From owner-freebsd-net@freebsd.org  Mon Aug 10 06:59:22 2020
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id B708F3C7344
 for <freebsd-net@mailman.nyi.freebsd.org>;
 Mon, 10 Aug 2020 06:59:22 +0000 (UTC)
 (envelope-from diego.abelenda@gmail.com)
Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com
 [IPv6:2a00:1450:4864:20::343])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BQ6Jn5czBz3b1W
 for <freebsd-net@freebsd.org>; Mon, 10 Aug 2020 06:59:21 +0000 (UTC)
 (envelope-from diego.abelenda@gmail.com)
Received: by mail-wm1-x343.google.com with SMTP id p14so6689030wmg.1
 for <freebsd-net@freebsd.org>; Sun, 09 Aug 2020 23:59:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=date:from:to:cc:subject:message-id:in-reply-to:references
 :mime-version; bh=Vau36djRte13Ag2Pt5XYUAh+Tmeg5fBQDWf7nfDSH0w=;
 b=VomJMNd18Vpb2VE3XUCbv6+YmxTcxPMZn35/AnE7TdGMDMWHYsRxhy/FkP5B6q/IS3
 WEmtBIhrMKkfj/sRYT6m+3Cris2YlUXyQsI6HfeHrbzeR76rQLASH94V1jeKIBruKKZy
 wGLYULru+n5nqRikVKzfiD4R/JXdxDQ7w1wHD8qtioreUQ6YrSMKRy2XgVVVFC6mceU1
 QCTjxHKdQYafo2k1l/+zzeAyBagbHJKYv0+VjnGonBZbSKDjDUI/xwtKJDLWIT19ViLr
 6EwyucLQ3EC0fkRPvc6kG5WJeqINoOI9gY+Ue5+quDL1BusmEHA7rE7H4DPItbXnSgiF
 bLrw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
 :references:mime-version;
 bh=Vau36djRte13Ag2Pt5XYUAh+Tmeg5fBQDWf7nfDSH0w=;
 b=NmGeJVICuljjx7TcCAQBEHFy+o0q57FoSwP6A2rEp+/Wk3XJAcQgCB0u/1Pwb7gVHO
 6ejKCDOHSaL/4Wngium3d+tkrp9SWu4sWrlA9K2hcr32P7sfwMw/rfPsvO0OowrlHNLU
 9PbTmDJCCxT35pQRKKqERz6rTZrMe8Qak5ZsiCn2VAEoze8fxSf+I0fIk7qiLukAOxbJ
 xJkHqHZTj/TuGrQ0YZVfI0PEQH4OthQNquCSRAUgOri2tWH7luNPZhAOzYe2XS1w3A5/
 c+I0FDRZuDr5b/INqCs6QntusfN0Fsv6arTJqbF0zXIJSS1G4LlRebLepiu/pXlFgoQq
 9/kg==
X-Gm-Message-State: AOAM532iTXQagly5LlbTJJLwLu6GBFYrxGK+7chKQroS+EXM+FRPSa0g
 uEF/Mbe5GCsIcinXMNRv63A=
X-Google-Smtp-Source: ABdhPJwlGl7k3GFgpvDJe6IDVN3XpLiudfnUiIwiKJCh2jumiO4FNQmTrQcaO8sebBlfN9eGbRYn7w==
X-Received: by 2002:a1c:dc86:: with SMTP id t128mr5468697wmg.6.1597042758799; 
 Sun, 09 Aug 2020 23:59:18 -0700 (PDT)
Received: from debian (29.182.6.85.dynamic.wline.res.cust.swisscom.ch.
 [85.6.182.29])
 by smtp.gmail.com with ESMTPSA id z207sm20920632wmc.2.2020.08.09.23.59.17
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 09 Aug 2020 23:59:17 -0700 (PDT)
Date: Mon, 10 Aug 2020 08:59:17 +0200
From: Abelenda Diego <diego.abelenda@gmail.com>
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
Cc: freebsd-net@freebsd.org
Subject: Re: Multicast issue, interface not leaving Mutlicast Group
Message-ID: <20200810085855.5b0efccc@debian>
In-Reply-To: <BD1DD220-3A77-4187-9C19-33DB53DEFFEE@lists.zabbadoz.net>
References: <20200807152525.711d4072@debian>
 <9c241a38-977b-dcdd-ba5d-e8b2dfa2b17c@selasky.org>
 <20200808143106.423bd20f@debian>
 <BD1DD220-3A77-4187-9C19-33DB53DEFFEE@lists.zabbadoz.net>
X-Mailer: Claws Mail 3.17.6 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Sig_/5knc4BmNpJf+UFXHrhoZa==";
 protocol="application/pgp-signature"; micalg=pgp-sha512
X-Rspamd-Queue-Id: 4BQ6Jn5czBz3b1W
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=VomJMNd1;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of diegoabelenda@gmail.com designates
 2a00:1450:4864:20::343 as permitted sender)
 smtp.mailfrom=diegoabelenda@gmail.com
X-Spamd-Result: default: False [-3.35 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c];
 FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3];
 DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 NEURAL_HAM_SHORT(-0.65)[-0.653]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+,1:+,2:~];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
 ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.07)[-1.065];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.03)[-1.028];
 MIME_GOOD(-0.20)[multipart/signed,text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::343:from];
 MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Aug 2020 06:59:22 -0000

