns_ipv4_transport_addr;
+    }
+    for (i = 0; i < link->ipv4_count; i++) {
+        int score = link_ipv4_source_score(link->ipv4[i].addr);
+        if (best == 0 || score < best_score) {
+            best = link->ipv4[i].addr;
+            best_score = score;
         }
-    } else if (!logged_success_announcement) {
-        char destbuf[64];
-        format_dest_addr(dest, destbuf, sizeof(destbuf));
-        fprintf(stderr,
-                "mdns packet send success: stage=%s dest=%s packet_len=%lu answers=%d records=%s\n",
-                stage, destbuf, (unsigned long)packet_len, answers,
-                use_snapshot_records ? "snapshot" : "generated");
-        logged_success_announcement = 1;
     }
-
-    return 0;
+    return best;
 }
 
-static int add_adisk_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
-    char instance_fqdn[MAX_NAME];
-    char txt1[128];
-    char disk_txts[ADISK_MAX_DISKS][256];
-    const char *txts[ADISK_MAX_DISKS + 1];
+static uint32_t link_ipv4_source_for_peer(const struct link_context *link, uint32_t source_ipv4_addr) {
     size_t i;
+    uint32_t best = 0;
+    int best_score = 0;
 
-    if (!adisk_enabled(cfg)) {
-        return 0;
+    if (link == NULL || source_ipv4_addr == 0) {
+        return link_preferred_ipv4_source(link);
     }
+    for (i = 0; i < link->ipv4_count; i++) {
+        uint32_t netmask = link->ipv4[i].netmask;
+        int matches;
+        int score;
 
-    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->adisk_service_type) != 0) {
-        return -1;
-    }
-    if (build_adisk_system_txt(txt1, sizeof(txt1), cfg->adisk_sys_wama) != 0) {
-        return -1;
-    }
-    txts[0] = txt1;
-    for (i = 0; i < cfg->adisk_disks.count; i++) {
-        const struct adisk_disk *disk = &cfg->adisk_disks.disks[i];
-        if (build_adisk_disk_txt(disk_txts[i], sizeof(disk_txts[i]), disk->disk_key, disk->share_name, disk->uuid, disk->disk_advf) != 0) {
-            return -1;
+        if (netmask == 0) {
+            matches = source_ipv4_addr == link->ipv4[i].addr;
+        } else {
+            matches = (source_ipv4_addr & netmask) == (link->ipv4[i].addr & netmask);
+        }
+        if (!matches) {
+            continue;
+        }
+        score = link_ipv4_source_score(link->ipv4[i].addr);
+        if (best == 0 || score < best_score) {
+            best = link->ipv4[i].addr;
+            best_score = score;
         }
-        txts[i + 1] = disk_txts[i];
     }
+    return best != 0 ? best : link_preferred_ipv4_source(link);
+}
 
-    if (add_rr_ptr(buf, off, cap, cfg->adisk_service_type, instance_fqdn, ttl) != 0 ||
-        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->adisk_port, ttl) != 0 ||
-        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, cfg->adisk_disks.count + 1) != 0) {
-        return -1;
-    }
+static int link_contexts_need_ipv4_socket(const struct link_context_set *set) {
+    size_t i;
 
-    *answers += 3;
+    for (i = 0; i < set->count; i++) {
+        if (link_context_has_mdns_ipv4_transport(&set->links[i])) {
+            return 1;
+        }
+    }
     return 0;
 }
 
-static int add_device_info_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
-    char instance_fqdn[MAX_NAME];
-    char model_txt[MAX_NAME + 16];
-    const char *txts[1];
+static int link_contexts_need_ipv6_socket(const struct link_context_set *set) {
+    size_t i;
 
-    if (cfg->device_model[0] == '\0') {
-        return 0;
+    for (i = 0; i < set->count; i++) {
+        if (link_context_has_mdns_ipv6_transport(&set->links[i])) {
+            return 1;
+        }
     }
+    return 0;
+}
 
-    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->device_info_service_type) != 0) {
-        return -1;
+static void close_mdns_socket_pair(struct mdns_socket_pair *sockets) {
+    if (sockets->ipv4_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv4_fd);
+        close(sockets->ipv4_fd);
+        sockets->ipv4_fd = -1;
     }
-    if (build_model_txt(model_txt, sizeof(model_txt), cfg->device_model) != 0) {
-        return -1;
+    if (sockets->ipv6_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv6_fd);
+        close(sockets->ipv6_fd);
+        sockets->ipv6_fd = -1;
     }
-    txts[0] = model_txt;
+}
 
-    if (add_rr_ptr(buf, off, cap, cfg->device_info_service_type, instance_fqdn, ttl) != 0 ||
-        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, 0, ttl) != 0 ||
-        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, 1) != 0) {
+static void init_mdns_membership_delta(struct mdns_membership_delta *delta) {
+    memset(delta, 0, sizeof(*delta));
+}
+
+static int record_mdns_membership_ipv4(struct mdns_membership_delta *delta, uint32_t ipv4_addr) {
+    if (delta == NULL) {
+        return 0;
+    }
+    if (delta->ipv4_count >= MAX_IFACE_CONTEXTS) {
         return -1;
     }
-
-    *answers += 3;
+    delta->ipv4[delta->ipv4_count++] = ipv4_addr;
     return 0;
 }
 
-static int add_airport_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
-    char instance_fqdn[MAX_NAME];
-    char airport_txt[256];
-    const char *txts[1];
-
-    if (!is_airport_enabled(cfg)) {
+static int record_mdns_membership_ipv6(struct mdns_membership_delta *delta, unsigned int ifindex, const char *ifname) {
+    if (delta == NULL) {
         return 0;
     }
-
-    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->airport_service_type) != 0) {
-        return -1;
-    }
-    if (build_airport_txt(airport_txt, sizeof(airport_txt), cfg) != 0) {
+    if (delta->ipv6_count >= MAX_IFACE_CONTEXTS) {
         return -1;
     }
-    txts[0] = airport_txt;
-
-    if (add_rr_ptr(buf, off, cap, cfg->airport_service_type, instance_fqdn, ttl) != 0 ||
-        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->airport_port, ttl) != 0 ||
-        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, 1) != 0) {
-        return -1;
+    delta->ipv6_ifindex[delta->ipv6_count] = ifindex;
+    if (ifname != NULL) {
+        strncpy(delta->ipv6_name[delta->ipv6_count], ifname, sizeof(delta->ipv6_name[delta->ipv6_count]) - 1);
     }
-
-    *answers += 3;
+    delta->ipv6_count++;
     return 0;
 }
 
-static void init_announcement_packet(size_t *off, int *answers) {
-    *off = sizeof(struct dns_header);
-    *answers = 0;
-}
-
-static int finalize_and_send_announcement_packet(int sockfd, uint8_t *buf, size_t off, int answers,
-                                                 const struct sockaddr_in *dest, int use_snapshot_records) {
-    struct dns_header hdr;
+static void rollback_mdns_membership_delta(struct mdns_socket_pair *sockets,
+                                           const struct mdns_membership_delta *delta) {
+    size_t i;
 
-    if (answers <= 0) {
-        return 0;
+    if (delta == NULL) {
+        return;
+    }
+    if (sockets->ipv4_fd >= 0) {
+        for (i = delta->ipv4_count; i > 0; i--) {
+            drop_mdns_multicast_group_best_effort(sockets->ipv4_fd, delta->ipv4[i - 1], "runtime");
+        }
+    }
+    if (sockets->ipv6_fd >= 0) {
+        for (i = delta->ipv6_count; i > 0; i--) {
+            drop_mdns_multicast_group6_best_effort(sockets->ipv6_fd,
+                                                   delta->ipv6_ifindex[i - 1],
+                                                   delta->ipv6_name[i - 1],
+                                                   "runtime");
+        }
     }
-
-    memset(&hdr, 0, sizeof(hdr));
-    hdr.flags = htons(DNS_FLAG_QR | DNS_FLAG_AA);
-    hdr.ancount = htons((uint16_t)answers);
-    memcpy(buf, &hdr, sizeof(hdr));
-    return send_dns_packet("announcement", sockfd, buf, off, dest, answers, use_snapshot_records);
 }
 
-static int append_generated_base_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg,
-                                         uint32_t response_ipv4_addr, uint32_t ttl, int *answers) {
-    char instance_fqdn[MAX_NAME];
+static int open_bound_mdns_socket6(int shared_bind, int log_bind_errors) {
+    int sockfd;
+    int yes = 1;
+    struct sockaddr_in6 addr;
 
-    if (smb_enabled(cfg)) {
-        if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->service_type) != 0) {
-            return -1;
-        }
-        if (add_rr_ptr(buf, off, cap, cfg->service_type, instance_fqdn, ttl) != 0 ||
-            add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->port, ttl) != 0 ||
-            add_rr_txt_empty(buf, off, cap, instance_fqdn, ttl) != 0) {
-            return -1;
+    sockfd = socket(AF_INET6, SOCK_DGRAM, 0);
+    if (sockfd < 0) {
+        if (log_bind_errors) {
+            perror("socket(AF_INET6)");
         }
-        *answers += 3;
-    }
-    if (add_rr_a(buf, off, cap, cfg->host_fqdn, response_ipv4_addr, ttl) != 0) {
         return -1;
     }
-    *answers += 1;
-    if (add_adisk_records(buf, off, cap, cfg, ttl, answers) != 0) {
-        return -1;
+
+    if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_V6ONLY, &yes, sizeof(yes)) < 0 && log_bind_errors) {
+        perror("setsockopt(IPV6_V6ONLY)");
     }
-    if (add_device_info_records(buf, off, cap, cfg, ttl, answers) != 0) {
-        return -1;
+    if (shared_bind) {
+        if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes)) < 0) {
+            perror("setsockopt(SO_REUSEADDR ipv6)");
+            close(sockfd);
+            return -1;
+        }
+#ifdef SO_REUSEPORT
+        (void)setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, &yes, sizeof(yes));
+#endif
     }
-    return 0;
-}
-
-static int host_already_announced(char announced_hosts[][MAX_NAME], size_t announced_count, const char *host_fqdn) {
-    size_t i;
 
-    for (i = 0; i < announced_count; i++) {
-        if (name_equals(announced_hosts[i], host_fqdn)) {
-            return 1;
+    memset(&addr, 0, sizeof(addr));
+    addr.sin6_family = AF_INET6;
+    addr.sin6_port = htons(MDNS_PORT);
+    addr.sin6_addr = in6addr_any;
+    if (bind(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
+        if (log_bind_errors) {
+            perror("bind(AF_INET6)");
         }
+        close(sockfd);
+        return -1;
     }
-    return 0;
+    return sockfd;
 }
 
-static int remember_announced_host(char announced_hosts[][MAX_NAME], size_t *announced_count, const char *host_fqdn) {
-    if (*announced_count >= SNAPSHOT_MAX_RECORDS) {
-        return -1;
+static int join_mdns_multicast_group6(int sockfd, unsigned int ifindex, const char *ifname, const char *socket_role) {
+    struct ipv6_mreq mreq;
+
+    if (ifindex == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    memset(&mreq, 0, sizeof(mreq));
+    if (inet_pton(AF_INET6, MDNS_GROUP_V6, &mreq.ipv6mr_multiaddr) != 1) {
+        errno = EINVAL;
+        return -1;
+    }
+    mreq.ipv6mr_interface = ifindex;
+    if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &mreq, sizeof(mreq)) == 0) {
+        fprintf(stderr, "mdns %s socket: IPv6 multicast membership iface=%s ifindex=%u\n",
+                socket_role, ifname, ifindex);
+        return 0;
+    }
+    fprintf(stderr,
+            "warning: mdns %s socket: IPV6_JOIN_GROUP failed for iface=%s ifindex=%u: %s\n",
+            socket_role,
+            ifname,
+            ifindex,
+            strerror(errno));
+    return -1;
+}
+
+static void drop_mdns_multicast_group6_best_effort(int sockfd, unsigned int ifindex, const char *ifname, const char *socket_role) {
+#ifdef IPV6_LEAVE_GROUP
+    struct ipv6_mreq mreq;
+    int drop_errno;
+
+    if (ifindex == 0) {
+        return;
+    }
+    memset(&mreq, 0, sizeof(mreq));
+    if (inet_pton(AF_INET6, MDNS_GROUP_V6, &mreq.ipv6mr_multiaddr) != 1) {
+        return;
+    }
+    mreq.ipv6mr_interface = ifindex;
+    if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_LEAVE_GROUP, &mreq, sizeof(mreq)) == 0) {
+        fprintf(stderr, "mdns %s socket: dropped IPv6 multicast membership iface=%s ifindex=%u\n",
+                socket_role, ifname, ifindex);
+        return;
+    }
+    drop_errno = errno;
+    fprintf(stderr,
+            "warning: mdns %s socket: IPV6_LEAVE_GROUP failed for iface=%s ifindex=%u: %s\n",
+            socket_role,
+            ifname,
+            ifindex,
+            strerror(drop_errno));
+#else
+    (void)sockfd;
+    (void)ifindex;
+    (void)ifname;
+    (void)socket_role;
+#endif
+}
+
+static int set_outbound_multicast_interface6(int sockfd, unsigned int ifindex, const char *socket_role,
+                                             int log_success, int log_errors) {
+    int hops = 255;
+    int loop = 1;
+
+    if (ifindex == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    if (setsockopt(sockfd, IPPROTO_IPV6, IPV6_MULTICAST_IF, &ifindex, sizeof(ifindex)) < 0) {
+        if (log_errors) {
+            fprintf(stderr,
+                    "warning: mdns %s socket: IPV6_MULTICAST_IF failed for ifindex=%u: %s\n",
+                    socket_role,
+                    ifindex,
+                    strerror(errno));
+        }
+        return -1;
+    }
+    (void)setsockopt(sockfd, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &hops, sizeof(hops));
+    (void)setsockopt(sockfd, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &loop, sizeof(loop));
+    configure_unicast_response_hop_limit6(sockfd);
+    if (log_success) {
+        fprintf(stderr, "mdns %s socket: IPv6 outbound multicast ifindex=%u\n", socket_role, ifindex);
+    }
+    return 0;
+}
+
+static int join_mdns_multicast_group_for_link4(int sockfd,
+                                               struct link_context *link,
+                                               const struct link_context_set *old_links,
+                                               const char *socket_role,
+                                               struct mdns_membership_delta *delta) {
+    size_t i;
+    unsigned int tried_mask = 0;
+
+    if (!link_context_has_mdns_ipv4_transport(link)) {
+        return 0;
+    }
+
+    for (;;) {
+        size_t best_i = 0;
+        int best_score = 0;
+        int found = 0;
+
+        for (i = 0; i < link->ipv4_count; i++) {
+            int score;
+            if ((tried_mask & (1U << i)) != 0) {
+                continue;
+            }
+            score = link_ipv4_source_score(link->ipv4[i].addr);
+            if (!found || score < best_score) {
+                best_i = i;
+                best_score = score;
+                found = 1;
+            }
+        }
+
+        if (!found) {
+            break;
+        }
+        tried_mask |= 1U << best_i;
+
+        if (link_set_has_ipv4_membership(old_links, link->ipv4[best_i].addr)) {
+            link->mdns_ipv4_transport_addr = link->ipv4[best_i].addr;
+            return 1;
+        }
+        if (join_mdns_multicast_group(sockfd, link->ipv4[best_i].addr, socket_role) != 0) {
+            continue;
+        }
+        if (record_mdns_membership_ipv4(delta, link->ipv4[best_i].addr) != 0) {
+            drop_mdns_multicast_group_best_effort(sockfd, link->ipv4[best_i].addr, socket_role);
+            errno = ENOMEM;
+            return -1;
+        }
+        link->mdns_ipv4_transport_addr = link->ipv4[best_i].addr;
+        return 1;
+    }
+
+    fprintf(stderr, "warning: mdns %s socket: disabling IPv4 transport on iface=%s; no IPv4 multicast membership succeeded\n",
+            socket_role, link->name);
+    link->mdns_ipv4_transport = 0;
+    link->mdns_ipv4_transport_addr = 0;
+    return 0;
+}
+
+static int configure_mdns_socket6_for_links(int sockfd, struct link_context_set *set, const char *socket_role) {
+    size_t i;
+    unsigned int first_ifindex = 0;
+
+    for (i = 0; i < set->count; i++) {
+        if (!link_context_has_mdns_ipv6_transport(&set->links[i])) {
+            continue;
+        }
+        if (join_mdns_multicast_group6(sockfd, set->links[i].ifindex, set->links[i].name, socket_role) != 0) {
+            set->links[i].mdns_ipv6_transport = 0;
+            continue;
+        }
+        if (first_ifindex == 0) {
+            first_ifindex = set->links[i].ifindex;
+        }
+    }
+    compact_link_contexts_for_mdns_transport(set);
+    if (first_ifindex == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return set_outbound_multicast_interface6(sockfd, first_ifindex, socket_role, 1, 1);
+}
+
+static int configure_mdns_socket4_for_links(int sockfd, struct link_context_set *set, const char *socket_role) {
+    size_t i;
+    uint32_t first_ipv4 = 0;
+
+    for (i = 0; i < set->count; i++) {
+        int status;
+
+        if (!link_context_has_mdns_ipv4_transport(&set->links[i])) {
+            continue;
+        }
+        status = join_mdns_multicast_group_for_link4(sockfd, &set->links[i], NULL, socket_role, NULL);
+        if (status < 0) {
+            return -1;
+        }
+        if (status > 0 && first_ipv4 == 0) {
+            first_ipv4 = link_preferred_ipv4_source(&set->links[i]);
+        }
+    }
+    compact_link_contexts_for_mdns_transport(set);
+    if (first_ipv4 == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return configure_outbound_multicast_socket(sockfd, first_ipv4, socket_role);
+}
+
+static int link_set_has_ipv4_membership(const struct link_context_set *set, uint32_t ipv4_addr) {
+    size_t i;
+
+    if (set == NULL) {
+        return 0;
+    }
+    for (i = 0; i < set->count; i++) {
+        if (link_context_has_mdns_ipv4_transport(&set->links[i]) &&
+            link_preferred_ipv4_source(&set->links[i]) == ipv4_addr) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int link_set_has_ipv6_membership(const struct link_context_set *set, unsigned int ifindex) {
+    size_t i;
+
+    if (set == NULL || ifindex == 0) {
+        return 0;
+    }
+    for (i = 0; i < set->count; i++) {
+        if (link_context_has_mdns_ipv6_transport(&set->links[i]) &&
+            set->links[i].ifindex == ifindex) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int prepare_mdns_socket4_memberships(int sockfd,
+                                            const struct link_context_set *old_links,
+                                            struct link_context_set *new_links,
+                                            const char *socket_role,
+                                            struct mdns_membership_delta *delta) {
+    size_t i;
+    uint32_t first_ipv4 = 0;
+
+    for (i = 0; i < new_links->count; i++) {
+        int status;
+
+        if (!link_context_has_mdns_ipv4_transport(&new_links->links[i])) {
+            continue;
+        }
+        status = join_mdns_multicast_group_for_link4(sockfd, &new_links->links[i], old_links, socket_role, delta);
+        if (status < 0) {
+            return -1;
+        }
+        if (status > 0 && first_ipv4 == 0) {
+            first_ipv4 = link_preferred_ipv4_source(&new_links->links[i]);
+        }
+    }
+    compact_link_contexts_for_mdns_transport(new_links);
+    if (first_ipv4 == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return configure_outbound_multicast_socket(sockfd, first_ipv4, socket_role);
+}
+
+static int prepare_mdns_socket6_memberships(int sockfd,
+                                            const struct link_context_set *old_links,
+                                            struct link_context_set *new_links,
+                                            const char *socket_role,
+                                            struct mdns_membership_delta *delta) {
+    size_t i;
+    unsigned int first_ifindex = 0;
+
+    for (i = 0; i < new_links->count; i++) {
+        if (!link_context_has_mdns_ipv6_transport(&new_links->links[i])) {
+            continue;
+        }
+        if (link_set_has_ipv6_membership(old_links, new_links->links[i].ifindex)) {
+            if (first_ifindex == 0) {
+                first_ifindex = new_links->links[i].ifindex;
+            }
+            continue;
+        }
+        if (join_mdns_multicast_group6(sockfd, new_links->links[i].ifindex, new_links->links[i].name, socket_role) != 0) {
+            new_links->links[i].mdns_ipv6_transport = 0;
+            continue;
+        }
+        if (record_mdns_membership_ipv6(delta, new_links->links[i].ifindex, new_links->links[i].name) != 0) {
+            drop_mdns_multicast_group6_best_effort(sockfd,
+                                                   new_links->links[i].ifindex,
+                                                   new_links->links[i].name,
+                                                   socket_role);
+            errno = ENOMEM;
+            return -1;
+        }
+        if (first_ifindex == 0) {
+            first_ifindex = new_links->links[i].ifindex;
+        }
+    }
+    compact_link_contexts_for_mdns_transport(new_links);
+    if (first_ifindex == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return set_outbound_multicast_interface6(sockfd, first_ifindex, socket_role, 1, 1);
+}
+
+static int open_dualstack_mdns_sockets(int shared_bind,
+                                       struct link_context_set *links,
+                                       int log_bind_errors,
+                                       struct mdns_socket_pair *out) {
+    int need_ipv4 = link_contexts_need_ipv4_socket(links);
+    int need_ipv6 = link_contexts_need_ipv6_socket(links);
+    int ipv4_errno = 0;
+    int ipv6_errno = 0;
+
+    out->ipv4_fd = -1;
+    out->ipv6_fd = -1;
+    if (!need_ipv4 && !need_ipv6) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    if (need_ipv4) {
+        out->ipv4_fd = open_bound_mdns_socket(shared_bind, log_bind_errors);
+        if (out->ipv4_fd < 0 ||
+            configure_mdns_socket4_for_links(out->ipv4_fd, links, "runtime") != 0) {
+            ipv4_errno = errno;
+            if (out->ipv4_fd >= 0) {
+                clear_deferred_response_for_sockfd(out->ipv4_fd);
+                close(out->ipv4_fd);
+                out->ipv4_fd = -1;
+            }
+            disable_link_contexts_mdns_ipv4_transport(links);
+            compact_link_contexts_for_mdns_transport(links);
+            need_ipv4 = 0;
+            if (!need_ipv6) {
+                errno = ipv4_errno;
+                close_mdns_socket_pair(out);
+                return -1;
+            }
+            fprintf(stderr,
+                    "warning: mdns runtime socket: IPv4 setup failed (%s); continuing with remaining mDNS transports\n",
+                    strerror(ipv4_errno));
+        }
+    }
+    if (need_ipv6) {
+        out->ipv6_fd = open_bound_mdns_socket6(shared_bind, log_bind_errors);
+        if (out->ipv6_fd < 0 ||
+            configure_mdns_socket6_for_links(out->ipv6_fd, links, "runtime") != 0) {
+            ipv6_errno = errno;
+            if (out->ipv6_fd >= 0) {
+                clear_deferred_response_for_sockfd(out->ipv6_fd);
+                close(out->ipv6_fd);
+                out->ipv6_fd = -1;
+            }
+            if (need_ipv4 && out->ipv4_fd >= 0) {
+                fprintf(stderr,
+                        "warning: mdns runtime socket: IPv6 setup failed (%s); continuing with remaining mDNS transports\n",
+                        strerror(ipv6_errno));
+                disable_link_contexts_mdns_ipv6_transport(links);
+                compact_link_contexts_for_mdns_transport(links);
+                return 0;
+            }
+            close_mdns_socket_pair(out);
+            errno = ipv6_errno;
+            return -1;
+        }
+    }
+    compact_link_contexts_for_mdns_transport(links);
+    if (links->count == 0) {
+        close_mdns_socket_pair(out);
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return 0;
+}
+
+static int acquire_dualstack_mdns_sockets(int shared_bind,
+                                          struct link_context_set *links,
+                                          struct mdns_socket_pair *out) {
+    static const unsigned int retry_delays_ms[TAKEOVER_RETRY_COUNT] = {0, 100, 200, 300, 400, 500};
+    size_t i;
+
+    for (i = 0; i < TAKEOVER_RETRY_COUNT; i++) {
+        kill_mdnsresponder(SIGTERM);
+        sleep_millis(retry_delays_ms[i]);
+        if (open_dualstack_mdns_sockets(shared_bind, links, 0, out) == 0) {
+            if (mdns_takeover_confirmed(shared_bind)) {
+                fprintf(stderr,
+                        shared_bind
+                            ? "mDNS dual-stack shared bind established after SIGTERM + %ums\n"
+                            : "mDNS dual-stack takeover established after SIGTERM + %ums\n",
+                        retry_delays_ms[i]);
+                return 0;
+            }
+            fprintf(stderr, "mDNS dual-stack sockets acquired after SIGTERM + %ums but Apple mDNSResponder is still alive; retrying\n",
+                    retry_delays_ms[i]);
+            close_mdns_socket_pair(out);
+        }
+    }
+
+    for (i = 0; i < TAKEOVER_RETRY_COUNT; i++) {
+        kill_mdnsresponder(SIGKILL);
+        sleep_millis(retry_delays_ms[i]);
+        if (open_dualstack_mdns_sockets(shared_bind, links, 0, out) == 0) {
+            if (mdns_takeover_confirmed(shared_bind)) {
+                fprintf(stderr,
+                        shared_bind
+                            ? "mDNS dual-stack shared bind established after SIGKILL + %ums\n"
+                            : "mDNS dual-stack takeover established after SIGKILL + %ums\n",
+                        retry_delays_ms[i]);
+                return 0;
+            }
+            fprintf(stderr, "mDNS dual-stack sockets acquired after SIGKILL + %ums but Apple mDNSResponder is still alive; retrying\n",
+                    retry_delays_ms[i]);
+            close_mdns_socket_pair(out);
+        }
+    }
+
+    if (!shared_bind && mdnsresponder_is_alive()) {
+        fprintf(stderr, "mDNS dual-stack takeover failed: Apple mDNSResponder is still alive after retry ladder\n");
+    } else {
+        fprintf(stderr, "mDNS dual-stack takeover failed: could not acquire required UDP %d sockets\n", MDNS_PORT);
+    }
+    errno = EADDRINUSE;
+    return -1;
+}
+
+static void format_dest_addr(const struct sockaddr_in *dest, char *buf, size_t buf_size) {
+    char ipbuf[INET_ADDRSTRLEN];
+
+    snprintf(buf, buf_size, "%s:%u",
+             ipv4_to_string(dest->sin_addr.s_addr, ipbuf, sizeof(ipbuf)),
+             (unsigned int)ntohs(dest->sin_port));
+}
+
+static void format_sockaddr_addr(const struct sockaddr *dest, char *buf, size_t buf_size) {
+    if (dest->sa_family == AF_INET6) {
+        const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)dest;
+        char ipbuf[INET6_ADDRSTRLEN];
+        const char *printed = inet_ntop(AF_INET6, &sin6->sin6_addr, ipbuf, sizeof(ipbuf));
+        if (printed == NULL) {
+            printed = "invalid";
+        }
+        snprintf(buf, buf_size, "[%s%%%u]:%u",
+                 printed,
+                 sin6->sin6_scope_id,
+                 (unsigned int)ntohs(sin6->sin6_port));
+        return;
+    }
+    format_dest_addr((const struct sockaddr_in *)dest, buf, buf_size);
+}
+
+static void log_packet_build_failure(const char *stage, const char *step, size_t packet_len, int answers,
+                                     int use_snapshot_records) {
+    fprintf(stderr,
+            "mdns packet build failure: stage=%s step=%s packet_len=%lu answers=%d records=%s\n",
+            stage,
+            step,
+            (unsigned long)packet_len,
+            answers,
+            use_snapshot_records ? "snapshot" : "generated");
+}
+
+static void log_snapshot_record_build_failure(const char *stage, const char *step, size_t record_index,
+                                              const struct service_record *record, size_t packet_len, int answers) {
+    fprintf(stderr,
+            "mdns snapshot build failure: stage=%s step=%s record_index=%lu type=%s instance=%s host=%s port=%u txt_count=%lu packet_len=%lu answers=%d\n",
+            stage,
+            step,
+            (unsigned long)record_index,
+            record->service_type,
+            record->instance_fqdn,
+            record->host_fqdn,
+            (unsigned int)record->port,
+            (unsigned long)record->txt_count,
+            (unsigned long)packet_len,
+            answers);
+}
+
+static void MDNS_UNUSED log_packet_send_failure_detail(const char *stage, const struct sockaddr_in *dest, size_t packet_len,
+                                                       int answers, int use_snapshot_records, int saved_errno) {
+    char destbuf[64];
+
+    format_dest_addr(dest, destbuf, sizeof(destbuf));
+    fprintf(stderr,
+            "mdns packet send failure: stage=%s dest=%s packet_len=%lu answers=%d records=%s errno=%d (%s)\n",
+            stage,
+            destbuf,
+            (unsigned long)packet_len,
+            answers,
+            use_snapshot_records ? "snapshot" : "generated",
+            saved_errno,
+            strerror(saved_errno));
+}
+
+static void log_packet_send_failure_detail_any(const char *stage, const struct sockaddr *dest, size_t packet_len,
+                                               int answers, int use_snapshot_records, int saved_errno) {
+    char destbuf[96];
+
+    format_sockaddr_addr(dest, destbuf, sizeof(destbuf));
+    fprintf(stderr,
+            "mdns packet send failure: stage=%s dest=%s packet_len=%lu answers=%d records=%s errno=%d (%s)\n",
+            stage,
+            destbuf,
+            (unsigned long)packet_len,
+            answers,
+            use_snapshot_records ? "snapshot" : "generated",
+            saved_errno,
+            strerror(saved_errno));
+}
+
+static int send_dns_packet_any(const char *stage, int sockfd, const uint8_t *buf, size_t packet_len,
+                               const struct sockaddr *dest, socklen_t dest_len,
+                               int answers, int use_snapshot_records) {
+    static int logged_success_announcement = 0;
+    static int logged_success_reply = 0;
+
+    ssize_t sent;
+    int saved_errno;
+
+    errno = 0;
+    sent = sendto_retry(sockfd, buf, packet_len, 0, dest, dest_len);
+    saved_errno = errno;
+    if (sent < 0) {
+        errno = saved_errno;
+        log_packet_send_failure_detail_any(stage, dest, packet_len, answers, use_snapshot_records, saved_errno);
+        return -1;
+    }
+
+    if (strcmp(stage, "query_response") == 0) {
+        if (!logged_success_reply) {
+            char destbuf[96];
+            format_sockaddr_addr(dest, destbuf, sizeof(destbuf));
+            fprintf(stderr,
+                    "mdns packet send success: stage=%s dest=%s packet_len=%lu answers=%d\n",
+                    stage, destbuf, (unsigned long)packet_len, answers);
+            logged_success_reply = 1;
+        }
+    } else if (!logged_success_announcement) {
+        char destbuf[96];
+        format_sockaddr_addr(dest, destbuf, sizeof(destbuf));
+        fprintf(stderr,
+                "mdns packet send success: stage=%s dest=%s packet_len=%lu answers=%d records=%s\n",
+                stage, destbuf, (unsigned long)packet_len, answers,
+                use_snapshot_records ? "snapshot" : "generated");
+        logged_success_announcement = 1;
+    }
+
+    return 0;
+}
+
+static int send_dns_packet(const char *stage, int sockfd, const uint8_t *buf, size_t packet_len,
+                           const struct sockaddr_in *dest, int answers, int use_snapshot_records) {
+    return send_dns_packet_any(stage,
+                               sockfd,
+                               buf,
+                               packet_len,
+                               (const struct sockaddr *)dest,
+                               sizeof(*dest),
+                               answers,
+                               use_snapshot_records);
+}
+
+static int add_adisk_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
+    char instance_fqdn[MAX_NAME];
+    char txt1[128];
+    char disk_txts[ADISK_MAX_DISKS][256];
+    const char *txts[ADISK_MAX_DISKS + 1];
+    size_t i;
+
+    if (!adisk_enabled(cfg)) {
+        return 0;
+    }
+
+    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->adisk_service_type) != 0) {
+        return -1;
+    }
+    if (build_adisk_system_txt(txt1, sizeof(txt1), cfg->adisk_sys_wama) != 0) {
+        return -1;
+    }
+    txts[0] = txt1;
+    for (i = 0; i < cfg->adisk_disks.count; i++) {
+        const struct adisk_disk *disk = &cfg->adisk_disks.disks[i];
+        if (build_adisk_disk_txt(disk_txts[i], sizeof(disk_txts[i]), disk->disk_key, disk->share_name, disk->uuid, disk->disk_advf) != 0) {
+            return -1;
+        }
+        txts[i + 1] = disk_txts[i];
+    }
+
+    if (add_rr_ptr(buf, off, cap, cfg->adisk_service_type, instance_fqdn, ttl) != 0 ||
+        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->adisk_port, ttl) != 0 ||
+        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, cfg->adisk_disks.count + 1) != 0) {
+        return -1;
+    }
+
+    *answers += 3;
+    return 0;
+}
+
+static int add_device_info_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
+    char instance_fqdn[MAX_NAME];
+    char model_txt[MAX_NAME + 16];
+    const char *txts[1];
+
+    if (cfg->device_model[0] == '\0') {
+        return 0;
+    }
+
+    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->device_info_service_type) != 0) {
+        return -1;
+    }
+    if (build_model_txt(model_txt, sizeof(model_txt), cfg->device_model) != 0) {
+        return -1;
+    }
+    txts[0] = model_txt;
+
+    if (add_rr_ptr(buf, off, cap, cfg->device_info_service_type, instance_fqdn, ttl) != 0 ||
+        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, 0, ttl) != 0 ||
+        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, 1) != 0) {
+        return -1;
+    }
+
+    *answers += 3;
+    return 0;
+}
+
+static int add_airport_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg, uint32_t ttl, int *answers) {
+    char instance_fqdn[MAX_NAME];
+    char airport_txt[256];
+    const char *txts[1];
+
+    if (!is_airport_enabled(cfg)) {
+        return 0;
+    }
+
+    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->airport_service_type) != 0) {
+        return -1;
+    }
+    if (build_airport_txt(airport_txt, sizeof(airport_txt), cfg) != 0) {
+        return -1;
+    }
+    txts[0] = airport_txt;
+
+    if (add_rr_ptr(buf, off, cap, cfg->airport_service_type, instance_fqdn, ttl) != 0 ||
+        add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->airport_port, ttl) != 0 ||
+        add_rr_txt_strings(buf, off, cap, instance_fqdn, ttl, txts, 1) != 0) {
+        return -1;
+    }
+
+    *answers += 3;
+    return 0;
+}
+
+static void init_announcement_packet(size_t *off, int *answers) {
+    *off = sizeof(struct dns_header);
+    *answers = 0;
+}
+
+static int MDNS_UNUSED finalize_and_send_announcement_packet(int sockfd, uint8_t *buf, size_t off, int answers,
+                                                             const struct sockaddr_in *dest, int use_snapshot_records) {
+    struct dns_header hdr;
+
+    if (answers <= 0) {
+        return 0;
+    }
+
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.flags = htons(DNS_FLAG_QR | DNS_FLAG_AA);
+    hdr.ancount = htons((uint16_t)answers);
+    memcpy(buf, &hdr, sizeof(hdr));
+    return send_dns_packet("announcement", sockfd, buf, off, dest, answers, use_snapshot_records);
+}
+
+static int finalize_and_send_announcement_packet_any(int sockfd,
+                                                     uint8_t *buf,
+                                                     size_t off,
+                                                     int answers,
+                                                     const struct sockaddr *dest,
+                                                     socklen_t dest_len,
+                                                     int use_snapshot_records) {
+    struct dns_header hdr;
+
+    if (answers <= 0) {
+        return 0;
+    }
+
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.flags = htons(DNS_FLAG_QR | DNS_FLAG_AA);
+    hdr.ancount = htons((uint16_t)answers);
+    memcpy(buf, &hdr, sizeof(hdr));
+    return send_dns_packet_any("announcement", sockfd, buf, off, dest, dest_len, answers, use_snapshot_records);
+}
+
+static int append_generated_base_records(uint8_t *buf, size_t *off, size_t cap, const struct config *cfg,
+                                         const struct link_context *response_link,
+                                         int include_a, int include_aaaa,
+                                         uint32_t ttl, int *answers) {
+    char instance_fqdn[MAX_NAME];
+
+    if (smb_enabled(cfg)) {
+        if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->service_type) != 0) {
+            return -1;
+        }
+        if (add_rr_ptr(buf, off, cap, cfg->service_type, instance_fqdn, ttl) != 0 ||
+            add_rr_srv(buf, off, cap, instance_fqdn, cfg->host_fqdn, cfg->port, ttl) != 0 ||
+            add_rr_txt_empty(buf, off, cap, instance_fqdn, ttl) != 0) {
+            return -1;
+        }
+        *answers += 3;
+    }
+    if (append_host_address_records(buf, off, cap, cfg->host_fqdn, response_link, include_a, include_aaaa, ttl, answers) != 0) {
+        return -1;
+    }
+    if (add_adisk_records(buf, off, cap, cfg, ttl, answers) != 0) {
+        return -1;
+    }
+    if (add_device_info_records(buf, off, cap, cfg, ttl, answers) != 0) {
+        return -1;
+    }
+    return 0;
+}
+
+struct announced_host_set {
+    const char *hosts[SNAPSHOT_MAX_RECORDS];
+    size_t count;
+};
+
+static int host_already_announced(const struct announced_host_set *set, const char *host_fqdn) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        if (name_equals(set->hosts[i], host_fqdn)) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static int remember_announced_host(struct announced_host_set *set, const char *host_fqdn) {
+    if (set->count >= SNAPSHOT_MAX_RECORDS) {
+        return -1;
+    }
+    set->hosts[set->count++] = host_fqdn;
+    return 0;
+}
+
+static int send_announcement_any(int sockfd,
+                                 const struct sockaddr *dest,
+                                 socklen_t dest_len,
+                                 const struct config *cfg,
+                                 const struct link_context *response_link,
+                                 uint32_t ttl,
+                                 const struct service_record_set *snapshot_records,
+                                 int use_snapshot_records) {
+    uint8_t buf[BUF_SIZE];
+    size_t off;
+    int answers;
+    size_t i;
+    struct announced_host_set announced_hosts;
+    static int logged_duplicate_host_suppression = 0;
+
+    memset(&announced_hosts, 0, sizeof(announced_hosts));
+    init_announcement_packet(&off, &answers);
+    if (append_generated_base_records(buf, &off, sizeof(buf), cfg, response_link, 1, 1, ttl, &answers) != 0) {
+        log_packet_build_failure("announcement", "add_core_records", off, answers, use_snapshot_records);
+        return -1;
+    }
+    if (use_snapshot_records) {
+        if (finalize_and_send_announcement_packet_any(sockfd, buf, off, answers, dest, dest_len, use_snapshot_records) != 0) {
+            return -1;
+        }
+        for (i = 0; i < snapshot_records->count; i++) {
+            int include_host_a;
+            size_t before_host_a_off;
+            int before_host_a_answers;
+
+            if (is_suppressed_snapshot_service_type(snapshot_records->records[i].service_type)) {
+                continue;
+            }
+            init_announcement_packet(&off, &answers);
+            if (add_service_record_answers(buf, &off, sizeof(buf), &snapshot_records->records[i], ttl, &answers) != 0) {
+                log_snapshot_record_build_failure("announcement", "add_service_record_answers", i,
+                                                  &snapshot_records->records[i], off, answers);
+                log_packet_build_failure("announcement", "add_service_record_answers", off, answers, use_snapshot_records);
+                return -1;
+            }
+            include_host_a = snapshot_records->records[i].host_fqdn[0] != '\0' &&
+                             !host_already_announced(&announced_hosts, snapshot_records->records[i].host_fqdn);
+            if (include_host_a) {
+                before_host_a_off = off;
+                before_host_a_answers = answers;
+                if (add_snapshot_host_address_records(buf, &off, sizeof(buf), &snapshot_records->records[i], response_link, 1, 1, ttl, &answers) != 0) {
+                    off = before_host_a_off;
+                    answers = before_host_a_answers;
+                    if (finalize_and_send_announcement_packet_any(sockfd, buf, off, answers, dest, dest_len, use_snapshot_records) != 0) {
+                        return -1;
+                    }
+                    init_announcement_packet(&off, &answers);
+                    if (add_snapshot_host_address_records(buf, &off, sizeof(buf), &snapshot_records->records[i], response_link, 1, 1, ttl, &answers) != 0) {
+                        log_snapshot_record_build_failure("announcement", "add_snapshot_host_a_record", i,
+                                                          &snapshot_records->records[i], off, answers);
+                        log_packet_build_failure("announcement", "add_snapshot_host_a_record", off, answers, use_snapshot_records);
+                        return -1;
+                    }
+                }
+                if (remember_announced_host(&announced_hosts, snapshot_records->records[i].host_fqdn) != 0) {
+                    log_packet_build_failure("announcement", "remember_announced_host", off, answers, use_snapshot_records);
+                    return -1;
+                }
+            } else if (snapshot_records->records[i].host_fqdn[0] != '\0' && !logged_duplicate_host_suppression) {
+                fprintf(stderr,
+                        "mdns snapshot host A suppression: host=%s service=%s instance=%s already announced earlier in this cycle\n",
+                        snapshot_records->records[i].host_fqdn,
+                        snapshot_records->records[i].service_type,
+                        snapshot_records->records[i].instance_fqdn);
+                logged_duplicate_host_suppression = 1;
+            }
+            if (finalize_and_send_announcement_packet_any(sockfd, buf, off, answers, dest, dest_len, use_snapshot_records) != 0) {
+                return -1;
+            }
+        }
+    } else {
+        size_t before_airport_off = off;
+        int before_airport_answers = answers;
+        if (add_airport_records(buf, &off, sizeof(buf), cfg, ttl, &answers) != 0) {
+            off = before_airport_off;
+            answers = before_airport_answers;
+            if (finalize_and_send_announcement_packet_any(sockfd, buf, off, answers, dest, dest_len, use_snapshot_records) != 0) {
+                return -1;
+            }
+            init_announcement_packet(&off, &answers);
+            if (add_airport_records(buf, &off, sizeof(buf), cfg, ttl, &answers) != 0) {
+                log_packet_build_failure("announcement", "add_airport_records", off, answers, use_snapshot_records);
+                return -1;
+            }
+        }
+        if (finalize_and_send_announcement_packet_any(sockfd, buf, off, answers, dest, dest_len, use_snapshot_records) != 0) {
+            return -1;
+        }
+    }
+    return 0;
+}
+
+static int send_announcement(int sockfd, const struct sockaddr_in *dest, const struct config *cfg,
+                             const struct link_context *response_link, uint32_t ttl,
+                             const struct service_record_set *snapshot_records, int use_snapshot_records) {
+    return send_announcement_any(sockfd,
+                                 (const struct sockaddr *)dest,
+                                 sizeof(*dest),
+                                 cfg,
+                                 response_link,
+                                 ttl,
+                                 snapshot_records,
+                                 use_snapshot_records);
+}
+
+static int known_answer_ttl_is_fresh(uint32_t known_ttl, uint32_t advertised_ttl) {
+    return known_ttl > advertised_ttl / 2;
+}
+
+static int planned_rr_rdata_equals(const struct planned_rr *rr, const uint8_t *rdata, uint16_t rdlength) {
+    return rr->rdlength == rdlength && memcmp(rr->rdata, rdata, rdlength) == 0;
+}
+
+static int planned_rr_add_raw(struct planned_rr_set *set,
+                              int routes,
+                              const char *owner,
+                              uint16_t type,
+                              uint16_t rrclass,
+                              uint32_t ttl,
+                              const uint8_t *rdata,
+                              uint16_t rdlength) {
+    size_t i;
+
+    if (routes == 0 || owner == NULL || owner[0] == '\0') {
+        return 0;
+    }
+    if (rdlength > PLANNED_RDATA_MAX) {
+        set->truncated = 1;
+        return -1;
+    }
+    for (i = 0; i < set->count; i++) {
+        if (set->records[i].type == type &&
+            set->records[i].rrclass == rrclass &&
+            name_equals(set->records[i].owner, owner) &&
+            planned_rr_rdata_equals(&set->records[i], rdata, rdlength)) {
+            set->records[i].routes |= routes;
+            return 0;
+        }
+    }
+    if (set->count >= PLANNED_RR_MAX) {
+        set->truncated = 1;
+        return -1;
+    }
+    strncpy(set->records[set->count].owner, owner, sizeof(set->records[set->count].owner) - 1);
+    set->records[set->count].owner[sizeof(set->records[set->count].owner) - 1] = '\0';
+    set->records[set->count].type = type;
+    set->records[set->count].rrclass = rrclass;
+    set->records[set->count].ttl = ttl;
+    memcpy(set->records[set->count].rdata, rdata, rdlength);
+    set->records[set->count].rdlength = rdlength;
+    set->records[set->count].routes = routes;
+    set->count++;
+    return 0;
+}
+
+static int planned_rr_add_name(struct planned_rr_set *set,
+                               int routes,
+                               const char *owner,
+                               uint16_t type,
+                               uint16_t rrclass,
+                               uint32_t ttl,
+                               const char *target) {
+    uint8_t rdata[PLANNED_RDATA_MAX];
+    size_t off = 0;
+
+    if (encode_name(rdata, &off, sizeof(rdata), target) != 0) {
+        return -1;
+    }
+    return planned_rr_add_raw(set, routes, owner, type, rrclass, ttl, rdata, (uint16_t)off);
+}
+
+static int planned_rr_add_srv(struct planned_rr_set *set,
+                              int routes,
+                              const char *owner,
+                              const char *target,
+                              uint16_t port,
+                              uint32_t ttl) {
+    uint8_t rdata[PLANNED_RDATA_MAX];
+    size_t off = 0;
+
+    if (append_u16(rdata, &off, sizeof(rdata), 0) != 0 ||
+        append_u16(rdata, &off, sizeof(rdata), 0) != 0 ||
+        append_u16(rdata, &off, sizeof(rdata), port) != 0 ||
+        encode_name(rdata, &off, sizeof(rdata), target) != 0) {
+        return -1;
+    }
+    return planned_rr_add_raw(set, routes, owner, DNS_TYPE_SRV, DNS_CLASS_IN_UNIQUE, ttl, rdata, (uint16_t)off);
+}
+
+static int planned_rr_add_txt_items(struct planned_rr_set *set,
+                                    int routes,
+                                    const char *owner,
+                                    const char **strings,
+                                    const uint8_t *lengths,
+                                    size_t string_count,
+                                    uint32_t ttl) {
+    uint8_t rdata[PLANNED_RDATA_MAX];
+    size_t off = 0;
+    size_t i;
+
+    if (string_count == 0) {
+        uint8_t zero = 0;
+        return planned_rr_add_raw(set, routes, owner, DNS_TYPE_TXT, DNS_CLASS_IN_UNIQUE, ttl, &zero, 1);
+    }
+    for (i = 0; i < string_count; i++) {
+        size_t slen = lengths != NULL ? lengths[i] : strlen(strings[i]);
+        uint8_t len;
+        if (slen > 255) {
+            return -1;
+        }
+        len = (uint8_t)slen;
+        if (append_bytes(rdata, &off, sizeof(rdata), &len, 1) != 0 ||
+            append_bytes(rdata, &off, sizeof(rdata), strings[i], slen) != 0) {
+            return -1;
+        }
+    }
+    return planned_rr_add_raw(set, routes, owner, DNS_TYPE_TXT, DNS_CLASS_IN_UNIQUE, ttl, rdata, (uint16_t)off);
+}
+
+static int planned_rr_add_txt_empty(struct planned_rr_set *set, int routes, const char *owner, uint32_t ttl) {
+    return planned_rr_add_txt_items(set, routes, owner, NULL, NULL, 0, ttl);
+}
+
+static int planned_rr_add_a(struct planned_rr_set *set, int routes, const char *owner, uint32_t ipv4_addr, uint32_t ttl) {
+    return planned_rr_add_raw(set, routes, owner, DNS_TYPE_A, DNS_CLASS_IN_UNIQUE, ttl,
+                              (const uint8_t *)&ipv4_addr, 4);
+}
+
+static int planned_rr_add_aaaa(struct planned_rr_set *set,
+                               int routes,
+                               const char *owner,
+                               const struct in6_addr *ipv6_addr,
+                               uint32_t ttl) {
+    return planned_rr_add_raw(set, routes, owner, DNS_TYPE_AAAA, DNS_CLASS_IN_UNIQUE, ttl,
+                              ipv6_addr->s6_addr, 16);
+}
+
+static int planned_rr_add_link_addresses(struct planned_rr_set *set,
+                                         int routes,
+                                         const char *owner,
+                                         const struct link_context *link,
+                                         int include_a,
+                                         int include_aaaa,
+                                         uint32_t ttl) {
+    size_t i;
+
+    if (owner == NULL || owner[0] == '\0' || link == NULL) {
+        return 0;
+    }
+    if (include_a) {
+        for (i = 0; i < link->ipv4_count; i++) {
+            if (planned_rr_add_a(set, routes, owner, link->ipv4[i].addr, ttl) != 0) {
+                return -1;
+            }
+        }
+    }
+    if (include_aaaa) {
+        for (i = 0; i < link->ipv6_count; i++) {
+            if (!link_ipv6_addr_is_samba_bindable(&link->ipv6[i])) {
+                continue;
+            }
+            if (planned_rr_add_aaaa(set, routes, owner, &link->ipv6[i].addr, ttl) != 0) {
+                return -1;
+            }
+        }
+    }
+    return 0;
+}
+
+static int plan_smb_records(struct planned_rr_set *set,
+                            int routes,
+                            const struct config *cfg,
+                            const char *instance_fqdn,
+                            const struct link_context *link,
+                            int include_ptr,
+                            int include_srv,
+                            int include_txt,
+                            int include_a,
+                            int include_aaaa) {
+    if (!smb_enabled(cfg)) {
+        return 0;
+    }
+    if (include_ptr &&
+        planned_rr_add_name(set, routes, cfg->service_type, DNS_TYPE_PTR, DNS_CLASS_IN, cfg->ttl, instance_fqdn) != 0) {
+        return -1;
+    }
+    if (include_srv && planned_rr_add_srv(set, routes, instance_fqdn, cfg->host_fqdn, cfg->port, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (include_txt && planned_rr_add_txt_empty(set, routes, instance_fqdn, cfg->ttl) != 0) {
+        return -1;
+    }
+    return planned_rr_add_link_addresses(set, routes, cfg->host_fqdn, link, include_a, include_aaaa, cfg->ttl);
+}
+
+static int plan_adisk_records(struct planned_rr_set *set,
+                              int routes,
+                              const struct config *cfg,
+                              const char *instance_fqdn,
+                              const struct link_context *link,
+                              int include_ptr,
+                              int include_srv,
+                              int include_txt,
+                              int include_a,
+                              int include_aaaa) {
+    char txt1[128];
+    char disk_txts[ADISK_MAX_DISKS][256];
+    const char *txts[ADISK_MAX_DISKS + 1];
+    size_t i;
+
+    if (!adisk_enabled(cfg)) {
+        return 0;
+    }
+    if (include_ptr &&
+        planned_rr_add_name(set, routes, cfg->adisk_service_type, DNS_TYPE_PTR, DNS_CLASS_IN, cfg->ttl, instance_fqdn) != 0) {
+        return -1;
+    }
+    if (include_srv && planned_rr_add_srv(set, routes, instance_fqdn, cfg->host_fqdn, cfg->adisk_port, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (include_txt) {
+        if (build_adisk_system_txt(txt1, sizeof(txt1), cfg->adisk_sys_wama) != 0) {
+            return -1;
+        }
+        txts[0] = txt1;
+        for (i = 0; i < cfg->adisk_disks.count; i++) {
+            const struct adisk_disk *disk = &cfg->adisk_disks.disks[i];
+            if (build_adisk_disk_txt(disk_txts[i], sizeof(disk_txts[i]), disk->disk_key, disk->share_name, disk->uuid, disk->disk_advf) != 0) {
+                return -1;
+            }
+            txts[i + 1] = disk_txts[i];
+        }
+        if (planned_rr_add_txt_items(set, routes, instance_fqdn, txts, NULL, cfg->adisk_disks.count + 1, cfg->ttl) != 0) {
+            return -1;
+        }
+    }
+    return planned_rr_add_link_addresses(set, routes, cfg->host_fqdn, link, include_a, include_aaaa, cfg->ttl);
+}
+
+static int plan_device_info_records(struct planned_rr_set *set,
+                                    int routes,
+                                    const struct config *cfg,
+                                    const char *instance_fqdn,
+                                    const struct link_context *link,
+                                    int include_ptr,
+                                    int include_srv,
+                                    int include_txt,
+                                    int include_a,
+                                    int include_aaaa) {
+    char model_txt[MAX_NAME + 16];
+    const char *txts[1];
+
+    if (cfg->device_model[0] == '\0') {
+        return 0;
+    }
+    if (include_ptr &&
+        planned_rr_add_name(set, routes, cfg->device_info_service_type, DNS_TYPE_PTR, DNS_CLASS_IN, cfg->ttl, instance_fqdn) != 0) {
+        return -1;
+    }
+    if (include_srv && planned_rr_add_srv(set, routes, instance_fqdn, cfg->host_fqdn, 0, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (include_txt) {
+        if (build_model_txt(model_txt, sizeof(model_txt), cfg->device_model) != 0) {
+            return -1;
+        }
+        txts[0] = model_txt;
+        if (planned_rr_add_txt_items(set, routes, instance_fqdn, txts, NULL, 1, cfg->ttl) != 0) {
+            return -1;
+        }
+    }
+    return planned_rr_add_link_addresses(set, routes, cfg->host_fqdn, link, include_a, include_aaaa, cfg->ttl);
+}
+
+static int plan_airport_records(struct planned_rr_set *set,
+                                int routes,
+                                const struct config *cfg,
+                                const char *instance_fqdn,
+                                const struct link_context *link,
+                                int include_ptr,
+                                int include_srv,
+                                int include_txt,
+                                int include_a,
+                                int include_aaaa) {
+    char airport_txt[256];
+    const char *txts[1];
+
+    if (!is_airport_enabled(cfg)) {
+        return 0;
+    }
+    if (include_ptr &&
+        planned_rr_add_name(set, routes, cfg->airport_service_type, DNS_TYPE_PTR, DNS_CLASS_IN, cfg->ttl, instance_fqdn) != 0) {
+        return -1;
+    }
+    if (include_srv && planned_rr_add_srv(set, routes, instance_fqdn, cfg->host_fqdn, cfg->airport_port, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (include_txt) {
+        if (build_airport_txt(airport_txt, sizeof(airport_txt), cfg) != 0) {
+            return -1;
+        }
+        txts[0] = airport_txt;
+        if (planned_rr_add_txt_items(set, routes, instance_fqdn, txts, NULL, 1, cfg->ttl) != 0) {
+            return -1;
+        }
+    }
+    return planned_rr_add_link_addresses(set, routes, cfg->host_fqdn, link, include_a, include_aaaa, cfg->ttl);
+}
+
+static int plan_snapshot_record(struct planned_rr_set *set,
+                                int routes,
+                                const struct service_record *record,
+                                const struct link_context *link,
+                                int include_ptr,
+                                int include_srv,
+                                int include_txt,
+                                int include_a,
+                                int include_aaaa,
+                                uint32_t ttl) {
+    const char *txts[SNAPSHOT_MAX_TXT_ITEMS];
+    uint8_t txt_lengths[SNAPSHOT_MAX_TXT_ITEMS];
+    size_t i;
+
+    if (is_suppressed_snapshot_service_type(record->service_type)) {
+        return 0;
+    }
+    if (include_ptr &&
+        planned_rr_add_name(set, routes, record->service_type, DNS_TYPE_PTR, DNS_CLASS_IN, ttl, record->instance_fqdn) != 0) {
+        return -1;
+    }
+    if (include_srv && planned_rr_add_srv(set, routes, record->instance_fqdn, record->host_fqdn, record->port, ttl) != 0) {
+        return -1;
+    }
+    if (include_txt) {
+        for (i = 0; i < record->txt_count; i++) {
+            txts[i] = record->txt[i];
+            txt_lengths[i] = record->txt_len[i];
+        }
+        if (planned_rr_add_txt_items(set, routes, record->instance_fqdn, txts, txt_lengths, record->txt_count, ttl) != 0) {
+            return -1;
+        }
+    }
+    return planned_rr_add_link_addresses(set, routes, record->host_fqdn, link, include_a, include_aaaa, ttl);
+}
+
+static int plan_service_type_enumeration_type(struct planned_rr_set *set,
+                                              int routes,
+                                              const char *service_type,
+                                              uint32_t ttl) {
+    if (service_type == NULL || service_type[0] == '\0') {
+        return 0;
     }
-    strncpy(announced_hosts[*announced_count], host_fqdn, MAX_NAME - 1);
-    announced_hosts[*announced_count][MAX_NAME - 1] = '\0';
-    (*announced_count)++;
-    return 0;
+    return planned_rr_add_name(set,
+                               routes,
+                               DNS_SD_SERVICE_ENUMERATION_NAME,
+                               DNS_TYPE_PTR,
+                               DNS_CLASS_IN,
+                               ttl,
+                               service_type);
 }
 
