From owner-freebsd-net@freebsd.org Sat Aug 8 10:55:09 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E0C443A88E3 for ; Sat, 8 Aug 2020 10:55:09 +0000 (UTC) (envelope-from hps@selasky.org) Received: from mail.turbocat.net (turbocat.net [IPv6:2a01:4f8:c17:6c4b::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BNzdn1PVrz3Z5Q for ; Sat, 8 Aug 2020 10:55:08 +0000 (UTC) (envelope-from hps@selasky.org) Received: from hps2020.home.selasky.org (unknown [178.17.145.105]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.turbocat.net (Postfix) with ESMTPSA id A99852601D5; Sat, 8 Aug 2020 12:55:00 +0200 (CEST) Subject: Re: Multicast issue, interface not leaving Mutlicast Group To: Abelenda Diego , freebsd-net@freebsd.org References: <20200807152525.711d4072@debian> From: Hans Petter Selasky Message-ID: <9c241a38-977b-dcdd-ba5d-e8b2dfa2b17c@selasky.org> Date: Sat, 8 Aug 2020 12:54:37 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20200807152525.711d4072@debian> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BNzdn1PVrz3Z5Q X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of hps@selasky.org designates 2a01:4f8:c17:6c4b::2 as permitted sender) smtp.mailfrom=hps@selasky.org X-Spamd-Result: default: False [-2.12 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mail.turbocat.net]; NEURAL_HAM_LONG(-1.00)[-0.997]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[selasky.org]; NEURAL_SPAM_SHORT(0.09)[0.089]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-0.91)[-0.912]; FREEMAIL_TO(0.00)[gmail.com,freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Aug 2020 10:55:09 -0000 On 2020-08-07 15:25, Abelenda Diego wrote: > Hello, > > I have discovered that I had a multicast issue for years I did not know about. I use a FreeBSD (opnsense) setup as router for my home network and have igmpproxy for IPTV. Somehow everything seems to work, until I realized that my ISP was making a DoS with multicast. It is pretty much what was described years ago here: https://forum.netgate.com/topic/62591/igmp-issues-causing-isp-to-perform-multicast-dos-on-my-pfsense/7. But the solution of not using FreeBSD seem weird. So dug a lot learning about Multicast IGMPv{2,3} etc in the process. Here is an abstract of what I found: > Which version of FreeBSD is this (uname -a) ? There has been some fixes in the multicast area from time to time, and you should make sure you've got all the fixes incorporated in the kernel you are using, typically by testing a kernel based on a -stable or -current branch of FreeBSD. --HPS