--Sig_/5knc4BmNpJf+UFXHrhoZa==
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

On Sun, 09 Aug 2020 13:55:02 +0000
"Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> wrote:

> On 8 Aug 2020, at 12:31, Abelenda Diego wrote:
>=20
> > On Sat, 8 Aug 2020 12:54:37 +0200
> > Hans Petter Selasky <hps@selasky.org> wrote:
> > =20
> >> On 2020-08-07 15:25, Abelenda Diego wrote: =20
> >>> Hello,
> >>>
> >>> I have discovered that I had a multicast issue for years I did not=20
> >>> know
> >>> about. I use a FreeBSD (opnsense) setup as router for my home=20
> >>> network and
> >>> have igmpproxy for IPTV. Somehow everything seems to work, until I=20
> >>> realized
> >>> that my ISP was making a DoS with multicast. It is pretty much what=20
> >>> was
> >>> described years ago here:
> >>> https://forum.netgate.com/topic/62591/igmp-issues-causing-isp-to-perf=
orm-multicast-dos-on-my-pfsense/7.
> >>> But the solution of not using FreeBSD seem weird. So dug a lot=20
> >>> learning
> >>> about Multicast IGMPv{2,3} etc in the process. Here is an abstract=20
> >>> of what
> >>> I found: =20
> >>
> >> Which version of FreeBSD is this (uname -a) ?
> >>
> >> There has been some fixes in the multicast area from time to time,=20
> >> and
> >> you should make sure you've got all the fixes incorporated in the=20
> >> kernel
> >> you are using, typically by testing a kernel based on a -stable or
> >> -current branch of FreeBSD.
> >>
> >> --HPS
> >> =20
> >
> > Hello,
> >
> > This is opnsense, so it is not like I can change kernel as I want.=20
> > Moreover the
> > kernel used by opnsense has some patches for stf 6rd support for=20
> > example,
> > things like that.
> >
> > Anyway, the kernel I use is:
> >
> > FreeBSD $hostname 12.1-RELEASE-p7-HBSD FreeBSD 12.1-RELEASE-p7-HBSD #0=
=20
> >  427d53bc125(stable/20.7)-dirty: Sun Jul 26 05:51:42 CEST 2020    =20
> > root@sensey64:/usr/obj/usr/src/amd64.amd64/sys/SMP  amd64
> >
> > But from what you are asking, it seems you suggest my issue is kernel=20
> > related
> > and in no way a userspace problem. So I cannot do anything to mitigate=
=20
> > the
> > issue?
> >
> > BTW I said reset the interface fixed the issue, but in fact, I need to=
=20
> > reboot,
> > I found no way to clear the multicast group memberships. =20
>=20
>=20
> Is this related to:
>=20
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D248512  and the there=
=20
> referenced other bugs?
>=20
>=20
> /bz


Hello,

Yes seems to be that, even the address already in use error is present in t=
he
log of imgpproxy.

Thank you for pointing that. I will try to make opnsense include this patch
quickly.

Best regards,
Diego Abelenda

--Sig_/5knc4BmNpJf+UFXHrhoZa==
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEhLBEGh6nN5+aat9KomT4UAfkGfgFAl8w8EUACgkQomT4UAfk
GfgwqQ/6AukXl46vo61vSnsW886/sgYFElrs2vXipvPjHp/suL5kN0x0nHMOSu+y
BQLljIt9LAb1Tpx2Ups9UDZL6jusjJehFIe6nLMmec+sCWtr5Ol5P/08EbWYX7B6
2tgcsFiGzSzJiFHyaOUd7l6JczGKJ1UKiNKkTlDkisFgFSRiDwc0hhqQnb+gknVd
sY178WT8RYA75Jg+TGtmA/+cBFysRdEfN/jigFWh6hnyfSBzm7jhcqFSdoOMirVd
i5WEWMbHLytU6XrJfEV0ac+ab3HnXHkY9FfXYMNEcXRFumuAF2T+XsdCt3M3oRb8
XcV15bccAnyMccUrOo0daTaZEyc+vBKPcKWdMCsx4/In6YnW5gDk9+g1d+y0XVDU
MDabb1ctrPqQwMePPYrDRwu6Li0V/XFF+/9XY6FBMzW4KaPfkgDfnYZbOQyCB4xM
IYf9L2kLY0RkAg9X0npvNtH+d9NzW7rHBAq49hixU4mtClGbEFFxSJ9Gp0fMNpxQ
Ep71wBvU1hEfYWeo9gpeP7xh3p26B/hanE9Bggdb6D1NrmPh0ftRo+85V65YBSkC
1B/et9lvSH3fjNLW3WwXNolOmEB/L60j7mIkQv9b1mh8M0+vmCuqRtKWfhJbs5UU
BYJEy6nDMHE+GJkSOsgvCprqCMaO0j66e9iDIjDDY8qXMPLcfq4=
=3cQy
-----END PGP SIGNATURE-----

--Sig_/5knc4BmNpJf+UFXHrhoZa==--