-static int send_announcement(int sockfd, const struct sockaddr_in *dest, const struct config *cfg,
-                             uint32_t response_ipv4_addr, uint32_t ttl,
-                             const struct service_record_set *snapshot_records, int use_snapshot_records) {
-    uint8_t buf[BUF_SIZE];
-    size_t off;
-    int answers;
+static int plan_service_type_enumeration_records(struct planned_rr_set *set,
+                                                 int routes,
+                                                 const struct config *cfg,
+                                                 const struct service_record_set *snapshot_records,
+                                                 int use_snapshot_records) {
     size_t i;
-    char announced_hosts[SNAPSHOT_MAX_RECORDS][MAX_NAME];
-    size_t announced_host_count = 0;
-    static int logged_duplicate_host_suppression = 0;
 
-    init_announcement_packet(&off, &answers);
-    if (append_generated_base_records(buf, &off, sizeof(buf), cfg, response_ipv4_addr, ttl, &answers) != 0) {
-        log_packet_build_failure("announcement", "add_core_records", off, answers, use_snapshot_records);
+    if (smb_enabled(cfg) &&
+        plan_service_type_enumeration_type(set, routes, cfg->service_type, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (adisk_enabled(cfg) &&
+        plan_service_type_enumeration_type(set, routes, cfg->adisk_service_type, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (cfg->device_model[0] != '\0' &&
+        plan_service_type_enumeration_type(set, routes, cfg->device_info_service_type, cfg->ttl) != 0) {
+        return -1;
+    }
+    if (!use_snapshot_records && is_airport_enabled(cfg) &&
+        plan_service_type_enumeration_type(set, routes, cfg->airport_service_type, cfg->ttl) != 0) {
         return -1;
     }
     if (use_snapshot_records) {
-        if (finalize_and_send_announcement_packet(sockfd, buf, off, answers, dest, use_snapshot_records) != 0) {
-            return -1;
-        }
         for (i = 0; i < snapshot_records->count; i++) {
-            int include_host_a;
-            size_t before_host_a_off;
-            int before_host_a_answers;
-
             if (is_suppressed_snapshot_service_type(snapshot_records->records[i].service_type)) {
                 continue;
             }
-            init_announcement_packet(&off, &answers);
-            if (add_service_record_answers(buf, &off, sizeof(buf), &snapshot_records->records[i], ttl, &answers) != 0) {
-                log_snapshot_record_build_failure("announcement", "add_service_record_answers", i,
-                                                  &snapshot_records->records[i], off, answers);
-                log_packet_build_failure("announcement", "add_service_record_answers", off, answers, use_snapshot_records);
-                return -1;
-            }
-            include_host_a = snapshot_records->records[i].host_fqdn[0] != '\0' &&
-                             !host_already_announced(announced_hosts, announced_host_count,
-                                                     snapshot_records->records[i].host_fqdn);
-            if (include_host_a) {
-                before_host_a_off = off;
-                before_host_a_answers = answers;
-                if (add_snapshot_host_a_record(buf, &off, sizeof(buf), &snapshot_records->records[i], response_ipv4_addr, ttl, &answers) != 0) {
-                    off = before_host_a_off;
-                    answers = before_host_a_answers;
-                    if (finalize_and_send_announcement_packet(sockfd, buf, off, answers, dest, use_snapshot_records) != 0) {
-                        return -1;
-                    }
-                    init_announcement_packet(&off, &answers);
-                    if (add_snapshot_host_a_record(buf, &off, sizeof(buf), &snapshot_records->records[i], response_ipv4_addr, ttl, &answers) != 0) {
-                        log_snapshot_record_build_failure("announcement", "add_snapshot_host_a_record", i,
-                                                          &snapshot_records->records[i], off, answers);
-                        log_packet_build_failure("announcement", "add_snapshot_host_a_record", off, answers, use_snapshot_records);
-                        return -1;
-                    }
-                }
-                if (remember_announced_host(announced_hosts, &announced_host_count,
-                                            snapshot_records->records[i].host_fqdn) != 0) {
-                    log_packet_build_failure("announcement", "remember_announced_host", off, answers, use_snapshot_records);
-                    return -1;
-                }
-            } else if (snapshot_records->records[i].host_fqdn[0] != '\0' && !logged_duplicate_host_suppression) {
-                fprintf(stderr,
-                        "mdns snapshot host A suppression: host=%s service=%s instance=%s already announced earlier in this cycle\n",
-                        snapshot_records->records[i].host_fqdn,
-                        snapshot_records->records[i].service_type,
-                        snapshot_records->records[i].instance_fqdn);
-                logged_duplicate_host_suppression = 1;
-            }
-            if (finalize_and_send_announcement_packet(sockfd, buf, off, answers, dest, use_snapshot_records) != 0) {
+            if (plan_service_type_enumeration_type(set,
+                                                   routes,
+                                                   snapshot_records->records[i].service_type,
+                                                   cfg->ttl) != 0) {
                 return -1;
             }
         }
-    } else {
-        size_t before_airport_off = off;
-        int before_airport_answers = answers;
-        if (add_airport_records(buf, &off, sizeof(buf), cfg, ttl, &answers) != 0) {
-            off = before_airport_off;
-            answers = before_airport_answers;
-            if (finalize_and_send_announcement_packet(sockfd, buf, off, answers, dest, use_snapshot_records) != 0) {
-                return -1;
-            }
-            init_announcement_packet(&off, &answers);
-            if (add_airport_records(buf, &off, sizeof(buf), cfg, ttl, &answers) != 0) {
-                log_packet_build_failure("announcement", "add_airport_records", off, answers, use_snapshot_records);
-                return -1;
-            }
+    }
+    return 0;
+}
+
+static int planned_set_has_route(const struct planned_rr_set *set, int route) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        if ((set->records[i].routes & route) != 0) {
+            return 1;
         }
-        if (finalize_and_send_announcement_packet(sockfd, buf, off, answers, dest, use_snapshot_records) != 0) {
-            return -1;
+    }
+    return 0;
+}
+
+static int planned_set_has_any_route(const struct planned_rr_set *set) {
+    size_t i;
+
+    for (i = 0; i < set->count; i++) {
+        if (set->records[i].routes != 0) {
+            return 1;
         }
     }
     return 0;
 }
 
-static int query_routes_have_destination(const struct query_answer_routes *routes,
-                                         const struct service_record_set *snapshot_records,
-                                         int use_snapshot_records,
-                                         int route) {
-    size_t j;
+static int planned_rr_matches_known_answer(const struct planned_rr *rr,
+                                           const char *owner,
+                                           uint16_t type,
+                                           uint16_t rrclass,
+                                           const uint8_t *packet,
+                                           size_t packet_len,
+                                           size_t rdata_cursor,
+                                           uint16_t rdlength) {
+    if (rr->type != type ||
+        (rr->rrclass & 0x7FFF) != (rrclass & 0x7FFF) ||
+        !name_equals(rr->owner, owner)) {
+        return 0;
+    }
+    if (type == DNS_TYPE_PTR) {
+        char known_name[MAX_NAME];
+        char planned_name[MAX_NAME];
+        size_t rdata_end = rdata_cursor + rdlength;
+        size_t planned_cursor = 0;
+        if (decode_name(packet, packet_len, &rdata_cursor, known_name, sizeof(known_name)) != 0 ||
+            decode_name(rr->rdata, rr->rdlength, &planned_cursor, planned_name, sizeof(planned_name)) != 0) {
+            return 0;
+        }
+        if (rdata_cursor != rdata_end || planned_cursor != rr->rdlength) {
+            return 0;
+        }
+        return name_equals(known_name, planned_name);
+    }
+    if (type == DNS_TYPE_SRV) {
+        char known_target[MAX_NAME];
+        char planned_target[MAX_NAME];
+        size_t rdata_end = rdata_cursor + rdlength;
+        size_t known_cursor = rdata_cursor + 6;
+        size_t planned_cursor = 6;
+        if (rdlength < 6 || rr->rdlength < 6 || rdata_cursor + rdlength > packet_len ||
+            memcmp(packet + rdata_cursor, rr->rdata, 6) != 0 ||
+            decode_name(packet, packet_len, &known_cursor, known_target, sizeof(known_target)) != 0 ||
+            decode_name(rr->rdata, rr->rdlength, &planned_cursor, planned_target, sizeof(planned_target)) != 0) {
+            return 0;
+        }
+        if (known_cursor != rdata_end || planned_cursor != rr->rdlength) {
+            return 0;
+        }
+        return name_equals(known_target, planned_target);
+    }
+    if (rdata_cursor + rdlength > packet_len) {
+        return 0;
+    }
+    if (rr->rdlength != rdlength) {
+        return 0;
+    }
+    return memcmp(packet + rdata_cursor, rr->rdata, rdlength) == 0;
+}
 
-    if ((routes->smb_ptr | routes->smb_srv | routes->smb_txt | routes->host_a |
-         routes->adisk_ptr | routes->adisk_srv | routes->adisk_txt |
-         routes->device_info_ptr | routes->device_info_srv | routes->device_info_txt |
-         routes->airport_ptr | routes->airport_srv | routes->airport_txt) & route) {
-        return 1;
+static void suppress_planned_known_answers(const uint8_t *packet,
+                                           size_t packet_len,
+                                           size_t cursor,
+                                           uint16_t answer_count,
+                                           struct planned_rr_set *planned) {
+    uint16_t i;
+
+    for (i = 0; i < answer_count; i++) {
+        char owner[MAX_NAME];
+        uint16_t type;
+        uint16_t rrclass;
+        uint32_t ttl;
+        uint16_t rdlength;
+        size_t rdata_cursor;
+        size_t j;
+
+        if (decode_name(packet, packet_len, &cursor, owner, sizeof(owner)) != 0 || cursor + 10 > packet_len) {
+            return;
+        }
+        memcpy(&type, packet + cursor, 2);
+        memcpy(&rrclass, packet + cursor + 2, 2);
+        memcpy(&ttl, packet + cursor + 4, 4);
+        memcpy(&rdlength, packet + cursor + 8, 2);
+        cursor += 10;
+        type = ntohs(type);
+        rrclass = ntohs(rrclass);
+        ttl = ntohl(ttl);
+        rdlength = ntohs(rdlength);
+        if (cursor + rdlength > packet_len) {
+            return;
+        }
+        rdata_cursor = cursor;
+        cursor += rdlength;
+        if ((rrclass & 0x7FFF) != DNS_CLASS_IN) {
+            continue;
+        }
+        for (j = 0; j < planned->count; j++) {
+            if (planned->records[j].routes == 0 ||
+                !known_answer_ttl_is_fresh(ttl, planned->records[j].ttl)) {
+                continue;
+            }
+            if (planned_rr_matches_known_answer(&planned->records[j],
+                                                owner,
+                                                type,
+                                                rrclass,
+                                                packet,
+                                                packet_len,
+                                                rdata_cursor,
+                                                rdlength)) {
+                planned->records[j].routes = 0;
+            }
+        }
+    }
+}
+
+static uint16_t sockaddr_port_host(const struct sockaddr *addr) {
+    if (addr == NULL) {
+        return 0;
+    }
+    if (addr->sa_family == AF_INET) {
+        const struct sockaddr_in *sin = (const struct sockaddr_in *)addr;
+        return ntohs(sin->sin_port);
     }
-    if (!use_snapshot_records) {
+    if (addr->sa_family == AF_INET6) {
+        const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)addr;
+        return ntohs(sin6->sin6_port);
+    }
+    return 0;
+}
+
+static int source_can_receive_unicast_response(const struct sockaddr *source,
+                                               const struct link_context *response_link) {
+    if (source == NULL || response_link == NULL) {
         return 0;
     }
-    for (j = 0; j < snapshot_records->count; j++) {
-        if ((routes->snapshot_ptr[j] | routes->snapshot_srv[j] |
-             routes->snapshot_txt[j] | routes->snapshot_a[j]) & route) {
+    if (source->sa_family == AF_INET) {
+        const struct sockaddr_in *sin = (const struct sockaddr_in *)source;
+        return source_matches_link_ipv4_subnet(sin->sin_addr.s_addr, response_link);
+    }
+    if (source->sa_family == AF_INET6) {
+        const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)source;
+        size_t i;
+
+        if (sin6->sin6_scope_id != 0 && sin6->sin6_scope_id == response_link->ifindex) {
             return 1;
         }
+        for (i = 0; i < response_link->ipv6_count; i++) {
+            if (response_link->ipv6[i].link_local) {
+                continue;
+            }
+            if (ipv6_prefix_matches(&sin6->sin6_addr,
+                                    &response_link->ipv6[i].addr,
+                                    response_link->ipv6[i].prefix_len)) {
+                return 1;
+            }
+        }
+    }
+    return 0;
+}
+
+static int plan_question_answers(struct planned_rr_set *planned,
+                                 int route,
+                                 const char *qname,
+                                 uint16_t qtype,
+                                 const struct config *cfg,
+                                 const struct link_context *response_link,
+                                 const struct service_record_set *snapshot_records,
+                                 int use_snapshot_records,
+                                 const char *instance_fqdn,
+                                 const char *adisk_instance_fqdn,
+                                 const char *device_info_instance_fqdn,
+                                 const char *airport_instance_fqdn) {
+    if (name_equals(qname, DNS_SD_SERVICE_ENUMERATION_NAME) &&
+        (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+        return plan_service_type_enumeration_records(planned,
+                                                     route,
+                                                     cfg,
+                                                     snapshot_records,
+                                                     use_snapshot_records);
+    }
+    if (smb_enabled(cfg) && name_equals(qname, cfg->service_type) &&
+        (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+        return plan_smb_records(planned, route, cfg, instance_fqdn, response_link, 1, 1, 1, 1, 1);
+    }
+    if (adisk_enabled(cfg) && name_equals(qname, cfg->adisk_service_type) &&
+        (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+        return plan_adisk_records(planned, route, cfg, adisk_instance_fqdn, response_link, 1, 1, 1, 1, 1);
+    }
+    if (cfg->device_model[0] != '\0' && name_equals(qname, cfg->device_info_service_type) &&
+        (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+        return plan_device_info_records(planned, route, cfg, device_info_instance_fqdn, response_link, 1, 1, 1, 1, 1);
+    }
+    if (!use_snapshot_records && is_airport_enabled(cfg) && name_equals(qname, cfg->airport_service_type) &&
+        (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+        return plan_airport_records(planned, route, cfg, airport_instance_fqdn, response_link, 1, 1, 1, 1, 1);
+    }
+    if (smb_enabled(cfg) && name_equals(qname, instance_fqdn)) {
+        return plan_smb_records(planned, route, cfg, instance_fqdn, response_link,
+                                0,
+                                qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY,
+                                qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY);
+    }
+    if (adisk_enabled(cfg) && name_equals(qname, adisk_instance_fqdn)) {
+        return plan_adisk_records(planned, route, cfg, adisk_instance_fqdn, response_link,
+                                  0,
+                                  qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                  qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY,
+                                  qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                  qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY);
+    }
+    if (cfg->device_model[0] != '\0' && name_equals(qname, device_info_instance_fqdn)) {
+        return plan_device_info_records(planned, route, cfg, device_info_instance_fqdn, response_link,
+                                        0,
+                                        qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                        qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY,
+                                        qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                        qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY);
+    }
+    if (!use_snapshot_records && is_airport_enabled(cfg) && name_equals(qname, airport_instance_fqdn)) {
+        return plan_airport_records(planned, route, cfg, airport_instance_fqdn, response_link,
+                                    0,
+                                    qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                    qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY,
+                                    qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                    qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY);
+    }
+    if (name_equals(qname, cfg->host_fqdn)) {
+        return planned_rr_add_link_addresses(planned,
+                                             route,
+                                             cfg->host_fqdn,
+                                             response_link,
+                                             qtype == DNS_TYPE_A || qtype == DNS_TYPE_ANY,
+                                             qtype == DNS_TYPE_AAAA || qtype == DNS_TYPE_ANY,
+                                             cfg->ttl);
+    }
+    if (use_snapshot_records) {
+        size_t j;
+        for (j = 0; j < snapshot_records->count; j++) {
+            const struct service_record *record = &snapshot_records->records[j];
+            if (is_suppressed_snapshot_service_type(record->service_type)) {
+                continue;
+            }
+            if (name_equals(qname, record->service_type) && (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
+                if (plan_snapshot_record(planned, route, record, response_link, 1, 1, 1, 1, 1, cfg->ttl) != 0) {
+                    return -1;
+                }
+            } else if (name_equals(qname, record->instance_fqdn)) {
+                if (plan_snapshot_record(planned,
+                                         route,
+                                         record,
+                                         response_link,
+                                         0,
+                                         qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                         qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY,
+                                         qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                         qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY,
+                                         cfg->ttl) != 0) {
+                    return -1;
+                }
+            } else if (name_equals(qname, record->host_fqdn)) {
+                if (planned_rr_add_link_addresses(planned,
+                                                  route,
+                                                  record->host_fqdn,
+                                                  response_link,
+                                                  qtype == DNS_TYPE_A || qtype == DNS_TYPE_ANY,
+                                                  qtype == DNS_TYPE_AAAA || qtype == DNS_TYPE_ANY,
+                                                  cfg->ttl) != 0) {
+                    return -1;
+                }
+            }
+        }
     }
     return 0;
 }
 
-static int build_query_response_packet(uint8_t *reply, size_t reply_cap, size_t *reply_len, int *answer_count,
-                                       uint16_t response_id, int route,
-                                       const struct query_answer_routes *routes,
-                                       const char *instance_fqdn,
-                                       const char *adisk_instance_fqdn,
-                                       const char *device_info_instance_fqdn,
-                                       const char *airport_instance_fqdn,
-                                       const struct config *cfg,
-                                       uint32_t response_ipv4_addr,
-                                       const struct service_record_set *snapshot_records,
-                                       int use_snapshot_records) {
+static int add_planned_rr_to_packet(uint8_t *reply,
+                                    size_t *off,
+                                    size_t reply_cap,
+                                    const struct planned_rr *rr,
+                                    int legacy_unicast) {
+    uint16_t rrclass = rr->rrclass;
+    uint32_t ttl = rr->ttl;
+
+    if (legacy_unicast) {
+        rrclass = (uint16_t)(rrclass & 0x7FFF);
+        if (ttl > LEGACY_UNICAST_TTL_MAX) {
+            ttl = LEGACY_UNICAST_TTL_MAX;
+        }
+    }
+    return encode_name(reply, off, reply_cap, rr->owner) != 0 ||
+           append_u16(reply, off, reply_cap, rr->type) != 0 ||
+           append_u16(reply, off, reply_cap, rrclass) != 0 ||
+           append_u32(reply, off, reply_cap, ttl) != 0 ||
+           append_u16(reply, off, reply_cap, rr->rdlength) != 0 ||
+           append_bytes(reply, off, reply_cap, rr->rdata, rr->rdlength) != 0
+               ? -1
+               : 0;
+}
+
+static int build_planned_response_packet(uint8_t *reply,
+                                         size_t reply_cap,
+                                         size_t *reply_len,
+                                         int *answer_count,
+                                         uint16_t response_id,
+                                         int route,
+                                         int legacy_unicast,
+                                         const struct response_question_section *questions,
+                                         const struct planned_rr_set *planned) {
     struct dns_header hdr;
     size_t off = sizeof(struct dns_header);
     int answers = 0;
+    size_t i;
 
     memset(&hdr, 0, sizeof(hdr));
     hdr.id = response_id;
     hdr.flags = htons(DNS_FLAG_QR | DNS_FLAG_AA);
-
-    if (routes->smb_ptr & route) {
-        if (add_rr_ptr(reply, &off, reply_cap, cfg->service_type, instance_fqdn, cfg->ttl) != 0) {
-            log_packet_build_failure("query_response", "add_ptr", off, answers, use_snapshot_records);
+    if (legacy_unicast && questions != NULL && questions->count > 0) {
+        if (questions->bytes == NULL || questions->len == 0 ||
+            append_bytes(reply, &off, reply_cap, questions->bytes, questions->len) != 0) {
             return -1;
         }
-        answers++;
+        hdr.qdcount = htons(questions->count);
     }
-    if (routes->smb_srv & route) {
-        if (add_rr_srv(reply, &off, reply_cap, instance_fqdn, cfg->host_fqdn, cfg->port, cfg->ttl) != 0) {
-            log_packet_build_failure("query_response", "add_srv", off, answers, use_snapshot_records);
-            return -1;
+    for (i = 0; i < planned->count; i++) {
+        if ((planned->records[i].routes & route) == 0) {
+            continue;
         }
-        answers++;
-    }
-    if (routes->smb_txt & route) {
-        if (add_rr_txt_empty(reply, &off, reply_cap, instance_fqdn, cfg->ttl) != 0) {
-            log_packet_build_failure("query_response", "add_txt", off, answers, use_snapshot_records);
+        if (add_planned_rr_to_packet(reply, &off, reply_cap, &planned->records[i], legacy_unicast) != 0) {
             return -1;
         }
         answers++;
     }
-    if ((routes->adisk_ptr | routes->adisk_srv | routes->adisk_txt) & route) {
-        char txt1[128];
-        char disk_txts[ADISK_MAX_DISKS][256];
-        const char *txts[ADISK_MAX_DISKS + 1];
-        size_t disk_i;
+    hdr.ancount = htons((uint16_t)answers);
+    memcpy(reply, &hdr, sizeof(hdr));
+    *reply_len = off;
+    *answer_count = answers;
+    return 0;
+}
 
-        if (build_adisk_system_txt(txt1, sizeof(txt1), cfg->adisk_sys_wama) != 0) {
-            log_packet_build_failure("query_response", "build_adisk_system_txt", off, answers, use_snapshot_records);
-            return -1;
-        }
-        txts[0] = txt1;
-        for (disk_i = 0; disk_i < cfg->adisk_disks.count; disk_i++) {
-            const struct adisk_disk *disk = &cfg->adisk_disks.disks[disk_i];
-            if (build_adisk_disk_txt(disk_txts[disk_i], sizeof(disk_txts[disk_i]), disk->disk_key, disk->share_name, disk->uuid, disk->disk_advf) != 0) {
-                log_packet_build_failure("query_response", "build_adisk_disk_txt", off, answers, use_snapshot_records);
-                return -1;
-            }
-            txts[disk_i + 1] = disk_txts[disk_i];
-        }
+static void stored_question_section_as_response(const struct stored_question_section *stored,
+                                                struct response_question_section *out) {
+    out->bytes = stored->bytes;
+    out->len = stored->len;
+    out->count = stored->count;
+}
 
-        if (routes->adisk_ptr & route) {
-            if (add_rr_ptr(reply, &off, reply_cap, cfg->adisk_service_type, adisk_instance_fqdn, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_adisk_ptr", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
-        }
-        if (routes->adisk_srv & route) {
-            if (add_rr_srv(reply, &off, reply_cap, adisk_instance_fqdn, cfg->host_fqdn, cfg->adisk_port, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_adisk_srv", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
-        }
-        if (routes->adisk_txt & route) {
-            if (add_rr_txt_strings(reply, &off, reply_cap, adisk_instance_fqdn, cfg->ttl, txts, cfg->adisk_disks.count + 1) != 0) {
-                log_packet_build_failure("query_response", "add_adisk_txt", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
-        }
+static int send_planned_response_route(int sockfd,
+                                       const struct planned_rr_set *planned,
+                                       int route,
+                                       uint16_t response_id,
+                                       const struct response_question_section *questions,
+                                       const struct sockaddr *dest,
+                                       socklen_t dest_len,
+                                       int use_snapshot_records,
+                                       int delay_multicast) {
+    uint8_t reply[BUF_SIZE];
+    size_t reply_len;
+    int answers;
+    int legacy_unicast = route == MDNS_REPLY_LEGACY_UNICAST;
+
+    if (build_planned_response_packet(reply,
+                                      sizeof(reply),
+                                      &reply_len,
+                                      &answers,
+                                      response_id,
+                                      route,
+                                      legacy_unicast,
+                                      questions,
+                                      planned) != 0) {
+        return -1;
     }
-    if ((routes->device_info_ptr | routes->device_info_srv | routes->device_info_txt) & route) {
-        char model_txt[MAX_NAME + 16];
-        const char *txts[1];
+    if (answers <= 0) {
+        return 0;
+    }
+    if (delay_multicast && route == MDNS_REPLY_MULTICAST) {
+        delay_multicast_query_response();
+    }
+    return send_dns_packet_any("query_response",
+                               sockfd,
+                               reply,
+                               reply_len,
+                               dest,
+                               dest_len,
+                               answers,
+                               use_snapshot_records);
+}
 
