How to setup IGMP Proxy for VLANs.



  • Hi all

    I'm trying to have working IGMP proxy on my pfsense. Idea behind is, I have Domoticz on LAN
    igb1 network, where I have addedd Xiaomi Gateway. Xiaomi Gateway is connected via AP, on vlan 10 and igb1.10.
    Xiaomi Gateway uses IGMP :

    21:47:28.514173 IP lumi-gateway-v3_miio63220096.local.domain.rwhois > 224.0.0.50.9898: UDP, length 136
    

    and abviously no communication between igb1 and igb1.10

    I do have created FW rules to allow IGMP on both interfaces, with Allow IP options.
    IGMP Proxy is configured like this (not sure if this all correct).

    [2.4.4-RELEASE][admin@router.local.domain]/root: cat /var/etc/igmpproxy.conf
    
    ##------------------------------------------------------
    ## Enable Quickleave mode (Sends Leave instantly)
    ##------------------------------------------------------
    quickleave
    phyint igb1 upstream ratelimit 0 threshold 1
    altnet 10.36.90.0/23
    
    phyint igb1.10 downstream ratelimit 0 threshold 1
    altnet 192.168.50.0/24
    
    phyint igb0 disabled
    phyint igb2 disabled
    phyint igb3 disabled
    phyint igb1.20 disabled
    
    
    adding VIF, Ix 0 Fl 0x0 IP 0x015a240a igb1, Threshold: 1, Ratelimit: 0
    adding VIF, Ix 1 Fl 0x0 IP 0x010a0a0a igb1, Threshold: 1, Ratelimit: 0
    RECV Leave message      from 10.36.90.18     to 224.0.0.2
    RECV V2 member report   from 10.36.90.18     to 224.0.0.50
    Mebership report was received on the upstream interface. Ignoring.
    RECV V2 member report   from 10.36.90.18     to 224.0.0.50
    Mebership report was received on the upstream interface. Ignoring.
    RECV V2 member report   from 10.36.90.18     to 224.0.0.50
    Mebership report was received on the upstream interface. Ignoring.
    

    Domoticz is on 10.36.90.18 and I see IGMP Xiaomi Gateway talks is sent to 224.0.0.50

    Any help highly appreciated.


  • Netgate Administrator

    You should probably update your signature. 😉
    2.0.1-RELEASE (i386)

    What exactly is supposed to happen here between those devices?

    Is anything logged on each of them?

    Steve



  • It is old signature, indeed. But seems I'm blind, I did not found where I can change it ...
    To be honest, not fully sure, I just found, and noticed they need to communicate with IGMP. Gateway acts as Zigbee gateway for Domoticz. And I want to have them separated on VLAN's.
    When I created bridge between igb1 and igb1.10 all works fine, I see in tcpdump IGMP packets being exchanged. But then, DHCP is being messed up, devices on iot network are receiving IP from LAN range instead of IoT range.


  • Netgate Administrator

    Indeed you can't bridge those interfaces and keep them as separate subnets.

    Did you try switching the upstream and downstream interfaces? It's not clear to me which way round they should be.

    The other thing to do is to start the proxy in debug mode from the command line to check for any errors:
    igmpproxy -d -vv /var/etc/igmpproxy.conf

    Stop it from Status > Services in the GUI first.

    Steve