• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN multicast?

Scheduled Pinned Locked Moved OpenVPN
5 Posts 4 Posters 2.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    chichin79
    last edited by Sep 15, 2016, 1:04 PM

    Is multicast possible when setting up OpenVPN Site to site pre-shared key? Does it matter if the openvpn interface is tun or tap?

    If not "enabled" by default, how do i Enable multicast on the interfaces?

    Running latest version of pfsense 2.3.2

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Sep 15, 2016, 3:58 PM

      Where are you trying to run multicast? Just between the firewalls on the OpenVPN interface, or from LAN-to-LAN?

      For traffic between the firewalls, it works fine with shared key depending on the context. Things like OSPF work without issue.

      If you are trying to get multicast from LAN to LAN, that is less likely to work. You'd have to run a proxy (e.g. Avahi) or bridge the LANs (yuck), but if you can provide some more information about what it is you're attempting to accomplish, there may be an alternate solution.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • C
        chichin79
        last edited by Sep 16, 2016, 7:55 AM Sep 15, 2016, 5:17 PM

        Thanks for the reply:-)

        What I would like to accomplish is to cluster two proxmox ( great hypervisor ) nodes that I have here at home and one node that is offsite.

        For clustering to work proxmox need  multicasting ( for what I have read? ) on the networks that are on the different sites.

        I have managed to setup an openvpn site to site with TAP interface but no traffic is passing, because the option to " Bridge DHCP" is greyed out? So is also Bridge interface? I have created and added the ovps interface, enabled it and bridged it with my LAN interface on the pfsense router in the datacenter, and ofcourse enabled the bridge also but still greyed out??

        Do you need more info??

        Thanks for the help again:-)

        EDIT

        Well, I was at this yesterday and tried again this morning with various settings but nothing.. I went back and configured an IPsec tunnel, multicast dont work on IPsec but there is a possibility to setup a GRE tunnel within the IPsec tunnel so I think I will try that instead..

        1 Reply Last reply Reply Quote 0
        • R
          robi
          last edited by Sep 24, 2016, 3:30 PM

          I noticed that on certain hardware OpenVPN doesn't properly forward multicast unless you ckeck the box "Disable hardware checksum offload" in System / Advanced / Networking.

          1 Reply Last reply Reply Quote 0
          • U
            UFNTech01
            last edited by Feb 12, 2017, 12:37 AM

            Has anyone been able to get this working?

            i'm trying to configure a 3 cluster configurations for my 3 proxmox noeds. 2 proxmox nodes are in the same physical network and i have no issues clustering them up.

            my issue is when i try to add the 3rd node which sits in a remote location, i get the "waiting for Quorum" time out  error, im assuming this is due to the multicast traffic not being passed through the S2S tunnel

            I've configured the ovpn server via TUN / UDP. i have access to the remote side, and vise versa. any suggestions ?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              [[user:consent.lead]]
              [[user:consent.not_received]]