-        if (build_model_txt(model_txt, sizeof(model_txt), cfg->device_model) != 0) {
-            log_packet_build_failure("query_response", "build_model_txt", off, answers, use_snapshot_records);
-            return -1;
-        }
-        txts[0] = model_txt;
+static void clear_deferred_response(void) {
+    memset(&g_deferred_response, 0, sizeof(g_deferred_response));
+}
 
-        if (routes->device_info_ptr & route) {
-            if (add_rr_ptr(reply, &off, reply_cap, cfg->device_info_service_type, device_info_instance_fqdn, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_device_info_ptr", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
-        }
-        if (routes->device_info_srv & route) {
-            if (add_rr_srv(reply, &off, reply_cap, device_info_instance_fqdn, cfg->host_fqdn, 0, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_device_info_srv", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
+static void clear_deferred_response_for_sockfd(int sockfd) {
+    if (g_deferred_response.active && g_deferred_response.sockfd == sockfd) {
+        clear_deferred_response();
+    }
+}
+
+static int sockaddr_endpoint_equal(const struct sockaddr *a, socklen_t a_len,
+                                   const struct sockaddr *b, socklen_t b_len) {
+    if (a == NULL || b == NULL || a->sa_family != b->sa_family) {
+        return 0;
+    }
+    if (a->sa_family == AF_INET) {
+        const struct sockaddr_in *sin_a = (const struct sockaddr_in *)a;
+        const struct sockaddr_in *sin_b = (const struct sockaddr_in *)b;
+        if (a_len < (socklen_t)sizeof(*sin_a) || b_len < (socklen_t)sizeof(*sin_b)) {
+            return 0;
         }
-        if (routes->device_info_txt & route) {
-            if (add_rr_txt_strings(reply, &off, reply_cap, device_info_instance_fqdn, cfg->ttl, txts, 1) != 0) {
-                log_packet_build_failure("query_response", "add_device_info_txt", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
+        return sin_a->sin_port == sin_b->sin_port &&
+               sin_a->sin_addr.s_addr == sin_b->sin_addr.s_addr;
+    }
+    if (a->sa_family == AF_INET6) {
+        const struct sockaddr_in6 *sin6_a = (const struct sockaddr_in6 *)a;
+        const struct sockaddr_in6 *sin6_b = (const struct sockaddr_in6 *)b;
+        if (a_len < (socklen_t)sizeof(*sin6_a) || b_len < (socklen_t)sizeof(*sin6_b)) {
+            return 0;
         }
+        return sin6_a->sin6_port == sin6_b->sin6_port &&
+               sin6_a->sin6_scope_id == sin6_b->sin6_scope_id &&
+               memcmp(&sin6_a->sin6_addr, &sin6_b->sin6_addr, sizeof(sin6_a->sin6_addr)) == 0;
     }
-    if (!use_snapshot_records && ((routes->airport_ptr | routes->airport_srv | routes->airport_txt) & route)) {
-        char airport_txt[256];
-        const char *txts[1];
+    return 0;
+}
 
-        if (build_airport_txt(airport_txt, sizeof(airport_txt), cfg) != 0) {
-            log_packet_build_failure("query_response", "build_airport_txt", off, answers, use_snapshot_records);
-            return -1;
-        }
-        txts[0] = airport_txt;
+static int deferred_response_matches_source(int sockfd, const struct sockaddr *source, socklen_t source_len) {
+    if (!g_deferred_response.active || g_deferred_response.sockfd != sockfd) {
+        return 0;
+    }
+    return sockaddr_endpoint_equal((const struct sockaddr *)&g_deferred_response.source,
+                                   g_deferred_response.source_len,
+                                   source,
+                                   source_len);
+}
 
-        if (routes->airport_ptr & route) {
-            if (add_rr_ptr(reply, &off, reply_cap, cfg->airport_service_type, airport_instance_fqdn, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_airport_ptr", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
-        }
-        if (routes->airport_srv & route) {
-            if (add_rr_srv(reply, &off, reply_cap, airport_instance_fqdn, cfg->host_fqdn, cfg->airport_port, cfg->ttl) != 0) {
-                log_packet_build_failure("query_response", "add_airport_srv", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
+static int copy_sockaddr_storage(struct sockaddr_storage *out,
+                                 socklen_t *out_len,
+                                 const struct sockaddr *src,
+                                 socklen_t src_len) {
+    if (src == NULL || src_len > (socklen_t)sizeof(*out)) {
+        return -1;
+    }
+    memset(out, 0, sizeof(*out));
+    memcpy(out, src, src_len);
+    *out_len = src_len;
+    return 0;
+}
+
+static int flush_deferred_response_now(void) {
+    int status = 0;
+    struct response_question_section questions;
+
+    if (!g_deferred_response.active) {
+        return 0;
+    }
+    stored_question_section_as_response(&g_deferred_response.questions, &questions);
+    if (planned_set_has_route(&g_deferred_response.planned, MDNS_REPLY_LEGACY_UNICAST)) {
+        if (send_planned_response_route(g_deferred_response.sockfd,
+                                        &g_deferred_response.planned,
+                                        MDNS_REPLY_LEGACY_UNICAST,
+                                        g_deferred_response.response_id,
+                                        &questions,
+                                        (const struct sockaddr *)&g_deferred_response.source,
+                                        g_deferred_response.source_len,
+                                        g_deferred_response.use_snapshot_records,
+                                        0) != 0) {
+            status = -1;
         }
-        if (routes->airport_txt & route) {
-            if (add_rr_txt_strings(reply, &off, reply_cap, airport_instance_fqdn, cfg->ttl, txts, 1) != 0) {
-                log_packet_build_failure("query_response", "add_airport_txt", off, answers, use_snapshot_records);
-                return -1;
-            }
-            answers++;
+    }
+    if (planned_set_has_route(&g_deferred_response.planned, MDNS_REPLY_UNICAST)) {
+        if (send_planned_response_route(g_deferred_response.sockfd,
+                                        &g_deferred_response.planned,
+                                        MDNS_REPLY_UNICAST,
+                                        g_deferred_response.response_id,
+                                        &questions,
+                                        (const struct sockaddr *)&g_deferred_response.source,
+                                        g_deferred_response.source_len,
+                                        g_deferred_response.use_snapshot_records,
+                                        0) != 0) {
+            status = -1;
         }
     }
-    if (routes->host_a & route) {
-        if (add_rr_a(reply, &off, reply_cap, cfg->host_fqdn, response_ipv4_addr, cfg->ttl) != 0) {
-            log_packet_build_failure("query_response", "add_a", off, answers, use_snapshot_records);
-            return -1;
+    if (planned_set_has_route(&g_deferred_response.planned, MDNS_REPLY_MULTICAST)) {
+        if (send_planned_response_route(g_deferred_response.sockfd,
+                                        &g_deferred_response.planned,
+                                        MDNS_REPLY_MULTICAST,
+                                        0,
+                                        &questions,
+                                        (const struct sockaddr *)&g_deferred_response.multicast_dest,
+                                        g_deferred_response.multicast_dest_len,
+                                        g_deferred_response.use_snapshot_records,
+                                        0) != 0) {
+            status = -1;
         }
-        answers++;
     }
+    clear_deferred_response();
+    return status;
+}
+
+static int flush_deferred_response_if_due(long long now_ms) {
+    if (!g_deferred_response.active || now_ms < g_deferred_response.due_ms) {
+        return 0;
+    }
+    return flush_deferred_response_now();
+}
 
-    if (use_snapshot_records) {
-        size_t j;
-        char announced_hosts[SNAPSHOT_MAX_RECORDS][MAX_NAME];
-        size_t announced_host_count = 0;
+static long long deferred_response_adjust_wait_ms(long long now_ms, long long wait_ms) {
+    long long deferred_wait;
 
-        for (j = 0; j < snapshot_records->count; j++) {
-            const struct service_record *record = &snapshot_records->records[j];
-            const char *txts[SNAPSHOT_MAX_TXT_ITEMS];
-            uint8_t txt_lengths[SNAPSHOT_MAX_TXT_ITEMS];
-            size_t k;
+    if (!g_deferred_response.active) {
+        return wait_ms;
+    }
+    deferred_wait = g_deferred_response.due_ms - now_ms;
+    if (deferred_wait < 0) {
+        deferred_wait = 0;
+    }
+    return deferred_wait < wait_ms ? deferred_wait : wait_ms;
+}
 
-            if (is_suppressed_snapshot_service_type(record->service_type)) {
-                continue;
-            }
-            for (k = 0; k < record->txt_count; k++) {
-                txts[k] = record->txt[k];
-                txt_lengths[k] = record->txt_len[k];
-            }
-            if (routes->snapshot_ptr[j] & route) {
-                if (add_rr_ptr(reply, &off, reply_cap, record->service_type, record->instance_fqdn, cfg->ttl) != 0) {
-                    log_snapshot_record_build_failure("query_response", "add_snapshot_ptr", j, record, off, answers);
-                    log_packet_build_failure("query_response", "add_snapshot_ptr", off, answers, use_snapshot_records);
-                    return -1;
-                }
-                answers++;
-            }
-            if (routes->snapshot_srv[j] & route) {
-                if (add_rr_srv(reply, &off, reply_cap, record->instance_fqdn, record->host_fqdn, record->port, cfg->ttl) != 0) {
-                    log_snapshot_record_build_failure("query_response", "add_snapshot_srv", j, record, off, answers);
-                    log_packet_build_failure("query_response", "add_snapshot_srv", off, answers, use_snapshot_records);
-                    return -1;
-                }
-                answers++;
-            }
-            if (routes->snapshot_txt[j] & route) {
-                if (record->txt_count > 0) {
-                    if (add_rr_txt_items(reply, &off, reply_cap, record->instance_fqdn, cfg->ttl, txts, txt_lengths, record->txt_count) != 0) {
-                        log_snapshot_record_build_failure("query_response", "add_snapshot_txt", j, record, off, answers);
-                        log_packet_build_failure("query_response", "add_snapshot_txt", off, answers, use_snapshot_records);
-                        return -1;
-                    }
-                } else {
-                    if (add_rr_txt_empty(reply, &off, reply_cap, record->instance_fqdn, cfg->ttl) != 0) {
-                        log_snapshot_record_build_failure("query_response", "add_snapshot_txt_empty", j, record, off, answers);
-                        log_packet_build_failure("query_response", "add_snapshot_txt_empty", off, answers, use_snapshot_records);
-                        return -1;
-                    }
-                }
-                answers++;
-            }
-            if ((routes->snapshot_a[j] & route) && record->host_fqdn[0] != '\0' &&
-                !host_already_announced(announced_hosts, announced_host_count, record->host_fqdn)) {
-                if (add_rr_a(reply, &off, reply_cap, record->host_fqdn, response_ipv4_addr, cfg->ttl) != 0) {
-                    log_snapshot_record_build_failure("query_response", "add_snapshot_a", j, record, off, answers);
-                    log_packet_build_failure("query_response", "add_snapshot_a", off, answers, use_snapshot_records);
-                    return -1;
-                }
-                if (remember_announced_host(announced_hosts, &announced_host_count, record->host_fqdn) != 0) {
-                    log_packet_build_failure("query_response", "remember_snapshot_a_host", off, answers, use_snapshot_records);
-                    return -1;
-                }
-                answers++;
-            }
+static int defer_planned_response(int sockfd,
+                                  uint16_t response_id,
+                                  const struct sockaddr *multicast_dest,
+                                  socklen_t multicast_dest_len,
+                                  const struct sockaddr *source,
+                                  socklen_t source_len,
+                                  const struct response_question_section *questions,
+                                  int use_snapshot_records,
+                                  const struct planned_rr_set *planned) {
+    if (!planned_set_has_any_route(planned)) {
+        clear_deferred_response();
+        return 0;
+    }
+    clear_deferred_response();
+    g_deferred_response.active = 1;
+    g_deferred_response.sockfd = sockfd;
+    g_deferred_response.due_ms = monotonic_millis() + TC_KNOWN_ANSWER_DEFER_MS;
+    g_deferred_response.response_id = response_id;
+    g_deferred_response.use_snapshot_records = use_snapshot_records;
+    g_deferred_response.planned = *planned;
+    if (questions != NULL && questions->count > 0) {
+        if (questions->bytes == NULL || questions->len > sizeof(g_deferred_response.questions.bytes)) {
+            clear_deferred_response();
+            return -1;
         }
+        memcpy(g_deferred_response.questions.bytes, questions->bytes, questions->len);
+        g_deferred_response.questions.len = questions->len;
+        g_deferred_response.questions.count = questions->count;
+    }
+    if (copy_sockaddr_storage(&g_deferred_response.multicast_dest,
+                              &g_deferred_response.multicast_dest_len,
+                              multicast_dest,
+                              multicast_dest_len) != 0 ||
+        copy_sockaddr_storage(&g_deferred_response.source,
+                              &g_deferred_response.source_len,
+                              source,
+                              source_len) != 0) {
+        clear_deferred_response();
+        return -1;
     }
-
-    hdr.ancount = htons((uint16_t)answers);
-    memcpy(reply, &hdr, sizeof(hdr));
-    *reply_len = off;
-    *answer_count = answers;
     return 0;
 }
 
-static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
-                        const struct sockaddr_in *multicast_dest, const struct sockaddr_in *source,
-                        const struct config *cfg, uint32_t response_ipv4_addr,
-                        const struct service_record_set *snapshot_records, int use_snapshot_records) {
+static int handle_query_any(int sockfd,
+                            const uint8_t *packet,
+                            size_t packet_len,
+                            const struct sockaddr *multicast_dest,
+                            socklen_t multicast_dest_len,
+                            const struct sockaddr *source,
+                            socklen_t source_len,
+                            const struct config *cfg,
+                            const struct link_context *response_link,
+                            const struct service_record_set *snapshot_records,
+                            int use_snapshot_records) {
     struct dns_header hdr;
     size_t cursor = sizeof(struct dns_header);
     uint16_t qdcount;
+    uint16_t ancount;
     uint16_t query_id;
-    uint8_t reply[BUF_SIZE];
+    uint16_t flags;
     char instance_fqdn[MAX_NAME];
     char adisk_instance_fqdn[MAX_NAME];
     char device_info_instance_fqdn[MAX_NAME];
     char airport_instance_fqdn[MAX_NAME];
-    struct query_answer_routes routes;
     uint16_t i;
     int status = 0;
-
-    memset(&routes, 0, sizeof(routes));
+    int source_port;
+    int legacy_unicast_query;
+    int source_allows_unicast;
+    size_t question_section_start = sizeof(struct dns_header);
+    struct response_question_section questions;
+    static struct planned_rr_set planned;
+
+    memset(&planned, 0, sizeof(planned));
+    memset(&questions, 0, sizeof(questions));
     instance_fqdn[0] = '\0';
     adisk_instance_fqdn[0] = '\0';
     device_info_instance_fqdn[0] = '\0';
@@ -3304,12 +5288,17 @@ static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
         return 0;
     }
     memcpy(&hdr, packet, sizeof(hdr));
-    if (ntohs(hdr.flags) & DNS_FLAG_QR) {
+    flags = ntohs(hdr.flags);
+    if (flags & DNS_FLAG_QR) {
         return 0;
     }
 
     qdcount = ntohs(hdr.qdcount);
+    ancount = ntohs(hdr.ancount);
     query_id = hdr.id;
+    source_port = sockaddr_port_host(source);
+    legacy_unicast_query = source_port != 0 && source_port != MDNS_PORT;
+    source_allows_unicast = source_can_receive_unicast_response(source, response_link);
     if (smb_enabled(cfg) &&
         build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg->instance_name, cfg->service_type) != 0) {
         log_packet_build_failure("query_response", "build_instance_fqdn", sizeof(struct dns_header), 0, use_snapshot_records);
@@ -3331,6 +5320,20 @@ static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
         return 0;
     }
 
+    if (qdcount == 0) {
+        if (deferred_response_matches_source(sockfd, source, source_len)) {
+            suppress_planned_known_answers(packet, packet_len, cursor, ancount, &g_deferred_response.planned);
+            if ((flags & DNS_FLAG_TC) == 0) {
+                return flush_deferred_response_now();
+            }
+        }
+        return 0;
+    }
+
+    if (deferred_response_matches_source(sockfd, source, source_len) && (flags & DNS_FLAG_TC) == 0) {
+        clear_deferred_response();
+    }
+
     for (i = 0; i < qdcount; i++) {
         char qname[MAX_NAME];
         uint16_t qtype;
@@ -3349,125 +5352,91 @@ static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
         qtype = ntohs(qtype);
         qclass_raw = ntohs(qclass);
         qclass_base = (uint16_t)(qclass_raw & 0x7FFF);
-        if (qclass_base != DNS_CLASS_IN) {
+        if (qclass_base != DNS_CLASS_IN && qclass_base != DNS_CLASS_ANY) {
             continue;
         }
-        reply_route = (qclass_raw & DNS_CLASS_CACHE_FLUSH) ? MDNS_REPLY_UNICAST : MDNS_REPLY_MULTICAST;
-
-        if (smb_enabled(cfg) &&
-            name_equals(qname, cfg->service_type) &&
-            (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
-            routes.smb_ptr |= reply_route;
-            routes.smb_srv |= reply_route;
-            routes.smb_txt |= reply_route;
-            routes.host_a |= reply_route;
-        } else if (adisk_enabled(cfg) &&
-                   name_equals(qname, cfg->adisk_service_type) &&
-                   (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
-            routes.adisk_ptr |= reply_route;
-            routes.adisk_srv |= reply_route;
-            routes.adisk_txt |= reply_route;
-            routes.host_a |= reply_route;
-        } else if (cfg->device_model[0] != '\0' &&
-                   name_equals(qname, cfg->device_info_service_type) &&
-                   (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
-            routes.device_info_ptr |= reply_route;
-            routes.device_info_srv |= reply_route;
-            routes.device_info_txt |= reply_route;
-            routes.host_a |= reply_route;
-        } else if (!use_snapshot_records && is_airport_enabled(cfg) &&
-                   name_equals(qname, cfg->airport_service_type) &&
-                   (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
-            routes.airport_ptr |= reply_route;
-            routes.airport_srv |= reply_route;
-            routes.airport_txt |= reply_route;
-            routes.host_a |= reply_route;
-        } else if (smb_enabled(cfg) && name_equals(qname, instance_fqdn)) {
-            if (qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY) {
-                routes.smb_srv |= reply_route;
-                routes.host_a |= reply_route;
-            }
-            if (qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY) {
-                routes.smb_txt |= reply_route;
-            }
-        } else if (adisk_enabled(cfg) &&
-                   name_equals(qname, adisk_instance_fqdn)) {
-            if (qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY) {
-                routes.adisk_srv |= reply_route;
-                routes.host_a |= reply_route;
-            }
-            if (qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY) {
-                routes.adisk_txt |= reply_route;
-            }
-        } else if (cfg->device_model[0] != '\0' &&
-                   name_equals(qname, device_info_instance_fqdn)) {
-            if (qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY) {
-                routes.device_info_srv |= reply_route;
-                routes.host_a |= reply_route;
-            }
-            if (qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY) {
-                routes.device_info_txt |= reply_route;
-            }
-        } else if (!use_snapshot_records && is_airport_enabled(cfg) &&
-                   name_equals(qname, airport_instance_fqdn)) {
-            if (qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY) {
-                routes.airport_srv |= reply_route;
-                routes.host_a |= reply_route;
-            }
-            if (qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY) {
-                routes.airport_txt |= reply_route;
-            }
-        } else if (name_equals(qname, cfg->host_fqdn) && (qtype == DNS_TYPE_A || qtype == DNS_TYPE_ANY)) {
-            routes.host_a |= reply_route;
-        } else if (use_snapshot_records) {
-            size_t j;
-            for (j = 0; j < snapshot_records->count; j++) {
-                const struct service_record *record = &snapshot_records->records[j];
-                if (is_suppressed_snapshot_service_type(record->service_type)) {
-                    continue;
-                }
-                if (name_equals(qname, record->service_type) && (qtype == DNS_TYPE_PTR || qtype == DNS_TYPE_ANY)) {
-                    routes.snapshot_ptr[j] |= reply_route;
-                    routes.snapshot_srv[j] |= reply_route;
-                    routes.snapshot_txt[j] |= reply_route;
-                    routes.snapshot_a[j] |= reply_route;
-                } else if (name_equals(qname, record->instance_fqdn)) {
-                    if (qtype == DNS_TYPE_SRV || qtype == DNS_TYPE_ANY) {
-                        routes.snapshot_srv[j] |= reply_route;
-                        routes.snapshot_a[j] |= reply_route;
-                    }
-                    if (qtype == DNS_TYPE_TXT || qtype == DNS_TYPE_ANY) {
-                        routes.snapshot_txt[j] |= reply_route;
-                    }
-                } else if (name_equals(qname, record->host_fqdn) && (qtype == DNS_TYPE_A || qtype == DNS_TYPE_ANY)) {
-                    routes.snapshot_a[j] |= reply_route;
-                }
-            }
+        if (legacy_unicast_query && source_allows_unicast) {
+            reply_route = MDNS_REPLY_LEGACY_UNICAST;
+        } else if ((qclass_raw & DNS_CLASS_QU) && source_allows_unicast) {
+            reply_route = MDNS_REPLY_UNICAST;
+        } else {
+            reply_route = MDNS_REPLY_MULTICAST;
+        }
+        if (plan_question_answers(&planned,
+                                  reply_route,
+                                  qname,
+                                  qtype,
+                                  cfg,
+                                  response_link,
+                                  snapshot_records,
+                                  use_snapshot_records,
+                                  instance_fqdn,
+                                  adisk_instance_fqdn,
+                                  device_info_instance_fqdn,
+                                  airport_instance_fqdn) != 0) {
+            log_packet_build_failure("query_response", "plan_question_answers", cursor, 0, use_snapshot_records);
+            return -1;
+        }
+    }
+    questions.bytes = packet + question_section_start;
+    questions.len = cursor - question_section_start;
+    questions.count = qdcount;
+
+    suppress_planned_known_answers(packet, packet_len, cursor, ancount, &planned);
+
+    if (flags & DNS_FLAG_TC) {
+        if (defer_planned_response(sockfd,
+                                   query_id,
+                                   multicast_dest,
+                                   multicast_dest_len,
+                                   source,
+                                   source_len,
+                                   &questions,
+                                   use_snapshot_records,
+                                   &planned) != 0) {
+            return -1;
+        }
+        return 0;
+    }
+
+    if (planned_set_has_route(&planned, MDNS_REPLY_LEGACY_UNICAST)) {
+        if (send_planned_response_route(sockfd,
+                                        &planned,
+                                        MDNS_REPLY_LEGACY_UNICAST,
+                                        query_id,
+                                        &questions,
+                                        source,
+                                        source_len,
+                                        use_snapshot_records,
+                                        0) != 0) {
+            status = -1;
         }
     }
 
-    if (query_routes_have_destination(&routes, snapshot_records, use_snapshot_records, MDNS_REPLY_UNICAST)) {
-        size_t reply_len;
-        int answers;
-        if (build_query_response_packet(reply, sizeof(reply), &reply_len, &answers, query_id, MDNS_REPLY_UNICAST,
-                                        &routes, instance_fqdn, adisk_instance_fqdn, device_info_instance_fqdn,
-                                        airport_instance_fqdn, cfg, response_ipv4_addr,
-                                        snapshot_records, use_snapshot_records) != 0 ||
-            (answers > 0 &&
-             send_dns_packet("query_response", sockfd, reply, reply_len, source, answers, use_snapshot_records) != 0)) {
+    if (planned_set_has_route(&planned, MDNS_REPLY_UNICAST)) {
+        if (send_planned_response_route(sockfd,
+                                        &planned,
+                                        MDNS_REPLY_UNICAST,
+                                        query_id,
+                                        &questions,
+                                        source,
+                                        source_len,
+                                        use_snapshot_records,
+                                        0) != 0) {
             status = -1;
         }
     }
 
-    if (query_routes_have_destination(&routes, snapshot_records, use_snapshot_records, MDNS_REPLY_MULTICAST)) {
-        size_t reply_len;
-        int answers;
-        if (build_query_response_packet(reply, sizeof(reply), &reply_len, &answers, 0, MDNS_REPLY_MULTICAST,
-                                        &routes, instance_fqdn, adisk_instance_fqdn, device_info_instance_fqdn,
-                                        airport_instance_fqdn, cfg, response_ipv4_addr,
-                                        snapshot_records, use_snapshot_records) != 0 ||
-            (answers > 0 &&
-             send_dns_packet("query_response", sockfd, reply, reply_len, multicast_dest, answers, use_snapshot_records) != 0)) {
+    if (planned_set_has_route(&planned, MDNS_REPLY_MULTICAST)) {
+        if (send_planned_response_route(sockfd,
+                                        &planned,
+                                        MDNS_REPLY_MULTICAST,
+                                        0,
+                                        &questions,
+                                        multicast_dest,
+                                        multicast_dest_len,
+                                        use_snapshot_records,
+                                        1) != 0) {
             status = -1;
         }
     }
@@ -3475,8 +5444,25 @@ static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
     return status;
 }
 
-static const struct iface_context *select_response_context(const struct iface_context_set *contexts,
-                                                           const struct sockaddr_in *source) {
+static int handle_query(int sockfd, const uint8_t *packet, size_t packet_len,
+                        const struct sockaddr_in *multicast_dest, const struct sockaddr_in *source,
+                        const struct config *cfg, const struct link_context *response_link,
+                        const struct service_record_set *snapshot_records, int use_snapshot_records) {
+    return handle_query_any(sockfd,
+                            packet,
+                            packet_len,
+                            (const struct sockaddr *)multicast_dest,
+                            sizeof(*multicast_dest),
+                            (const struct sockaddr *)source,
+                            sizeof(*source),
+                            cfg,
+                            response_link,
+                            snapshot_records,
+                            use_snapshot_records);
+}
+
+static const struct iface_context MDNS_UNUSED *select_response_context(const struct iface_context_set *contexts,
+                                                                       const struct sockaddr_in *source) {
     size_t i;
 
     if (contexts->count == 0) {
@@ -3492,6 +5478,27 @@ static const struct iface_context *select_response_context(const struct iface_co
     return &contexts->contexts[0];
 }
 
+static void link_context_from_iface_context(struct link_context *out, const struct iface_context *ctx) {
+    memset(out, 0, sizeof(*out));
+    strncpy(out->name, ctx->name, sizeof(out->name) - 1);
+    out->flags = ctx->flags;
+    out->ipv4[0].addr = ctx->ipv4_addr;
+    out->ipv4[0].netmask = ctx->netmask;
+    out->ipv4_count = 1;
+    out->mdns_ipv4_transport = 1;
+    out->mdns_ipv4_transport_addr = ctx->ipv4_addr;
+}
+
+static void init_explicit_link_context(struct link_context *out, uint32_t ipv4_addr) {
+    memset(out, 0, sizeof(*out));
+    strncpy(out->name, "explicit", sizeof(out->name) - 1);
+    out->ipv4[0].addr = ipv4_addr;
+    out->ipv4[0].netmask = htonl(0xffffffffU);
+    out->ipv4_count = 1;
+    out->mdns_ipv4_transport = 1;
+    out->mdns_ipv4_transport_addr = ipv4_addr;
+}
+
 static int set_context_outbound_interface(int sockfd, const struct iface_context *ctx) {
     return set_outbound_multicast_interface(sockfd, ctx->ipv4_addr, "runtime", 0, 0);
 }
@@ -3502,34 +5509,39 @@ static int send_context_announcement(int sockfd,
                                      const struct config *cfg,
                                      const struct service_record_set *snapshot_records,
                                      int use_snapshot_records) {
+    struct link_context link;
+
     if (set_context_outbound_interface(sockfd, ctx) != 0) {
         return -1;
     }
-    return send_announcement(sockfd, dest, cfg, ctx->ipv4_addr, cfg->ttl, snapshot_records, use_snapshot_records);
+    link_context_from_iface_context(&link, ctx);
+    return send_announcement(sockfd, dest, cfg, &link, cfg->ttl, snapshot_records, use_snapshot_records);
 }
 
-static void send_context_goodbyes(int sockfd,
-                                  struct iface_context_set *contexts,
-                                  const struct sockaddr_in *dest,
-                                  const struct config *cfg,
-                                  const struct service_record_set *snapshot_records,
-                                  int use_snapshot_records) {
+static void MDNS_UNUSED send_context_goodbyes(int sockfd,
+                                              struct iface_context_set *contexts,
+                                              const struct sockaddr_in *dest,
+                                              const struct config *cfg,
+                                              const struct service_record_set *snapshot_records,
+                                              int use_snapshot_records) {
     size_t i;
 
     for (i = 0; i < contexts->count; i++) {
         if (set_context_outbound_interface(sockfd, &contexts->contexts[i]) == 0) {
-            (void)send_announcement(sockfd, dest, cfg, contexts->contexts[i].ipv4_addr, 0, snapshot_records, use_snapshot_records);
+            struct link_context link;
+            link_context_from_iface_context(&link, &contexts->contexts[i]);
+            (void)send_announcement(sockfd, dest, cfg, &link, 0, snapshot_records, use_snapshot_records);
         }
     }
 }
 
-static void send_context_goodbyes_for_missing(int sockfd,
-                                              struct iface_context_set *old_contexts,
-                                              const struct iface_context_set *active_contexts,
-                                              const struct sockaddr_in *dest,
-                                              const struct config *cfg,
-                                              const struct service_record_set *snapshot_records,
-                                              int use_snapshot_records) {
+static void MDNS_UNUSED send_context_goodbyes_for_missing(int sockfd,
+                                                          struct iface_context_set *old_contexts,
+                                                          const struct iface_context_set *active_contexts,
+                                                          const struct sockaddr_in *dest,
+                                                          const struct config *cfg,
+                                                          const struct service_record_set *snapshot_records,
+                                                          int use_snapshot_records) {
     size_t i;
 
     for (i = 0; i < old_contexts->count; i++) {
@@ -3537,18 +5549,20 @@ static void send_context_goodbyes_for_missing(int sockfd,
             continue;
         }
         if (set_context_outbound_interface(sockfd, &old_contexts->contexts[i]) == 0) {
-            (void)send_announcement(sockfd, dest, cfg, old_contexts->contexts[i].ipv4_addr, 0, snapshot_records, use_snapshot_records);
+            struct link_context link;
+            link_context_from_iface_context(&link, &old_contexts->contexts[i]);
+            (void)send_announcement(sockfd, dest, cfg, &link, 0, snapshot_records, use_snapshot_records);
         }
     }
 }
 
-static void announce_all_contexts(int sockfd,
-                                  struct iface_context_set *contexts,
-                                  const struct sockaddr_in *dest,
-                                  const struct config *cfg,
-                                  const struct service_record_set *snapshot_records,
-                                  int use_snapshot_records,
-                                  const char *stage) {
+static void MDNS_UNUSED announce_all_contexts(int sockfd,
+                                              struct iface_context_set *contexts,
+                                              const struct sockaddr_in *dest,
+                                              const struct config *cfg,
+                                              const struct service_record_set *snapshot_records,
+                                              int use_snapshot_records,
+                                              const char *stage) {
     size_t i;
 
     for (i = 0; i < contexts->count; i++) {
@@ -3564,6 +5578,420 @@ static void announce_all_contexts(int sockfd,
     }
 }
 
+static int source_matches_link_ipv4_subnet(uint32_t source_ipv4_addr, const struct link_context *link) {
+    size_t i;
+
+    for (i = 0; i < link->ipv4_count; i++) {
+        uint32_t netmask = link->ipv4[i].netmask;
+        if (netmask == 0) {
+            if (source_ipv4_addr == link->ipv4[i].addr) {
+                return 1;
+            }
+        } else if ((source_ipv4_addr & netmask) == (link->ipv4[i].addr & netmask)) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static const struct link_context *select_response_link_ipv4(const struct link_context_set *links,
+                                                            const struct sockaddr_in *source) {
+    size_t i;
+
+    if (links->count == 0) {
+        return NULL;
+    }
+    if (source != NULL && source->sin_addr.s_addr != 0) {
+        for (i = 0; i < links->count; i++) {
+            if (!link_context_has_mdns_ipv4_transport(&links->links[i])) {
+                continue;
+            }
+            if (source_matches_link_ipv4_subnet(source->sin_addr.s_addr, &links->links[i])) {
+                return &links->links[i];
+            }
+        }
+    }
+    for (i = 0; i < links->count; i++) {
+        if (link_context_has_mdns_ipv4_transport(&links->links[i])) {
+            return &links->links[i];
+        }
+    }
+    return NULL;
+}
+
+static const struct link_context *select_response_link_ipv6(const struct link_context_set *links,
+                                                            const struct sockaddr_in6 *source) {
+    size_t i;
+
+    if (links->count == 0) {
+        return NULL;
+    }
+    if (source != NULL) {
+        if (source->sin6_scope_id != 0) {
+            for (i = 0; i < links->count; i++) {
+                if (link_context_has_mdns_ipv6_transport(&links->links[i]) &&
+                    links->links[i].ifindex == source->sin6_scope_id) {
+                    return &links->links[i];
+                }
+            }
+        }
+        for (i = 0; i < links->count; i++) {
+            size_t j;
+            if (!link_context_has_mdns_ipv6_transport(&links->links[i])) {
+                continue;
+            }
+            for (j = 0; j < links->links[i].ipv6_count; j++) {
+                if (links->links[i].ipv6[j].link_local) {
+                    continue;
+                }
+                if (ipv6_prefix_matches(&source->sin6_addr,
+                                        &links->links[i].ipv6[j].addr,
+                                        links->links[i].ipv6[j].prefix_len)) {
+                    return &links->links[i];
+                }
+            }
+        }
+    }
+    for (i = 0; i < links->count; i++) {
+        if (link_context_has_mdns_ipv6_transport(&links->links[i])) {
+            return &links->links[i];
+        }
+    }
+    return NULL;
+}
+
+static int set_link_outbound_interface4(int sockfd, const struct link_context *link) {
+    uint32_t ipv4_addr = link_preferred_ipv4_source(link);
+
+    if (ipv4_addr == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return set_outbound_multicast_interface(sockfd, ipv4_addr, "runtime", 0, 0);
+}
+
+static int set_link_outbound_interface4_for_peer(int sockfd, const struct link_context *link, uint32_t source_ipv4_addr) {
+    uint32_t ipv4_addr = link_ipv4_source_for_peer(link, source_ipv4_addr);
+
+    if (ipv4_addr == 0) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+    return set_outbound_multicast_interface(sockfd, ipv4_addr, "runtime", 0, 0);
+}
+
+static int set_link_outbound_interface6(int sockfd, const struct link_context *link) {
+    return set_outbound_multicast_interface6(sockfd, link->ifindex, "runtime", 0, 0);
+}
+
+static void send_link_announcement_pair(const struct mdns_socket_pair *sockets,
+                                        const struct link_context *link,
+                                        const struct sockaddr_in *dest4,
+                                        const struct sockaddr_in6 *dest6,
+                                        const struct config *cfg,
+                                        uint32_t ttl,
+                                        const struct service_record_set *snapshot_records,
+                                        int use_snapshot_records,
+                                        const char *stage) {
+    if (sockets->ipv4_fd >= 0 && link_context_has_mdns_ipv4_transport(link)) {
+        if (set_link_outbound_interface4(sockets->ipv4_fd, link) != 0 ||
+            send_announcement(sockets->ipv4_fd, dest4, cfg, link, ttl, snapshot_records, use_snapshot_records) != 0) {
+            char detail[160];
+            snprintf(detail, sizeof(detail), "stage=%s iface=%s family=ipv4", stage, link->name);
+            log_send_failure(stage, dest4, use_snapshot_records, detail);
+        }
+    }
+    if (sockets->ipv6_fd >= 0 && link_context_has_mdns_ipv6_transport(link)) {
+        struct sockaddr_in6 scoped_dest6;
+        scoped_mdns_dest6_for_link(&scoped_dest6, dest6, link);
+        if (set_link_outbound_interface6(sockets->ipv6_fd, link) != 0 ||
+            send_announcement_any(sockets->ipv6_fd,
+                                  (const struct sockaddr *)&scoped_dest6,
+                                  sizeof(scoped_dest6),
+                                  cfg,
+                                  link,
+                                  ttl,
+                                  snapshot_records,
+                                  use_snapshot_records) != 0) {
+            char destbuf[96];
+            format_sockaddr_addr((const struct sockaddr *)&scoped_dest6, destbuf, sizeof(destbuf));
+            fprintf(stderr,
+                    "mdns send failure: stage=%s dest=%s records=%s detail=iface=%s family=ipv6\n",
+                    stage,
+                    destbuf,
+                    use_snapshot_records ? "snapshot" : "generated",
+                    link->name);
+        }
+    }
+}
+
+static void announce_all_links(const struct mdns_socket_pair *sockets,
+                               const struct link_context_set *links,
+                               const struct sockaddr_in *dest4,
+                               const struct sockaddr_in6 *dest6,
+                               const struct config *cfg,
+                               const struct service_record_set *snapshot_records,
+                               int use_snapshot_records,
+                               const char *stage) {
+    size_t i;
+
+    for (i = 0; i < links->count; i++) {
+        send_link_announcement_pair(sockets,
+                                    &links->links[i],
+                                    dest4,
+                                    dest6,
+                                    cfg,
+                                    cfg->ttl,
+                                    snapshot_records,
+                                    use_snapshot_records,
+                                    stage);
+    }
+}
+
+static void send_link_goodbyes(const struct mdns_socket_pair *sockets,
+                               const struct link_context_set *links,
+                               const struct sockaddr_in *dest4,
+                               const struct sockaddr_in6 *dest6,
+                               const struct config *cfg,
+                               const struct service_record_set *snapshot_records,
+                               int use_snapshot_records) {
+    size_t i;
+
+    for (i = 0; i < links->count; i++) {
+        send_link_announcement_pair(sockets,
+                                    &links->links[i],
+                                    dest4,
+                                    dest6,
+                                    cfg,
+                                    0,
+                                    snapshot_records,
+                                    use_snapshot_records,
+                                    "goodbye");
+    }
+}
+
+static void send_link_goodbyes_for_missing(const struct mdns_socket_pair *sockets,
+                                           const struct link_context_set *old_links,
+                                           const struct link_context_set *new_links,
+                                           const struct sockaddr_in *dest4,
+                                           const struct sockaddr_in6 *dest6,
+                                           const struct config *cfg,
+                                           const struct service_record_set *snapshot_records,
+                                           int use_snapshot_records) {
+    size_t i;
+
+    for (i = 0; i < old_links->count; i++) {
+        if (link_context_set_contains(new_links, &old_links->links[i])) {
+            continue;
+        }
+        send_link_announcement_pair(sockets,
+                                    &old_links->links[i],
+                                    dest4,
+                                    dest6,
+                                    cfg,
+                                    0,
+                                    snapshot_records,
+                                    use_snapshot_records,
+                                    "goodbye");
+    }
+}
+
+static int prepare_runtime_mdns_sockets_for_links(int shared_bind,
+                                                  struct mdns_socket_pair *sockets,
+                                                  const struct link_context_set *old_links,
+                                                  struct link_context_set *new_links) {
+    int need_ipv4 = link_contexts_need_ipv4_socket(new_links);
+    int need_ipv6 = link_contexts_need_ipv6_socket(new_links);
+    int opened_ipv4 = 0;
+    int opened_ipv6 = 0;
+    int ipv4_errno = 0;
+    int ipv6_errno = 0;
+    struct mdns_membership_delta delta;
+
+    init_mdns_membership_delta(&delta);
+
+    if (!need_ipv4 && !need_ipv6) {
+        errno = EADDRNOTAVAIL;
+        return -1;
+    }
+
+    if (need_ipv4 && sockets->ipv4_fd < 0) {
+        sockets->ipv4_fd = open_bound_mdns_socket(shared_bind, 1);
+        if (sockets->ipv4_fd < 0) {
+            ipv4_errno = errno;
+            if (need_ipv6) {
+                fprintf(stderr,
+                        "warning: mdns runtime socket: IPv4 socket open failed (%s); continuing with remaining mDNS transports\n",
+                        strerror(ipv4_errno));
+                disable_link_contexts_mdns_ipv4_transport(new_links);
+                compact_link_contexts_for_mdns_transport(new_links);
+                need_ipv4 = 0;
+            } else {
+                goto fail;
+            }
+        }
+        if (sockets->ipv4_fd >= 0) {
+            opened_ipv4 = 1;
+        }
+    }
+    if (need_ipv6 && sockets->ipv6_fd < 0) {
+        sockets->ipv6_fd = open_bound_mdns_socket6(shared_bind, 1);
+        if (sockets->ipv6_fd < 0) {
+            ipv6_errno = errno;
+            if (need_ipv4 && sockets->ipv4_fd >= 0) {
+                fprintf(stderr,
+                        "warning: mdns runtime socket: IPv6 socket open failed (%s); continuing with remaining mDNS transports\n",
+                        strerror(ipv6_errno));
+                disable_link_contexts_mdns_ipv6_transport(new_links);
+                compact_link_contexts_for_mdns_transport(new_links);
+                need_ipv6 = 0;
+            } else {
+                goto fail;
+            }
+        }
+        if (sockets->ipv6_fd >= 0) {
+            opened_ipv6 = 1;
+        }
+    }
+
+    if (need_ipv4 &&
+        prepare_mdns_socket4_memberships(sockets->ipv4_fd,
+                                         opened_ipv4 ? NULL : old_links,
+                                         new_links,
+                                         "runtime",
+                                         &delta) != 0) {
+        ipv4_errno = errno;
+        if (ipv4_errno == EADDRNOTAVAIL && need_ipv6 && sockets->ipv6_fd >= 0) {
+            fprintf(stderr,
+                    "warning: mdns runtime socket: IPv4 membership update found no usable links; continuing with remaining mDNS transports\n");
+            disable_link_contexts_mdns_ipv4_transport(new_links);
+            need_ipv4 = 0;
+            if (opened_ipv4 && sockets->ipv4_fd >= 0) {
+                clear_deferred_response_for_sockfd(sockets->ipv4_fd);
+                close(sockets->ipv4_fd);
+                sockets->ipv4_fd = -1;
+            }
+        } else {
+            goto fail;
+        }
+    }
+    if (need_ipv6 &&
+        prepare_mdns_socket6_memberships(sockets->ipv6_fd,
+                                         opened_ipv6 ? NULL : old_links,
+                                         new_links,
+                                         "runtime",
+                                         &delta) != 0) {
+        ipv6_errno = errno;
+        if (need_ipv4 && sockets->ipv4_fd >= 0) {
+            fprintf(stderr,
+                    "warning: mdns runtime socket: IPv6 membership update failed (%s); continuing with remaining mDNS transports\n",
+                    strerror(ipv6_errno));
+            disable_link_contexts_mdns_ipv6_transport(new_links);
+            if (opened_ipv6 && sockets->ipv6_fd >= 0) {
+                clear_deferred_response_for_sockfd(sockets->ipv6_fd);
+                close(sockets->ipv6_fd);
+                sockets->ipv6_fd = -1;
+            }
+            compact_link_contexts_for_mdns_transport(new_links);
+            return 0;
+        }
+        goto fail;
+    }
+    compact_link_contexts_for_mdns_transport(new_links);
+    if (new_links->count == 0) {
+        errno = EADDRNOTAVAIL;
+        goto fail;
+    }
+    return 0;
+
+fail:
+    rollback_mdns_membership_delta(sockets, &delta);
+    if (opened_ipv4 && sockets->ipv4_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv4_fd);
+        close(sockets->ipv4_fd);
+        sockets->ipv4_fd = -1;
+    }
+    if (opened_ipv6 && sockets->ipv6_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv6_fd);
+        close(sockets->ipv6_fd);
+        sockets->ipv6_fd = -1;
+    }
+    return -1;
+}
+
+static void retire_runtime_mdns_memberships_for_missing(struct mdns_socket_pair *sockets,
+                                                        const struct link_context_set *old_links,
+                                                        const struct link_context_set *new_links) {
+    size_t i;
+
+    if (sockets->ipv4_fd >= 0) {
+        for (i = 0; i < old_links->count; i++) {
+            uint32_t ipv4_addr = link_preferred_ipv4_source(&old_links->links[i]);
+            if (!link_context_has_mdns_ipv4_transport(&old_links->links[i]) ||
+                ipv4_addr == 0 ||
+                link_set_has_ipv4_membership(new_links, ipv4_addr)) {
+                continue;
+            }
+            drop_mdns_multicast_group_best_effort(sockets->ipv4_fd, ipv4_addr, "runtime");
+        }
+    }
+    if (sockets->ipv6_fd >= 0) {
+        for (i = 0; i < old_links->count; i++) {
+            if (!link_context_has_mdns_ipv6_transport(&old_links->links[i]) ||
+                link_set_has_ipv6_membership(new_links, old_links->links[i].ifindex)) {
+                continue;
+            }
+            drop_mdns_multicast_group6_best_effort(sockets->ipv6_fd,
+                                                   old_links->links[i].ifindex,
+                                                   old_links->links[i].name,
+                                                   "runtime");
+        }
+    }
+}
+
+static void close_unused_runtime_mdns_socket_families(struct mdns_socket_pair *sockets,
+                                                      const struct link_context_set *links) {
+    if (!link_contexts_need_ipv4_socket(links) && sockets->ipv4_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv4_fd);
+        close(sockets->ipv4_fd);
+        sockets->ipv4_fd = -1;
+    }
+    if (!link_contexts_need_ipv6_socket(links) && sockets->ipv6_fd >= 0) {
+        clear_deferred_response_for_sockfd(sockets->ipv6_fd);
+        close(sockets->ipv6_fd);
+        sockets->ipv6_fd = -1;
+    }
+}
+
+static int apply_runtime_link_change(int shared_bind,
+                                     struct mdns_socket_pair *sockets,
+                                     struct link_context_set *active_links,
+                                     const struct link_context_set *new_links,
+                                     const struct sockaddr_in *dest4,
+                                     const struct sockaddr_in6 *dest6,
+                                     const struct config *cfg,
+                                     const struct service_record_set *snapshot_records,
+                                     int use_snapshot_records) {
+    struct link_context_set applied_links;
+
+    applied_links = *new_links;
+    if (prepare_runtime_mdns_sockets_for_links(shared_bind, sockets, active_links, &applied_links) != 0) {
+        return -1;
+    }
+    send_link_goodbyes_for_missing(sockets,
+                                   active_links,
+                                   &applied_links,
+                                   dest4,
+                                   dest6,
+                                   cfg,
+                                   snapshot_records,
+                                   use_snapshot_records);
+    retire_runtime_mdns_memberships_for_missing(sockets, active_links, &applied_links);
+    close_unused_runtime_mdns_socket_families(sockets, &applied_links);
+    *active_links = applied_links;
+    return 0;
+}
+
 static int open_mdns_socket(int shared_bind, int log_bind_errors, uint32_t ipv4_addr, const char *socket_role) {
     int sockfd;
 
