From owner-freebsd-net@freebsd.org  Tue Mar 20 00:18:01 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A00CAF56FE6
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue, 20 Mar 2018 00:18:01 +0000 (UTC)
 (envelope-from rozhuk.im@gmail.com)
Received: from mail-lf0-x235.google.com (mail-lf0-x235.google.com
 [IPv6:2a00:1450:4010:c07::235])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 0BA846DD85
 for <freebsd-net@freebsd.org>; Tue, 20 Mar 2018 00:18:01 +0000 (UTC)
 (envelope-from rozhuk.im@gmail.com)
Received: by mail-lf0-x235.google.com with SMTP id a22-v6so28101492lfg.9
 for <freebsd-net@freebsd.org>; Mon, 19 Mar 2018 17:18:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:date:to:cc:subject:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=KyEK3INFNUKU8qEL8XxVbXnL5MG0YxR9PPYns4+LMFc=;
 b=L+sIS0NCUuZzhRmr7doduA84NKxeVGSpsUsYUVcn/2K22EJbZG7kDo6myqdGQEJQIC
 nDB/w2DLDX2447oddXsbqvj9iQrGqQRnuhueYwQi5KVjlNI7MtkKDmV1R0dke1uCmXYV
 R/MKw9rZADE/92lFaB/LHbQsghIty1Cd9JRD9mW4rKQedZhYjX4PDo1KPnO9KdPmiopr
 dBKYCZNmun+sFHKXOPnYYh5lZ686XgsOs6+rN3AOmJ6rFxSKWBedbAtM38d7CZXhiOK1
 eal0cP+hydOCyesxXIbpXGHbi0PLctCgLhXdPeuIQhWRi+ZwLgQk9wGy+iWutCF/ro1H
 veAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:date:to:cc:subject:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=KyEK3INFNUKU8qEL8XxVbXnL5MG0YxR9PPYns4+LMFc=;
 b=DHqvZu338LfCkMzard54ceNhfTgUPEIbBTmV2MNlmsXTtehBJsvtevTXtwQ7TCZ7BZ
 8+Bo+8y7I4uu4TpCJEnt+HJYkcEAZAFEC98JLaWR72V9jDBu8k7zsjt+VU6GnhO1sEUw
 +IbwdPwi5EqsdzEGxqZfBCq2rwxTbYF3Wd0OTZVCq7NJJVxW90E2N7yvb2Y17crg5PZi
 thAqSwhYXzr3wlkoh9GQ59RGtVolCm3gBX/FHO3ZiNv1MCPTN7aOTXJxObr3P1bXDnAl
 WH0X45e6DEH2e9zFtPT/Yj8aWrVZ6gDyf7ipeW0fwUxlLBFndQkk+gBhMkCZOlIOBgA3
 Sk1w==
X-Gm-Message-State: AElRT7F+plEFNIVf7R8hEK8HtR0ANAGC64MuaInbWF5Vv3IojWIAtsCp
 lupu72N6h3eEcyZGaRnj9CRRiA==
X-Google-Smtp-Source: AG47ELs85IeIW8di+ESvBaOx28prQM4RHqgXBTohlkdtl2rUguXSXL23L3hz3e2tJv1o84P2vVe9uA==
X-Received: by 10.46.134.146 with SMTP id l18mr546285lji.4.1521505079428;
 Mon, 19 Mar 2018 17:17:59 -0700 (PDT)
Received: from localhost ([2001:470:1f15:3d8:2475:413f:d27b:c44c])
 by smtp.gmail.com with ESMTPSA id q29sm78691ljc.78.2018.03.19.17.17.57
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 19 Mar 2018 17:17:58 -0700 (PDT)
From: Rozhuk Ivan <rozhuk.im@gmail.com>
X-Google-Original-From: Rozhuk Ivan <Rozhuk.IM@gmail.com>
Date: Tue, 20 Mar 2018 03:15:06 +0300
To: "Rodney W. Grimes" <freebsd-rwg@pdx.rh.CN85.dnsmgr.net>
Cc: Andreas Scherrer <ascherrer@gmail.com>, freebsd-net@freebsd.org
Subject: Re: Multicast/SSDP not working (on VLAN interface)
Message-ID: <20180320031506.10b5cd89@gmail.com>
In-Reply-To: <201803192311.w2JNB5lU014039@pdx.rh.CN85.dnsmgr.net>
References: <f85a4da6-a06f-e045-36e0-2d82c67e8239@gmail.com>
 <201803192311.w2JNB5lU014039@pdx.rh.CN85.dnsmgr.net>
X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.31; amd64-portbld-freebsd11.1)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2018 00:18:01 -0000

On Mon, 19 Mar 2018 16:11:05 -0700 (PDT)
"Rodney W. Grimes" <freebsd-rwg@pdx.rh.CN85.dnsmgr.net> wrote:

> Are you running with "firewall_type="simple""?
> If so it is set to block all 224/4 packets, see this part
> of /etc/rc.firewall:
>         # And stop draft-manning-dsua-03.txt (1 May 2000) nets
> (includes RESERVED-1, # DHCP auto-configuration, NET-TEST, MULTICAST
> (class D), and class E) # on the outside interface
>         ${fwcmd} table ${BAD_ADDR_TBL} add 0.0.0.0/8
>         ${fwcmd} table ${BAD_ADDR_TBL} add 169.254.0.0/16
>         ${fwcmd} table ${BAD_ADDR_TBL} add 192.0.2.0/24
>         ${fwcmd} table ${BAD_ADDR_TBL} add 224.0.0.0/4
>         ${fwcmd} table ${BAD_ADDR_TBL} add 240.0.0.0/4
> 
> 	${fwcmd} add deny all from any to "table($BAD_ADDR_TBL)" via
> ${oif}
> 
> Your route effected this as your packets are no longer trying to
> use an all interfaces path, but a specific interface, and that is
> probably not ${oif} of your firewall.
> 

One more fw tip: pf by default drops all IP packets with options, so IGMP does not work.