Date: Wed, 6 Nov 2019 00:41:33 +0300 From: Victor Gamov <vit@otcnet.ru> To: mike@karels.net Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD as multicast router Message-ID: <a789de99-00ce-f12c-f698-9594cf4c9fe7@otcnet.ru> In-Reply-To: <201911050609.xA569XEr061715@mail.karels.net> References: <201911050609.xA569XEr061715@mail.karels.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/11/2019 09:09, Mike Karels wrote:
>> On 03/11/2019 08:22, Mike Karels wrote:
>>>>>>> Hi All
>>>>>>>
>>>>>>> I have (noob) questions about multicast routing under FreeBSD.
>>>>>>>
>>>>>>> I have FreeBSD box with two (or more) multicast enabled interfaces (e.x.
>>>>>>> vlan750 and vlan299). vlan750 connected to multicast source.
>>>>>>>
>>>>>>> Then pimd installed and only this two interfaces enabled in pimd config.
>>>>>>> Multicast routes successfully installed by pimd and listed by `netstat
>>>>>>> -g -f inet`
>>>>>>>
>>>>>>> Then client on vlan299 send IGMP-Join (this Join received by FreeBSD on
>>>>>>> vlan299)
>>>>>>>
>>>>>>> The question is: who will forward muilticast from one interface
>>>>>>> (vlan750) to another (vlan299)? Is it kernel specific job or I need
>>>>>>> additional software?
>>>>>
>>>>>> Please read the manpage multicast(4) "man 4 multicast",
>>>>>> you should need to build a custom kernel with the "options MROUTING"
>>>>>> to enable the multicast forwarding in the kernel.
>>>>>
>>>>> If "netstat -g" shows routes, the kernel must have been built with "options
>>>>> MROUTING".
>>>
>>>> Indeed.
>>>
>>>>>
>>>>> The kernel does the forwarding, according to those routing tables installed
>>>>> by pimd or another multicast routing program. Is it not working? It sounds
>>>>> like you are very close.
>>>
>>>> Could it be sysctl net.inet.ip.forwarding? Does that still apply to mroutes?
>>>
>>> No, they are separate. The test is just whether MROUTING is enabled, and
>>> whether a multicast router like pimd is active.
>>>
>>> One other thing to check would be "netstat -gs" (multicast stats).
>
>> Oops!
>
>> =====
>> # netstat -f inet -gs
>> No IPv4 MROUTING kernel support.
>> =====
>
> This looks like a bug in netstat; it is doing a test that is wrong for
> the loadable module.
>
>> But I have ip_mroute.ko loaded and netstat -g shows something like
>
>> =====
>> # netstat -f inet -g
>
>> IPv4 Virtual Interface Table
>> Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out
>> 0 1 A.A.A.A 0 0
>> 1 1 B.B.B.19 0 0
>> 2 10 10.199.199.102 0 0
>> 3 15 10.200.200.6 77440 0
>> 4 1 A.A.A.A 0 77440
>
>> IPv4 Multicast Forwarding Table
>> Origin Group Packets In-Vif Out-Vifs:Ttls
>> 10.200.200.5 232.232.8.33 1844 3 4:1
>> 10.200.200.5 232.232.8.171 1843 3 4:1
>> 10.200.200.5 232.232.8.58 4609 3 4:1
>> 10.200.200.5 232.232.8.154 1844 3 4:1
>> 10.200.200.5 232.232.8.170 1844 3 4:1
>> =====
>
>
>> and
>
>> =====
>> # pimd -r
>> Virtual Interface Table
>> ======================================================
>> Vif Local Address Subnet Thresh Flags Neighbors
>> --- --------------- ------------------ ------ ---------
>> -----------------
>> 0 A.A.A.A A.A.A.A/25 1 DR NO-NBR
>> 1 B.B.B.19 B.B.B 1 DR NO-NBR
>> 2 10.199.199.102 10.199.199.100/30 10 DR PIM
>> 10.199.199.101
>> 3 10.200.200.6 10.200.200/29 15 DR NO-NBR
>> 4 A.A.A.A register_vif0 1
>
>> Vif SSM Group Sources
>
>> Multicast Routing Table
>> ======================================================
>> ----------------------------------- (S,G)
>> ------------------------------------
>> Source Group RP Address Flags
>> --------------- --------------- ---------------
>> ---------------------------
>> 10.200.200.5 232.232.8.33 SSM CACHE SG
>> Joined oifs: ....j
>> Pruned oifs: .....
>> Leaves oifs: .....
>> Asserted oifs: .....
>> Outgoing oifs: ....o
>> Incoming : ...I.
>> =====
>
>
>> A.A.A.A is external IP-address. No multicast trafic must be sended to
>> this interface.
>> 10.200.200.6 -- vlan750, multicast comes from here
>> 10.199.199.102 -- vlan299, multicast must be forfarded here after
>> IGMP-Join received from 10.199.199.101/30
>
>
>> So, kernel with MROUTING options must be configured/installed or
>> ip_mroute.ko is enough?
>
> A kernel with MROUTING would let you see stats, but ip_mroute.ko should
> be enough to function (although I haven't tested that).
>
> I'm not familiar with the pimd output, but it seems plausible. I am
> assuming that the multicasts are not getting to the vlan299 network?
> Have you looked at the incoming traffic with tcpdump? Use the -p
> option to avoid promiscuous mode to see that the input NIC is receiving
> those multicasts, and check the TTL of the incoming multicast packets.
> (If it is 1, the packets will not be forwarded.)
Yes, multicast packets arrived to FBSD via vlan750 and TTL is 20. But
no packets forwarded to vlan299 after IGMP-Join received:
=====
00:39:30.484901 IP (tos 0xc0, ttl 1, id 13571, offset 0, flags [none],
proto IGMP (2), length 36, options (RA))
10.199.199.102 > 224.0.0.1: igmp query v3
00:39:31.356732 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto
IGMP (2), length 56, options (RA))
10.199.199.102 > 224.0.0.22: igmp v3 report, 3 group record(s)
[gaddr 224.0.0.22 is_ex { }] [gaddr 224.0.0.2 is_ex { }] [gaddr
224.0.0.13 is_ex { }]
00:39:33.091330 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto
IGMP (2), length 40, options (RA))
10.199.199.101 > 224.0.0.22: igmp v3 report, 1 group record(s)
[gaddr 232.232.8.33 to_ex { }]
00:39:35.166091 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto
IGMP (2), length 40, options (RA))
10.199.199.101 > 224.0.0.22: igmp v3 report, 1 group record(s)
[gaddr 232.232.8.33 to_ex { }]
=====
--
CU,
Victor Gamov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a789de99-00ce-f12c-f698-9594cf4c9fe7>