@@ -3584,26 +6012,27 @@ int main(int argc, char **argv) {
     struct service_record_set snapshot_records;
     int sockfd = -1;
     struct sockaddr_in mdns_dest;
+    struct sockaddr_in6 mdns_dest6;
     int i;
-    time_t last_announce = 0;
     int use_snapshot_records = 0;
     int shared_bind = 0;
     int auto_ip = 0;
     int explicit_ipv4 = 0;
     int print_auto_ip_cidrs = 0;
+    int print_smb_bind_interfaces = 0;
+    int print_mdns_socket_families = 0;
     int auto_contexts_ready = 0;
-    struct iface_context_set auto_contexts;
+    struct link_context_set auto_links;
     int capture_only = 0;
     int snapshot_capture_failed = 0;
     int snapshot_capture_skipped = 0;
     int trusted_snapshot_written = 0;
-    static const unsigned int startup_burst_offsets_ms[STARTUP_BURST_COUNT] = {0, 250, 1000, 2000, 4000, 8000, 16000};
     size_t startup_burst_index = 0;
     long long startup_burst_start_ms = 0;
 
     memset(&cfg, 0, sizeof(cfg));
     memset(&snapshot_records, 0, sizeof(snapshot_records));
-    memset(&auto_contexts, 0, sizeof(auto_contexts));
+    memset(&auto_links, 0, sizeof(auto_links));
     strcpy(cfg.service_type, "_smb._tcp.local.");
     strcpy(cfg.adisk_service_type, "_adisk._tcp.local.");
     strcpy(cfg.adisk_disk_key, ADISK_DEFAULT_DISK_KEY);
@@ -3636,6 +6065,10 @@ int main(int argc, char **argv) {
             auto_ip = 1;
         } else if (strcmp(argv[i], "--print-auto-ip-cidrs") == 0) {
             print_auto_ip_cidrs = 1;
+        } else if (strcmp(argv[i], "--print-smb-bind-interfaces") == 0) {
+            print_smb_bind_interfaces = 1;
+        } else if (strcmp(argv[i], "--print-mdns-socket-families") == 0) {
+            print_mdns_socket_families = 1;
         } else if (strcmp(argv[i], "--version") == 0) {
             printf("%d\n", ADVERTISER_VERSION_CODE);
             return EXIT_OK;
@@ -3702,6 +6135,16 @@ int main(int argc, char **argv) {
                                                  collect_usable_iface_contexts_provider,
                                                  NULL);
     }
+    if (print_smb_bind_interfaces) {
+        return print_smb_bind_interfaces_with_provider(stdout,
+                                                       collect_usable_link_contexts_provider,
+                                                       NULL);
+    }
+    if (print_mdns_socket_families) {
+        return print_mdns_socket_families_with_provider(stdout,
+                                                       collect_usable_link_contexts_provider,
+                                                       NULL);
+    }
 
     capture_only = (cfg.load_snapshot_path[0] == '\0' &&
                     (cfg.save_all_snapshot_path[0] != '\0' ||
@@ -3813,19 +6256,24 @@ int main(int argc, char **argv) {
         }
 
         if (!snapshot_capture_skipped) {
-            if (auto_ip && !auto_contexts_ready) {
-                if (wait_for_auto_iface_contexts(&auto_contexts, "mdns capture") == 0) {
-                    auto_contexts_ready = 1;
-                    log_iface_contexts("mdns capture auto-ip", &auto_contexts);
+            struct link_context_set capture_links;
+            int capture_links_ready = 0;
+            memset(&capture_links, 0, sizeof(capture_links));
+            if (auto_ip) {
+                if (wait_for_auto_link_contexts(&capture_links, "mdns capture") == 0) {
+                    capture_links_ready = 1;
+                    log_link_contexts("mdns capture auto-ip", &capture_links);
                 }
             }
-            if ((auto_ip && auto_contexts_ready &&
-                 capture_mdns_snapshot_auto_with_retry(&captured_records,
-                                                       &auto_contexts,
-                                                       &cfg,
-                                                       cfg.save_snapshot_path[0] != '\0') == 0) ||
+            if ((auto_ip && capture_links_ready &&
+                 capture_mdns_snapshot_links_with_retry(&captured_records, &capture_links) == 0) ||
                 (!auto_ip && capture_mdns_snapshot_raw_with_retry(&captured_records, cfg.ipv4_addr) == 0)) {
                 fprintf(stderr, "snapshot capture: captured %lu records\n", (unsigned long)captured_records.count);
+                if (captured_records.truncated) {
+                    fprintf(stderr,
+                            "snapshot capture: record list truncated; kept first %lu unique records in receive order\n",
+                            (unsigned long)captured_records.count);
+                }
                 if (cfg.save_all_snapshot_path[0] != '\0' &&
                     write_snapshot_file_atomic(cfg.save_all_snapshot_path, &captured_records) != 0) {
                     fprintf(stderr, "failed to write all snapshot file: %s\n", cfg.save_all_snapshot_path);
@@ -3892,23 +6340,29 @@ int main(int argc, char **argv) {
     mdns_dest.sin_port = htons(MDNS_PORT);
     mdns_dest.sin_addr.s_addr = inet_addr(MDNS_GROUP);
 
+    memset(&mdns_dest6, 0, sizeof(mdns_dest6));
+    mdns_dest6.sin6_family = AF_INET6;
+    mdns_dest6.sin6_port = htons(MDNS_PORT);
+    (void)inet_pton(AF_INET6, MDNS_GROUP_V6, &mdns_dest6.sin6_addr);
+
     if (auto_ip) {
         time_t last_iface_poll;
+        struct mdns_socket_pair sockets;
 
         if (!auto_contexts_ready) {
-            if (wait_for_auto_iface_contexts(&auto_contexts, "mdns runtime") != 0) {
+            if (wait_for_auto_advertise_link_contexts(&auto_links, "mdns runtime") != 0) {
                 return EXIT_AUTO_IP_UNAVAILABLE;
             }
             auto_contexts_ready = 1;
         }
-        log_iface_contexts("mdns runtime auto-ip", &auto_contexts);
-        sockfd = acquire_mdns_auto_socket(shared_bind, &auto_contexts);
-        if (sockfd < 0) {
+        log_link_contexts("mdns runtime auto-ip", &auto_links);
+        sockets.ipv4_fd = -1;
+        sockets.ipv6_fd = -1;
+        if (acquire_dualstack_mdns_sockets(shared_bind, &auto_links, &sockets) != 0) {
             return EXIT_SOCKET_ACQUIRE_FAILED;
         }
 
         startup_burst_start_ms = monotonic_millis();
-        last_announce = time(NULL);
         last_iface_poll = time(NULL);
 
         while (!g_stop) {
@@ -3918,58 +6372,57 @@ int main(int argc, char **argv) {
             long long now_ms;
             long long next_burst_ms = -1;
             long long wait_ms = 1000;
+            int maxfd = -1;
 
             if (time(NULL) - last_iface_poll >= AUTO_IP_STABLE_POLL_SECONDS) {
-                struct iface_context_set next_contexts;
-                memset(&next_contexts, 0, sizeof(next_contexts));
-                if (collect_usable_iface_contexts(&next_contexts) == 0 &&
-                    !iface_context_sets_equal(&auto_contexts, &next_contexts)) {
-                    struct iface_context_set stabilized_contexts;
+                struct link_context_set next_links;
+                memset(&next_links, 0, sizeof(next_links));
+                if (collect_usable_advertise_link_contexts_provider(&next_links, NULL) == 0 &&
+                    !link_context_sets_equal(&auto_links, &next_links)) {
+                    struct link_context_set stabilized_links;
                     fprintf(stderr, "mdns auto-ip: interface table changed; confirming after %ds stabilization\n",
                             AUTO_IP_STABILIZE_SECONDS);
-                    log_iface_contexts("mdns auto-ip old", &auto_contexts);
-                    log_iface_contexts("mdns auto-ip observed", &next_contexts);
+                    log_link_contexts("mdns auto-ip old", &auto_links);
+                    log_link_contexts("mdns auto-ip observed", &next_links);
                     sleep(AUTO_IP_STABILIZE_SECONDS);
-                    memset(&stabilized_contexts, 0, sizeof(stabilized_contexts));
-                    if (collect_usable_iface_contexts(&stabilized_contexts) == 0) {
-                        if (iface_context_sets_equal(&auto_contexts, &stabilized_contexts)) {
+                    memset(&stabilized_links, 0, sizeof(stabilized_links));
+                    if (collect_usable_advertise_link_contexts_provider(&stabilized_links, NULL) == 0) {
+                        if (link_context_sets_equal(&auto_links, &stabilized_links)) {
                             fprintf(stderr, "mdns auto-ip: observed interface change did not persist after stabilization\n");
                         } else {
-                            if (stabilized_contexts.count > 0) {
-                                log_iface_contexts("mdns auto-ip stabilized", &stabilized_contexts);
-                                if (prepare_mdns_auto_socket_for_contexts(sockfd, &auto_contexts, &stabilized_contexts) != 0) {
-                                    fprintf(stderr, "mdns auto-ip: could not apply stabilized interface contexts on existing socket; keeping previous contexts\n");
+                            if (stabilized_links.count > 0) {
+                                log_link_contexts("mdns auto-ip stabilized", &stabilized_links);
+                                if (apply_runtime_link_change(shared_bind,
+                                                              &sockets,
+                                                              &auto_links,
+                                                              &stabilized_links,
+                                                              &mdns_dest,
+                                                              &mdns_dest6,
+                                                              &cfg,
+                                                              &snapshot_records,
+                                                              use_snapshot_records) != 0) {
+                                    fprintf(stderr, "mdns auto-ip: could not apply stabilized address links; keeping previous links until next poll\n");
                                     last_iface_poll = time(NULL);
                                     continue;
                                 }
-                                send_context_goodbyes_for_missing(sockfd,
-                                                                  &auto_contexts,
-                                                                  &stabilized_contexts,
-                                                                  &mdns_dest,
-                                                                  &cfg,
-                                                                  &snapshot_records,
-                                                                  use_snapshot_records);
-                                retire_mdns_auto_socket_contexts(sockfd, &auto_contexts, &stabilized_contexts);
-                                auto_contexts = stabilized_contexts;
                             } else {
-                                fprintf(stderr, "mdns auto-ip: no usable IPv4 after stabilization; sending goodbyes and waiting\n");
-                                send_context_goodbyes(sockfd, &auto_contexts, &mdns_dest, &cfg, &snapshot_records, use_snapshot_records);
-                                retire_mdns_auto_socket_contexts(sockfd, &auto_contexts, &stabilized_contexts);
-                                memset(&auto_contexts, 0, sizeof(auto_contexts));
-                                if (wait_for_auto_iface_contexts(&stabilized_contexts, "mdns runtime") != 0) {
+                                fprintf(stderr, "mdns auto-ip: no usable address links after stabilization; sending goodbyes and waiting\n");
+                                send_link_goodbyes(&sockets, &auto_links, &mdns_dest, &mdns_dest6, &cfg, &snapshot_records, use_snapshot_records);
+                                close_mdns_socket_pair(&sockets);
+                                memset(&auto_links, 0, sizeof(auto_links));
+                                if (wait_for_auto_advertise_link_contexts(&stabilized_links, "mdns runtime") != 0) {
                                     break;
                                 }
-                                if (prepare_mdns_auto_socket_for_contexts(sockfd, &auto_contexts, &stabilized_contexts) != 0) {
-                                    fprintf(stderr, "mdns auto-ip: usable IPv4 returned but existing socket could not join new contexts\n");
+                                if (acquire_dualstack_mdns_sockets(shared_bind, &stabilized_links, &sockets) != 0) {
+                                    fprintf(stderr, "mdns auto-ip: usable address links returned but sockets could not be acquired\n");
                                     last_iface_poll = time(NULL);
                                     continue;
                                 }
-                                auto_contexts = stabilized_contexts;
+                                auto_links = stabilized_links;
                             }
-                            log_iface_contexts("mdns auto-ip active", &auto_contexts);
+                            log_link_contexts("mdns auto-ip active", &auto_links);
                             startup_burst_start_ms = monotonic_millis();
                             startup_burst_index = 0;
-                            last_announce = time(NULL);
                         }
                     }
                 }
@@ -3977,17 +6430,29 @@ int main(int argc, char **argv) {
             }
 
             now_ms = monotonic_millis();
+            (void)flush_deferred_response_if_due(now_ms);
             while (startup_burst_index < STARTUP_BURST_COUNT &&
-                   now_ms - startup_burst_start_ms >= (long long)startup_burst_offsets_ms[startup_burst_index]) {
-                announce_all_contexts(sockfd, &auto_contexts, &mdns_dest, &cfg, &snapshot_records, use_snapshot_records, "startup_announce");
+                   now_ms - startup_burst_start_ms >= (long long)g_startup_burst_offsets_ms[startup_burst_index]) {
+                announce_all_links(&sockets, &auto_links, &mdns_dest, &mdns_dest6, &cfg, &snapshot_records, use_snapshot_records, "startup_announce");
                 startup_burst_index++;
                 now_ms = monotonic_millis();
             }
 
             FD_ZERO(&rfds);
-            FD_SET(sockfd, &rfds);
+            if (sockets.ipv4_fd >= 0) {
+                FD_SET(sockets.ipv4_fd, &rfds);
+                if (sockets.ipv4_fd > maxfd) {
+                    maxfd = sockets.ipv4_fd;
+                }
+            }
+            if (sockets.ipv6_fd >= 0) {
+                FD_SET(sockets.ipv6_fd, &rfds);
+                if (sockets.ipv6_fd > maxfd) {
+                    maxfd = sockets.ipv6_fd;
+                }
+            }
             if (startup_burst_index < STARTUP_BURST_COUNT) {
-                next_burst_ms = startup_burst_start_ms + (long long)startup_burst_offsets_ms[startup_burst_index];
+                next_burst_ms = startup_burst_start_ms + (long long)g_startup_burst_offsets_ms[startup_burst_index];
                 wait_ms = next_burst_ms - now_ms;
                 if (wait_ms < 0) {
                     wait_ms = 0;
@@ -3995,11 +6460,12 @@ int main(int argc, char **argv) {
                     wait_ms = 1000;
                 }
             }
+            wait_ms = deferred_response_adjust_wait_ms(now_ms, wait_ms);
             tv.tv_sec = (time_t)(wait_ms / 1000);
             tv.tv_usec = (suseconds_t)((wait_ms % 1000) * 1000);
 
             {
-                int selected = select(sockfd + 1, &rfds, NULL, NULL, &tv);
+                int selected = maxfd >= 0 ? select(maxfd + 1, &rfds, NULL, NULL, &tv) : -1;
                 if (selected < 0) {
                     if (errno == EINTR) {
                         continue;
@@ -4007,37 +6473,66 @@ int main(int argc, char **argv) {
                     perror("select");
                     break;
                 }
-                if (selected > 0 && FD_ISSET(sockfd, &rfds)) {
+                if (selected > 0 && sockets.ipv4_fd >= 0 && FD_ISSET(sockets.ipv4_fd, &rfds)) {
                     struct sockaddr_in src;
                     socklen_t src_len = sizeof(src);
-                    ssize_t nread = recvfrom(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&src, &src_len);
+                    ssize_t nread = recvfrom(sockets.ipv4_fd, packet, sizeof(packet), 0, (struct sockaddr *)&src, &src_len);
                     if (nread > 0) {
-                        const struct iface_context *ctx = select_response_context(&auto_contexts, &src);
-                        if (ctx != NULL &&
-                            (set_context_outbound_interface(sockfd, ctx) != 0 ||
-                             handle_query(sockfd, packet, (size_t)nread, &mdns_dest, &src, &cfg, ctx->ipv4_addr, &snapshot_records, use_snapshot_records) != 0)) {
+                        const struct link_context *link = select_response_link_ipv4(&auto_links, &src);
+                        if (link != NULL &&
+                            (set_link_outbound_interface4_for_peer(sockets.ipv4_fd, link, src.sin_addr.s_addr) != 0 ||
+                             handle_query(sockets.ipv4_fd, packet, (size_t)nread, &mdns_dest, &src, &cfg, link, &snapshot_records, use_snapshot_records) != 0)) {
                             char detail[160];
-                            char ip_buf[INET_ADDRSTRLEN];
-                            snprintf(detail, sizeof(detail), "iface=%s ip=%s packet_len=%ld from=%s:%u",
-                                     ctx->name,
-                                     ipv4_to_string(ctx->ipv4_addr, ip_buf, sizeof(ip_buf)),
+                            snprintf(detail, sizeof(detail), "iface=%s packet_len=%ld from=%s:%u",
+                                     link->name,
                                      (long)nread, inet_ntoa(src.sin_addr), (unsigned int)ntohs(src.sin_port));
                             log_send_failure("query_response", &mdns_dest, use_snapshot_records, detail);
                         }
                     }
                 }
+                if (selected > 0 && sockets.ipv6_fd >= 0 && FD_ISSET(sockets.ipv6_fd, &rfds)) {
+                    struct sockaddr_in6 src6;
+                    socklen_t src6_len = sizeof(src6);
+                    ssize_t nread = recvfrom(sockets.ipv6_fd, packet, sizeof(packet), 0, (struct sockaddr *)&src6, &src6_len);
+                    if (nread > 0) {
+                        const struct link_context *link = select_response_link_ipv6(&auto_links, &src6);
+                        if (link != NULL) {
+                            struct sockaddr_in6 scoped_dest6;
+                            int query_status;
+                            scoped_mdns_dest6_for_link(&scoped_dest6, &mdns_dest6, link);
+                            query_status = set_link_outbound_interface6(sockets.ipv6_fd, link);
+                            if (query_status == 0) {
+                                query_status = handle_query_any(sockets.ipv6_fd,
+                                                                packet,
+                                                                (size_t)nread,
+                                                                (const struct sockaddr *)&scoped_dest6,
+                                                                sizeof(scoped_dest6),
+                                                                (const struct sockaddr *)&src6,
+                                                                src6_len,
+                                                                &cfg,
+                                                                link,
+                                                                &snapshot_records,
+                                                                use_snapshot_records);
+                            }
+                            if (query_status != 0) {
+                                char srcbuf[96];
+                                format_sockaddr_addr((const struct sockaddr *)&src6, srcbuf, sizeof(srcbuf));
+                                fprintf(stderr,
+                                        "mdns send failure: stage=query_response records=%s detail=iface=%s packet_len=%ld from=%s\n",
+                                        use_snapshot_records ? "snapshot" : "generated",
+                                        link->name,
+                                        (long)nread,
+                                        srcbuf);
+                            }
+                        }
+                    }
+                }
             }
 
-            if (time(NULL) - last_announce >= ANNOUNCE_INTERVAL) {
-                announce_all_contexts(sockfd, &auto_contexts, &mdns_dest, &cfg, &snapshot_records, use_snapshot_records, "periodic_announce");
-                last_announce = time(NULL);
-            }
         }
 
-        if (sockfd >= 0) {
-            send_context_goodbyes(sockfd, &auto_contexts, &mdns_dest, &cfg, &snapshot_records, use_snapshot_records);
-            close(sockfd);
-        }
+        send_link_goodbyes(&sockets, &auto_links, &mdns_dest, &mdns_dest6, &cfg, &snapshot_records, use_snapshot_records);
+        close_mdns_socket_pair(&sockets);
         return 0;
     }
 
@@ -4047,7 +6542,6 @@ int main(int argc, char **argv) {
     }
 
     startup_burst_start_ms = monotonic_millis();
-    last_announce = time(NULL);
 
     while (!g_stop) {
         fd_set rfds;
@@ -4059,12 +6553,15 @@ int main(int argc, char **argv) {
         long long wait_ms = 1000;
 
         now_ms = monotonic_millis();
+        (void)flush_deferred_response_if_due(now_ms);
         while (startup_burst_index < STARTUP_BURST_COUNT &&
-               now_ms - startup_burst_start_ms >= (long long)startup_burst_offsets_ms[startup_burst_index]) {
-            if (send_announcement(sockfd, &mdns_dest, &cfg, cfg.ipv4_addr, cfg.ttl, &snapshot_records, use_snapshot_records) != 0) {
+               now_ms - startup_burst_start_ms >= (long long)g_startup_burst_offsets_ms[startup_burst_index]) {
+            struct link_context link;
+            init_explicit_link_context(&link, cfg.ipv4_addr);
+            if (send_announcement(sockfd, &mdns_dest, &cfg, &link, cfg.ttl, &snapshot_records, use_snapshot_records) != 0) {
                 char detail[96];
                 snprintf(detail, sizeof(detail), "burst_index=%lu offset_ms=%u",
-                         (unsigned long)startup_burst_index, startup_burst_offsets_ms[startup_burst_index]);
+                         (unsigned long)startup_burst_index, g_startup_burst_offsets_ms[startup_burst_index]);
                 log_send_failure("startup_announce", &mdns_dest, use_snapshot_records, detail);
             }
             startup_burst_index++;
@@ -4074,7 +6571,7 @@ int main(int argc, char **argv) {
         FD_ZERO(&rfds);
         FD_SET(sockfd, &rfds);
         if (startup_burst_index < STARTUP_BURST_COUNT) {
-            next_burst_ms = startup_burst_start_ms + (long long)startup_burst_offsets_ms[startup_burst_index];
+            next_burst_ms = startup_burst_start_ms + (long long)g_startup_burst_offsets_ms[startup_burst_index];
             wait_ms = next_burst_ms - now_ms;
             if (wait_ms < 0) {
                 wait_ms = 0;
@@ -4082,6 +6579,7 @@ int main(int argc, char **argv) {
                 wait_ms = 1000;
             }
         }
+        wait_ms = deferred_response_adjust_wait_ms(now_ms, wait_ms);
         tv.tv_sec = (time_t)(wait_ms / 1000);
         tv.tv_usec = (suseconds_t)((wait_ms % 1000) * 1000);
 
@@ -4090,7 +6588,9 @@ int main(int argc, char **argv) {
             socklen_t src_len = sizeof(src);
             nread = recvfrom(sockfd, packet, sizeof(packet), 0, (struct sockaddr *)&src, &src_len);
             if (nread > 0) {
-                if (handle_query(sockfd, packet, (size_t)nread, &mdns_dest, &src, &cfg, cfg.ipv4_addr, &snapshot_records, use_snapshot_records) != 0) {
+                struct link_context link;
+                init_explicit_link_context(&link, cfg.ipv4_addr);
+                if (handle_query(sockfd, packet, (size_t)nread, &mdns_dest, &src, &cfg, &link, &snapshot_records, use_snapshot_records) != 0) {
                     char detail[128];
                     snprintf(detail, sizeof(detail), "packet_len=%ld from=%s:%u",
                              (long)nread, inet_ntoa(src.sin_addr), (unsigned int)ntohs(src.sin_port));
@@ -4099,20 +6599,13 @@ int main(int argc, char **argv) {
             }
         }
 
-        if (time(NULL) - last_announce >= ANNOUNCE_INTERVAL) {
-            if (send_announcement(sockfd, &mdns_dest, &cfg, cfg.ipv4_addr, cfg.ttl, &snapshot_records, use_snapshot_records) != 0) {
-                char detail[96];
-                snprintf(detail, sizeof(detail), "interval=%d last_announce_age=%ld",
-                         ANNOUNCE_INTERVAL, (long)(time(NULL) - last_announce));
-                log_send_failure("periodic_announce", &mdns_dest, use_snapshot_records, detail);
-            }
-            last_announce = time(NULL);
-        }
     }
 
+    clear_deferred_response_for_sockfd(sockfd);
     close(sockfd);
     return 0;
 }
 
 #undef fprintf
 #undef perror
+#undef MDNS_UNUSED
diff --git a/src/timecapsulesmb/assets/artifact-manifest.json b/src/timecapsulesmb/assets/artifact-manifest.json
index 64e81f0..a8d7ba7 100644
--- a/src/timecapsulesmb/assets/artifact-manifest.json
+++ b/src/timecapsulesmb/assets/artifact-manifest.json
@@ -2,27 +2,27 @@
   "artifacts": {
     "mdns-advertiser": {
       "path": "bin/mdns/mdns-advertiser",
-      "sha256": "82245f3a581d196c9cad98d076d29769c0cf0dc4052681ddd8b4a050be0b0722"
+      "sha256": "1a072c376e56e43ec03c8a9158926dfd6c7a6486c4ebf23e30978e293f0629fb"
     },
     "mdns-advertiser-netbsd4le": {
       "path": "bin/mdns-netbsd4le/mdns-advertiser",
-      "sha256": "9e63f0a4c2c483fd4c3b6727cd2005f363abe734c74ab14f1185c32d01823016"
+      "sha256": "8dfb9461c57f8a45a531bd4b822e602e49b7d017adb2877cd04915d81a08d3f1"
     },
     "mdns-advertiser-netbsd4be": {
       "path": "bin/mdns-netbsd4be/mdns-advertiser",
-      "sha256": "bdd638d4cca35d95307e4d93feba4ced1300fde4d96406e38d99f9747f00723d"
+      "sha256": "390a00fdc40b49e4c5698f942aa7e83a66bfd0821bd47e982a40945c1fed51cf"
     },
     "nbns-advertiser": {
       "path": "bin/nbns/nbns-advertiser",
-      "sha256": "5dd1b7df3dedcbc5dd6e6d2575a3c141cad9757d09d3e94e836cee72d3c08e66"
+      "sha256": "717c588d32f74f1d2b4ce9e3201fd2a46bc4fed3aa79810a81b3f1ed456c2f08"
     },
     "nbns-advertiser-netbsd4le": {
       "path": "bin/nbns-netbsd4le/nbns-advertiser",
-      "sha256": "ffd0908e2803dd254e16ef9379000221037668be5735c86656c258ff44810d02"
+      "sha256": "f261078b379b898468b56988047a92f7181444582c0aa99c91a8fb8970046194"
     },
     "nbns-advertiser-netbsd4be": {
       "path": "bin/nbns-netbsd4be/nbns-advertiser",
-      "sha256": "1c58af90353388535d9497573fa5151226ed0ed094a0f4b36788607b2c4b3078"
+      "sha256": "366169b448badfea93f150d4fa707e97e0fb7afee4eec8d341785a606406e29a"
     },
     "smbd": {
       "path": "bin/samba4/smbd",
diff --git a/src/timecapsulesmb/assets/boot/samba4/common.d/45-network-bind.sh b/src/timecapsulesmb/assets/boot/samba4/common.d/45-network-bind.sh
index ca4f457..c132623 100644
--- a/src/timecapsulesmb/assets/boot/samba4/common.d/45-network-bind.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/common.d/45-network-bind.sh
@@ -28,15 +28,37 @@ tc_smb_bind_token_is_ipv4_cidr() {
     return 0
 }
 
-tc_normalize_smb_bind_cidrs() {
-    cidrs=$1
+tc_smb_bind_token_is_ipv6_cidr() {
+    token=$1
+
+    case "$token" in
+        ""|/*|*/|*/*/*|*[!0123456789abcdefABCDEF:./]*) return 1 ;;
+        *:*) ;;
+        *) return 1 ;;
+    esac
+
+    prefix_part=${token#*/}
+    case "$prefix_part" in
+        ""|*[!0123456789]*) return 1 ;;
+    esac
+    [ "$prefix_part" -le 128 ] 2>/dev/null || return 1
+
+    return 0
+}
+
+tc_smb_bind_token_is_cidr() {
+    tc_smb_bind_token_is_ipv4_cidr "$1" || tc_smb_bind_token_is_ipv6_cidr "$1"
+}
+
+tc_normalize_smb_bind_tokens() {
+    bind_tokens=$1
     normalized=
 
-    set -- $cidrs
+    set -- $bind_tokens
     [ "$#" -gt 0 ] || return 1
 
     for cidr_token in "$@"; do
-        tc_smb_bind_token_is_ipv4_cidr "$cidr_token" || return 1
+        tc_smb_bind_token_is_cidr "$cidr_token" || return 1
         if [ -n "$normalized" ]; then
             normalized="$normalized $cidr_token"
         else
@@ -47,15 +69,69 @@ tc_normalize_smb_bind_cidrs() {
     printf '%s\n' "$normalized"
 }
 
+tc_normalize_smb_bind_cidrs() {
+    tc_normalize_smb_bind_tokens "$1"
+}
+
+tc_normalize_mdns_socket_families() {
+    families=$1
+    saw_ipv4=0
+    saw_ipv6=0
+    normalized=
+
+    set -- $families
+    [ "$#" -gt 0 ] || return 1
+
+    for family_token in "$@"; do
+        case "$family_token" in
+            ipv4)
+                [ "$saw_ipv4" = "0" ] || return 1
+                saw_ipv4=1
+                ;;
+            ipv6)
+                [ "$saw_ipv6" = "0" ] || return 1
+                saw_ipv6=1
+                ;;
+            *) return 1 ;;
+        esac
+    done
+
+    if [ "$saw_ipv4" = "1" ]; then
+        normalized=ipv4
+    fi
+    if [ "$saw_ipv6" = "1" ]; then
+        if [ -n "$normalized" ]; then
+            normalized="$normalized ipv6"
+        else
+            normalized=ipv6
+        fi
+    fi
+
+    [ -n "$normalized" ] || return 1
+    printf '%s\n' "$normalized"
+}
+
 tc_probe_auto_ip_cidrs() {
     [ -x "$TC_MDNS_BIN" ] || return 1
     cidrs=$("$TC_MDNS_BIN" --print-auto-ip-cidrs 2>/dev/null) || return $?
     tc_normalize_smb_bind_cidrs "$cidrs" || return 1
 }
 
+tc_probe_smb_bind_tokens() {
+    [ -x "$TC_MDNS_BIN" ] || return 1
+    bind_tokens=$("$TC_MDNS_BIN" --print-smb-bind-interfaces 2>/dev/null) || return $?
+    tc_normalize_smb_bind_tokens "$bind_tokens" || return 1
+}
+
+tc_probe_mdns_socket_families() {
+    [ -x "$TC_MDNS_BIN" ] || return 1
+    families=$("$TC_MDNS_BIN" --print-mdns-socket-families 2>/dev/null) || return $?
+    tc_normalize_mdns_socket_families "$families" || return 1
+}
+
 tc_probe_smb_bind_interfaces() {
-    cidrs=$(tc_probe_auto_ip_cidrs) || return $?
-    printf '127.0.0.1/8 %s\n' "$cidrs"
+    bind_tokens=$(tc_probe_smb_bind_tokens) || return $?
+    printf '127.0.0.1/8 ::1/128 %s\n' "$bind_tokens"
 }
 
 tc_auto_ip_unavailable_status() {
@@ -65,27 +141,27 @@ tc_auto_ip_unavailable_status() {
 tc_mark_smb_deferred_no_ip() {
     TC_WATCHDOG_SMB_DEFERRED_NO_IP=1
     if [ "${TC_SMB_IPV4_WAIT_LOGGED:-0}" != "1" ]; then
-        tc_log "Samba IPv4 bind discovery deferred; no usable IPv4 has appeared yet"
+        tc_log "Samba bind discovery deferred; no usable address has appeared yet"
         TC_SMB_IPV4_WAIT_LOGGED=1
     fi
 }
 
 tc_wait_for_smb_ipv4() {
     if [ ! -x "$TC_MDNS_BIN" ]; then
-        tc_log "Samba IPv4 bind discovery failed; missing $TC_MDNS_BIN"
+        tc_log "Samba bind discovery failed; missing $TC_MDNS_BIN"
         return 1
     fi
 
     while :; do
-        if cidrs=$(tc_probe_auto_ip_cidrs); then
-            tc_log "Samba IPv4 bind discovery: first usable IPv4 observed: $cidrs"
+        if bind_tokens=$(tc_probe_smb_bind_tokens); then
+            tc_log "Samba bind discovery: first usable address observed: $bind_tokens"
             return 0
         else
             probe_status=$?
         fi
 
         if ! tc_auto_ip_unavailable_status "$probe_status"; then
-            tc_log "Samba IPv4 bind discovery failed with exit code $probe_status"
+            tc_log "Samba bind discovery failed with exit code $probe_status"
             return 1
         fi
 
@@ -98,7 +174,7 @@ tc_refresh_smb_bind_interfaces() {
     if bind_interfaces=$(tc_probe_smb_bind_interfaces); then
         TC_SMB_BIND_INTERFACES=$bind_interfaces
         TC_WATCHDOG_SMB_DEFERRED_NO_IP=0
-        tc_log "Samba IPv4 bind interfaces: $TC_SMB_BIND_INTERFACES"
+        tc_log "Samba bind interfaces: $TC_SMB_BIND_INTERFACES"
         return 0
     else
         probe_status=$?
@@ -107,14 +183,14 @@ tc_refresh_smb_bind_interfaces() {
     if tc_auto_ip_unavailable_status "$probe_status"; then
         tc_mark_smb_deferred_no_ip
     else
-        tc_log "Samba IPv4 bind interface probe failed with exit code $probe_status"
+        tc_log "Samba bind interface probe failed with exit code $probe_status"
     fi
     return 1
 }
 
 tc_prepare_smb_bind_context() {
     tc_wait_for_smb_ipv4 || return 1
-    tc_log "Samba IPv4 bind discovery: waiting ${TC_SMB_IPV4_SETTLE_SECONDS}s for network stabilization"
+    tc_log "Samba bind discovery: waiting ${TC_SMB_IPV4_SETTLE_SECONDS}s for network stabilization"
     sleep "$TC_SMB_IPV4_SETTLE_SECONDS"
     tc_refresh_smb_bind_interfaces
 }
diff --git a/src/timecapsulesmb/assets/boot/samba4/common.d/50-runtime-staging.sh b/src/timecapsulesmb/assets/boot/samba4/common.d/50-runtime-staging.sh
index 35a6324..dcc8eed 100644
--- a/src/timecapsulesmb/assets/boot/samba4/common.d/50-runtime-staging.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/common.d/50-runtime-staging.sh
@@ -114,7 +114,7 @@ tc_stage_disk_runtime() {
     tc_stage_runtime "$TC_PAYLOAD_DIR" "$SMBD_SRC" "$NBNS_SRC"
     if [ -z "$TC_SMB_BIND_INTERFACES" ]; then
         tc_refresh_smb_bind_interfaces || {
-            tc_log "runtime staging failed: no usable IPv4 bind interface is available"
+            tc_log "runtime staging failed: no usable bind address is available"
             return 1
         }
     fi
@@ -293,7 +293,7 @@ tc_generate_smb_conf() {
     netbios name = $SMB_NETBIOS_NAME
     workgroup = WORKGROUP
     # Samba's interface enumeration can race boot networking on Time Capsule.
-    # Bind to the IPv4 CIDRs discovered immediately before rendering config.
+    # Bind to explicit IPv4/IPv6 CIDRs discovered immediately before rendering config.
     interfaces = $TC_SMB_BIND_INTERFACES
     bind interfaces only = yes
     server string = $SMB_SERVER_STRING
diff --git a/src/timecapsulesmb/assets/boot/samba4/common.d/60-advertisers.sh b/src/timecapsulesmb/assets/boot/samba4/common.d/60-advertisers.sh
index a1b35a1..66251bb 100644
--- a/src/timecapsulesmb/assets/boot/samba4/common.d/60-advertisers.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/common.d/60-advertisers.sh
@@ -229,13 +229,17 @@ tc_run_mdns_snapshot_command() {
 }
 
 tc_mdns_auto_ip_available() {
+    tc_probe_mdns_socket_families >/dev/null 2>&1
+}
+
+tc_nbns_auto_ip_available() {
     tc_probe_auto_ip_cidrs >/dev/null 2>&1
 }
 
 tc_mark_mdns_deferred_no_ip() {
     TC_WATCHDOG_MDNS_DEFERRED_NO_IP=1
     if [ "$TC_MDNS_AUTO_IP_WAIT_LOGGED" != "1" ]; then
-        tc_log "mDNS startup deferred; no usable IPv4 has appeared yet"
+        tc_log "mDNS startup deferred; no usable address has appeared yet"
         TC_MDNS_AUTO_IP_WAIT_LOGGED=1
     fi
 }
@@ -251,10 +255,10 @@ tc_ensure_mdns_auto_ip_seen() {
         return 1
     fi
 
