Date: Tue, 05 Nov 2019 00:09:33 -0600 From: Mike Karels <mike@karels.net> To: Victor Gamov <vit@otcnet.ru> Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD as multicast router Message-ID: <201911050609.xA569XEr061715@mail.karels.net> In-Reply-To: Your message of Mon, 04 Nov 2019 20:39:15 %2B0300. <8401b22b-be4a-c10c-fb86-0b44beac57e0@otcnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 03/11/2019 08:22, Mike Karels wrote: > >>>>> Hi All > >>>>> > >>>>> I have (noob) questions about multicast routing under FreeBSD. > >>>>> > >>>>> I have FreeBSD box with two (or more) multicast enabled interfaces= (e.x. > >>>>> vlan750 and vlan299). vlan750 connected to multicast source. > >>>>> > >>>>> Then pimd installed and only this two interfaces enabled in pimd c= onfig. > >>>>> Multicast routes successfully installed by pimd and listed by `net= stat > >>>>> -g -f inet` > >>>>> > >>>>> Then client on vlan299 send IGMP-Join (this Join received by FreeB= SD on > >>>>> vlan299) > >>>>> > >>>>> The question is: who will forward muilticast from one interface > >>>>> (vlan750) to another (vlan299)? Is it kernel specific job or I ne= ed > >>>>> additional software? > >>> > >>>> Please read the manpage multicast(4) "man 4 multicast", > >>>> you should need to build a custom kernel with the "options MROUTING= " > >>>> to enable the multicast forwarding in the kernel. > >>> > >>> If "netstat -g" shows routes, the kernel must have been built with "= options > >>> MROUTING". > > = > >> Indeed. > > = > >>> > >>> The kernel does the forwarding, according to those routing tables in= stalled > >>> by pimd or another multicast routing program. Is it not working? I= t sounds > >>> like you are very close. > > = > >> Could it be sysctl net.inet.ip.forwarding? Does that still apply to = mroutes? > > = > > No, they are separate. The test is just whether MROUTING is enabled, = and > > whether a multicast router like pimd is active. > > = > > One other thing to check would be "netstat -gs" (multicast stats). > Oops! > =3D=3D=3D=3D=3D > # netstat -f inet -gs > No IPv4 MROUTING kernel support. > =3D=3D=3D=3D=3D This looks like a bug in netstat; it is doing a test that is wrong for the loadable module. > But I have ip_mroute.ko loaded and netstat -g shows something like > =3D=3D=3D=3D=3D > # netstat -f inet -g > IPv4 Virtual Interface Table > Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out > 0 1 A.A.A.A 0 0 > 1 1 B.B.B.19 0 0 > 2 10 10.199.199.102 0 0 > 3 15 10.200.200.6 77440 0 > 4 1 A.A.A.A 0 77440 > IPv4 Multicast Forwarding Table > Origin Group Packets In-Vif Out-Vifs:Ttls > 10.200.200.5 232.232.8.33 1844 3 4:1 > 10.200.200.5 232.232.8.171 1843 3 4:1 > 10.200.200.5 232.232.8.58 4609 3 4:1 > 10.200.200.5 232.232.8.154 1844 3 4:1 > 10.200.200.5 232.232.8.170 1844 3 4:1 > =3D=3D=3D=3D=3D > and > =3D=3D=3D=3D=3D > # pimd -r > Virtual Interface Table = > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > Vif Local Address Subnet Thresh Flags Neighbors > --- --------------- ------------------ ------ --------- = > ----------------- > 0 A.A.A.A A.A.A.A/25 1 DR NO-NBR > 1 B.B.B.19 B.B.B 1 DR NO-NBR > 2 10.199.199.102 10.199.199.100/30 10 DR PIM = > 10.199.199.101 > 3 10.200.200.6 10.200.200/29 15 DR NO-NBR > 4 A.A.A.A register_vif0 1 > Vif SSM Group Sources > Multicast Routing Table = > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > ----------------------------------- (S,G) = > ------------------------------------ > Source Group RP Address Flags > --------------- --------------- --------------- = > --------------------------- > 10.200.200.5 232.232.8.33 SSM CACHE SG > Joined oifs: ....j > Pruned oifs: ..... > Leaves oifs: ..... > Asserted oifs: ..... > Outgoing oifs: ....o > Incoming : ...I. > =3D=3D=3D=3D=3D > A.A.A.A is external IP-address. No multicast trafic must be sended to = > this interface. > 10.200.200.6 -- vlan750, multicast comes from here > 10.199.199.102 -- vlan299, multicast must be forfarded here after = > IGMP-Join received from 10.199.199.101/30 > So, kernel with MROUTING options must be configured/installed or = > ip_mroute.ko is enough? A kernel with MROUTING would let you see stats, but ip_mroute.ko should be enough to function (although I haven't tested that). I'm not familiar with the pimd output, but it seems plausible. I am assuming that the multicasts are not getting to the vlan299 network? Have you looked at the incoming traffic with tcpdump? Use the -p option to avoid promiscuous mode to see that the input NIC is receiving those multicasts, and check the TTL of the incoming multicast packets. (If it is 1, the packets will not be forwarded.) > P.S. FreeBSD 11.3-STABLE #0 r351605M > -- > CU, > Victor Gamov Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201911050609.xA569XEr061715>