Is igmpproxy (igmpproxy-0.1_3,1) still broken?



  • I'm trying to route multicast traffic between two (or more) local subnets; publisher is on a DMZ subnet, consumer clients are on one (or more) LAN subnet(s).

    igmpproxy fails to start with

    There must be at least 2 Vif's where one is upstream.
    

    The debug info is nonsense:

    Searching for config file at '/tmp/igmpproxy.conf'
    Config: Quick leave mode enabled.
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan6.
    Config: IF: Got upstream token.
    Config: IF: Got ratelimit token '0'.
    Config: IF: Got threshold token '1'.
    Config: IF: Got altnet token 224.1.2.0/24.
    Config: IF: Altnet: Parsed altnet to 224.1.2/24.
    IF name : lagg0_vlan6
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 1
    Allowednet ptr : 28810040
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan5.
    Config: IF: Got downstream token.
    Config: IF: Got ratelimit token '0'.
    Config: IF: Got threshold token '1'.
    Config: IF: Got altnet token 224.1.2.0/24.
    Config: IF: Altnet: Parsed altnet to 224.1.2/24.
    IF name : lagg0_vlan5
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 2
    Allowednet ptr : 28810060
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan11.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan11
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan2.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan2
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan20.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan20
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan13.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan13
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan40.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan40
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface ovpnc2.
    Config: IF: Got disabled token.
    IF name : ovpnc2
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface ovpns1.
    Config: IF: Got disabled token.
    IF name : ovpns1
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    Config: Got a phyint token.
    Config: IF: Config for interface lagg0_vlan7.
    Config: IF: Got disabled token.
    IF name : lagg0_vlan7
    Next ptr : 0
    Ratelimit : 0
    Threshold : 1
    State : 0
    Allowednet ptr : 0
    buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
    buildIfVc: Interface ovpns1 Addr: 10.3.0.1, Flags: 0xffff8051, Network: 10.3.0.1/32
    buildIfVc: Interface ovpnc2 Addr: 10.2.100.2, Flags: 0xffff8051, Network: 10.2.100/24
    buildIfVc: Interface lagg0_vlan2 Addr: 192.168.4.250, Flags: 0xffff8843, Network: 192.168.4/24
    buildIfVc: Interface lagg0_vlan5 Addr: 192.168.2.250, Flags: 0xffff8843, Network: 192.168.2/24
    Found config for ovpns1
    Found config for ovpnc2
    Found config for lagg0_vlan2
    Found config for lagg0_vlan5
    adding VIF, Ix 0 Fl 0x0 IP 0x0100030a ovpns1, Threshold: 1, Ratelimit: 0
            Network for [ovpns1] : 10.3.0.1/32
    adding VIF, Ix 1 Fl 0x0 IP 0x0264020a ovpnc2, Threshold: 1, Ratelimit: 0
            Network for [ovpnc2] : 10.2.100/24
    adding VIF, Ix 2 Fl 0x0 IP 0xfa04a8c0 lagg0_vlan2, Threshold: 1, Ratelimit: 0
            Network for [lagg0_vlan2] : 192.168.4/24
    adding VIF, Ix 3 Fl 0x0 IP 0xfa02a8c0 lagg0_vlan5, Threshold: 1, Ratelimit: 0
            Network for [lagg0_vlan5] : 192.168.2/24
            Network for [lagg0_vlan5] : 224.1.2/24
    

    It's clearly parsing the /tmp/igmpproxy.conf file correctly; lagg0_vlan6 and lagg0_vlan5 were recognized as the upstream and downstream interfaces, respectively. It clearly saw the disabled token for the rest. Then it went off and ignored all that; tries to use the OpenVPN interfaces ovpns1 and ovpnc2, in spite of their being explicitly disabled and pulled lagg0_vlan2 out of thin air... seems to have decided that lagg0_vlan6 is lagg0_vlan2 for unknown reasons.

    Ultimately, I suppose it's complaint is valid since it ignored the lagg0_vlan6, which is the upstream it can't find, and lagg0_vlan2 is nothing. But it's also clear from it's read of the configuration that it would seem to be it's own fault.

    It looks like that latest release in github is 0.2.1, while igmpproxy-0.1_3,1 is what's in the pfSense_v2_3_4_amd64-pfSense_v2_3_4 repository. Even pfSense_v2_4_0_amd64-pfSense_v2_4_0 is only at igmpproxy-0.1_5,1. I'm I'm not sure if this issue has been reported, much less resolved in ANY version, so I thought I'd run it past the community to see if anyone has any insight, as I have a look at the code in parallel.

    -TIA



  • Update to pfSense 2.4.4, this is the only supported version and should give you igmpproxy-0.2.1_1,1. If you see an earlier version on 2.4.4 enter "pkg update" followed by "pkg upgrade" via console or ssh to get some package updates that were added after the 2.4.4 release.



  • It dosen't really matter. I installed 0.2.1 and it's still just as broken.

    There is a problem with getting a list of interfaces with ioctl from the system and/or parsing/filtering it, in ifvc.c. I haven't yet determined if the ioctl call is failing to return the complete list (less likely) or if they've botched there inspection of it (most probable), but it dosen't see more than half the interfaces.

    I need to compile a debug version of it to figure it out, but even that's failing because the author didn't correctly deal with type library incompatibilities across *nix distros, so it won't even compile on freeBSD.



  • To make matters worse, the debug version I created and compiled, works. Apparently there is a difference between the igmpproxy-0.2.1 in the freebsd repository (I didn't build that) and the same version when built with freebsd ports.

    So I was able to build an instance of 0.2.1 that works, but I'll never know what is wrong with those others.