-    tc_log "mDNS auto-ip check: running $TC_MDNS_BIN --print-auto-ip-cidrs"
+    tc_log "mDNS auto-ip check: running $TC_MDNS_BIN --print-mdns-socket-families"
     if tc_mdns_auto_ip_available; then
         TC_MDNS_AUTO_IP_SEEN=1
-        tc_log "mDNS auto-ip check: usable IPv4 is available"
+        tc_log "mDNS auto-ip check: usable address is available"
         tc_log "mDNS auto-ip is available; starting capture and advertiser"
         return 0
     else
@@ -262,7 +266,7 @@ tc_ensure_mdns_auto_ip_seen() {
     fi
 
     if tc_auto_ip_unavailable_status "$mdns_auto_ip_status"; then
-        tc_log "mDNS auto-ip check: no usable IPv4 yet"
+        tc_log "mDNS auto-ip check: no usable address yet"
         tc_mark_mdns_deferred_no_ip
     else
         TC_WATCHDOG_MDNS_UNAVAILABLE=1
diff --git a/src/timecapsulesmb/assets/boot/samba4/common.d/70-smbd-service.sh b/src/timecapsulesmb/assets/boot/samba4/common.d/70-smbd-service.sh
index 012fde8..dc920f7 100644
--- a/src/timecapsulesmb/assets/boot/samba4/common.d/70-smbd-service.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/common.d/70-smbd-service.sh
@@ -1,12 +1,59 @@
-tc_fstat_line_is_ipv4_tcp_445() {
-    case "$1" in
-        *" internet stream tcp "*":445"*) return 0 ;;
+tc_fstat_line_matches_socket() {
+    family=$1
+    sock_type=$2
+    proto=$3
+    port=$4
+    line=$5
+
+    case "$line" in
+        *" $family $sock_type $proto "*":$port"*) return 0 ;;
         *) return 1 ;;
     esac
 }
 
+tc_runtime_process_table() {
+    /bin/ps axww -o pid= -o stat= -o ucomm= -o command= 2>/dev/null
+}
+
+tc_runtime_fstat_pid() {
+    /usr/bin/fstat -p "$1" 2>/dev/null
+}
+
+tc_fstat_line_is_ipv4_tcp_445() {
+    tc_fstat_line_matches_socket internet stream tcp 445 "$1"
+}
+
+tc_fstat_line_is_ipv6_tcp_445() {
+    tc_fstat_line_matches_socket internet6 stream tcp 445 "$1"
+}
+
+tc_bind_interfaces_have_ipv6() {
+    set -- ${TC_SMB_BIND_INTERFACES:-}
+    for token in "$@"; do
+        case "$token" in
+            ::1/128) ;;
+            *:*) return 0 ;;
+        esac
+    done
+    return 1
+}
+
 tc_smbd_bound_ipv4_445() {
-    if ps_out=$(/bin/ps axww -o pid= -o stat= -o ucomm= -o command= 2>/dev/null); then
+    tc_process_has_fstat_socket smbd internet stream tcp 445
+}
+
+tc_smbd_bound_ipv6_445() {
+    tc_process_has_fstat_socket smbd internet6 stream tcp 445
+}
+
+tc_process_has_fstat_socket() {
+    proc_name=$1
+    family=$2
+    sock_type=$3
+    proto=$4
+    port=$5
+
+    if ps_out=$(tc_runtime_process_table); then
         old_ifs=$IFS
         IFS='
 '
@@ -20,14 +67,14 @@ tc_smbd_bound_ipv4_445() {
             case "$2" in
                 Z*) continue ;;
             esac
-            [ "$3" = "smbd" ] || continue
+            [ "$3" = "$proc_name" ] || continue
 
-            if fstat_out=$(/usr/bin/fstat -p "$1" 2>/dev/null); then
+            if fstat_out=$(tc_runtime_fstat_pid "$1"); then
                 fstat_ifs=$IFS
                 IFS='
 '
                 for fstat_line in $fstat_out; do
-                    if tc_fstat_line_is_ipv4_tcp_445 "$fstat_line"; then
+                    if tc_fstat_line_matches_socket "$family" "$sock_type" "$proto" "$port" "$fstat_line"; then
                         IFS=$old_ifs
                         return 0
                     fi
@@ -41,50 +88,49 @@ tc_smbd_bound_ipv4_445() {
     return 1
 }
 
+tc_smbd_bound_tcp_445() {
+    if tc_bind_interfaces_have_nonloopback_ipv4; then
+        tc_smbd_bound_ipv4_445 || return 1
+    fi
+    if tc_bind_interfaces_have_ipv6; then
+        tc_smbd_bound_ipv6_445 || return 1
+    fi
+    if ! tc_bind_interfaces_have_nonloopback_ipv4 && ! tc_bind_interfaces_have_ipv6; then
+        tc_smbd_bound_ipv4_445 || return 1
+    fi
+    return 0
+}
+
 tc_fstat_line_is_ipv4_udp_port() {
-    port=$1
-    case "$2" in
-        *" internet dgram udp "*":$port"*) return 0 ;;
-        *) return 1 ;;
-    esac
+    tc_fstat_line_matches_socket internet dgram udp "$1" "$2"
+}
+
+tc_fstat_line_is_ipv6_udp_port() {
+    tc_fstat_line_matches_socket internet6 dgram udp "$1" "$2"
 }
 
 tc_process_bound_ipv4_udp_port() {
     proc_name=$1
     port=$2
 
-    if ps_out=$(/bin/ps axww -o pid= -o stat= -o ucomm= -o command= 2>/dev/null); then
-        old_ifs=$IFS
-        IFS='
-'
-        for line in $ps_out; do
-            [ -n "$line" ] || continue
-            line_ifs=$IFS
-            IFS=' 	'
-            set -- $line
-            IFS=$line_ifs
-            [ "$#" -ge 3 ] || continue
-            case "$2" in
-                Z*) continue ;;
-            esac
-            [ "$3" = "$proc_name" ] || continue
+    tc_process_has_fstat_socket "$proc_name" internet dgram udp "$port"
+}
 
-            if fstat_out=$(/usr/bin/fstat -p "$1" 2>/dev/null); then
-                fstat_ifs=$IFS
-                IFS='
-'
-                for fstat_line in $fstat_out; do
-                    if tc_fstat_line_is_ipv4_udp_port "$port" "$fstat_line"; then
-                        IFS=$old_ifs
-                        return 0
-                    fi
-                done
-                IFS=$fstat_ifs
-            fi
-        done
-        IFS=$old_ifs
-    fi
+tc_process_bound_ipv6_udp_port() {
+    proc_name=$1
+    port=$2
+
+    tc_process_has_fstat_socket "$proc_name" internet6 dgram udp "$port"
+}
 
+tc_bind_interfaces_have_nonloopback_ipv4() {
+    set -- ${TC_SMB_BIND_INTERFACES:-}
+    for token in "$@"; do
+        case "$token" in
+            127.*) ;;
+            *.*/*) return 0 ;;
+        esac
+    done
     return 1
 }
 
@@ -96,11 +142,43 @@ tc_mdns_bound_ipv4_udp_5353() {
     tc_process_bound_ipv4_udp_port "$MDNS_PROC_NAME" 5353
 }
 
+tc_mdns_bound_ipv6_udp_5353() {
+    tc_process_bound_ipv6_udp_port "$MDNS_PROC_NAME" 5353
+}
+
+tc_mdns_health_socket_family() {
+    families=$(tc_probe_mdns_socket_families) || return $?
+
+    set -- $families
+    for family in "$@"; do
+        if [ "$family" = "ipv4" ]; then
+            printf '%s\n' ipv4
+            return 0
+        fi
+    done
+    for family in "$@"; do
+        if [ "$family" = "ipv6" ]; then
+            printf '%s\n' ipv6
+            return 0
+        fi
+    done
+    return 1
+}
+
+tc_mdns_bound_udp_5353() {
+    family=$(tc_mdns_health_socket_family) || return $?
+    case "$family" in
+        ipv4) tc_mdns_bound_ipv4_udp_5353 ;;
+        ipv6) tc_mdns_bound_ipv6_udp_5353 ;;
+        *) return 1 ;;
+    esac
+}
+
 tc_wait_for_smbd_ipv4_445() {
     max_attempts=${1:-10}
     attempt=0
     while [ "$attempt" -lt "$max_attempts" ]; do
-        if tc_smbd_bound_ipv4_445; then
+        if tc_smbd_bound_tcp_445; then
             return 0
         fi
         attempt=$((attempt + 1))
@@ -148,7 +226,7 @@ tc_start_smbd() {
     if wait_for_process smbd 15 && tc_wait_for_smbd_ipv4_445 15; then
         return 0
     fi
-    tc_log "smbd IPv4 TCP 445 listener was not observed after launch"
+    tc_log "smbd TCP 445 listener was not observed after launch"
     tc_log_smbd_socket_diagnostics
     stop_runtime_process_by_ucomm "smbd" smbd || true
     return 1
@@ -203,10 +281,10 @@ tc_prepare_smbd_recovery_disk_runtime() {
 
 tc_start_smbd_if_needed() {
     if runtime_process_present_by_ucomm smbd; then
-        if tc_smbd_bound_ipv4_445; then
+        if tc_smbd_bound_tcp_445; then
             return 0
         fi
-        tc_log "watchdog recovery: smbd is running without IPv4 TCP 445; restarting"
+        tc_log "watchdog recovery: smbd is running without required TCP 445 listeners; restarting"
         tc_log_smbd_socket_diagnostics
         stop_runtime_process_by_ucomm "smbd" smbd || return 1
     fi
@@ -226,7 +304,7 @@ tc_start_smbd_if_needed() {
     if wait_for_process smbd 15 && tc_wait_for_smbd_ipv4_445 15; then
         return 0
     fi
-    tc_log "watchdog recovery: smbd restart failed to bind IPv4 TCP 445"
+    tc_log "watchdog recovery: smbd restart failed to bind required TCP 445 listeners"
     tc_log_smbd_socket_diagnostics
     stop_runtime_process_by_ucomm "smbd" smbd || true
     return 1
diff --git a/src/timecapsulesmb/assets/boot/samba4/common.d/80-watchdog.sh b/src/timecapsulesmb/assets/boot/samba4/common.d/80-watchdog.sh
index 021a537..b272906 100644
--- a/src/timecapsulesmb/assets/boot/samba4/common.d/80-watchdog.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/common.d/80-watchdog.sh
@@ -202,16 +202,16 @@ tc_live_reload_disk_runtime() {
         if [ -z "$old_bind_interfaces" ] || [ "$fresh_bind_interfaces" != "$old_bind_interfaces" ]; then
             TC_SMB_BIND_INTERFACES=$fresh_bind_interfaces
             bind_interfaces_changed=1
-            tc_log "watchdog recovery: Samba IPv4 bind interfaces changed during live refresh: ${old_bind_interfaces:-none} -> $TC_SMB_BIND_INTERFACES"
+            tc_log "watchdog recovery: Samba bind interfaces changed during live refresh: ${old_bind_interfaces:-none} -> $TC_SMB_BIND_INTERFACES"
         fi
     else
         bind_probe_status=$?
         if [ -z "${TC_SMB_BIND_INTERFACES:-}" ]; then
-            tc_log "watchdog recovery: live disk runtime refresh failed; no usable IPv4 bind interface is available"
+            tc_log "watchdog recovery: live disk runtime refresh failed; no usable bind address is available"
             return 1
         fi
         if ! tc_auto_ip_unavailable_status "$bind_probe_status"; then
-            tc_log "watchdog recovery: live disk runtime refresh failed; Samba IPv4 bind probe exited $bind_probe_status"
+            tc_log "watchdog recovery: live disk runtime refresh failed; Samba bind probe exited $bind_probe_status"
             return 1
         fi
     fi
@@ -290,7 +290,7 @@ tc_all_managed_services_healthy() {
         if ! runtime_process_present_by_ucomm smbd; then
             return 1
         fi
-        if ! tc_smbd_bound_ipv4_445; then
+        if ! tc_smbd_bound_tcp_445; then
             return 1
         fi
     fi
@@ -303,7 +303,7 @@ tc_all_managed_services_healthy() {
         if ! runtime_process_present_by_ucomm "$MDNS_PROC_NAME"; then
             return 1
         fi
-        if ! tc_mdns_bound_ipv4_udp_5353; then
+        if ! tc_mdns_bound_udp_5353; then
             return 1
         fi
     fi
@@ -391,11 +391,11 @@ tc_watchdog_initialize_smb_bind_interfaces() {
     fi
 
     if tc_refresh_smb_bind_interfaces; then
-        tc_log "watchdog startup: initialized Samba IPv4 bind interfaces from live probe"
+        tc_log "watchdog startup: initialized Samba bind interfaces from live probe"
         return 0
     fi
 
-    tc_log "watchdog startup: Samba IPv4 bind interface initialization deferred"
+    tc_log "watchdog startup: Samba bind interface initialization deferred"
     return 0
 }
 
@@ -420,7 +420,7 @@ tc_watchdog_reconcile_smb_bind_interfaces() {
     if fresh_bind_interfaces=$(tc_probe_smb_bind_interfaces); then
         if [ -z "${TC_SMB_BIND_INTERFACES:-}" ]; then
             TC_SMB_BIND_INTERFACES=$fresh_bind_interfaces
-            tc_log "watchdog pass: initialized Samba IPv4 bind interfaces: $TC_SMB_BIND_INTERFACES"
+            tc_log "watchdog pass: initialized Samba bind interfaces: $TC_SMB_BIND_INTERFACES"
             return 0
         fi
         if [ "$fresh_bind_interfaces" = "$TC_SMB_BIND_INTERFACES" ]; then
@@ -429,7 +429,7 @@ tc_watchdog_reconcile_smb_bind_interfaces() {
 
         old_bind_interfaces=$TC_SMB_BIND_INTERFACES
         TC_SMB_BIND_INTERFACES=$fresh_bind_interfaces
-        tc_log "watchdog pass: Samba IPv4 bind interfaces changed: $old_bind_interfaces -> $TC_SMB_BIND_INTERFACES"
+        tc_log "watchdog pass: Samba bind interfaces changed: $old_bind_interfaces -> $TC_SMB_BIND_INTERFACES"
         if ! tc_prepare_smbd_recovery_disk_runtime; then
             TC_SMB_BIND_INTERFACES=$old_bind_interfaces
             tc_log "watchdog pass: cannot apply Samba bind change; disk runtime preparation failed"
@@ -439,7 +439,7 @@ tc_watchdog_reconcile_smb_bind_interfaces() {
             TC_SMB_BIND_INTERFACES=$old_bind_interfaces
             return 1
         fi
-        tc_restart_smbd_for_bind_change "IPv4 bind interfaces changed" || return 1
+        tc_restart_smbd_for_bind_change "bind interfaces changed" || return 1
         return 0
     else
         bind_probe_status=$?
@@ -450,7 +450,7 @@ tc_watchdog_reconcile_smb_bind_interfaces() {
         return 0
     fi
 
-    tc_log "watchdog pass: Samba IPv4 bind probe failed with exit code $bind_probe_status"
+    tc_log "watchdog pass: Samba bind probe failed with exit code $bind_probe_status"
     return 1
 }
 
@@ -458,10 +458,10 @@ tc_watchdog_reconcile_mdns() {
     mdns_auto_ip_status=0
 
     if runtime_process_present_by_ucomm "$MDNS_PROC_NAME"; then
-        if tc_mdns_bound_ipv4_udp_5353; then
+        if tc_mdns_bound_udp_5353; then
             return 0
         fi
-        tc_log "watchdog recovery: mdns advertiser is running without IPv4 UDP 5353"
+        tc_log "watchdog recovery: mdns advertiser is running without required UDP 5353 listeners"
         if tc_mdns_auto_ip_available; then
             TC_MDNS_AUTO_IP_SEEN=1
             stop_runtime_process_by_ucomm "$MDNS_PROC_NAME" "$MDNS_PROC_NAME" || return 1
@@ -510,7 +510,7 @@ tc_watchdog_reconcile_nbns() {
             return 0
         fi
         tc_log "watchdog recovery: nbns responder is running without IPv4 UDP 137"
-        if tc_mdns_auto_ip_available; then
+        if tc_nbns_auto_ip_available; then
             stop_runtime_process_by_ucomm "$NBNS_PROC_NAME" "$NBNS_PROC_NAME" || return 1
         else
             nbns_auto_ip_status=$?
@@ -522,7 +522,7 @@ tc_watchdog_reconcile_nbns() {
             return 1
         fi
     else
-        if ! tc_mdns_auto_ip_available; then
+        if ! tc_nbns_auto_ip_available; then
             nbns_auto_ip_status=$?
             if tc_auto_ip_unavailable_status "$nbns_auto_ip_status"; then
                 tc_mark_nbns_deferred_no_ip
@@ -546,7 +546,7 @@ tc_watchdog_report_service_health() {
 
     if tc_all_managed_services_healthy; then
         if [ "${TC_WATCHDOG_MDNS_DEFERRED_NO_IP:-0}" = "1" ]; then
-            tc_log "watchdog steady check: core services healthy; mDNS deferred waiting for usable IPv4"
+            tc_log "watchdog steady check: core services healthy; mDNS deferred waiting for usable address"
         else
             tc_log "watchdog steady check: healthy"
         fi
@@ -554,7 +554,7 @@ tc_watchdog_report_service_health() {
     fi
 
     if tc_samba_runtime_expected && [ "${TC_WATCHDOG_SMB_DEFERRED_NO_IP:-0}" = "1" ]; then
-        tc_log "watchdog pass: Samba IPv4 bind interface is unavailable"
+        tc_log "watchdog pass: Samba bind interface is unavailable"
         return 1
     fi
     tc_log "watchdog pass: one or more managed services are unhealthy"
diff --git a/src/timecapsulesmb/assets/boot/samba4/start-samba.sh b/src/timecapsulesmb/assets/boot/samba4/start-samba.sh
index 4e15591..112f026 100644
--- a/src/timecapsulesmb/assets/boot/samba4/start-samba.sh
+++ b/src/timecapsulesmb/assets/boot/samba4/start-samba.sh
@@ -47,7 +47,7 @@ else
 fi
 
 if ! tc_prepare_smb_bind_context; then
-    tc_log "aborting startup because IPv4 bind interface discovery failed"
+    tc_log "aborting startup because bind interface discovery failed"
     exit 1
 fi
 
@@ -76,10 +76,10 @@ if ! tc_stage_disk_runtime; then
 fi
 
 tc_start_smbd || {
-    tc_log "smbd startup failed: IPv4 TCP 445 listener was not observed"
+    tc_log "smbd startup failed: TCP 445 listener was not observed"
     exit 1
 }
-tc_log "smbd startup complete: IPv4 TCP 445 listener observed"
+tc_log "smbd startup complete: TCP 445 listener observed"
 
 tc_start_watchdog
 
diff --git a/src/timecapsulesmb/deploy/planner.py b/src/timecapsulesmb/deploy/planner.py
index 59edf8d..4503b96 100644
--- a/src/timecapsulesmb/deploy/planner.py
+++ b/src/timecapsulesmb/deploy/planner.py
@@ -100,7 +100,7 @@ class UninstallPlan:
 NETBSD4_ACTIVATION_CHECKS = [
     PlannedCheck("netbsd4_runtime_smb_conf_present", "managed runtime smb.conf is present"),
     PlannedCheck("netbsd4_smbd_parent_process", "managed smbd parent process is running"),
-    PlannedCheck("netbsd4_smbd_bound_445", "smbd is bound to IPv4 TCP 445"),
+    PlannedCheck("netbsd4_smbd_bound_445", "smbd is bound to required TCP 445 sockets"),
     PlannedCheck("netbsd4_mdns_bound_5353", "mdns-advertiser is bound to UDP 5353"),
 ]
 
@@ -109,7 +109,7 @@ class UninstallPlan:
     PlannedCheck("ssh_returns_after_reboot", "SSH returns after reboot"),
     PlannedCheck("managed_runtime_smb_conf_present", "managed runtime smb.conf is present"),
     PlannedCheck("managed_smbd_parent_process", "managed smbd parent process is running"),
-    PlannedCheck("managed_smbd_bound_445", "smbd is bound to IPv4 TCP 445"),
+    PlannedCheck("managed_smbd_bound_445", "smbd is bound to required TCP 445 sockets"),
     PlannedCheck("managed_mdns_takeover_ready", "managed mDNS takeover becomes ready"),
     PlannedCheck("authenticated_smb_listing", "authenticated SMB listing"),
 ]
diff --git a/src/timecapsulesmb/device/probe.py b/src/timecapsulesmb/device/probe.py
index a15117a..f1edbea 100644
--- a/src/timecapsulesmb/device/probe.py
+++ b/src/timecapsulesmb/device/probe.py
@@ -180,15 +180,75 @@
 {PROBE_PROCESS_HELPERS}
 
 smbd_bound_445() {{
-    case "$1" in
-        *smbd*" internet stream tcp "*":445"*) return 0 ;;
-        *) return 1 ;;
+    fstat_out=$1
+    bind_interfaces=$2
+    require_ipv4=0
+    require_ipv6=0
+    set -- $bind_interfaces
+    for token in "$@"; do
+        case "$token" in
+            127.*|::1/128) ;;
+            *:*) require_ipv6=1 ;;
+            *.*/*) require_ipv4=1 ;;
+        esac
+    done
+    if [ "$require_ipv4" -eq 0 ] && [ "$require_ipv6" -eq 0 ]; then
+        require_ipv4=1
+    fi
+
+    has_ipv4=0
+    has_ipv6=0
+    case "$fstat_out" in
+        *smbd*" internet stream tcp "*":445"*) has_ipv4=1 ;;
+    esac
+    case "$fstat_out" in
+        *smbd*" internet6 stream tcp "*":445"*) has_ipv6=1 ;;
     esac
+    if [ "$require_ipv4" -eq 1 ] && [ "$has_ipv4" -ne 1 ]; then
+        return 1
+    fi
+    if [ "$require_ipv6" -eq 1 ] && [ "$has_ipv6" -ne 1 ]; then
+        return 1
+    fi
+    return 0
+}}
+
+mdns_health_socket_family() {{
+    families=$1
+
+    set -- $families
+    for family in "$@"; do
+        if [ "$family" = "ipv4" ]; then
+            printf '%s\n' ipv4
+            return 0
+        fi
+    done
+    for family in "$@"; do
+        if [ "$family" = "ipv6" ]; then
+            printf '%s\n' ipv6
+            return 0
+        fi
+    done
+    return 1
 }}
 
 mdns_bound_5353() {{
-    case "$1" in
-        *mdns-advertiser*":5353"*) return 0 ;;
+    fstat_out=$1
+    family=$2
+
+    case "$family" in
+        ipv4)
+            case "$fstat_out" in
+                *mdns-advertiser*" internet dgram udp "*":5353"*) return 0 ;;
+                *) return 1 ;;
+            esac
+            ;;
+        ipv6)
+            case "$fstat_out" in
+                *mdns-advertiser*" internet6 dgram udp "*":5353"*) return 0 ;;
+                *) return 1 ;;
+            esac
+            ;;
         *) return 1 ;;
     esac
 }}
@@ -197,6 +257,7 @@
     ps_out=$1
     fstat_out=$2
     status=0
+    bind_interfaces=$(read_smb_conf_value "interfaces" || true)
     if runtime_smbd_binary_present; then
         echo "PASS:managed runtime smbd binary present"
     else
@@ -257,10 +318,10 @@
         echo "FAIL:managed smbd parent process is not running"
         status=1
     fi
-    if smbd_bound_445 "$fstat_out"; then
-        echo "PASS:smbd bound to IPv4 TCP 445"
+    if smbd_bound_445 "$fstat_out" "$bind_interfaces"; then
+        echo "PASS:smbd bound to required TCP 445 sockets"
     else
-        echo "FAIL:smbd is not bound to IPv4 TCP 445"
+        echo "FAIL:smbd is not bound to required TCP 445 sockets"
         status=1
     fi
     return "$status"
@@ -272,6 +333,9 @@
     status=0
     mdns_auto_ip_state=waiting
     mdns_auto_ip_failure=
+    mdns_socket_families=
+    mdns_health_family=ipv4
+    mdns_health_family_supported=1
     if [ ! -e "$RUNTIME_MDNS_BIN" ]; then
         mdns_auto_ip_state=failed
         mdns_auto_ip_failure="mdns-advertiser binary missing at $RUNTIME_MDNS_BIN"
@@ -279,17 +343,24 @@
         mdns_auto_ip_state=failed
         mdns_auto_ip_failure="mdns-advertiser binary is not executable at $RUNTIME_MDNS_BIN"
     else
-        "$RUNTIME_MDNS_BIN" --print-auto-ip-cidrs >/dev/null 2>&1
+        mdns_socket_families=$("$RUNTIME_MDNS_BIN" --print-mdns-socket-families 2>/dev/null)
         mdns_auto_ip_rc=$?
         case "$mdns_auto_ip_rc" in
             0) mdns_auto_ip_state=active ;;
             11) mdns_auto_ip_state=waiting ;;
             *)
                 mdns_auto_ip_state=failed
-                mdns_auto_ip_failure="mdns-advertiser auto-IP CIDR probe failed with exit code $mdns_auto_ip_rc"
+                mdns_auto_ip_failure="mdns-advertiser mDNS socket family probe failed with exit code $mdns_auto_ip_rc"
                 ;;
         esac
     fi
+    if [ "$mdns_auto_ip_state" = "active" ]; then
+        if mdns_health_family=$(mdns_health_socket_family "$mdns_socket_families"); then
+            mdns_health_family_supported=1
+        else
+            mdns_health_family_supported=0
+        fi
+    fi
 
     if [ "$mdns_auto_ip_state" = "failed" ]; then
         echo "FAIL:$mdns_auto_ip_failure"
@@ -300,26 +371,30 @@
         echo "PASS:mdns-advertiser process is running"
     else
         if [ "$mdns_auto_ip_state" = "waiting" ]; then
-            echo "FAIL:mDNS startup deferred; no usable IPv4 has appeared yet"
+            echo "FAIL:mDNS startup deferred; no usable address has appeared yet"
         else
             echo "FAIL:mdns-advertiser process is not running"
         fi
         status=1
     fi
-    if mdns_bound_5353 "$fstat_out"; then
-        echo "PASS:mdns-advertiser bound to UDP 5353"
+    if [ "$mdns_health_family_supported" -eq 1 ] && mdns_bound_5353 "$fstat_out" "$mdns_health_family"; then
+        echo "PASS:mdns-advertiser bound to required $mdns_health_family UDP 5353 listener"
         if [ "$mdns_auto_ip_state" = "active" ]; then
-            echo "PASS:mdns-advertiser auto-IP active"
+            echo "PASS:mdns-advertiser bind address active"
         else
-            echo "FAIL:mdns-advertiser bound to UDP 5353 but auto-IP is not active"
+            echo "FAIL:mdns-advertiser bound to UDP 5353 but bind address is not active"
             status=1
         fi
     else
         if mdns_process_present "$ps_out" && [ "$mdns_auto_ip_state" = "waiting" ]; then
-            echo "FAIL:mdns-advertiser is waiting for auto-IP"
+            echo "FAIL:mdns-advertiser is waiting for a usable address"
             status=1
         else
-            echo "FAIL:mdns-advertiser is not bound to UDP 5353"
+            if [ "$mdns_health_family_supported" -eq 1 ]; then
+                echo "FAIL:mdns-advertiser is not bound to required UDP 5353 listener"
+            else
+                echo "FAIL:mdns-advertiser mDNS socket family probe returned no supported family"
+            fi
             status=1
         fi
     fi
@@ -1351,8 +1426,11 @@ def runtime_startup_failure_debug_fields(
         marker in combined
         for marker in (
             "mDNS startup deferred; no usable IPv4 has appeared yet",
+            "mDNS startup deferred; no usable address has appeared yet",
             "mdns-advertiser is waiting for auto-IP",
+            "mdns-advertiser is waiting for a usable address",
             "watchdog steady check: core services healthy; mDNS deferred waiting for usable IPv4",
+            "watchdog steady check: core services healthy; mDNS deferred waiting for usable address",
         )
     ):
         return {
diff --git a/tests/test_checks.py b/tests/test_checks.py
index 21305f1..2a6ef42 100644
--- a/tests/test_checks.py
+++ b/tests/test_checks.py
@@ -357,7 +357,7 @@ def setUp(self) -> None:
                     lines=(
                         "PASS:managed runtime smb.conf present",
                         "PASS:managed smbd parent process is running",
-                        "PASS:smbd bound to IPv4 TCP 445",
+                        "PASS:smbd bound to required TCP 445 sockets",
                     ),
                 ),
             )
@@ -1474,11 +1474,11 @@ def test_run_doctor_checks_skips_mast_probe_when_ssh_is_skipped(self) -> None:
     def test_run_doctor_checks_reports_managed_smbd_subchecks(self) -> None:
         smbd_probe = mock.Mock(
             ready=False,
-            detail="smbd is not bound to IPv4 TCP 445",
+            detail="smbd is not bound to required TCP 445 sockets",
             lines=(
                 "PASS:managed runtime smb.conf present",
                 "PASS:managed smbd parent process is running",
-                "FAIL:smbd is not bound to IPv4 TCP 445",
+                "FAIL:smbd is not bound to required TCP 445 sockets",
             ),
         )
         run = self.run_doctor_with_mocks(
@@ -1493,7 +1493,7 @@ def test_run_doctor_checks_reports_managed_smbd_subchecks(self) -> None:
         )
         self.assertTrue(run.fatal)
         self.assertTrue(any(result.status == "PASS" and result.message == "managed smbd parent process is running" for result in run.results))
-        self.assertTrue(any(result.status == "FAIL" and result.message == "smbd is not bound to IPv4 TCP 445" for result in run.results))
+        self.assertTrue(any(result.status == "FAIL" and result.message == "smbd is not bound to required TCP 445 sockets" for result in run.results))
         self.assertFalse(any(result.message.startswith("managed smbd is not ready") for result in run.results))
 
     def test_run_doctor_checks_reports_supported_device_compatibility(self) -> None:
diff --git a/tests/test_cli.py b/tests/test_cli.py
index 65e3a6f..e3dad3f 100644
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -4732,7 +4732,7 @@ def test_activate_dry_run_prints_netbsd4_activation_plan(self) -> None:
         self.assertIn("skip rc.local if NetBSD4 payload is already healthy", text)
         self.assertIn("managed runtime smb.conf is present", text)
         self.assertIn("managed smbd parent process is running", text)
-        self.assertIn("smbd is bound to IPv4 TCP 445", text)
+        self.assertIn("smbd is bound to required TCP 445 sockets", text)
         self.assertIn("mdns-advertiser is bound to UDP 5353", text)
         self.assertIn("This will start the deployed Samba payload on the AirPort storage device.", text)
         self.assertIn("NetBSD 4 devices cannot auto-run Samba after a reboot.", text)
diff --git a/tests/test_cli_flows.py b/tests/test_cli_flows.py
index f86eb63..c05a1e6 100644
--- a/tests/test_cli_flows.py
+++ b/tests/test_cli_flows.py
@@ -439,7 +439,7 @@ def test_verify_managed_runtime_flow_collects_network_diagnostics_after_auto_ip_
             mock.patch(
                 "timecapsulesmb.cli.flows.read_runtime_log_tails_conn",
                 return_value={
-                    "remote_watchdog_log_tail": "watchdog: mDNS startup deferred; no usable IPv4 has appeared yet",
+                    "remote_watchdog_log_tail": "watchdog: mDNS startup deferred; no usable address has appeared yet",
                 },
             ),
             mock.patch(
diff --git a/tests/test_deploy_modules.py b/tests/test_deploy_modules.py
index d1a716d..c1127f6 100644
--- a/tests/test_deploy_modules.py
+++ b/tests/test_deploy_modules.py
@@ -1220,7 +1220,7 @@ def test_mdns_advertiser_save_args_capture_and_exit_without_takeover(self) -> No
         self.assertNotIn("serving summary", run.stderr)
         self.assertNotIn("mDNS takeover", run.stderr)
 
-    def test_mdns_timestamped_logging_preserves_long_lines(self) -> None:
+    def test_mdns_timestamped_logging_truncates_long_lines_without_heap(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = f'''
 #include <string.h>
@@ -1232,13 +1232,15 @@ def test_mdns_timestamped_logging_preserves_long_lines(self) -> None:
     char message[5001];
     memset(message, 'A', sizeof(message) - 1);
     message[sizeof(message) - 1] = '\\0';
-    fprintf(stderr, "%s\\n", message);
+    timestamped_fprintf(stderr, "%s\\n", message);
     return 0;
 }}
 '''
         run = self._compile_and_run_c_helper(source, "mdns_long_timestamped_log")
         self.assertEqual(run.returncode, 0, run.stderr)
-        self.assertIn("A" * 5000, run.stderr)
+        self.assertNotIn("A" * 5000, run.stderr)
+        self.assertGreaterEqual(run.stderr.count("A"), 4000)
+        self.assertLess(run.stderr.count("A"), 5000)
         self.assertTrue(run.stderr.endswith("\n"))
 
     def test_mdns_ifreq_copy_handles_unaligned_source_buffer(self) -> None:
@@ -1531,6 +1533,7 @@ def test_mdns_auto_ip_helpers_filter_and_detect_interface_changes(self) -> None:
     struct iface_context_set a;
     struct iface_context_set b;
     struct ifreq sample_ifr;
+    struct ifconf_entry_view view;
     size_t expected_variable_step;
 
     if (runtime_ipv4_is_usable(inet_addr("0.1.2.3")) ||
@@ -1571,6 +1574,59 @@ def test_mdns_auto_ip_helpers_filter_and_detect_interface_changes(self) -> None:
     if (ifreq_entry_size(&sample_ifr, expected_variable_step, 0) != expected_variable_step) {{
         return 9;
     }}
+#if defined(__NetBSD__) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
+    {{
+    struct sockaddr_in6 raw_sin6;
+    struct sockaddr_in6 copied_sin6;
+    union {{
+        long align;
+        char bytes[IFNAMSIZ + sizeof(struct sockaddr_in6) + sizeof(long)];
+    }} raw_entry;
+    size_t expected_raw_step;
+
+    memset(&raw_entry, 0, sizeof(raw_entry));
+    memcpy(raw_entry.bytes, "bridge0", 7);
+    memset(&raw_sin6, 0, sizeof(raw_sin6));
+    raw_sin6.sin6_family = AF_INET6;
+    raw_sin6.sin6_len = sizeof(raw_sin6);
+    if (inet_pton(AF_INET6, "fdbb:1111:2222:3333::40", &raw_sin6.sin6_addr) != 1) {{
+        return 12;
+    }}
+    memcpy(raw_entry.bytes + IFNAMSIZ, &raw_sin6, sizeof(raw_sin6));
+    expected_raw_step = IFNAMSIZ + sizeof(raw_sin6);
+    if ((expected_raw_step % sizeof(long)) != 0) {{
+        expected_raw_step += sizeof(long) - (expected_raw_step % sizeof(long));
+    }}
+    if (expected_raw_step < sizeof(sample_ifr)) {{
+        expected_raw_step = sizeof(sample_ifr);
+    }}
+    if (ifconf_entry_view_from_cursor(&view, raw_entry.bytes, sizeof(raw_entry.bytes), 0) != 0 ||
+        view.step != expected_raw_step ||
+        view.addr_len != sizeof(raw_sin6) ||
+        strcmp(view.name, "bridge0") != 0) {{
+        return 13;
+    }}
+    memset(&copied_sin6, 0, sizeof(copied_sin6));
+    memcpy(&copied_sin6, view.addr, sizeof(copied_sin6));
+    if (memcmp(&copied_sin6.sin6_addr, &raw_sin6.sin6_addr, sizeof(raw_sin6.sin6_addr)) != 0) {{
+        return 14;
+    }}
+    }}
+#else
+    {{
+        struct ifreq raw_ifr;
+        memset(&raw_ifr, 0, sizeof(raw_ifr));
+        memcpy(raw_ifr.ifr_name, "bridge0", 7);
+        raw_ifr.ifr_addr.sa_family = AF_INET;
+        if (ifconf_entry_view_from_cursor(&view, (const char *)(const void *)&raw_ifr, sizeof(raw_ifr), 1) != 0 ||
+            view.step != sizeof(raw_ifr) ||
+            view.addr_len != sizeof(struct sockaddr) ||
+            strcmp(view.name, "bridge0") != 0 ||
+            view.addr->sa_family != AF_INET) {{
+            return 13;
+        }}
+    }}
+#endif
 
     memset(&a, 0, sizeof(a));
     memset(&b, 0, sizeof(b));
@@ -1636,6 +1692,7 @@ def test_mdns_auto_ip_cidr_helpers_format_valid_bind_output(self) -> None:
 int main(void) {{
     struct iface_context_set set;
     char cidr[INET_ADDRSTRLEN + 4];
+    struct in6_addr mask6;
 
     if (netmask_prefix_length(inet_addr("255.255.255.0")) != 24 ||
         netmask_prefix_length(inet_addr("255.255.0.0")) != 16 ||
@@ -1643,6 +1700,21 @@ def test_mdns_auto_ip_cidr_helpers_format_valid_bind_output(self) -> None:
         netmask_prefix_length(inet_addr("255.0.255.0")) != 24) {{
         return 1;
     }}
+    if (netmask_prefix_length(ipv4_link_local_netmask()) != 16) {{
+        return 6;
+    }}
+    if (inet_pton(AF_INET6, "ffff:ffff:ffff:ffff::", &mask6) != 1 ||
+        ipv6_prefix_length_from_mask(&mask6) != 64) {{
+        return 7;
+    }}
+    memset(&mask6, 0, sizeof(mask6));
+    if (ipv6_prefix_length_from_mask(&mask6) != -1) {{
+        return 8;
+    }}
+    if (inet_pton(AF_INET6, "ffff:ffff::ffff", &mask6) != 1 ||
+        ipv6_prefix_length_from_mask(&mask6) != -1) {{
+        return 9;
+    }}
 
     memset(&set, 0, sizeof(set));
     if (print_iface_context_cidrs(stdout, &set) == 0) {{
@@ -1672,6 +1744,117 @@ def test_mdns_auto_ip_cidr_helpers_format_valid_bind_output(self) -> None:
         self.assertEqual(run.returncode, 0, run.stderr)
         self.assertEqual(run.stdout, "10.0.1.1/24 192.168.1.40/24\n")
 
