Date: Mon, 3 Sep 2012 12:21:03 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Jamie Gritton <jamie@FreeBSD.org> Cc: freebsd-jail@FreeBSD.org, curtis@occnc.com Subject: Re: IPv6 multicast sent to jail Message-ID: <alpine.BSF.2.00.1209031219120.76284@ai.fobar.qr> In-Reply-To: <5039397B.7050205@FreeBSD.org> References: <201208252015.q7PKFVVi009920@gateway2.orleans.occnc.com> <5039397B.7050205@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 25 Aug 2012, Jamie Gritton wrote:
...
>>>> Curtis
>>>
>>> Offhand, it does sound like a bug. I imagine the solution would be to
>>> reject the join - at least the easy solution to be done first until
>>> something more complicated can be done to make jails play nice with
>>> multicast.
>>>
>>> - Jamie
>>
>>
>> Jamie,
>>
>> Certainly not the preferred solution. Best would be a
>> jail.allow-ipv6multicast sysctl variable with rejecting the join if 0
>> and accepting the join and passing in multicast if 1. Same for v4,
>> though not of immediate concern since DHCPv4 doesn't need it.
>>
>> If you (or someone) would like to point me in the right direction, I
>> would be willing to put some time into learning the relevant code and
>> proposing a fix. No promises, but I can put some time into it. Off
>> list if you prefer.
>>
>> Curtis
>
> It'll have to be someone besides me - I don't know enough about
> multicast myself to be able to do more than keep it out of jails.
sysctl souns bad to me; I think it should actually be grouped by
ip4.* and ip6.*. What dod we currently do for raw sockets? Can we
have a third level easily, as in ip4.raw.*, ip6.mc.*, ... which of
course would kill the classic "allow" thing for raw sockets myabe?
/bz
--
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1209031219120.76284>