Igmpproxy does not work
-
Hello to all,
I split my network in some subnetworks, each separated by vlan: this network has been operating for years without problems.At home I use Konnex (a standard for building automation) for which I have:
-
the pc that runs the software (ETS) is on a network: 192.168.10.0/24
-
the gateway IP / KNX is on another network: 192.168.50.0/24
the transmission between ETS and the gateway is multicast (224.0.23.12) then I have to enable IGMP proxy.
Unfortunately I could not get it to work.
(ETS and the gateway work well because if I put them on a single subnet they work well)My network is structured as follows:
-
WAN x.x.x.x
-
MODEM 192.168.3.0/24
-
LAN Backup 192.168.2.0/24 (not used)
-
LAN DEFAULT 192.168.10.0/24
-
LAN FAMIGLIA 192.168.20.0/24 (where there is ETS)
-
CAM 192.168.40.0/24
-
DOMOTICA 192.168.50.0/24 (where reside the Knx Gateway)
-
MANAGEMENT 192.168.99.0/24
-
WIFI ADMIN 192.168.210.0/24
-
WIFI FAMIGLIA 192.168.220.0/24
-
WIFI OSPITI 192.168.230.0/24
each subnet has a vlan:
192.168.10.0/24 Vlan_10
192.168.50.0/24 Vlan_50
and so on.I configured igmpproxy as suggested here on the forum, namely:
-
igmpproxy upgrade to version 0.1 (not beta 2)
-
edit /etc/inc/services.inc putting
mwexec**_bg**("/usr/local/sbin/igmpproxy -v -v {$g['tmp_path']}/igmpproxy.conf");
igmpproxy service configured as:
LAN_DEFAULT // upstream // 224.0.0.0/4
DOMOTICA // dowmstream // 192.168.50.0/24and I added the two rules:
LAN_DEFAULT
IPv4 UDP pass any to destination 224.0.0.0/4DOMOTICA
IPv4 pass IGMP to any, and activated the flag on “Advanced option → This allows packet IP option to pass.”It should be all right, but not working.
The file /tmp/igmpproxy.conf is as follow:
##------------------------------------------------------ ## Enable Quickleave mode (Sends Leave instantly) ##------------------------------------------------------ quickleave phyint re1_vlan10 upstream ratelimit 0 threshold 1 altnet 224.0.0.0/4 phyint re1_vlan50 downstream ratelimit 0 threshold 1 altnet 192.168.50.0/24 phyint pppoe0 disabled phyint re0 disabled phyint re2 disabled phyint re1_vlan20 disabled phyint re1_vlan40 disabled phyint re1_vlan99 disabled phyint re1_vlan210 disabled phyint re1_vlan220 disabled phyint re1_vlan230 disabled
and it seems ok.
I tried to do a minimum of debugging and notice two strange things:
- if I do the command "netstat -g4" I get the following output:
IPv4 Virtual Interface Table Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out 0 1 192.168.3.1 0 0 1 1 192.168.2.1 0 0 2 1 192.168.10.1 0 0 3 1 192.168.20.1 0 0 4 1 192.168.40.1 0 0 IPv4 Multicast Forwarding Table Origin Group Packets In-Vif Out-Vifs:Ttls 192.168.10.101 239.255.255.250 0 65535
Question: why I only see 5 virtual interfaces?
in particular I do not see Vlan_50 that is the one where ETS runs. To me it does not seem right ….- if I do the command "ifconfig | grep RUNNING" I get:
re0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 re1: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 re2: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384 re1_vlan10: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 re1_vlan20: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 re1_vlan40: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500 re1_vlan50: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 re1_vlan99: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 re1_vlan210: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 re1_vlan220: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 re1_vlan230: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 pppoe0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492</up,pointopoint,running,noarp,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,loopback,running,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast>
MULTIALL appears on the first interface, but not from VLAN 50 (the same as before). Why?
Thank you in advance for your help!!
Andrea -
-
I'm trying something quite similar. Did you find a fix yet?
-
No sorry. :-\
I had other evidence, for example by removing the first VLAN. In doing so the vlan_50 had appeared as output of "netstat -g4" (not seen before). From there I had found on freebsd forum a post that talked about a known issue related to a maximum limit of virtual interfaces …. but then I gave up: I was losing too much time.
In the end I think it's the igmp proxy module to be quite buggy, maybe the developer should think of alternatives .....