+    def test_mdns_smb_bind_tokens_and_host_records_are_link_scoped_dual_stack(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <arpa/inet.h>
+#include <string.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+static int buffer_contains(const uint8_t *buf, size_t len, const void *needle, size_t needle_len) {{
+    size_t i;
+    for (i = 0; i + needle_len <= len; i++) {{
+        if (memcmp(buf + i, needle, needle_len) == 0) {{
+            return 1;
+        }}
+    }}
+    return 0;
+}}
+
+int main(void) {{
+    struct link_context_set set;
+    struct in6_addr ula;
+    struct in6_addr unknown_prefix;
+    struct in6_addr ll;
+    uint8_t packet[512];
+    size_t off;
+    int answers;
+
+    memset(&set, 0, sizeof(set));
+    if (inet_pton(AF_INET6, "fdbb:1111:2222:3333::40", &ula) != 1 ||
+        inet_pton(AF_INET6, "fdbb:1111:2222:3333::41", &unknown_prefix) != 1 ||
+        inet_pton(AF_INET6, "fe80::40", &ll) != 1) {{
+        return 1;
+    }}
+    append_link_ipv4(&set, "bridge0", inet_addr("10.0.1.1"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+    append_link_ipv4(&set, "bridge0", inet_addr("169.254.1.9"), inet_addr("255.255.0.0"), IFF_UP | IFF_RUNNING);
+    append_link_ipv4(&set, "lo0", inet_addr("127.0.0.1"), inet_addr("255.0.0.0"), IFF_UP | IFF_RUNNING);
+    append_link_ipv6(&set, "bridge0", &ula, 64, 7, IFF_UP | IFF_RUNNING);
+    append_link_ipv6(&set, "bridge0", &unknown_prefix, -1, 7, IFF_UP | IFF_RUNNING);
+    append_link_ipv6(&set, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING);
+
+    if (set.count != 1 || set.links[0].ipv4_count != 2 || set.links[0].ipv6_count != 3) {{
+        return 2;
+    }}
+    if (print_smb_link_bind_tokens(stdout, &set) != 0) {{
+        return 3;
+    }}
+
+    memset(packet, 0, sizeof(packet));
+    off = 0;
+    answers = 0;
+    if (append_host_address_records(packet, &off, sizeof(packet), "timecapsule.local.", &set.links[0], 1, 1, 120, &answers) != 0) {{
+        return 4;
+    }}
+    if (answers != 3 ||
+        !buffer_contains(packet, off, &set.links[0].ipv4[0].addr, sizeof(set.links[0].ipv4[0].addr)) ||
+        !buffer_contains(packet, off, &set.links[0].ipv4[1].addr, sizeof(set.links[0].ipv4[1].addr)) ||
+        !buffer_contains(packet, off, &ula, sizeof(ula)) ||
+        buffer_contains(packet, off, &unknown_prefix, sizeof(unknown_prefix)) ||
+        buffer_contains(packet, off, &ll, sizeof(ll))) {{
+        return 5;
+    }}
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_dual_stack_bind_records")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout, "10.0.1.1/24 169.254.1.9/16 fdbb:1111:2222:3333::40/64\n")
+
+    def test_mdns_advertise_links_exclude_fe80_only_links_but_keep_ipv4_fe80_transport(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <arpa/inet.h>
+#include <string.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+int main(void) {{
+    struct link_context_set all_links;
+    struct link_context_set advertise_links;
+    struct in6_addr ll1;
+    struct in6_addr ll2;
+
+    memset(&all_links, 0, sizeof(all_links));
+    if (inet_pton(AF_INET6, "fe80::1", &ll1) != 1 ||
+        inet_pton(AF_INET6, "fe80::2", &ll2) != 1) {{
+        return 1;
+    }}
+
+    append_link_ipv6(&all_links, "bridge0", &ll1, 64, 7, IFF_UP | IFF_RUNNING);
+    append_link_ipv4(&all_links, "bridge1", inet_addr("192.168.1.40"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+    append_link_ipv6(&all_links, "bridge1", &ll2, 64, 8, IFF_UP | IFF_RUNNING);
+    filter_advertise_link_contexts(&advertise_links, &all_links);
+
+    if (all_links.count != 2 || advertise_links.count != 1) {{
+        return 2;
+    }}
+    if (strcmp(advertise_links.links[0].name, "bridge1") != 0) {{
+        return 3;
+    }}
+    if (!link_contexts_need_ipv4_socket(&advertise_links) ||
+        !link_contexts_need_ipv6_socket(&advertise_links)) {{
+        return 4;
+    }}
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_advertise_link_filter")
+        self.assertEqual(run.returncode, 0, run.stderr)
+
     def test_mdns_print_auto_ip_cidrs_returns_distinct_probe_failure_status(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = '''
@@ -1694,6 +1877,10 @@ def test_mdns_print_auto_ip_cidrs_returns_distinct_probe_failure_status(self) ->
     if (plan->mode == 2) {{
         append_iface_context(out, "bridge0", inet_addr("10.0.1.1"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
     }}
+    if (plan->mode == 3) {{
+        append_iface_context(out, "bridge0", inet_addr("10.0.1.1"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+        out->truncated = 1;
+    }}
     return 0;
 }}
 
@@ -1716,6 +1903,10 @@ def test_mdns_print_auto_ip_cidrs_returns_distinct_probe_failure_status(self) ->
     if (print_auto_ip_cidrs_with_provider(stdout, NULL, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
         return 4;
     }}
+    plan.mode = 3;
+    if (print_auto_ip_cidrs_with_provider(stdout, fake_collect_contexts, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
+        return 5;
+    }}
     return 0;
 }}
 '''.format(mdns_source=mdns_source)
@@ -1723,6 +1914,192 @@ def test_mdns_print_auto_ip_cidrs_returns_distinct_probe_failure_status(self) ->
         self.assertEqual(run.returncode, 0, run.stderr)
         self.assertEqual(run.stdout, "10.0.1.1/24\n")
 
+    def test_mdns_print_smb_bind_interfaces_returns_dual_stack_probe_status(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <arpa/inet.h>
+#include <string.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+struct fake_bind_plan {{
+    int mode;
+}};
+
+static int fake_collect_links(struct link_context_set *out, void *userdata) {{
+    struct fake_bind_plan *plan = (struct fake_bind_plan *)userdata;
+    struct in6_addr ula;
+    struct in6_addr ll;
+
+    memset(out, 0, sizeof(*out));
+    if (plan->mode == 1) {{
+        return -1;
+    }}
+    if (plan->mode == 2) {{
+        inet_pton(AF_INET6, "fdbb:1111:2222:3333::40", &ula);
+        inet_pton(AF_INET6, "fe80::40", &ll);
+        append_link_ipv4(out, "bridge0", inet_addr("169.254.1.9"), inet_addr("255.255.0.0"), IFF_UP | IFF_RUNNING);
+        append_link_ipv6(out, "bridge0", &ula, 64, 7, IFF_UP | IFF_RUNNING);
+        append_link_ipv6(out, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING);
+    }}
+    if (plan->mode == 3) {{
+        inet_pton(AF_INET6, "fe80::40", &ll);
+        append_link_ipv6(out, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING);
+    }}
+    if (plan->mode == 4) {{
+        append_link_ipv4(out, "bridge0", inet_addr("169.254.1.9"), inet_addr("255.255.0.0"), IFF_UP | IFF_RUNNING);
+        out->truncated = 1;
+    }}
+    return 0;
+}}
+
+int main(void) {{
+    struct fake_bind_plan plan;
+
+    memset(&plan, 0, sizeof(plan));
+    plan.mode = 2;
+    if (print_smb_bind_interfaces_with_provider(stdout, fake_collect_links, &plan) != EXIT_OK) {{
+        return 1;
+    }}
+    plan.mode = 0;
+    if (print_smb_bind_interfaces_with_provider(stdout, fake_collect_links, &plan) != EXIT_AUTO_IP_UNAVAILABLE) {{
+        return 2;
+    }}
+    plan.mode = 1;
+    if (print_smb_bind_interfaces_with_provider(stdout, fake_collect_links, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
+        return 3;
+    }}
+    plan.mode = 3;
+    if (print_smb_bind_interfaces_with_provider(stdout, fake_collect_links, &plan) != EXIT_AUTO_IP_UNAVAILABLE) {{
+        return 4;
+    }}
+    if (print_smb_bind_interfaces_with_provider(stdout, NULL, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
+        return 5;
+    }}
+    plan.mode = 4;
+    if (print_smb_bind_interfaces_with_provider(stdout, fake_collect_links, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
+        return 6;
+    }}
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_print_smb_bind_status")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout, "169.254.1.9/16 fdbb:1111:2222:3333::40/64\n")
+
+    def test_mdns_print_socket_families_uses_advertise_links_not_samba_tokens(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <arpa/inet.h>
+#include <string.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+struct fake_family_plan {{
+    int mode;
+}};
+
+static int fake_collect_advertise_links(struct link_context_set *out, void *userdata) {{
+    struct fake_family_plan *plan = (struct fake_family_plan *)userdata;
+    struct in6_addr ll;
+    struct in6_addr ula;
+
+    memset(out, 0, sizeof(*out));
+    inet_pton(AF_INET6, "fe80::40", &ll);
+    inet_pton(AF_INET6, "fdbb:1111:2222:3333::40", &ula);
+    if (plan->mode == 1) {{
+        return -1;
+    }}
+    if (plan->mode == 2) {{
+        append_link_ipv4(out, "bridge0", inet_addr("192.168.1.40"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+        append_link_ipv6(out, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING);
+    }}
+    if (plan->mode == 3) {{
+        append_link_ipv6(out, "bridge0", &ula, 64, 7, IFF_UP | IFF_RUNNING);
+    }}
+    if (plan->mode == 4) {{
+        append_link_ipv6(out, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING);
+    }}
+    if (plan->mode == 5) {{
+        append_link_ipv4(out, "bridge0", inet_addr("192.168.1.40"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+        append_link_ipv6_with_transport(out, "bridge0", &ll, 64, 7, IFF_UP | IFF_RUNNING, 0);
+    }}
+    return 0;
+}}
+
+int main(void) {{
+    struct fake_family_plan plan;
+
+    memset(&plan, 0, sizeof(plan));
+    plan.mode = 2;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_OK) {{
+        return 1;
+    }}
+    plan.mode = 3;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_OK) {{
+        return 2;
+    }}
+    plan.mode = 0;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_AUTO_IP_UNAVAILABLE) {{
+        return 3;
+    }}
+    plan.mode = 4;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_AUTO_IP_UNAVAILABLE) {{
+        return 5;
+    }}
+    plan.mode = 5;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_OK) {{
+        return 6;
+    }}
+    plan.mode = 1;
+    if (print_mdns_socket_families_with_provider(stdout, fake_collect_advertise_links, &plan) != EXIT_AUTO_IP_PROBE_FAILED) {{
+        return 4;
+    }}
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_print_socket_families")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout, "ipv4 ipv6\nipv6\nipv4\n")
+
+    def test_mdns_scoped_ipv6_multicast_destination_uses_link_ifindex(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <arpa/inet.h>
+#include <string.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+int main(void) {{
+    struct sockaddr_in6 base;
+    struct sockaddr_in6 scoped;
+    struct link_context link;
+
+    memset(&base, 0, sizeof(base));
+    memset(&scoped, 0, sizeof(scoped));
+    memset(&link, 0, sizeof(link));
+    base.sin6_family = AF_INET6;
+    base.sin6_port = htons(5353);
+    if (inet_pton(AF_INET6, "ff02::fb", &base.sin6_addr) != 1) {{
+        return 1;
+    }}
+    link.ifindex = 17;
+    scoped_mdns_dest6_for_link(&scoped, &base, &link);
+    if (scoped.sin6_family != AF_INET6 ||
+        scoped.sin6_port != htons(5353) ||
+        scoped.sin6_scope_id != 17 ||
+        memcmp(&scoped.sin6_addr, &base.sin6_addr, sizeof(base.sin6_addr)) != 0) {{
+        return 2;
+    }}
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_scoped_ipv6_dest")
+        self.assertEqual(run.returncode, 0, run.stderr)
+
     def test_mdns_auto_ip_wait_stabilizes_after_first_usable_ipv4(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = '''
@@ -1784,7 +2161,7 @@ def test_mdns_auto_ip_wait_stabilizes_after_first_usable_ipv4(self) -> None:
         run = self._compile_and_run_c_helper(source, "mdns_auto_ip_wait")
         self.assertEqual(run.returncode, 0, run.stderr)
 
-    def test_mdns_auto_capture_stops_after_first_matching_trusted_context(self) -> None:
+    def test_mdns_auto_capture_merges_all_context_snapshots(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = '''
 #include <arpa/inet.h>
@@ -1838,11 +2215,14 @@ def test_mdns_auto_capture_stops_after_first_matching_trusted_context(self) -> N
     append_iface_context(&contexts, "bridge0", inet_addr("10.0.1.1"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
     append_iface_context(&contexts, "bcmeth0", inet_addr("192.168.1.217"), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
     add_airport_record(&plan.sets[0], "timecapsule", "80-EA-96-E6-58-68");
+    add_airport_record(&plan.sets[1], "timecapsule-wan", "80-EA-96-E6-58-68");
 
-    if (capture_mdns_snapshot_auto_with_provider(&out, &contexts, &cfg, 1, fake_capture_context, &plan) != 0) {{
+    if (capture_mdns_snapshot_auto_with_provider(&out, &contexts, &cfg, 0, fake_capture_context, &plan) != 0) {{
         return 1;
     }}
-    if (plan.calls != 1 || out.count != 1 || strcmp(out.records[0].host_label, "timecapsule") != 0) {{
+    if (plan.calls != 2 || out.count != 2 ||
+        strcmp(out.records[0].host_label, "timecapsule") != 0 ||
+        strcmp(out.records[1].host_label, "timecapsule-wan") != 0) {{
         return 2;
     }}
     return 0;
@@ -1851,7 +2231,7 @@ def test_mdns_auto_capture_stops_after_first_matching_trusted_context(self) -> N
         run = self._compile_and_run_c_helper(source, "mdns_auto_capture_first_match")
         self.assertEqual(run.returncode, 0, run.stderr)
 
-    def test_mdns_auto_capture_continues_until_trusted_context_matches(self) -> None:
+    def test_mdns_auto_capture_keeps_untrusted_records_for_later_filtering(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = '''
 #include <arpa/inet.h>
@@ -1910,7 +2290,9 @@ def test_mdns_auto_capture_continues_until_trusted_context_matches(self) -> None
     if (capture_mdns_snapshot_auto_with_provider(&out, &contexts, &cfg, 1, fake_capture_context, &plan) != 0) {{
         return 1;
     }}
-    if (plan.calls != 2 || out.count != 1 || strcmp(out.records[0].host_label, "timecapsule") != 0) {{
+    if (plan.calls != 2 || out.count != 2 ||
+        strcmp(out.records[0].host_label, "wrong-device") != 0 ||
+        strcmp(out.records[1].host_label, "timecapsule") != 0) {{
         return 2;
     }}
     return 0;
@@ -2373,46 +2755,205 @@ def test_mdns_advertiser_extracts_non_hardcoded_udp_service_type(self) -> None:
             self.assertEqual(run.returncode, 0, run.stderr)
             self.assertEqual(run.stdout.strip(), "_example-service._udp.local.")
 
-    def test_mdns_advertiser_load_snapshot_accepts_host_hex_and_smb_adisk_records(self) -> None:
-        if shutil.which("cc") is None:
-            self.skipTest("cc not available")
-
+    def test_mdns_runtime_socket_updates_roll_back_partial_memberships_and_fallback_to_ipv4(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
-        source = '''
+        source = r'''
+#include <arpa/inet.h>
+#include <errno.h>
+#include <netinet/in.h>
 #include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+
+static int fake_socket(int domain, int type, int protocol);
+static int fake_setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen);
+static int fake_bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
+static int fake_close(int fd);
+
+#define socket fake_socket
+#define setsockopt fake_setsockopt
+#define bind fake_bind
+#define close fake_close
 #define main mdns_advertiser_main
-#include "{mdns_source}"
+#include "@MDNS_SOURCE@"
 #undef main
+#undef close
+#undef bind
+#undef setsockopt
+#undef socket
 
-int main(int argc, char **argv) {{
-    struct service_record_set set;
-    if (argc != 2) {{
-        return 2;
-    }}
-    if (load_snapshot_file(argv[1], &set) != 0) {{
-        return 1;
-    }}
-    printf("%zu\\n", set.count);
-    printf("%s\\n", set.records[0].service_type);
-    printf("%s\\n", set.records[0].host_fqdn);
-    printf("%s\\n", set.records[1].service_type);
-    printf("%s\\n", set.records[1].host_fqdn);
-    return 0;
-}}
-'''.format(mdns_source=mdns_source)
-        with tempfile.TemporaryDirectory() as tmpdir:
-            tmp = Path(tmpdir)
-            c_path = tmp / "mdns_snapshot_load_test.c"
-            bin_path = tmp / "mdns_snapshot_load_test"
-            snapshot_path = tmp / "applemdns.txt"
-            snapshot_path.write_text(
-                "BEGIN\n"
-                "TYPE=_smb._tcp.local.\n"
-                "INSTANCE=James's AirPort Time Capsule\n"
-                "HOST_HEX=4a616d6573732d416972506f72742d54696d652d43617073756c652e6c6f63616c2e\n"
-                "PORT=445\n"
-                "TXT=netbios=test\n"
-                "END\n"
+static int socket_calls;
+static int bind_calls;
+static int close_calls;
+static int membership_sets;
+static int drop_membership_sets;
+static int outbound_sets;
+static int fail_ipv6_socket;
+static int fail_second_membership;
+static int next_fd = 100;
+
+static void reset_fakes(void) {
+    socket_calls = 0;
+    bind_calls = 0;
+    close_calls = 0;
+    membership_sets = 0;
+    drop_membership_sets = 0;
+    outbound_sets = 0;
+    fail_ipv6_socket = 0;
+    fail_second_membership = 0;
+    next_fd = 100;
+}
+
+static int fake_socket(int domain, int type, int protocol) {
+    (void)type;
+    (void)protocol;
+    socket_calls++;
+    if (fail_ipv6_socket && domain == AF_INET6) {
+        errno = EAFNOSUPPORT;
+        return -1;
+    }
+    return next_fd++;
+}
+
+static int fake_setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen) {
+    (void)sockfd;
+    (void)optval;
+    (void)optlen;
+    if (level == IPPROTO_IP && optname == IP_ADD_MEMBERSHIP) {
+        membership_sets++;
+        if (fail_second_membership && membership_sets >= 2) {
+            errno = EADDRINUSE;
+            return -1;
+        }
+    }
+#ifdef IP_DROP_MEMBERSHIP
+    if (level == IPPROTO_IP && optname == IP_DROP_MEMBERSHIP) {
+        drop_membership_sets++;
+    }
+#endif
+    if (level == IPPROTO_IP && optname == IP_MULTICAST_IF) {
+        outbound_sets++;
+    }
+    return 0;
+}
+
+static int fake_bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen) {
+    (void)sockfd;
+    (void)addr;
+    (void)addrlen;
+    bind_calls++;
+    return 0;
+}
+
+static int fake_close(int fd) {
+    (void)fd;
+    close_calls++;
+    return 0;
+}
+
+static void add_ipv4_link(struct link_context_set *set, const char *name, const char *addr) {
+    append_link_ipv4(set, name, inet_addr(addr), inet_addr("255.255.255.0"), IFF_UP | IFF_RUNNING);
+}
+
+int main(void) {
+    struct link_context_set old_links;
+    struct link_context_set new_links;
+    struct mdns_socket_pair sockets;
+    struct in6_addr ula;
+
+    reset_fakes();
+    memset(&old_links, 0, sizeof(old_links));
+    memset(&new_links, 0, sizeof(new_links));
+    add_ipv4_link(&old_links, "bridge0", "10.0.1.1");
+    add_ipv4_link(&new_links, "bridge0", "10.0.1.1");
+    add_ipv4_link(&new_links, "en1", "192.168.50.2");
+    add_ipv4_link(&new_links, "en2", "192.168.60.2");
+    sockets.ipv4_fd = 55;
+    sockets.ipv6_fd = -1;
+    fail_second_membership = 1;
+    if (prepare_runtime_mdns_sockets_for_links(0, &sockets, &old_links, &new_links) != 0) {
+        return 1;
+    }
+#ifdef IP_DROP_MEMBERSHIP
+    if (drop_membership_sets != 0) {
+        return 2;
+    }
+#endif
+    if (sockets.ipv4_fd != 55 || close_calls != 0 || membership_sets != 3 || outbound_sets != 1) {
+        return 3;
+    }
+    if (new_links.count != 2 ||
+        strcmp(new_links.links[0].name, "bridge0") != 0 ||
+        strcmp(new_links.links[1].name, "en1") != 0) {
+        return 16;
+    }
+
+    reset_fakes();
+    memset(&new_links, 0, sizeof(new_links));
+    add_ipv4_link(&new_links, "bridge0", "10.0.1.1");
+    if (inet_pton(AF_INET6, "fdbb:1111:2222:3333::40", &ula) != 1) {
+        return 4;
+    }
+    append_link_ipv6(&new_links, "bridge0", &ula, 64, 7, IFF_UP | IFF_RUNNING);
+    fail_ipv6_socket = 1;
+    sockets.ipv4_fd = -1;
+    sockets.ipv6_fd = -1;
+    if (open_dualstack_mdns_sockets(0, &new_links, 0, &sockets) != 0) {
+        return 5;
+    }
+    if (sockets.ipv4_fd < 0 || sockets.ipv6_fd >= 0 || link_contexts_need_ipv6_socket(&new_links)) {
+        return 6;
+    }
+    close_mdns_socket_pair(&sockets);
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_runtime_membership_rollback")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_load_snapshot_accepts_host_hex_and_smb_adisk_records(self) -> None:
+        if shutil.which("cc") is None:
+            self.skipTest("cc not available")
+
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = '''
+#include <stdio.h>
+#define main mdns_advertiser_main
+#include "{mdns_source}"
+#undef main
+
+int main(int argc, char **argv) {{
+    struct service_record_set set;
+    if (argc != 2) {{
+        return 2;
+    }}
+    if (load_snapshot_file(argv[1], &set) != 0) {{
+        return 1;
+    }}
+    printf("%zu\\n", set.count);
+    printf("%s\\n", set.records[0].service_type);
+    printf("%s\\n", set.records[0].host_fqdn);
+    printf("%s\\n", set.records[1].service_type);
+    printf("%s\\n", set.records[1].host_fqdn);
+    return 0;
+}}
+'''.format(mdns_source=mdns_source)
+        with tempfile.TemporaryDirectory() as tmpdir:
+            tmp = Path(tmpdir)
+            c_path = tmp / "mdns_snapshot_load_test.c"
+            bin_path = tmp / "mdns_snapshot_load_test"
+            snapshot_path = tmp / "applemdns.txt"
+            snapshot_path.write_text(
+                "BEGIN\n"
+                "TYPE=_smb._tcp.local.\n"
+                "INSTANCE=James's AirPort Time Capsule\n"
+                "HOST_HEX=4a616d6573732d416972506f72742d54696d652d43617073756c652e6c6f63616c2e\n"
+                "PORT=445\n"
+                "TXT=netbios=test\n"
+                "END\n"
                 "BEGIN\n"
                 "TYPE=_adisk._tcp.local.\n"
                 "INSTANCE=James's AirPort Time Capsule\n"
@@ -2778,15 +3319,39 @@ def test_mdns_advertiser_routes_qu_qm_and_mixed_query_responses(self) -> None:
     return off;
 }
 
+static int skip_response_questions(const unsigned char *packet, size_t packet_len, size_t *cursor) {
+    struct dns_header hdr;
+    unsigned short i;
+    unsigned short qdcount;
+
+    if (packet_len < sizeof(hdr)) {
+        return -1;
+    }
+    memcpy(&hdr, packet, sizeof(hdr));
+    qdcount = ntohs(hdr.qdcount);
+    *cursor = sizeof(hdr);
+    for (i = 0; i < qdcount; i++) {
+        char name[MAX_NAME];
+        if (decode_name(packet, packet_len, cursor, name, sizeof(name)) != 0 || *cursor + 4 > packet_len) {
+            return -1;
+        }
+        *cursor += 4;
+    }
+    return 0;
+}
+
 static int count_rr_type(const unsigned char *packet, size_t packet_len, unsigned short want_type) {
     struct dns_header hdr;
-    size_t cursor = sizeof(hdr);
+    size_t cursor;
     unsigned short total_answers;
     int matches = 0;
     unsigned short i;
 
     memcpy(&hdr, packet, sizeof(hdr));
     total_answers = ntohs(hdr.ancount);
+    if (skip_response_questions(packet, packet_len, &cursor) != 0) {
+        return -1;
+    }
     for (i = 0; i < total_answers; i++) {
         char name[MAX_NAME];
         unsigned short rrtype;
@@ -2818,8 +3383,60 @@ def test_mdns_advertiser_routes_qu_qm_and_mixed_query_responses(self) -> None:
            count_rr_type(packet, packet_len, DNS_TYPE_A) == 1;
 }
 
+static int legacy_unicast_ttls_and_classes_are_capped(const unsigned char *packet, size_t packet_len) {
+    struct dns_header hdr;
+    size_t cursor;
+    unsigned short total_answers;
+    unsigned short i;
+
+    memcpy(&hdr, packet, sizeof(hdr));
+    total_answers = ntohs(hdr.ancount);
+    if (skip_response_questions(packet, packet_len, &cursor) != 0) {
+        return 0;
+    }
+    for (i = 0; i < total_answers; i++) {
+        char name[MAX_NAME];
+        unsigned short rrclass;
+        unsigned int ttl;
+        unsigned short rdlength;
+
+        if (decode_name(packet, packet_len, &cursor, name, sizeof(name)) != 0 || cursor + 10 > packet_len) {
+            return 0;
+        }
+        memcpy(&rrclass, packet + cursor + 2, 2);
+        memcpy(&ttl, packet + cursor + 4, 4);
+        memcpy(&rdlength, packet + cursor + 8, 2);
+        cursor += 10;
+        rrclass = ntohs(rrclass);
+        ttl = ntohl(ttl);
+        rdlength = ntohs(rdlength);
+        if ((rrclass & DNS_CLASS_CACHE_FLUSH) != 0 || ttl > LEGACY_UNICAST_TTL_MAX || cursor + rdlength > packet_len) {
+            return 0;
+        }
+        cursor += rdlength;
+    }
+    return 1;
+}
+
+static int legacy_response_repeats_question(const unsigned char *response, size_t response_len,
+                                            const unsigned char *query, size_t query_len) {
+    struct dns_header hdr;
+    size_t question_len = query_len - sizeof(hdr);
+
+    if (response_len < query_len || query_len < sizeof(hdr)) {
+        return 0;
+    }
+    memcpy(&hdr, response, sizeof(hdr));
+    if (ntohs(hdr.qdcount) != 1) {
+        return 0;
+    }
+    return memcmp(response + sizeof(hdr), query + sizeof(hdr), question_len) == 0;
+}
+
 static int run_route_cases(void) {
     struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
     struct service_record_set snapshot;
     struct sockaddr_in mdns_dest;
     struct sockaddr_in source;
@@ -2827,78 +3444,1015 @@ def test_mdns_advertiser_routes_qu_qm_and_mixed_query_responses(self) -> None:
     size_t query_len;
 
     configure_base(&cfg);
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
     memset(&snapshot, 0, sizeof(snapshot));
     configure_addrs(&mdns_dest, &source);
 
