Multicast support AND GRE over IPSec

  • This is kind-of two parts, but they're both related so I just put it into one.

    I'd like to gauge the interest in adding multicast support to PfSense (not by me unfortunately, I'm not worthy…). I've run a couple of searches on the forum and looks like other people are looking for it as well. Multicast support added to PfSense would help with the following:

    1. Quite a few VoIP systems use multicast for conferencing, paging, music on hold, video conferencing, etc. Since a benefit of VoIP is having remote offices with phones and remote phones you need to somehow get mutlticast to those phones/PCs.
    2. Use PfSense as a possible replacement to the TV over IP (IP-TV) routers provided by some ISP's (ATT's U-Verse maybe?)
    3. Possibly enable services like bonjour/zero config to cross subnets or even VPN tunnels.

    I'm mostly interested in #1. Especially over VPN tunnels. Currently, the only way to stream multicast to a remote location is:

    A) Use a point-to-point dedicated WAN link with no encryption.
    B) MPLS with multicast support.
    C) A GRE tunnel to enclose the multicast traffic and encapsulate that inside an IPSec tunnel for security.

    A and B can be quite expensive.

    Since PfSense already supports GRE and IPSec (That new IPSec interface kicks so much ass BTW :D ). How hard would it be to:

    • Allow the use of an IPSec tunnel as an interface when configuring GRE.
    • Enable multicast routing with the GRE and LAN interfaces.

    I think this would be a super cool addition to PfSense. It could make PfSense a competitive multimedia routing platform. I know FreeBSD includes multicast routing support with the MROUTED, but I don't know how well it works or what features it provides.

    I'd be willing (read: able) to donate a $150 or so. I hope other people can throw in the pot too since this would be a pretty big job.



  • I, too, would be willing to add $150 to this bounty for multicast tunneling/forwarding/routing. I'm looking to route multicast packets over OpenVPN tunnels.

Log in to reply