     reset_captures();
-    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_IN | DNS_CLASS_CACHE_FLUSH);
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_IN | DNS_CLASS_CACHE_FLUSH);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 1;
+    }
+    if (captured_count != 1 ||
+        captured_dests[0].sin_addr.s_addr != source.sin_addr.s_addr ||
+        captured_dests[0].sin_port != source.sin_port ||
+        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0]) ||
+        !legacy_response_repeats_question(captured_packets[0], captured_lengths[0], query, query_len) ||
+        !legacy_unicast_ttls_and_classes_are_capped(captured_packets[0], captured_lengths[0])) {
+        return 2;
+    }
+
+    source.sin_port = htons(MDNS_PORT);
+    reset_captures();
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_IN);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 3;
+    }
+    if (captured_count != 1 ||
+        captured_dests[0].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
+        captured_dests[0].sin_port != mdns_dest.sin_port ||
+        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0])) {
+        return 4;
+    }
+
+    source.sin_port = htons(MDNS_PORT);
+    reset_captures();
+    query_len = make_mixed_query(query, cfg.service_type, cfg.host_fqdn);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 5;
+    }
+    if (captured_count != 2 ||
+        captured_dests[0].sin_addr.s_addr != source.sin_addr.s_addr ||
+        captured_dests[0].sin_port != source.sin_port ||
+        captured_dests[1].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
+        captured_dests[1].sin_port != mdns_dest.sin_port ||
+        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0]) ||
+        count_rr_type(captured_packets[1], captured_lengths[1], DNS_TYPE_A) != 1) {
+        return 6;
+    }
+
+    reset_captures();
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_ANY);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 7;
+    }
+    if (captured_count != 1 ||
+        captured_dests[0].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
+        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0])) {
+        return 8;
+    }
+
+    reset_captures();
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_ANY, DNS_CLASS_IN);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 9;
+    }
+    if (captured_count != 1 ||
+        captured_dests[0].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
+        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0])) {
+        return 10;
+    }
+
+    reset_captures();
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_CACHE_FLUSH | 2);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 11;
+    }
+    if (captured_count != 0) {
+        return 12;
+    }
+
+    return 0;
+}
+
+int main(void) {
+    int result = run_route_cases();
+    if (result != 0) {
+        return result;
+    }
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_qu_qm_query_routes")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_enumerates_dns_sd_service_types(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = r'''
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len);
+
+#define sendto fake_sendto
+#define main mdns_advertiser_main
+#include "@MDNS_SOURCE@"
+#undef main
+#undef sendto
+
+static unsigned char captured[BUF_SIZE];
+static size_t captured_len = 0;
+static struct sockaddr_in captured_dest;
+static size_t captured_count = 0;
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len) {
+    (void)sockfd;
+    (void)flags;
+    if (dest_len != sizeof(struct sockaddr_in) || len > sizeof(captured)) {
+        return -1;
+    }
+    memcpy(captured, buf, len);
+    captured_len = len;
+    memcpy(&captured_dest, dest, sizeof(captured_dest));
+    captured_count++;
+    return (ssize_t)len;
+}
+
+static void reset_capture(void) {
+    memset(captured, 0, sizeof(captured));
+    captured_len = 0;
+    memset(&captured_dest, 0, sizeof(captured_dest));
+    captured_count = 0;
+}
+
+static void configure_base(struct config *cfg) {
+    memset(cfg, 0, sizeof(*cfg));
+    snprintf(cfg->instance_name, sizeof(cfg->instance_name), "%s", "Alton Time Capsule");
+    snprintf(cfg->host_label, sizeof(cfg->host_label), "%s", "alton-time-capsule");
+    snprintf(cfg->host_fqdn, sizeof(cfg->host_fqdn), "%s", "alton-time-capsule.local.");
+    snprintf(cfg->service_type, sizeof(cfg->service_type), "%s", "_smb._tcp.local.");
+    snprintf(cfg->adisk_service_type, sizeof(cfg->adisk_service_type), "%s", "_adisk._tcp.local.");
+    snprintf(cfg->device_info_service_type, sizeof(cfg->device_info_service_type), "%s", "_device-info._tcp.local.");
+    snprintf(cfg->airport_service_type, sizeof(cfg->airport_service_type), "%s", "_airport._tcp.local.");
+    snprintf(cfg->device_model, sizeof(cfg->device_model), "%s", "TimeCapsule8,119");
+    snprintf(cfg->airport_wama, sizeof(cfg->airport_wama), "%s", "80:EA:96:E6:58:68");
+    cfg->adisk_disks.count = 1;
+    cfg->port = 445;
+    cfg->adisk_port = 9;
+    cfg->airport_port = 5009;
+    cfg->ttl = 120;
+    cfg->ipv4_addr = inet_addr("10.0.1.77");
+}
+
+static void configure_link(struct link_context *link, uint32_t ipv4_addr) {
+    struct iface_context ctx;
+
+    memset(&ctx, 0, sizeof(ctx));
+    snprintf(ctx.name, sizeof(ctx.name), "%s", "bridge0");
+    ctx.ipv4_addr = ipv4_addr;
+    ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(link, &ctx);
+}
+
+static void configure_addrs(struct sockaddr_in *mdns_dest, struct sockaddr_in *source) {
+    memset(mdns_dest, 0, sizeof(*mdns_dest));
+    mdns_dest->sin_family = AF_INET;
+    mdns_dest->sin_port = htons(MDNS_PORT);
+    mdns_dest->sin_addr.s_addr = inet_addr(MDNS_GROUP);
+
+    memset(source, 0, sizeof(*source));
+    source->sin_family = AF_INET;
+    source->sin_port = htons(62001);
+    source->sin_addr.s_addr = inet_addr("10.0.1.42");
+}
+
+static size_t make_query(unsigned char *packet, unsigned short qtype) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.id = htons(0x4444);
+    hdr.qdcount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (encode_name(packet, &off, BUF_SIZE, DNS_SD_SERVICE_ENUMERATION_NAME) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, qtype) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static void add_snapshot_service(struct service_record_set *snapshot, const char *service_type) {
+    struct service_record *record = &snapshot->records[snapshot->count++];
+    memset(record, 0, sizeof(*record));
+    snprintf(record->service_type, sizeof(record->service_type), "%s", service_type);
+    snprintf(record->instance_name, sizeof(record->instance_name), "%s", "Snapshot");
+    snprintf(record->instance_fqdn, sizeof(record->instance_fqdn), "%s%s", "Snapshot.", service_type);
+    snprintf(record->host_fqdn, sizeof(record->host_fqdn), "%s", "snapshot-host.local.");
+    record->port = 1;
+}
+
+static int skip_questions(size_t *cursor) {
+    struct dns_header hdr;
+    unsigned short i;
+
+    if (captured_len < sizeof(hdr)) {
+        return -1;
+    }
+    memcpy(&hdr, captured, sizeof(hdr));
+    *cursor = sizeof(hdr);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(captured, captured_len, cursor, qname, sizeof(qname)) != 0 ||
+            *cursor + 4 > captured_len) {
+            return -1;
+        }
+        *cursor += 4;
+    }
+    return 0;
+}
+
+static int count_ptr_target(const char *target) {
+    struct dns_header hdr;
+    size_t cursor;
+    unsigned short i;
+    int matches = 0;
+
+    memcpy(&hdr, captured, sizeof(hdr));
+    if (skip_questions(&cursor) != 0) {
+        return -1;
+    }
+    for (i = 0; i < ntohs(hdr.ancount); i++) {
+        char owner[MAX_NAME];
+        char ptr_target[MAX_NAME];
+        unsigned short rrtype;
+        unsigned short rdlength;
+        size_t rdata_cursor;
+        size_t rdata_end;
+
+        if (decode_name(captured, captured_len, &cursor, owner, sizeof(owner)) != 0 ||
+            cursor + 10 > captured_len) {
+            return -1;
+        }
+        memcpy(&rrtype, captured + cursor, 2);
+        memcpy(&rdlength, captured + cursor + 8, 2);
+        cursor += 10;
+        rrtype = ntohs(rrtype);
+        rdlength = ntohs(rdlength);
+        if (cursor + rdlength > captured_len) {
+            return -1;
+        }
+        rdata_cursor = cursor;
+        rdata_end = cursor + rdlength;
+        if (rrtype == DNS_TYPE_PTR &&
+            decode_name(captured, captured_len, &rdata_cursor, ptr_target, sizeof(ptr_target)) == 0 &&
+            rdata_cursor == rdata_end &&
+            name_equals(ptr_target, target)) {
+            matches++;
+        }
+        cursor += rdlength;
+    }
+    return matches;
+}
+
+static int expect_generated_types(void) {
+    if (captured_count != 1 ||
+        captured_dest.sin_addr.s_addr != inet_addr("10.0.1.42") ||
+        count_ptr_target("_smb._tcp.local.") != 1 ||
+        count_ptr_target("_adisk._tcp.local.") != 1 ||
+        count_ptr_target("_device-info._tcp.local.") != 1 ||
+        count_ptr_target("_airport._tcp.local.") != 1 ||
+        count_ptr_target("_ipp._tcp.local.") != 0) {
+        return 1;
+    }
+    return 0;
+}
+
+static int expect_snapshot_types(void) {
+    if (captured_count != 1 ||
+        count_ptr_target("_smb._tcp.local.") != 1 ||
+        count_ptr_target("_adisk._tcp.local.") != 1 ||
+        count_ptr_target("_device-info._tcp.local.") != 1 ||
+        count_ptr_target("_airport._tcp.local.") != 1 ||
+        count_ptr_target("_ipp._tcp.local.") != 1 ||
+        count_ptr_target("_afpovertcp._tcp.local.") != 0) {
+        return 1;
+    }
+    return 0;
+}
+
+int main(void) {
+    struct config cfg;
+    struct link_context link;
+    struct service_record_set snapshot;
+    struct sockaddr_in mdns_dest;
+    struct sockaddr_in source;
+    unsigned char query[BUF_SIZE];
+    size_t query_len;
+
+    configure_base(&cfg);
+    configure_link(&link, cfg.ipv4_addr);
+    configure_addrs(&mdns_dest, &source);
+    memset(&snapshot, 0, sizeof(snapshot));
+
+    query_len = make_query(query, DNS_TYPE_PTR);
+    reset_capture();
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &link, &snapshot, 0) != 0 ||
+        expect_generated_types() != 0) {
+        return 1;
+    }
+
+    add_snapshot_service(&snapshot, "_airport._tcp.local.");
+    add_snapshot_service(&snapshot, "_ipp._tcp.local.");
+    add_snapshot_service(&snapshot, "_smb._tcp.local.");
+    add_snapshot_service(&snapshot, "_afpovertcp._tcp.local.");
+
+    query_len = make_query(query, DNS_TYPE_ANY);
+    reset_capture();
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &link, &snapshot, 1) != 0 ||
+        expect_snapshot_types() != 0) {
+        return 2;
+    }
+
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_service_type_enumeration")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_multicast_delay_and_unicast_hop_limits(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = r'''
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len);
+int fake_setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen);
+int fake_usleep(useconds_t usec);
+int fake_rand(void);
+void fake_srand(unsigned int seed);
+
+#define sendto fake_sendto
+#define setsockopt fake_setsockopt
+#define usleep fake_usleep
+#define rand fake_rand
+#define srand fake_srand
+#define main mdns_advertiser_main
+#include "@MDNS_SOURCE@"
+#undef main
+#undef srand
+#undef rand
+#undef usleep
+#undef setsockopt
+#undef sendto
+
+struct opt_call {
+    int level;
+    int optname;
+    unsigned int value;
+};
+
+static unsigned char captured_packets[4][BUF_SIZE];
+static size_t captured_lengths[4];
+static size_t captured_count = 0;
+static useconds_t captured_usleeps[8];
+static size_t captured_usleep_count = 0;
+static struct opt_call captured_opts[32];
+static size_t captured_opt_count = 0;
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len) {
+    (void)sockfd;
+    (void)flags;
+    (void)dest;
+    (void)dest_len;
+    if (captured_count < 4 && len <= sizeof(captured_packets[0])) {
+        memcpy(captured_packets[captured_count], buf, len);
+        captured_lengths[captured_count] = len;
+        captured_count++;
+    }
+    return (ssize_t)len;
+}
+
+int fake_setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen) {
+    (void)sockfd;
+    if (captured_opt_count < 32) {
+        captured_opts[captured_opt_count].level = level;
+        captured_opts[captured_opt_count].optname = optname;
+        captured_opts[captured_opt_count].value = 0;
+        if (optval != NULL) {
+            if (optlen == sizeof(int)) {
+                int value;
+                memcpy(&value, optval, sizeof(value));
+                captured_opts[captured_opt_count].value = (unsigned int)value;
+            } else if (optlen == sizeof(unsigned int)) {
+                unsigned int value;
+                memcpy(&value, optval, sizeof(value));
+                captured_opts[captured_opt_count].value = value;
+            }
+        }
+        captured_opt_count++;
+    }
+    return 0;
+}
+
+int fake_usleep(useconds_t usec) {
+    if (captured_usleep_count < 8) {
+        captured_usleeps[captured_usleep_count++] = usec;
+    }
+    return 0;
+}
+
+int fake_rand(void) {
+    return 0;
+}
+
+void fake_srand(unsigned int seed) {
+    (void)seed;
+}
+
+static void reset_packet_capture(void) {
+    memset(captured_packets, 0, sizeof(captured_packets));
+    memset(captured_lengths, 0, sizeof(captured_lengths));
+    captured_count = 0;
+    captured_usleep_count = 0;
+}
+
+static void reset_option_capture(void) {
+    memset(captured_opts, 0, sizeof(captured_opts));
+    captured_opt_count = 0;
+}
+
+static int saw_opt(int level, int optname, unsigned int value) {
+    size_t i;
+
+    for (i = 0; i < captured_opt_count; i++) {
+        if (captured_opts[i].level == level &&
+            captured_opts[i].optname == optname &&
+            captured_opts[i].value == value) {
+            return 1;
+        }
+    }
+    return 0;
+}
+
+static void configure_base(struct config *cfg) {
+    memset(cfg, 0, sizeof(*cfg));
+    snprintf(cfg->instance_name, sizeof(cfg->instance_name), "%s", "Alton Time Capsule");
+    snprintf(cfg->host_label, sizeof(cfg->host_label), "%s", "alton-time-capsule");
+    snprintf(cfg->host_fqdn, sizeof(cfg->host_fqdn), "%s", "alton-time-capsule.local.");
+    snprintf(cfg->service_type, sizeof(cfg->service_type), "%s", "_smb._tcp.local.");
+    cfg->port = 445;
+    cfg->ttl = 120;
+    cfg->ipv4_addr = inet_addr("10.0.1.77");
+}
+
+static void configure_link(struct link_context *link, uint32_t ipv4_addr) {
+    struct iface_context ctx;
+
+    memset(&ctx, 0, sizeof(ctx));
+    snprintf(ctx.name, sizeof(ctx.name), "%s", "bridge0");
+    ctx.ipv4_addr = ipv4_addr;
+    ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(link, &ctx);
+    link->ifindex = 5;
+}
+
+static size_t make_query(unsigned char *packet, const char *qname) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.qdcount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (encode_name(packet, &off, BUF_SIZE, qname) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_PTR) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static int handle_query_from_port(uint16_t port) {
+    struct config cfg;
+    struct link_context link;
+    struct service_record_set snapshot;
+    struct sockaddr_in mdns_dest;
+    struct sockaddr_in source;
+    unsigned char query[BUF_SIZE];
+    size_t query_len;
+
+    configure_base(&cfg);
+    configure_link(&link, cfg.ipv4_addr);
+    memset(&snapshot, 0, sizeof(snapshot));
+    memset(&mdns_dest, 0, sizeof(mdns_dest));
+    mdns_dest.sin_family = AF_INET;
+    mdns_dest.sin_port = htons(MDNS_PORT);
+    mdns_dest.sin_addr.s_addr = inet_addr(MDNS_GROUP);
+    memset(&source, 0, sizeof(source));
+    source.sin_family = AF_INET;
+    source.sin_port = htons(port);
+    source.sin_addr.s_addr = inet_addr("10.0.1.42");
+
+    query_len = make_query(query, cfg.service_type);
+    return query_len == 0 ? -1 : handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &link, &snapshot, 0);
+}
+
+int main(void) {
+    reset_packet_capture();
+    if (handle_query_from_port(MDNS_PORT) != 0 ||
+        captured_count != 1 ||
+        captured_usleep_count != 1 ||
+        captured_usleeps[0] != 20000) {
+        return 1;
+    }
+
+    reset_packet_capture();
+    if (handle_query_from_port(62001) != 0 ||
+        captured_count != 1 ||
+        captured_usleep_count != 0) {
+        return 2;
+    }
+
+    reset_option_capture();
+    if (configure_multicast_socket_options(77) != 0 ||
+        !saw_opt(IPPROTO_IP, IP_MULTICAST_TTL, 255) ||
+        !saw_opt(IPPROTO_IP, IP_MULTICAST_LOOP, 1)) {
+        return 3;
+    }
+#ifdef IP_TTL
+    if (!saw_opt(IPPROTO_IP, IP_TTL, 255)) {
+        return 4;
+    }
+#endif
+
+#ifdef IPV6_MULTICAST_IF
+    reset_option_capture();
+    if (set_outbound_multicast_interface6(77, 5, "test", 0, 0) != 0 ||
+        !saw_opt(IPPROTO_IPV6, IPV6_MULTICAST_IF, 5)) {
+        return 5;
+    }
+#ifdef IPV6_MULTICAST_HOPS
+    if (!saw_opt(IPPROTO_IPV6, IPV6_MULTICAST_HOPS, 255)) {
+        return 6;
+    }
+#endif
+#ifdef IPV6_MULTICAST_LOOP
+    if (!saw_opt(IPPROTO_IPV6, IPV6_MULTICAST_LOOP, 1)) {
+        return 7;
+    }
+#endif
+#ifdef IPV6_UNICAST_HOPS
+    if (!saw_opt(IPPROTO_IPV6, IPV6_UNICAST_HOPS, 255)) {
+        return 8;
+    }
+#endif
+#endif
+
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_multicast_delay_and_hops")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_startup_burst_schedule_is_apple_compatible(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = r'''
+#include <stdio.h>
+
+#define main mdns_advertiser_main
+#include "@MDNS_SOURCE@"
+#undef main
+
+int main(void) {
+    static const unsigned int expected[STARTUP_BURST_COUNT] = {0, 1000, 3000, 7000};
+    size_t i;
+
+    if (STARTUP_BURST_COUNT != 4) {
+        return 1;
+    }
+    for (i = 0; i < STARTUP_BURST_COUNT; i++) {
+        if (g_startup_burst_offsets_ms[i] != expected[i]) {
+            return 2;
+        }
+    }
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_startup_schedule")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = r'''
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len);
+
+#define sendto fake_sendto
+#define main mdns_advertiser_main
+#include "@MDNS_SOURCE@"
+#undef main
+#undef sendto
+
+static unsigned char captured_packets[4][BUF_SIZE];
+static size_t captured_lengths[4];
+static size_t captured_count = 0;
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len) {
+    (void)sockfd;
+    (void)flags;
+    (void)dest;
+    (void)dest_len;
+    if (captured_count < 4) {
+        memcpy(captured_packets[captured_count], buf, len);
+        captured_lengths[captured_count] = len;
+        captured_count++;
+    }
+    return (ssize_t)len;
+}
+
+static void reset_captures(void) {
+    memset(captured_packets, 0, sizeof(captured_packets));
+    memset(captured_lengths, 0, sizeof(captured_lengths));
+    captured_count = 0;
+}
+
+static void configure_base(struct config *cfg) {
+    memset(cfg, 0, sizeof(*cfg));
+    snprintf(cfg->instance_name, sizeof(cfg->instance_name), "%s", "Alton Time Capsule");
+    snprintf(cfg->host_label, sizeof(cfg->host_label), "%s", "alton-time-capsule");
+    snprintf(cfg->host_fqdn, sizeof(cfg->host_fqdn), "%s", "alton-time-capsule.local.");
+    snprintf(cfg->service_type, sizeof(cfg->service_type), "%s", "_smb._tcp.local.");
+    snprintf(cfg->adisk_service_type, sizeof(cfg->adisk_service_type), "%s", "_adisk._tcp.local.");
+    snprintf(cfg->device_info_service_type, sizeof(cfg->device_info_service_type), "%s", "_device-info._tcp.local.");
+    snprintf(cfg->airport_service_type, sizeof(cfg->airport_service_type), "%s", "_airport._tcp.local.");
+    cfg->port = 445;
+    cfg->adisk_port = 9;
+    cfg->airport_port = 5009;
+    cfg->ttl = 120;
+    cfg->ipv4_addr = inet_addr("10.0.1.77");
+    cfg->diskless = 1;
+}
+
+static size_t make_query(unsigned char *packet, const char *qname, unsigned short qtype) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.qdcount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (encode_name(packet, &off, BUF_SIZE, qname) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, qtype) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static int count_rr_type(const unsigned char *packet, size_t packet_len, unsigned short want_type) {
+    struct dns_header hdr;
+    size_t cursor = sizeof(hdr);
+    unsigned short total_answers;
+    int matches = 0;
+    unsigned short i;
+
+    memcpy(&hdr, packet, sizeof(hdr));
+    total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {
+            return -1;
+        }
+        cursor += 4;
+    }
+    for (i = 0; i < total_answers; i++) {
+        char name[MAX_NAME];
+        unsigned short rrtype;
+        unsigned short rdlength;
+
+        if (decode_name(packet, packet_len, &cursor, name, sizeof(name)) != 0 || cursor + 10 > packet_len) {
+            return -1;
+        }
+        memcpy(&rrtype, packet + cursor, 2);
+        memcpy(&rdlength, packet + cursor + 8, 2);
+        cursor += 10;
+        rrtype = ntohs(rrtype);
+        rdlength = ntohs(rdlength);
+        if (cursor + rdlength > packet_len) {
+            return -1;
+        }
+        if (rrtype == want_type) {
+            matches++;
+        }
+        cursor += rdlength;
+    }
+    return matches;
+}
+
+int main(void) {
+    struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
+    struct service_record_set snapshot;
+    struct sockaddr_in mdns_dest;
+    struct sockaddr_in source;
+    unsigned char query[BUF_SIZE];
+    size_t query_len;
+
+    configure_base(&cfg);
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
+    memset(&snapshot, 0, sizeof(snapshot));
+    memset(&mdns_dest, 0, sizeof(mdns_dest));
+    mdns_dest.sin_family = AF_INET;
+    mdns_dest.sin_port = htons(MDNS_PORT);
+    mdns_dest.sin_addr.s_addr = inet_addr(MDNS_GROUP);
+    memset(&source, 0, sizeof(source));
+    source.sin_family = AF_INET;
+    source.sin_port = htons(62001);
+    source.sin_addr.s_addr = inet_addr("10.0.1.42");
+
+    reset_captures();
+    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 1;
+    }
+    if (captured_count != 0) {
+        return 2;
+    }
+
+    reset_captures();
+    query_len = make_query(query, cfg.host_fqdn, DNS_TYPE_A);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0) {
+        return 3;
+    }
+    if (captured_count != 1 ||
+        count_rr_type(captured_packets[0], captured_lengths[0], DNS_TYPE_A) != 1 ||
+        count_rr_type(captured_packets[0], captured_lengths[0], DNS_TYPE_PTR) != 0) {
+        return 4;
+    }
+
+    printf("ok\n");
+    return 0;
+}
+'''.replace("@MDNS_SOURCE@", mdns_source)
+        run = self._compile_and_run_c_helper(source, "mdns_diskless_host_a_no_smb")
+        self.assertEqual(run.returncode, 0, run.stderr)
+        self.assertEqual(run.stdout.strip(), "ok")
+
+    def test_mdns_advertiser_suppresses_fresh_known_answer_a_records(self) -> None:
+        mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
+        source = r'''
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len);
+
+#define sendto fake_sendto
+#define main mdns_advertiser_main
+#include "@MDNS_SOURCE@"
+#undef main
+#undef sendto
+
+static unsigned char captured_packet[BUF_SIZE];
+static size_t captured_len = 0;
+static size_t captured_count = 0;
+
+ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
+                    const struct sockaddr *dest, socklen_t dest_len) {
+    (void)sockfd;
+    (void)flags;
+    (void)dest;
+    (void)dest_len;
+    memcpy(captured_packet, buf, len);
+    captured_len = len;
+    captured_count++;
+    return (ssize_t)len;
+}
+
+static void reset_captures(void) {
+    memset(captured_packet, 0, sizeof(captured_packet));
+    captured_len = 0;
+    captured_count = 0;
+}
+
+static void configure_base(struct config *cfg) {
+    memset(cfg, 0, sizeof(*cfg));
+    snprintf(cfg->instance_name, sizeof(cfg->instance_name), "%s", "Alton Time Capsule");
+    snprintf(cfg->host_label, sizeof(cfg->host_label), "%s", "alton-time-capsule");
+    snprintf(cfg->host_fqdn, sizeof(cfg->host_fqdn), "%s", "alton-time-capsule.local.");
+    snprintf(cfg->service_type, sizeof(cfg->service_type), "%s", "_smb._tcp.local.");
+    snprintf(cfg->adisk_service_type, sizeof(cfg->adisk_service_type), "%s", "_adisk._tcp.local.");
+    snprintf(cfg->device_info_service_type, sizeof(cfg->device_info_service_type), "%s", "_device-info._tcp.local.");
+    snprintf(cfg->airport_service_type, sizeof(cfg->airport_service_type), "%s", "_airport._tcp.local.");
+    cfg->port = 445;
+    cfg->ttl = 120;
+    cfg->ipv4_addr = inet_addr("10.0.1.77");
+}
+
+static size_t make_query_with_known_a_pair(unsigned char *packet, const struct config *cfg,
+                                           uint32_t ttl, uint32_t first_addr, int include_second,
+                                           uint32_t second_addr) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.qdcount = htons(1);
+    hdr.ancount = htons(include_second ? 2 : 1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (encode_name(packet, &off, BUF_SIZE, cfg->host_fqdn) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_A) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN) != 0 ||
+        encode_name(packet, &off, BUF_SIZE, cfg->host_fqdn) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_A) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN_UNIQUE) != 0 ||
+        append_u32(packet, &off, BUF_SIZE, ttl) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, 4) != 0 ||
+        append_bytes(packet, &off, BUF_SIZE, &first_addr, 4) != 0) {
+        return 0;
+    }
+    if (include_second &&
+        (encode_name(packet, &off, BUF_SIZE, cfg->host_fqdn) != 0 ||
+         append_u16(packet, &off, BUF_SIZE, DNS_TYPE_A) != 0 ||
+         append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN_UNIQUE) != 0 ||
+         append_u32(packet, &off, BUF_SIZE, ttl) != 0 ||
+         append_u16(packet, &off, BUF_SIZE, 4) != 0 ||
+         append_bytes(packet, &off, BUF_SIZE, &second_addr, 4) != 0)) {
+        return 0;
+    }
+    return off;
+}
+
+static size_t make_query_with_known_a(unsigned char *packet, const struct config *cfg,
+                                      uint32_t ttl, uint32_t known_addr) {
+    return make_query_with_known_a_pair(packet, cfg, ttl, known_addr, 0, 0);
+}
+
+static int count_rr_type(const unsigned char *packet, size_t packet_len, unsigned short want_type) {
+    struct dns_header hdr;
+    size_t cursor = sizeof(hdr);
+    unsigned short total_answers;
+    int matches = 0;
+    unsigned short i;
+
+    memcpy(&hdr, packet, sizeof(hdr));
+    total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {
+            return -1;
+        }
+        cursor += 4;
+    }
+    for (i = 0; i < total_answers; i++) {
+        char name[MAX_NAME];
+        unsigned short rrtype;
+        unsigned short rdlength;
+
+        if (decode_name(packet, packet_len, &cursor, name, sizeof(name)) != 0 || cursor + 10 > packet_len) {
+            return -1;
+        }
+        memcpy(&rrtype, packet + cursor, 2);
+        memcpy(&rdlength, packet + cursor + 8, 2);
+        cursor += 10;
+        rrtype = ntohs(rrtype);
+        rdlength = ntohs(rdlength);
+        if (cursor + rdlength > packet_len) {
+            return -1;
+        }
+        if (rrtype == want_type) {
+            matches++;
+        }
+        cursor += rdlength;
+    }
+    return matches;
+}
+
+int main(void) {
+    struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
+    struct service_record_set snapshot;
+    struct sockaddr_in mdns_dest;
+    struct sockaddr_in source;
+    unsigned char query[BUF_SIZE];
+    size_t query_len;
+    uint32_t link_local_addr;
+
+    configure_base(&cfg);
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
+    memset(&snapshot, 0, sizeof(snapshot));
+    memset(&mdns_dest, 0, sizeof(mdns_dest));
+    mdns_dest.sin_family = AF_INET;
+    mdns_dest.sin_port = htons(MDNS_PORT);
+    mdns_dest.sin_addr.s_addr = inet_addr(MDNS_GROUP);
+    memset(&source, 0, sizeof(source));
+    source.sin_family = AF_INET;
+    source.sin_port = htons(62001);
+    source.sin_addr.s_addr = inet_addr("10.0.1.42");
+
+    reset_captures();
+    query_len = make_query_with_known_a(query, &cfg, 100, cfg.ipv4_addr);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 0) {
         return 1;
     }
-    if (captured_count != 1 ||
-        captured_dests[0].sin_addr.s_addr != source.sin_addr.s_addr ||
-        captured_dests[0].sin_port != source.sin_port ||
-        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0])) {
+
+    link_local_addr = inet_addr("169.254.44.55");
+    if (response_link.ipv4_count >= MAX_LINK_IPV4_ADDRS) {
         return 2;
     }
+    response_link.ipv4[response_link.ipv4_count].addr = link_local_addr;
+    response_link.ipv4[response_link.ipv4_count].netmask = ipv4_link_local_netmask();
+    response_link.ipv4_count++;
 
     reset_captures();
-    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_IN);
+    query_len = make_query_with_known_a(query, &cfg, 100, cfg.ipv4_addr);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_A) != 1) {
         return 3;
     }
-    if (captured_count != 1 ||
-        captured_dests[0].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
-        captured_dests[0].sin_port != mdns_dest.sin_port ||
-        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0])) {
+
+    reset_captures();
+    query_len = make_query_with_known_a_pair(query, &cfg, 100, cfg.ipv4_addr, 1, link_local_addr);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 0) {
         return 4;
     }
 
     reset_captures();
-    query_len = make_mixed_query(query, cfg.service_type, cfg.host_fqdn);
+    query_len = make_query_with_known_a(query, &cfg, 10, cfg.ipv4_addr);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_A) != 2) {
         return 5;
     }
-    if (captured_count != 2 ||
-        captured_dests[0].sin_addr.s_addr != source.sin_addr.s_addr ||
-        captured_dests[0].sin_port != source.sin_port ||
-        captured_dests[1].sin_addr.s_addr != mdns_dest.sin_addr.s_addr ||
-        captured_dests[1].sin_port != mdns_dest.sin_port ||
-        !packet_has_smb_browse_additionals(captured_packets[0], captured_lengths[0]) ||
-        count_rr_type(captured_packets[1], captured_lengths[1], DNS_TYPE_A) != 1) {
-        return 6;
-    }
 
     reset_captures();
-    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR, DNS_CLASS_CACHE_FLUSH | 2);
+    query_len = make_query_with_known_a(query, &cfg, 100, inet_addr("10.0.1.88"));
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
-        return 7;
-    }
-    if (captured_count != 0) {
-        return 8;
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_A) != 2) {
+        return 6;
     }
 
-    return 0;
-}
-
-int main(void) {
-    int result = run_route_cases();
-    if (result != 0) {
-        return result;
-    }
     printf("ok\n");
     return 0;
 }
 '''.replace("@MDNS_SOURCE@", mdns_source)
-        run = self._compile_and_run_c_helper(source, "mdns_qu_qm_query_routes")
+        run = self._compile_and_run_c_helper(source, "mdns_known_answer_suppression")
         self.assertEqual(run.returncode, 0, run.stderr)
         self.assertEqual(run.stdout.strip(), "ok")
 
-    def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
+    def test_mdns_advertiser_defers_tc_and_matches_structured_known_answers(self) -> None:
         mdns_source = (REPO_ROOT / "build" / "mdns-advertiser.c").as_posix()
         source = r'''
 #include <arpa/inet.h>
@@ -2917,8 +4471,8 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
 #undef main
 #undef sendto
 
-static unsigned char captured_packets[4][BUF_SIZE];
-static size_t captured_lengths[4];
+static unsigned char captured_packet[BUF_SIZE];
+static size_t captured_len = 0;
 static size_t captured_count = 0;
 
 ssize_t fake_sendto(int sockfd, const void *buf, size_t len, int flags,
@@ -2927,17 +4481,15 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
     (void)flags;
     (void)dest;
     (void)dest_len;
-    if (captured_count < 4) {
-        memcpy(captured_packets[captured_count], buf, len);
-        captured_lengths[captured_count] = len;
-        captured_count++;
-    }
+    memcpy(captured_packet, buf, len);
+    captured_len = len;
+    captured_count++;
     return (ssize_t)len;
 }
 
 static void reset_captures(void) {
-    memset(captured_packets, 0, sizeof(captured_packets));
-    memset(captured_lengths, 0, sizeof(captured_lengths));
+    memset(captured_packet, 0, sizeof(captured_packet));
+    captured_len = 0;
     captured_count = 0;
 }
 
@@ -2951,25 +4503,8 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
     snprintf(cfg->device_info_service_type, sizeof(cfg->device_info_service_type), "%s", "_device-info._tcp.local.");
     snprintf(cfg->airport_service_type, sizeof(cfg->airport_service_type), "%s", "_airport._tcp.local.");
     cfg->port = 445;
-    cfg->adisk_port = 9;
-    cfg->airport_port = 5009;
     cfg->ttl = 120;
     cfg->ipv4_addr = inet_addr("10.0.1.77");
-    cfg->diskless = 1;
-}
-
-static size_t make_query(unsigned char *packet, const char *qname, unsigned short qtype) {
-    struct dns_header hdr;
-    size_t off = sizeof(hdr);
-    memset(&hdr, 0, sizeof(hdr));
-    hdr.qdcount = htons(1);
-    memcpy(packet, &hdr, sizeof(hdr));
-    if (encode_name(packet, &off, BUF_SIZE, qname) != 0 ||
-        append_u16(packet, &off, BUF_SIZE, qtype) != 0 ||
-        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN) != 0) {
-        return 0;
-    }
-    return off;
 }
 
 static int count_rr_type(const unsigned char *packet, size_t packet_len, unsigned short want_type) {
@@ -2981,6 +4516,13 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
 
     memcpy(&hdr, packet, sizeof(hdr));
     total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {
+            return -1;
+        }
+        cursor += 4;
+    }
     for (i = 0; i < total_answers; i++) {
         char name[MAX_NAME];
         unsigned short rrtype;
@@ -3005,15 +4547,125 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
     return matches;
 }
 
+static int append_question(unsigned char *packet, size_t *off, const char *qname,
+                           unsigned short qtype) {
+    return encode_name(packet, off, BUF_SIZE, qname) != 0 ||
+           append_u16(packet, off, BUF_SIZE, qtype) != 0 ||
+           append_u16(packet, off, BUF_SIZE, DNS_CLASS_IN) != 0;
+}
+
+static size_t make_tc_host_a_query(unsigned char *packet, const struct config *cfg) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.flags = htons(DNS_FLAG_TC);
+    hdr.qdcount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (append_question(packet, &off, cfg->host_fqdn, DNS_TYPE_A) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static size_t make_known_a_only(unsigned char *packet, const struct config *cfg, uint32_t known_addr) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.ancount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (encode_name(packet, &off, BUF_SIZE, cfg->host_fqdn) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_A) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN_UNIQUE) != 0 ||
+        append_u32(packet, &off, BUF_SIZE, 100) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, 4) != 0 ||
+        append_bytes(packet, &off, BUF_SIZE, &known_addr, 4) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static size_t make_txt_query_with_known(unsigned char *packet, const char *instance_fqdn,
+                                        const char *known_txt) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    unsigned char txt_len = (unsigned char)strlen(known_txt);
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.qdcount = htons(1);
+    hdr.ancount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (append_question(packet, &off, instance_fqdn, DNS_TYPE_TXT) != 0 ||
+        encode_name(packet, &off, BUF_SIZE, instance_fqdn) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_TXT) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN_UNIQUE) != 0 ||
+        append_u32(packet, &off, BUF_SIZE, 100) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, (uint16_t)(1 + txt_len)) != 0 ||
+        append_bytes(packet, &off, BUF_SIZE, &txt_len, 1) != 0 ||
+        append_bytes(packet, &off, BUF_SIZE, known_txt, txt_len) != 0) {
+        return 0;
+    }
+    return off;
+}
+
+static size_t make_srv_query_with_known(unsigned char *packet, const struct config *cfg,
+                                        const char *instance_fqdn, unsigned short port) {
+    struct dns_header hdr;
+    size_t off = sizeof(hdr);
+    size_t rdlength_offset;
+    size_t rdata_start;
+    uint16_t rdlength;
+    memset(&hdr, 0, sizeof(hdr));
+    hdr.qdcount = htons(1);
+    hdr.ancount = htons(1);
+    memcpy(packet, &hdr, sizeof(hdr));
+    if (append_question(packet, &off, instance_fqdn, DNS_TYPE_SRV) != 0 ||
+        encode_name(packet, &off, BUF_SIZE, instance_fqdn) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_TYPE_SRV) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, DNS_CLASS_IN_UNIQUE) != 0 ||
+        append_u32(packet, &off, BUF_SIZE, 100) != 0) {
+        return 0;
+    }
+    rdlength_offset = off;
+    if (append_u16(packet, &off, BUF_SIZE, 0) != 0) {
+        return 0;
+    }
+    rdata_start = off;
+    if (append_u16(packet, &off, BUF_SIZE, 0) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, 0) != 0 ||
+        append_u16(packet, &off, BUF_SIZE, port) != 0 ||
+        encode_name(packet, &off, BUF_SIZE, cfg->host_fqdn) != 0) {
+        return 0;
+    }
+    rdlength = htons((uint16_t)(off - rdata_start));
+    memcpy(packet + rdlength_offset, &rdlength, 2);
+    return off;
+}
+
 int main(void) {
     struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
     struct service_record_set snapshot;
     struct sockaddr_in mdns_dest;
     struct sockaddr_in source;
     unsigned char query[BUF_SIZE];
     size_t query_len;
+    char instance_fqdn[MAX_NAME];
+    uint32_t link_local_addr;
 
     configure_base(&cfg);
+    if (build_instance_fqdn(instance_fqdn, sizeof(instance_fqdn), cfg.instance_name, cfg.service_type) != 0) {
+        return 1;
+    }
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
+    link_local_addr = inet_addr("169.254.44.55");
+    response_link.ipv4[response_link.ipv4_count].addr = link_local_addr;
+    response_link.ipv4[response_link.ipv4_count].netmask = ipv4_link_local_netmask();
+    response_link.ipv4_count++;
+
     memset(&snapshot, 0, sizeof(snapshot));
     memset(&mdns_dest, 0, sizeof(mdns_dest));
     mdns_dest.sin_family = AF_INET;
@@ -3021,36 +4673,64 @@ def test_mdns_advertiser_diskless_answers_host_a_but_not_smb(self) -> None:
     mdns_dest.sin_addr.s_addr = inet_addr(MDNS_GROUP);
     memset(&source, 0, sizeof(source));
     source.sin_family = AF_INET;
-    source.sin_port = htons(62001);
+    source.sin_port = htons(MDNS_PORT);
     source.sin_addr.s_addr = inet_addr("10.0.1.42");
 
     reset_captures();
-    query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR);
+    query_len = make_tc_host_a_query(query, &cfg);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
-        return 1;
-    }
-    if (captured_count != 0) {
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 0 ||
+        !g_deferred_response.active) {
         return 2;
     }
-
-    reset_captures();
-    query_len = make_query(query, cfg.host_fqdn, DNS_TYPE_A);
+    query_len = make_known_a_only(query, &cfg, cfg.ipv4_addr);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 0) != 0) {
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_A) != 1 ||
+        g_deferred_response.active) {
         return 3;
     }
-    if (captured_count != 1 ||
-        count_rr_type(captured_packets[0], captured_lengths[0], DNS_TYPE_A) != 1 ||
-        count_rr_type(captured_packets[0], captured_lengths[0], DNS_TYPE_PTR) != 0) {
+
+    reset_captures();
+    query_len = make_txt_query_with_known(query, instance_fqdn, "");
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 0) {
         return 4;
     }
+    query_len = make_txt_query_with_known(query, instance_fqdn, "x");
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_TXT) != 1) {
+        return 5;
+    }
+
+    reset_captures();
+    query_len = make_srv_query_with_known(query, &cfg, instance_fqdn, cfg.port);
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_SRV) != 0 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_A) != 2) {
+        return 6;
+    }
+    reset_captures();
+    query_len = make_srv_query_with_known(query, &cfg, instance_fqdn, (unsigned short)(cfg.port + 1));
+    if (query_len == 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 0) != 0 ||
+        captured_count != 1 ||
+        count_rr_type(captured_packet, captured_len, DNS_TYPE_SRV) != 1) {
+        return 7;
+    }
 
     printf("ok\n");
     return 0;
 }
 '''.replace("@MDNS_SOURCE@", mdns_source)
-        run = self._compile_and_run_c_helper(source, "mdns_diskless_host_a_no_smb")
+        run = self._compile_and_run_c_helper(source, "mdns_tc_and_structured_known_answers")
         self.assertEqual(run.returncode, 0, run.stderr)
         self.assertEqual(run.stdout.strip(), "ok")
 
@@ -3166,6 +4846,13 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
 
     memcpy(&hdr, packet, sizeof(hdr));
     total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {
+            return -1;
+        }
+        cursor += 4;
+    }
     for (i = 0; i < total_answers; i++) {
         char name[MAX_NAME];
         unsigned short rrtype;
@@ -3199,6 +4886,8 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
 
 int main(void) {
     struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
     struct service_record_set snapshot;
     struct sockaddr_in mdns_dest;
     struct sockaddr_in source;
@@ -3206,6 +4895,11 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
     size_t query_len;
 
     configure_base(&cfg);
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
     memset(&snapshot, 0, sizeof(snapshot));
     configure_addrs(&mdns_dest, &source);
     add_snapshot_record(&snapshot, "_airport._tcp.local.", "Alton Time Capsule", "Alton-Time-Capsule", 5009, "syAP=116");
@@ -3214,7 +4908,7 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
     reset_captures();
     query_len = make_query(query, "_afpovertcp._tcp.local.", DNS_TYPE_PTR);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 1) != 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 1) != 0 ||
         captured_count != 0) {
         return 1;
     }
@@ -3222,7 +4916,7 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
     reset_captures();
     query_len = make_query(query, "_airport._tcp.local.", DNS_TYPE_PTR);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 1) != 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 1) != 0 ||
         captured_count != 1 ||
         !packet_has_browse_additionals(captured_packets[0], captured_lengths[0])) {
         return 2;
@@ -3231,7 +4925,7 @@ def test_mdns_advertiser_query_response_preserves_snapshot_suppression(self) ->
     reset_captures();
     query_len = make_query(query, cfg.service_type, DNS_TYPE_PTR);
     if (query_len == 0 ||
-        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, cfg.ipv4_addr, &snapshot, 1) != 0 ||
+        handle_query(1, query, query_len, &mdns_dest, &source, &cfg, &response_link, &snapshot, 1) != 0 ||
         captured_count != 1 ||
         !packet_has_browse_additionals(captured_packets[0], captured_lengths[0])) {
         return 3;
@@ -3344,6 +5038,13 @@ def test_mdns_advertiser_splits_snapshot_announcements_and_keeps_managed_device_
 
     memcpy(&hdr, packet, sizeof(hdr));
     total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {{
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {{
+            return -1;
+        }}
+        cursor += 4;
+    }}
     for (i = 0; i < total_answers; i++) {{
         char name[MAX_NAME];
         unsigned short rrtype;
@@ -3376,6 +5077,8 @@ def test_mdns_advertiser_splits_snapshot_announcements_and_keeps_managed_device_
 
 int main(void) {{
     struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
     struct service_record_set snapshot;
     struct sockaddr_in dest;
     struct service_record *record;
@@ -3404,6 +5107,11 @@ def test_mdns_advertiser_splits_snapshot_announcements_and_keeps_managed_device_
     cfg.adisk_port = 9;
     cfg.ttl = 120;
     cfg.ipv4_addr = inet_addr("192.168.1.217");
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
 
     memset(&snapshot, 0, sizeof(snapshot));
 
@@ -3451,7 +5159,7 @@ def test_mdns_advertiser_splits_snapshot_announcements_and_keeps_managed_device_
     dest.sin_port = htons(5353);
     dest.sin_addr.s_addr = inet_addr("224.0.0.251");
 
-    if (send_announcement(1, &dest, &cfg, cfg.ipv4_addr, cfg.ttl, &snapshot, 1) != 0) {{
+    if (send_announcement(1, &dest, &cfg, &response_link, cfg.ttl, &snapshot, 1) != 0) {{
         return 10;
     }}
     if (captured_count < 3) {{
@@ -3541,6 +5249,13 @@ def test_mdns_advertiser_diskless_replays_unsuppressed_snapshot_records(self) ->
 
     memcpy(&hdr, packet, sizeof(hdr));
     total_answers = ntohs(hdr.ancount);
+    for (i = 0; i < ntohs(hdr.qdcount); i++) {
+        char qname[MAX_NAME];
+        if (decode_name(packet, packet_len, &cursor, qname, sizeof(qname)) != 0 || cursor + 4 > packet_len) {
+            return -1;
+        }
+        cursor += 4;
+    }
     for (i = 0; i < total_answers; i++) {
         char name[MAX_NAME];
         unsigned short rrtype;
@@ -3581,6 +5296,8 @@ def test_mdns_advertiser_diskless_replays_unsuppressed_snapshot_records(self) ->
 
 int main(void) {
     struct config cfg;
+    struct iface_context response_ctx;
+    struct link_context response_link;
     struct service_record_set snapshot;
     struct sockaddr_in dest;
     struct service_record_set parsed;
@@ -3610,6 +5327,11 @@ def test_mdns_advertiser_diskless_replays_unsuppressed_snapshot_records(self) ->
     cfg.ttl = 120;
     cfg.ipv4_addr = inet_addr("10.0.1.77");
     cfg.diskless = 1;
+    memset(&response_ctx, 0, sizeof(response_ctx));
+    snprintf(response_ctx.name, sizeof(response_ctx.name), "%s", "bridge0");
+    response_ctx.ipv4_addr = cfg.ipv4_addr;
+    response_ctx.netmask = inet_addr("255.255.255.0");
+    link_context_from_iface_context(&response_link, &response_ctx);
     if (add_adisk_disk_config(&cfg, "Data", "dk2", "12345678-1234-1234-1234-123456789012", "0x82") != 0) {
         return 1;
     }
@@ -3627,7 +5349,7 @@ def test_mdns_advertiser_diskless_replays_unsuppressed_snapshot_records(self) ->
     dest.sin_port = htons(5353);
     dest.sin_addr.s_addr = inet_addr("224.0.0.251");
 
-    if (send_announcement(1, &dest, &cfg, cfg.ipv4_addr, cfg.ttl, &snapshot, 1) != 0) {
+    if (send_announcement(1, &dest, &cfg, &response_link, cfg.ttl, &snapshot, 1) != 0) {
         return 2;
     }
     if (captured_count < 3) {
@@ -3954,11 +5676,42 @@ def test_nbns_advertiser_builds_rfc_query_and_status_responses(self) -> None:
     return 0;
 }
 
+static int expect_nbstat_response(const uint8_t *query, size_t qname_len) {
+    size_t off = 12;
+    size_t rdata_off;
+    size_t stats_off;
+    size_t i;
+
+    if (captured_len != 12 + qname_len + 10 + 83) return 30;
+    if (get_u16(captured, 0) != 0x1337) return 31;
+    if (get_u16(captured, 2) != 0x8400) return 32;
+    if (get_u16(captured, 4) != 0 || get_u16(captured, 6) != 1) return 33;
+    if (get_u16(captured, 8) != 0 || get_u16(captured, 10) != 0) return 34;
+    if (memcmp(captured + off, query + 12, qname_len) != 0) return 35;
+    off += qname_len;
+    if (get_u16(captured, off) != NB_TYPE_NBSTAT) return 36;
+    if (get_u16(captured, off + 2) != DNS_CLASS_IN) return 37;
+    if (get_u32(captured, off + 4) != 0) return 38;
+    if (get_u16(captured, off + 8) != 83) return 39;
+    rdata_off = off + 10;
+    if (captured[rdata_off] != 2) return 40;
+    if (memcmp(captured + rdata_off + 1, "TIMECAPSULE    ", 15) != 0) return 41;
+    if (captured[rdata_off + 16] != NBNS_SUFFIX_WORKSTATION) return 42;
+    if (get_u16(captured, rdata_off + 17) != NBNS_NAME_FLAGS_ACTIVE) return 43;
+    if (memcmp(captured + rdata_off + 19, "TIMECAPSULE    ", 15) != 0) return 44;
+    if (captured[rdata_off + 34] != NBNS_SUFFIX_SERVER) return 45;
+    if (get_u16(captured, rdata_off + 35) != NBNS_NAME_FLAGS_ACTIVE) return 46;
+    stats_off = rdata_off + 1 + (NBNS_NODE_STATUS_NAME_COUNT * 18);
+    for (i = 0; i < NBNS_NODE_STATUS_STATS_LEN; i++) {
+        if (captured[stats_off + i] != 0) return 47;
+    }
+    return 0;
+}
+
 int main(void) {
     uint8_t query[256];
     size_t query_len;
     size_t qname_len;
-    size_t off;
     int rc;
 
     query_len = build_query(query, "TimeCapsule", NBNS_SUFFIX_SERVER, NB_TYPE_NB, 0x0110, NULL);
@@ -3979,22 +5732,15 @@ def test_nbns_advertiser_builds_rfc_query_and_status_responses(self) -> None:
     qname_len = query_len - 12 - 4;
     reset_capture();
     if (invoke_query(query, query_len) != 1 || sendto_call_count != 1) return 3;
-    if (captured_len != 12 + qname_len + 10 + 83) return 30;
-    if (get_u16(captured, 2) != 0x8400) return 31;
-    if (get_u16(captured, 4) != 0 || get_u16(captured, 6) != 1) return 32;
-    off = 12 + qname_len;
-    if (get_u16(captured, off) != NB_TYPE_NBSTAT) return 33;
-    if (get_u16(captured, off + 2) != DNS_CLASS_IN) return 34;
-    if (get_u32(captured, off + 4) != 0) return 35;
-    if (get_u16(captured, off + 8) != 83) return 36;
-    off += 10;
-    if (captured[off] != 2) return 37;
-    if (memcmp(captured + off + 1, "TIMECAPSULE    ", 15) != 0) return 38;
-    if (captured[off + 16] != NBNS_SUFFIX_WORKSTATION) return 39;
-    if (get_u16(captured, off + 17) != NBNS_NAME_FLAGS_ACTIVE) return 40;
-    if (memcmp(captured + off + 19, "TIMECAPSULE    ", 15) != 0) return 41;
-    if (captured[off + 34] != NBNS_SUFFIX_SERVER) return 42;
-    if (get_u16(captured, off + 35) != NBNS_NAME_FLAGS_ACTIVE) return 43;
+    rc = expect_nbstat_response(query, qname_len);
+    if (rc != 0) return 200 + rc;
+
+    query_len = build_query(query, "*", NBNS_SUFFIX_WORKSTATION, NB_TYPE_NBSTAT, 0, "office.local");
+    qname_len = query_len - 12 - 4;
+    reset_capture();
+    if (invoke_query(query, query_len) != 1 || sendto_call_count != 1) return 4;
+    rc = expect_nbstat_response(query, qname_len);
+    if (rc != 0) return 300 + rc;
 
     return 0;
 }
@@ -4683,10 +6429,10 @@ def test_smbd_status_helpers_pass_only_with_live_ram_auth_mount_and_watchdog(sel
         self.assertIn("PASS:active smb.conf xattr_tdb:file is persistent", result.stdout)
         self.assertIn("PASS:all managed share volumes are mounted", result.stdout)
         self.assertIn("PASS:watchdog is running for managed runtime", result.stdout)
-        self.assertIn("PASS:smbd bound to IPv4 TCP 445", result.stdout)
+        self.assertIn("PASS:smbd bound to required TCP 445 sockets", result.stdout)
         self.assertIn("status=0", result.stdout)
 
-    def test_smbd_status_helper_rejects_ipv6_only_smbd_listener(self) -> None:
+    def test_smbd_status_helper_requires_configured_tcp_445_families(self) -> None:
         script = (
             SMBD_STATUS_HELPERS
             + r'''
@@ -4697,18 +6443,22 @@ def test_smbd_status_helper_rejects_ipv6_only_smbd_listener(self) -> None:
 root smbd 101 11 internet stream tcp 0x0 *:445
 EOF
 )
-smbd_bound_445 "$ipv4"; echo "ipv4=$?"
-smbd_bound_445 "$ipv6"; echo "ipv6=$?"
-smbd_bound_445 "$both"; echo "both=$?"
+smbd_bound_445 "$ipv4" ""; echo "ipv4_default=$?"
+smbd_bound_445 "$ipv6" ""; echo "ipv6_default=$?"
+smbd_bound_445 "$ipv6" "127.0.0.1/8 ::1/128 fdbb:1111:2222:3333::40/64"; echo "ipv6_required=$?"
+smbd_bound_445 "$ipv4" "127.0.0.1/8 ::1/128 192.168.1.40/24 fdbb:1111:2222:3333::40/64"; echo "ipv4_missing_v6=$?"
+smbd_bound_445 "$both" "127.0.0.1/8 ::1/128 192.168.1.40/24 fdbb:1111:2222:3333::40/64"; echo "both_required=$?"
 '''
         )
 
         result = subprocess.run(["/bin/sh", "-c", script], check=False, text=True, capture_output=True)
 
         self.assertEqual(result.returncode, 0, result.stderr)
-        self.assertIn("ipv4=0", result.stdout)
-        self.assertIn("ipv6=1", result.stdout)
-        self.assertIn("both=0", result.stdout)
+        self.assertIn("ipv4_default=0", result.stdout)
+        self.assertIn("ipv6_default=1", result.stdout)
+        self.assertIn("ipv6_required=0", result.stdout)
+        self.assertIn("ipv4_missing_v6=1", result.stdout)
+        self.assertIn("both_required=0", result.stdout)
 
     def test_smbd_status_helpers_fail_for_disk_auth_unmounted_volume_and_missing_watchdog(self) -> None:
         with tempfile.TemporaryDirectory() as tmpdir:
@@ -4778,10 +6528,10 @@ def test_mdns_status_helper_reports_missing_binary_instead_of_network_defer(self
         self.assertEqual(result.returncode, 0, result.stderr)
         self.assertIn(f"FAIL:mdns-advertiser binary missing at {missing_mdns}", result.stdout)
         self.assertIn("FAIL:mdns-advertiser process is not running", result.stdout)
-        self.assertIn("FAIL:mdns-advertiser is not bound to UDP 5353", result.stdout)
+        self.assertIn("FAIL:mdns-advertiser is not bound to required UDP 5353 listener", result.stdout)
         self.assertIn("PASS:Apple mDNSResponder is stopped", result.stdout)
         self.assertIn("status=1", result.stdout)
-        self.assertNotIn("mDNS startup deferred; no usable IPv4 has appeared yet", result.stdout)
+        self.assertNotIn("mDNS startup deferred; no usable address has appeared yet", result.stdout)
 
     def test_mdns_status_helper_requires_auto_ip_when_process_is_bound(self) -> None:
         with tempfile.TemporaryDirectory() as tmpdir:
@@ -4806,10 +6556,10 @@ def test_mdns_status_helper_requires_auto_ip_when_process_is_bound(self) -> None
 
         self.assertEqual(result.returncode, 0, result.stderr)
         self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
-        self.assertIn("PASS:mdns-advertiser bound to UDP 5353", result.stdout)
-        self.assertIn("FAIL:mdns-advertiser bound to UDP 5353 but auto-IP is not active", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bound to required ipv4 UDP 5353 listener", result.stdout)
+        self.assertIn("FAIL:mdns-advertiser bound to UDP 5353 but bind address is not active", result.stdout)
         self.assertIn("status=1", result.stdout)
-        self.assertNotIn("PASS:mdns-advertiser auto-IP active", result.stdout)
+        self.assertNotIn("PASS:mdns-advertiser bind address active", result.stdout)
 
     def test_mdns_status_helper_reports_unexpected_auto_ip_check_failure(self) -> None:
         with tempfile.TemporaryDirectory() as tmpdir:
@@ -4833,16 +6583,16 @@ def test_mdns_status_helper_reports_unexpected_auto_ip_check_failure(self) -> No
             result = subprocess.run(["/bin/sh", "-c", script], check=False, text=True, capture_output=True)
 
         self.assertEqual(result.returncode, 0, result.stderr)
-        self.assertIn("FAIL:mdns-advertiser auto-IP CIDR probe failed with exit code 3", result.stdout)
+        self.assertIn("FAIL:mdns-advertiser mDNS socket family probe failed with exit code 3", result.stdout)
         self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
-        self.assertIn("PASS:mdns-advertiser bound to UDP 5353", result.stdout)
-        self.assertIn("FAIL:mdns-advertiser bound to UDP 5353 but auto-IP is not active", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bound to required ipv4 UDP 5353 listener", result.stdout)
+        self.assertIn("FAIL:mdns-advertiser bound to UDP 5353 but bind address is not active", result.stdout)
         self.assertIn("status=1", result.stdout)
 
     def test_mdns_status_helper_passes_only_when_bound_and_auto_ip_active(self) -> None:
         with tempfile.TemporaryDirectory() as tmpdir:
             mdns_bin = Path(tmpdir) / "mdns-advertiser"
-            mdns_bin.write_text("#!/bin/sh\nexit 0\n")
+            mdns_bin.write_text("#!/bin/sh\necho ipv4\n")
             mdns_bin.chmod(0o755)
             ps_out = "201 1 S 0:00.00 mdns-advertiser /mnt/Flash/mdns-advertiser"
             fstat_out = "root mdns-advertiser 201 10 internet dgram udp 0x0 *:5353"
@@ -4862,11 +6612,90 @@ def test_mdns_status_helper_passes_only_when_bound_and_auto_ip_active(self) -> N
 
         self.assertEqual(result.returncode, 0, result.stderr)
         self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
-        self.assertIn("PASS:mdns-advertiser bound to UDP 5353", result.stdout)
-        self.assertIn("PASS:mdns-advertiser auto-IP active", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bound to required ipv4 UDP 5353 listener", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bind address active", result.stdout)
         self.assertIn("PASS:Apple mDNSResponder is stopped", result.stdout)
         self.assertIn("status=0", result.stdout)
 
+    def test_mdns_status_helper_prefers_ipv4_udp_5353_when_advertiser_is_dual_stack(self) -> None:
+        with tempfile.TemporaryDirectory() as tmpdir:
+            mdns_bin = Path(tmpdir) / "mdns-advertiser"
+            mdns_bin.write_text("#!/bin/sh\necho 'ipv4 ipv6'\n")
+            mdns_bin.chmod(0o755)
+            ps_out = "201 1 S 0:00.00 mdns-advertiser /mnt/Flash/mdns-advertiser"
+            fstat_out = "root mdns-advertiser 201 10 internet dgram udp 0x0 *:5353"
+            script = f"""
+RUNTIME_MDNS_BIN={shlex.quote(str(mdns_bin))}
+{SMBD_STATUS_HELPERS}
+ps_out={shlex.quote(ps_out)}
+fstat_out={shlex.quote(fstat_out)}
+if describe_managed_mdns_status "$ps_out" "$fstat_out"; then
+    echo status=0
+else
+    echo status=$?
+fi
+"""
+
+            result = subprocess.run(["/bin/sh", "-c", script], check=False, text=True, capture_output=True)
+
+        self.assertEqual(result.returncode, 0, result.stderr)
+        self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bound to required ipv4 UDP 5353 listener", result.stdout)
+        self.assertIn("status=0", result.stdout)
+
+    def test_mdns_status_helper_accepts_ipv6_udp_5353_when_advertiser_is_ipv6_only(self) -> None:
+        with tempfile.TemporaryDirectory() as tmpdir:
+            mdns_bin = Path(tmpdir) / "mdns-advertiser"
+            mdns_bin.write_text("#!/bin/sh\necho ipv6\n")
+            mdns_bin.chmod(0o755)
+            ps_out = "201 1 S 0:00.00 mdns-advertiser /mnt/Flash/mdns-advertiser"
+            fstat_out = "root mdns-advertiser 201 10 internet6 dgram udp 0x0 [*]:5353"
+            script = f"""
+RUNTIME_MDNS_BIN={shlex.quote(str(mdns_bin))}
+{SMBD_STATUS_HELPERS}
+ps_out={shlex.quote(ps_out)}
+fstat_out={shlex.quote(fstat_out)}
+if describe_managed_mdns_status "$ps_out" "$fstat_out"; then
+    echo status=0
+else
+    echo status=$?
+fi
+"""
+
+            result = subprocess.run(["/bin/sh", "-c", script], check=False, text=True, capture_output=True)
+
+        self.assertEqual(result.returncode, 0, result.stderr)
+        self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bound to required ipv6 UDP 5353 listener", result.stdout)
+        self.assertIn("PASS:mdns-advertiser bind address active", result.stdout)
+        self.assertIn("status=0", result.stdout)
+
+    def test_mdns_status_helper_rejects_ipv4_udp_5353_when_advertiser_is_ipv6_only(self) -> None:
+        with tempfile.TemporaryDirectory() as tmpdir:
+            mdns_bin = Path(tmpdir) / "mdns-advertiser"
+            mdns_bin.write_text("#!/bin/sh\necho ipv6\n")
+            mdns_bin.chmod(0o755)
+            ps_out = "201 1 S 0:00.00 mdns-advertiser /mnt/Flash/mdns-advertiser"
+            fstat_out = "root mdns-advertiser 201 10 internet dgram udp 0x0 *:5353"
+            script = f"""
+RUNTIME_MDNS_BIN={shlex.quote(str(mdns_bin))}
+{SMBD_STATUS_HELPERS}
+ps_out={shlex.quote(ps_out)}
+fstat_out={shlex.quote(fstat_out)}
+if describe_managed_mdns_status "$ps_out" "$fstat_out"; then
+    echo status=0
+else
+    echo status=$?
+fi
+"""
+
+            result = subprocess.run(["/bin/sh", "-c", script], check=False, text=True, capture_output=True)
+
+        self.assertEqual(result.returncode, 0, result.stderr)
+        self.assertIn("PASS:mdns-advertiser process is running", result.stdout)
+        self.assertIn("FAIL:mdns-advertiser is not bound to required UDP 5353 listener", result.stdout)
+        self.assertIn("status=1", result.stdout)
+
     def test_probe_managed_smbd_reports_runtime_invariant_failures(self) -> None:
         stdout = "\n".join(
             [
@@ -4924,7 +6753,7 @@ def test_probe_managed_mdns_takeover_single_shot_checks_process_binding_and_appl
         self.assertIn('capture_fstat_for_ucomm "$ps_out" mdns-advertiser', remote_command)
         self.assertIn('/usr/bin/fstat -p "$1"', remote_command)
         self.assertIn("mdns_bound_5353()", remote_command)
-        self.assertIn("--print-auto-ip-cidrs", remote_command)
+        self.assertIn("--print-mdns-socket-families", remote_command)
         self.assertNotIn("--check-auto-ip", remote_command)
         self.assertNotIn('out="$(fstat 2>&1)"', remote_command)
         self.assertNotIn("max_attempts", remote_command)
@@ -5068,7 +6897,7 @@ def test_netbsd4_activation_plan_contains_no_reboot_actions(self) -> None:
         self.assertIn("NetBSD 4 devices cannot auto-run Samba after a reboot.", text)
         self.assertIn("Run `activate` after a reboot if the device did not auto-start Samba.", text)
         self.assertIn("managed runtime smb.conf is present", text)
-        self.assertIn("smbd is bound to IPv4 TCP 445", text)
+        self.assertIn("smbd is bound to required TCP 445 sockets", text)
         self.assertIn("mdns-advertiser is bound to UDP 5353", text)
 
     def test_netbsd6_no_reboot_plan_has_no_reboot_checks(self) -> None:
diff --git a/tests/test_probe.py b/tests/test_probe.py
index eda013c..748aa29 100644
--- a/tests/test_probe.py
+++ b/tests/test_probe.py
@@ -203,8 +203,8 @@ def test_runtime_startup_failure_debug_fields_classifies_auto_ip_unavailable(sel
         fields = runtime_startup_failure_debug_fields(
             {
                 "remote_watchdog_log_tail": (
-                    "watchdog: mDNS auto-ip check: no usable IPv4 yet\n"
-                    "watchdog: mDNS startup deferred; no usable IPv4 has appeared yet\n"
+                    "watchdog: mDNS auto-ip check: no usable address yet\n"
+                    "watchdog: mDNS startup deferred; no usable address has appeared yet\n"
                 )
             }
         )
diff --git a/tests/test_storage_runtime.py b/tests/test_storage_runtime.py
index 2b221d9..e381f17 100644
--- a/tests/test_storage_runtime.py
+++ b/tests/test_storage_runtime.py
@@ -2089,7 +2089,7 @@ def test_common_smb_bind_context_waits_settles_and_uses_fresh_probe(self) -> Non
                 textwrap.dedent(
                     f"""\
                     #!/bin/sh
-                    [ "$1" = "--print-auto-ip-cidrs" ] || exit 2
+                    [ "$1" = "--print-smb-bind-interfaces" ] || exit 2
                     if [ -f {probe_count} ]; then
                         echo 192.168.1.40/24
                     else
@@ -2123,9 +2123,9 @@ def test_common_smb_bind_context_waits_settles_and_uses_fresh_probe(self) -> Non
             log_text = (memory / "samba4/var/test.log").read_text()
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertEqual(proc.stdout, "sleep 3\nbind=127.0.0.1/8 192.168.1.40/24\n")
-        self.assertIn("first usable IPv4 observed: 192.168.1.39/24", log_text)
-        self.assertIn("Samba IPv4 bind interfaces: 127.0.0.1/8 192.168.1.40/24", log_text)
+        self.assertEqual(proc.stdout, "sleep 3\nbind=127.0.0.1/8 ::1/128 192.168.1.40/24\n")
+        self.assertIn("first usable address observed: 192.168.1.39/24", log_text)
+        self.assertIn("Samba bind interfaces: 127.0.0.1/8 ::1/128 192.168.1.40/24", log_text)
 
     def test_common_smb_bind_probe_rejects_invalid_cidr_output(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
@@ -2161,7 +2161,7 @@ def test_common_smb_bind_probe_rejects_invalid_cidr_output(self) -> None:
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertIn("status=1\n", proc.stdout)
         self.assertIn("bind=\n", proc.stdout)
-        self.assertIn("Samba IPv4 bind interface probe failed with exit code 1", log_text)
+        self.assertIn("Samba bind interface probe failed with exit code 1", log_text)
 
     def test_common_smb_bind_context_fails_hard_on_probe_error(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
@@ -2193,8 +2193,8 @@ def test_common_smb_bind_context_fails_hard_on_probe_error(self) -> None:
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertIn("status=1\n", proc.stdout)
-        self.assertIn("Samba IPv4 bind discovery failed with exit code 13", proc.stdout)
-        self.assertNotIn("no usable IPv4 has appeared yet", proc.stdout)
+        self.assertIn("Samba bind discovery failed with exit code 13", proc.stdout)
+        self.assertNotIn("no usable address has appeared yet", proc.stdout)
         self.assertNotIn("unexpected sleep", proc.stdout)
 
     def test_payload_on_external_disk_is_also_served_as_share_and_hidden_in_smb_conf(self) -> None:
@@ -2661,7 +2661,7 @@ def test_common_watchdog_smb_bind_reconcile_restarts_when_changed(self) -> None:
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertEqual(
             proc.stdout,
-            f"mount /dev/dk2 {volumes}/dk2\nmount /dev/dk2 {volumes}/dk2\nmount /dev/dk3 {volumes}/dk3\ngenerate {payload} 127.0.0.1/8 192.168.1.41/24\nrestart IPv4 bind interfaces changed\nbind=127.0.0.1/8 192.168.1.41/24\n",
+            f"mount /dev/dk2 {volumes}/dk2\nmount /dev/dk2 {volumes}/dk2\nmount /dev/dk3 {volumes}/dk3\ngenerate {payload} 127.0.0.1/8 192.168.1.41/24\nrestart bind interfaces changed\nbind=127.0.0.1/8 192.168.1.41/24\n",
         )
 
     def test_common_watchdog_smb_bind_reconcile_restores_bind_when_disk_prepare_fails(self) -> None:
@@ -2793,7 +2793,7 @@ def test_common_watchdog_smb_bind_reconcile_fails_hard_on_probe_error(self) -> N
         self.assertIn("status=1\n", proc.stdout)
         self.assertIn("deferred=0\n", proc.stdout)
         self.assertIn("bind=127.0.0.1/8 192.168.1.40/24\n", proc.stdout)
-        self.assertIn("watchdog pass: Samba IPv4 bind probe failed with exit code 13", proc.stdout)
+        self.assertIn("watchdog pass: Samba bind probe failed with exit code 13", proc.stdout)
         self.assertNotIn("generate\n", proc.stdout)
         self.assertNotIn("restart\n", proc.stdout)
 
@@ -2826,8 +2826,8 @@ def test_common_watchdog_initializes_smb_bind_interfaces_without_env(self) -> No
             log_text = (memory / "samba4/var/test.log").read_text()
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertEqual(proc.stdout, "bind=127.0.0.1/8 192.168.1.40/24\n")
-        self.assertIn("watchdog startup: initialized Samba IPv4 bind interfaces from live probe", log_text)
+        self.assertEqual(proc.stdout, "bind=127.0.0.1/8 ::1/128 192.168.1.40/24\n")
+        self.assertIn("watchdog startup: initialized Samba bind interfaces from live probe", log_text)
 
     def test_common_watchdog_defers_first_mdns_start_until_auto_ip_exists(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
@@ -2848,7 +2848,7 @@ def test_common_watchdog_defers_first_mdns_start_until_auto_ip_exists(self) -> N
                     mkdir -p "$RAM_VAR"
                     runtime_process_present_by_ucomm() {{ return 1; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ :; }}
-                    tc_mdns_auto_ip_available() {{ echo print-auto-ip-cidrs; return 11; }}
+                    tc_mdns_auto_ip_available() {{ echo print-mdns-socket-families; return 11; }}
                     tc_start_mdns_capture() {{ echo capture; }}
                     tc_start_mdns_advertiser() {{ echo advertise; }}
                     tc_watchdog_start_mdns_if_needed
@@ -2862,14 +2862,14 @@ def test_common_watchdog_defers_first_mdns_start_until_auto_ip_exists(self) -> N
             proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertIn("print-auto-ip-cidrs\n", proc.stdout)
+        self.assertIn("print-mdns-socket-families\n", proc.stdout)
         self.assertNotIn("capture\n", proc.stdout)
         self.assertNotIn("advertise\n", proc.stdout)
         self.assertIn("deferred=1\n", proc.stdout)
         self.assertIn("mDNS auto-ip check: running", proc.stdout)
-        self.assertIn("--print-auto-ip-cidrs", proc.stdout)
-        self.assertIn("mDNS auto-ip check: no usable IPv4 yet", proc.stdout)
-        self.assertIn("mDNS startup deferred; no usable IPv4 has appeared yet", proc.stdout)
+        self.assertIn("--print-mdns-socket-families", proc.stdout)
+        self.assertIn("mDNS auto-ip check: no usable address yet", proc.stdout)
+        self.assertIn("mDNS startup deferred; no usable address has appeared yet", proc.stdout)
 
     def test_common_watchdog_reports_mdns_auto_ip_probe_failure_without_deferral(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
@@ -2890,7 +2890,7 @@ def test_common_watchdog_reports_mdns_auto_ip_probe_failure_without_deferral(sel
                     mkdir -p "$RAM_VAR"
                     runtime_process_present_by_ucomm() {{ return 1; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ :; }}
-                    tc_mdns_auto_ip_available() {{ echo print-auto-ip-cidrs; return 13; }}
+                    tc_mdns_auto_ip_available() {{ echo print-mdns-socket-families; return 13; }}
                     tc_start_mdns_capture() {{ echo capture; }}
                     tc_start_mdns_advertiser() {{ echo advertise; }}
                     tc_watchdog_start_mdns_if_needed
@@ -2905,13 +2905,13 @@ def test_common_watchdog_reports_mdns_auto_ip_probe_failure_without_deferral(sel
             proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertIn("print-auto-ip-cidrs\n", proc.stdout)
+        self.assertIn("print-mdns-socket-families\n", proc.stdout)
         self.assertNotIn("capture\n", proc.stdout)
         self.assertNotIn("advertise\n", proc.stdout)
         self.assertIn("deferred=0\n", proc.stdout)
         self.assertIn("unavailable=1\n", proc.stdout)
         self.assertIn("mDNS auto-ip check failed with exit code 13", proc.stdout)
-        self.assertNotIn("mDNS startup deferred; no usable IPv4 has appeared yet", proc.stdout)
+        self.assertNotIn("mDNS startup deferred; no usable address has appeared yet", proc.stdout)
 
     def test_common_watchdog_starts_first_mdns_capture_after_auto_ip_exists(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
@@ -2932,7 +2932,7 @@ def test_common_watchdog_starts_first_mdns_capture_after_auto_ip_exists(self) ->
                     mkdir -p "$RAM_VAR"
                     runtime_process_present_by_ucomm() {{ return 1; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ :; }}
-                    tc_mdns_auto_ip_available() {{ echo print-auto-ip-cidrs; return 0; }}
+                    tc_mdns_auto_ip_available() {{ echo print-mdns-socket-families; return 0; }}
                     tc_start_mdns_capture() {{ echo capture; }}
                     tc_start_mdns_advertiser() {{ echo advertise; }}
                     tc_watchdog_start_mdns_if_needed
@@ -2947,15 +2947,15 @@ def test_common_watchdog_starts_first_mdns_capture_after_auto_ip_exists(self) ->
             proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertIn("print-auto-ip-cidrs\n", proc.stdout)
+        self.assertIn("print-mdns-socket-families\n", proc.stdout)
         self.assertIn("capture\n", proc.stdout)
         self.assertIn("advertise\n", proc.stdout)
         self.assertLess(proc.stdout.index("capture\n"), proc.stdout.index("advertise\n"))
         self.assertIn("seen=1\n", proc.stdout)
         self.assertIn("capture_attempted=1\n", proc.stdout)
         self.assertIn("mDNS auto-ip check: running", proc.stdout)
-        self.assertIn("--print-auto-ip-cidrs", proc.stdout)
-        self.assertIn("mDNS auto-ip check: usable IPv4 is available", proc.stdout)
+        self.assertIn("--print-mdns-socket-families", proc.stdout)
+        self.assertIn("mDNS auto-ip check: usable address is available", proc.stdout)
         self.assertIn("mDNS auto-ip is available; starting capture and advertiser", proc.stdout)
 
     def test_common_watchdog_later_mdns_restart_skips_capture(self) -> None:
@@ -2978,7 +2978,7 @@ def test_common_watchdog_later_mdns_restart_skips_capture(self) -> None:
                     TC_MDNS_CAPTURE_ATTEMPTED=1
                     runtime_process_present_by_ucomm() {{ return 1; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ :; }}
-                    tc_mdns_auto_ip_available() {{ echo print-auto-ip-cidrs; return 0; }}
+                    tc_mdns_auto_ip_available() {{ echo print-mdns-socket-families; return 0; }}
                     tc_start_mdns_capture() {{ echo capture; }}
                     tc_start_mdns_advertiser() {{ echo advertise; }}
                     tc_restart_mdns() {{ echo restart; }}
@@ -2993,7 +2993,7 @@ def test_common_watchdog_later_mdns_restart_skips_capture(self) -> None:
             proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
-        self.assertIn("print-auto-ip-cidrs\n", proc.stdout)
+        self.assertIn("print-mdns-socket-families\n", proc.stdout)
         self.assertNotIn("capture\n", proc.stdout)
         self.assertNotIn("advertise\n", proc.stdout)
         self.assertIn("restart\n", proc.stdout)
@@ -3018,11 +3018,11 @@ def test_common_watchdog_health_requires_mdns_udp_5353(self) -> None:
                     runtime_process_present_by_ucomm() {{
                         [ "$1" = "$MDNS_PROC_NAME" ] && [ "$mdns_present" = "1" ]
                     }}
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 1; }}
+                    tc_mdns_bound_udp_5353() {{ return 1; }}
                     status=0
                     tc_all_managed_services_healthy || status=$?
                     echo "unbound=$status"
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 0; }}
+                    tc_mdns_bound_udp_5353() {{ return 0; }}
                     status=0
                     tc_all_managed_services_healthy || status=$?
                     echo "bound=$status"
@@ -3044,6 +3044,257 @@ def test_common_watchdog_health_requires_mdns_udp_5353(self) -> None:
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertEqual(proc.stdout, "unbound=1\nbound=0\nmissing=1\ndeferred=0\n")
 
+    def test_common_smbd_bound_tcp_445_requires_configured_socket_families(self) -> None:
+        with tempfile.TemporaryDirectory() as tmp:
+            tmp_path = Path(tmp)
+            flash, _memory, _locks, _volumes = self.write_runtime_harness(tmp_path)
+            script = tmp_path / "smbd-bound-families.sh"
+            script.write_text(
+                textwrap.dedent(
+                    f"""\
+                    #!/bin/sh
+                    set -eu
+                    . {flash}/common.sh
+                    . {flash}/tcapsulesmb.conf
+                    tc_init_runtime_env
+                    mkdir -p "$RAM_VAR"
+                    v4_status=1
+                    v6_status=1
+                    tc_smbd_bound_ipv4_445() {{ return "$v4_status"; }}
+                    tc_smbd_bound_ipv6_445() {{ return "$v6_status"; }}
+
+                    TC_SMB_BIND_INTERFACES="127.0.0.1/8 ::1/128 192.168.1.40/24"
+                    v4_status=0
+                    v6_status=1
+                    status=0
+                    tc_smbd_bound_tcp_445 || status=$?
+                    echo "ipv4_only=$status"
+
+                    TC_SMB_BIND_INTERFACES="127.0.0.1/8 ::1/128 fdbb:1111:2222:3333::40/64"
+                    v4_status=1
+                    v6_status=0
+                    status=0
+                    tc_smbd_bound_tcp_445 || status=$?
+                    echo "ipv6_only=$status"
+
+                    TC_SMB_BIND_INTERFACES="127.0.0.1/8 ::1/128 192.168.1.40/24 fdbb:1111:2222:3333::40/64"
+                    v4_status=0
+                    v6_status=1
+                    status=0
+                    tc_smbd_bound_tcp_445 || status=$?
+                    echo "dual_missing_v6=$status"
+
+                    v6_status=0
+                    status=0
+                    tc_smbd_bound_tcp_445 || status=$?
+                    echo "dual_bound=$status"
+                    """
+                )
+            )
+            script.chmod(0o755)
+
+            proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
+
+        self.assertEqual(proc.returncode, 0, proc.stderr)
+        self.assertEqual(proc.stdout, "ipv4_only=0\nipv6_only=0\ndual_missing_v6=1\ndual_bound=0\n")
+
+    def test_common_fstat_socket_scanner_matches_process_family_and_port(self) -> None:
+        with tempfile.TemporaryDirectory() as tmp:
+            tmp_path = Path(tmp)
+            flash, _memory, _locks, _volumes = self.write_runtime_harness(tmp_path)
+            calls = tmp_path / "fstat-calls"
+            script = tmp_path / "fstat-socket-scanner.sh"
+            script.write_text(
+                textwrap.dedent(
+                    f"""\
+                    #!/bin/sh
+                    set -eu
+                    . {flash}/common.sh
+                    . {flash}/tcapsulesmb.conf
+                    : > {calls}
+                    tc_runtime_process_table() {{
+                        cat <<'EOF'
+                    100 Z smbd smbd
+                    101 S smbd smbd
+                    102 S mdns-advertiser mdns-advertiser
+                    103 S other other
+                    EOF
+                    }}
+                    tc_runtime_fstat_pid() {{
+                        echo "$1" >> {calls}
+                        case "$1" in
+                            100) echo "root smbd 100 10 internet stream tcp 0x0 *:445" ;;
+                            101)
+                                echo "root smbd 101 10 internet stream tcp 0x0 *:445"
+                                echo "root smbd 101 11 internet6 stream tcp 0x0 [*]:445"
+                                ;;
+                            102)
+                                echo "root mdns-advertiser 102 10 internet dgram udp 0x0 *:5353"
+                                echo "root mdns-advertiser 102 11 internet6 dgram udp 0x0 [*]:5353"
+                                ;;
+                            *) echo "root other $1 10 internet dgram udp 0x0 *:5353" ;;
+                        esac
+                    }}
+
+                    status=0
+                    tc_smbd_bound_ipv4_445 || status=$?
+                    echo "smbd4=$status"
+                    status=0
+                    tc_smbd_bound_ipv6_445 || status=$?
+                    echo "smbd6=$status"
+                    status=0
+                    tc_process_bound_ipv4_udp_port "$MDNS_PROC_NAME" 5353 || status=$?
+                    echo "mdns4=$status"
+                    status=0
+                    tc_process_bound_ipv6_udp_port "$MDNS_PROC_NAME" 5353 || status=$?
+                    echo "mdns6=$status"
+                    status=0
+                    tc_process_bound_ipv4_udp_port "$MDNS_PROC_NAME" 9999 || status=$?
+                    echo "mdns4_wrong_port=$status"
+                    echo "calls=$(cat {calls})"
+                    """
+                )
+            )
+            script.chmod(0o755)
+
+            proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
+
+        self.assertEqual(proc.returncode, 0, proc.stderr)
+        self.assertEqual(
+            proc.stdout,
+            "smbd4=0\n"
+            "smbd6=0\n"
+            "mdns4=0\n"
+            "mdns6=0\n"
+            "mdns4_wrong_port=1\n"
+            "calls=101\n"
+            "101\n"
+            "102\n"
+            "102\n"
+            "102\n",
+        )
+
+    def test_common_mdns_bound_udp_5353_uses_ipv4_preferred_family_policy(self) -> None:
+        with tempfile.TemporaryDirectory() as tmp:
+            tmp_path = Path(tmp)
+            flash, _memory, _locks, _volumes = self.write_runtime_harness(tmp_path)
+            families_file = tmp_path / "families"
+            families_file.write_text("ipv4 ipv6\n", encoding="utf-8")
+            (flash / "mdns-advertiser").write_text(
+                f"#!/bin/sh\n[ \"$1\" = \"--print-mdns-socket-families\" ] || exit 2\ncat {families_file}\n",
+                encoding="utf-8",
+            )
+            (flash / "mdns-advertiser").chmod(0o755)
+            script = tmp_path / "mdns-bound-families.sh"
+            script.write_text(
+                textwrap.dedent(
+                    f"""\
+                    #!/bin/sh
+                    set -eu
+                    . {flash}/common.sh
+                    . {flash}/tcapsulesmb.conf
+                    tc_init_runtime_env
+                    mkdir -p "$RAM_VAR"
+                    v4_status=1
+                    v6_status=1
+                    tc_mdns_bound_ipv4_udp_5353() {{ return "$v4_status"; }}
+                    tc_mdns_bound_ipv6_udp_5353() {{ return "$v6_status"; }}
+
+                    v4_status=0
+                    v6_status=1
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "dual_prefers_ipv4=$status"
+
+                    v4_status=1
+                    v6_status=0
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "dual_missing_ipv4=$status"
+
+                    printf 'ipv4\\n' >{families_file}
+                    v4_status=0
+                    v6_status=1
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "ipv4_only=$status"
+
+                    printf 'ipv6\\n' >{families_file}
+                    v4_status=1
+                    v6_status=0
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "ipv6_only=$status"
+
+                    v4_status=0
+                    v6_status=1
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "ipv6_only_missing=$status"
+
+                    printf 'ethernet\\n' >{families_file}
+                    v4_status=0
+                    v6_status=0
+                    status=0
+                    tc_mdns_bound_udp_5353 || status=$?
+                    echo "unsupported_family=$status"
+                    """
+                )
+            )
+            script.chmod(0o755)
+
+            proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
+
+        self.assertEqual(proc.returncode, 0, proc.stderr)
+        self.assertEqual(
+            proc.stdout,
+            "dual_prefers_ipv4=0\n"
+            "dual_missing_ipv4=1\n"
+            "ipv4_only=0\n"
+            "ipv6_only=0\n"
+            "ipv6_only_missing=1\n"
+            "unsupported_family=1\n",
+        )
+
+    def test_common_watchdog_accepts_ipv6_udp_5353_when_advertiser_is_ipv6_only(self) -> None:
+        with tempfile.TemporaryDirectory() as tmp:
+            tmp_path = Path(tmp)
+            flash, memory, _locks, _volumes = self.write_runtime_harness(tmp_path)
+            script = tmp_path / "watchdog-mdns-ipv6-only-bound.sh"
+            script.write_text(
+                textwrap.dedent(
+                    f"""\
+                    #!/bin/sh
+                    set -eu
+                    . {flash}/common.sh
+                    . {flash}/tcapsulesmb.conf
+                    tc_init_runtime_env
+                    tc_set_log "$RAM_VAR/test.log" test
+                    mkdir -p "$RAM_VAR"
+                    runtime_process_present_by_ucomm() {{
+                        [ "$1" = "$MDNS_PROC_NAME" ]
+                    }}
+                    tc_probe_mdns_socket_families() {{ echo ipv6; }}
+                    tc_mdns_bound_ipv4_udp_5353() {{ echo unexpected-ipv4; return 1; }}
+                    tc_mdns_bound_ipv6_udp_5353() {{ echo ipv6-bound; return 0; }}
+                    tc_mdns_auto_ip_available() {{ echo unexpected-auto-ip; return 0; }}
+                    stop_runtime_process_by_ucomm() {{ echo "unexpected-stop $1"; return 1; }}
+                    tc_restart_mdns() {{ echo unexpected-restart; return 1; }}
+                    tc_watchdog_reconcile_mdns
+                    """
+                )
+            )
+            script.chmod(0o755)
+
+            proc = subprocess.run([str(script)], text=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, check=False)
+            log_path = memory / "samba4/var/test.log"
+            log_text = log_path.read_text() if log_path.exists() else ""
+
+        self.assertEqual(proc.returncode, 0, proc.stderr)
+        self.assertEqual(proc.stdout, "ipv6-bound\n")
+        self.assertNotIn("watchdog recovery: mdns advertiser is running without required UDP 5353 listeners", log_text)
+        self.assertNotIn("unexpected", proc.stdout)
+
     def test_common_watchdog_restarts_mdns_when_running_without_udp_5353_and_auto_ip_exists(self) -> None:
         with tempfile.TemporaryDirectory() as tmp:
             tmp_path = Path(tmp)
@@ -3064,7 +3315,7 @@ def test_common_watchdog_restarts_mdns_when_running_without_udp_5353_and_auto_ip
                     runtime_process_present_by_ucomm() {{
                         [ "$1" = "$MDNS_PROC_NAME" ] && [ "$mdns_present" = "1" ]
                     }}
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 1; }}
+                    tc_mdns_bound_udp_5353() {{ return 1; }}
                     tc_mdns_auto_ip_available() {{ echo auto-ip; return 0; }}
                     stop_runtime_process_by_ucomm() {{ echo "stop $1"; mdns_present=0; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ echo identity; }}
@@ -3082,7 +3333,7 @@ def test_common_watchdog_restarts_mdns_when_running_without_udp_5353_and_auto_ip
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertEqual(proc.stdout, "auto-ip\nstop mdns-advertiser\nidentity\nrestart\n")
-        self.assertIn("watchdog recovery: mdns advertiser is running without IPv4 UDP 5353", log_text)
+        self.assertIn("watchdog recovery: mdns advertiser is running without required UDP 5353 listeners", log_text)
         self.assertNotIn("unexpected", proc.stdout)
 
     def test_common_watchdog_defers_mdns_when_running_without_udp_5353_and_no_auto_ip(self) -> None:
@@ -3103,7 +3354,7 @@ def test_common_watchdog_defers_mdns_when_running_without_udp_5353_and_no_auto_i
                     runtime_process_present_by_ucomm() {{
                         [ "$1" = "$MDNS_PROC_NAME" ]
                     }}
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 1; }}
+                    tc_mdns_bound_udp_5353() {{ return 1; }}
                     tc_mdns_auto_ip_available() {{ echo auto-ip; return 11; }}
                     stop_runtime_process_by_ucomm() {{ echo "unexpected-stop $1"; return 1; }}
                     tc_restart_mdns() {{ echo unexpected-restart; return 1; }}
@@ -3123,8 +3374,8 @@ def test_common_watchdog_defers_mdns_when_running_without_udp_5353_and_no_auto_i
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertEqual(proc.stdout, "auto-ip\ndeferred=1\nhealthy=0\n")
-        self.assertIn("watchdog recovery: mdns advertiser is running without IPv4 UDP 5353", log_text)
-        self.assertIn("mDNS startup deferred; no usable IPv4 has appeared yet", log_text)
+        self.assertIn("watchdog recovery: mdns advertiser is running without required UDP 5353 listeners", log_text)
+        self.assertIn("mDNS startup deferred; no usable address has appeared yet", log_text)
         self.assertNotIn("unexpected", proc.stdout)
 
     def test_common_watchdog_marks_mdns_unavailable_when_unbound_auto_ip_probe_fails(self) -> None:
@@ -3145,7 +3396,7 @@ def test_common_watchdog_marks_mdns_unavailable_when_unbound_auto_ip_probe_fails
                     runtime_process_present_by_ucomm() {{
                         [ "$1" = "$MDNS_PROC_NAME" ]
                     }}
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 1; }}
+                    tc_mdns_bound_udp_5353() {{ return 1; }}
                     tc_mdns_auto_ip_available() {{ echo auto-ip; return 13; }}
                     stop_runtime_process_by_ucomm() {{ echo "unexpected-stop $1"; return 1; }}
                     tc_restart_mdns() {{ echo unexpected-restart; return 1; }}
@@ -3162,7 +3413,7 @@ def test_common_watchdog_marks_mdns_unavailable_when_unbound_auto_ip_probe_fails
 
         self.assertEqual(proc.returncode, 0, proc.stderr)
         self.assertEqual(proc.stdout, "auto-ip\ndeferred=0\nunavailable=1\n")
-        self.assertIn("watchdog recovery: mdns advertiser is running without IPv4 UDP 5353", log_text)
+        self.assertIn("watchdog recovery: mdns advertiser is running without required UDP 5353 listeners", log_text)
         self.assertIn("watchdog recovery: mDNS auto-ip check failed with exit code 13", log_text)
         self.assertNotIn("unexpected", proc.stdout)
 
@@ -3183,8 +3434,8 @@ def test_common_watchdog_health_requires_nbns_udp_137(self) -> None:
                     mkdir -p "$RAM_VAR"
                     tc_samba_runtime_expected() {{ return 0; }}
                     runtime_process_present_by_ucomm() {{ return 0; }}
-                    tc_smbd_bound_ipv4_445() {{ return 0; }}
-                    tc_mdns_bound_ipv4_udp_5353() {{ return 0; }}
+                    tc_smbd_bound_tcp_445() {{ return 0; }}
+                    tc_mdns_bound_udp_5353() {{ return 0; }}
                     tc_nbns_bound_ipv4_udp_137() {{ return 1; }}
                     status=0
                     tc_all_managed_services_healthy || status=$?
@@ -3229,7 +3480,7 @@ def test_common_watchdog_restarts_nbns_when_running_without_udp_137_and_auto_ip_
                         [ "$1" = "$NBNS_PROC_NAME" ] && [ "$nbns_present" = "1" ]
                     }}
                     tc_nbns_bound_ipv4_udp_137() {{ return 1; }}
-                    tc_mdns_auto_ip_available() {{ echo auto-ip; return 0; }}
+                    tc_nbns_auto_ip_available() {{ echo auto-ip; return 0; }}
                     stop_runtime_process_by_ucomm() {{ echo "stop $1"; nbns_present=0; }}
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ echo identity; }}
                     tc_restart_nbns() {{ echo restart; }}
@@ -3266,7 +3517,7 @@ def test_common_watchdog_defers_nbns_when_running_without_udp_137_and_no_auto_ip
                         [ "$1" = "$NBNS_PROC_NAME" ]
                     }}
                     tc_nbns_bound_ipv4_udp_137() {{ return 1; }}
-                    tc_mdns_auto_ip_available() {{ echo auto-ip; return 11; }}
+                    tc_nbns_auto_ip_available() {{ echo auto-ip; return 11; }}
                     stop_runtime_process_by_ucomm() {{ echo "unexpected-stop $1"; return 1; }}
                     tc_restart_nbns() {{ echo unexpected-restart; return 1; }}
                     tc_watchdog_reconcile_nbns
@@ -3305,7 +3556,7 @@ def test_common_watchdog_reports_nbns_hard_auto_ip_failure_when_unbound(self) ->
                         [ "$1" = "$NBNS_PROC_NAME" ]
                     }}
                     tc_nbns_bound_ipv4_udp_137() {{ return 1; }}
-                    tc_mdns_auto_ip_available() {{ echo auto-ip; return 13; }}
+                    tc_nbns_auto_ip_available() {{ echo auto-ip; return 13; }}
                     stop_runtime_process_by_ucomm() {{ echo "unexpected-stop $1"; return 1; }}
                     tc_restart_nbns() {{ echo unexpected-restart; return 1; }}
                     status=0
@@ -3362,7 +3613,7 @@ def test_common_smbd_recovery_mounts_payload_and_share_volumes_before_restart(se
                     tc_watchdog_refresh_runtime_identity_for_recovery() {{ :; }}
                     runtime_process_present_by_ucomm() {{ return 1; }}
                     wait_for_process() {{ return 0; }}
-                    tc_smbd_bound_ipv4_445() {{ return 0; }}
+                    tc_smbd_bound_tcp_445() {{ return 0; }}
                     tc_watchdog_wake_or_mount_volume() {{ echo "mount $1 $2"; return 0; }}
                     tc_start_smbd_if_needed
                     """
@@ -5099,6 +5350,7 @@ def test_common_watchdog_service_iteration_refreshes_identity_once_before_servic
                     tc_launch_mdns_advertiser() {{ echo "mdns-host=$MDNS_HOST_LABEL"; }}
                     tc_launch_nbns() {{ echo "nbns-name=$SMB_NETBIOS_NAME"; }}
                     tc_mdns_auto_ip_available() {{ return 0; }}
+                    tc_nbns_auto_ip_available() {{ return 0; }}
                     tc_all_managed_services_healthy() {{ return 1; }}
                     status=0
                     tc_watchdog_service_iteration || status=$?
@@ -5571,7 +5823,7 @@ def test_common_watchdog_live_reload_reconciles_unbound_nbns(self) -> None:
                         esac
                     }}
                     tc_nbns_bound_ipv4_udp_137() {{ return 1; }}
-                    tc_mdns_auto_ip_available() {{ echo nbns-auto-ip; return 0; }}
+                    tc_nbns_auto_ip_available() {{ echo nbns-auto-ip; return 0; }}
                     stop_runtime_process_by_ucomm() {{ echo "stop $1"; nbns_present=0; }}
                     tc_restart_nbns() {{ echo restart-nbns; }}
                     tc_exec_start_samba() {{ echo "exec $1"; exit 42; }}