DLNA across VLAN subnets with IGMP Proxy not working

snow

Hi guys,

Based on the following setup I'm trying to get DLNA across VLAN subnets with IGMP Proxy working but without success:

VLAN A = Wifi network > 192.168.30.0/24

This network contains the DLNA clients, e.g. smartphones, smart tv, etc.

VLAN B = Home network > 192.168.36.0/24

This network contains the DLNA Server, e.g. minidlna.

First of all, I replaced the igmpproxy with version 0.2.1_1,1 as suggested here:
https://redmine.pfsense.org/issues/8935

IGMP Proxy is configured as shown below:

Upstream:
Interface = VLAN B
Networks = 192.168.36.0/24, 224.0.0.0/4

Downstream = VLAN A
Networks = 192.168.30.0/24

The following firewall rules are currently in place:

VLAN A:

Proto = IPv4 UDP, Source = VLAN A net (Source port = any), Dest = 255.255.255.255, Dest port = 1900
Proto = IPv4 UDP, Source = VLAN A net (Source port = any), Dest = 239.255.255.250, Dest port = any (with "Allow IP options" checked)
Proto = IPv4 IGMP, Source = VLAN A net (Source port = any), Dest = 239.255.255.250, Dest port = any (with "Allow IP options" checked)
Proto = IPv4 IGMP, Source = VLAN A net (Source port = any), Dest = 224.0.0.0/4, Dest port = any (with "Allow IP options" checked)
Proto = IPv4 TCP, Source = VLAN A net (Source port = any), Dest = DLNA Server on VLAN B, Dest port = 8200

VLAN B:

Proto = IPv4 UDP, Source = VLAN B net (Source port = any), Dest = 255.255.255.255, Dest port = 1900
Proto = IPv4 UDP, Source = VLAN B net (Source port = any), Dest = 239.255.255.250, Dest port = any (with "Allow IP options" checked)
Proto = IPv4 IGMP, Source = VLAN B net (Source port = any), Dest = 239.255.255.250, Dest port = any (with "Allow IP options" checked)
Proto = IPv4 IGMP, Source = VLAN B net (Source port = any), Dest = 224.0.0.0/4, Dest port = any (with "Allow IP options" checked)

Maybe too much rules, but it's for testing now.

Unfortunately, every client on VLAN A is unable to find the DLNA Server on VLAN B.
Is there anything wrong with my setup?

Please note that, if I'm using a separate machine (raspberry pi with vlan trunking enabled) with PIMD installed, it's working fine and the DLNA clients are able to find the DLNA Server without any problems.

Thanks,
Philipp

Rai80

Try rules

On int VLAN A:
Source VLAN B subnet Dest Any Allow with IP options

On int VLAN B:
Source VLAN A subnet Dest Any Allow with IP options

If that's working you can narrow down your rules

snow

@rai80

Unfortunately no difference.
I already placed a rule on both interfaces to allow all IP4 traffic from any to any with no luck.
Seems to be there is anything wrong with the IGMP Proxy.

Rai80

Hmm, your configuration seems right. Online I see more people having trouble getting DLNA to work between Vlans's with Igmpproxy. See https://forum.netgate.com/topic/114743/dlna-over-subnets-igmp-proxy-multicast-routing/8

Rai80

You can try pimd instead of igmpproxy. See:
https://freebsd.pkgs.org/11/freebsd-ports-quarterly-amd64/pimd-2.3.2.txz.html
https://github.com/troglobit/pimd

Install with pkg add http://pkg.freebsd.org/FreeBSD:11:amd64/quarterly/All/pimd-2.3.2.txz

snow

@rai80

Thanks dude, with pimd it's working fine.
Perfect solution

Rai80

@snow Nice!

Can u post your pimd.conf? I tried earlier about the same without succes. Maybe I give it another try :)

snow

@rai80

Currently I'm using an unmodified pimd.conf with one exception concerning the interface section:

phyint re0 disable
phyint em0.30 enable
phyint em0.31 enable
phyint em0.32 disable
phyint em0.33 disable
phyint em0.34 disable
phyint em0.35 disable
phyint em0.36 enable
phyint pppoe0 disable
phyint ovpns1 disable

As shown above it's only enabled on Vlan interface em0.30, em0.31 and em0.36.
Because all non-loopback multicast capable interfaces are enabled by default, you also need to disable the interfaces which are not required for multicast explicitly.

The only thing I noticed, it takes currently 20 - 30 seconds until the DLNA server will be found on the clients.
For an example:

Android with BubbleUPnP: 20 sec
IPad with VLC: 30 sec

I think this behaviour can be optimized in pimd.conf.

Rai80

Thx.

I think it has something to do with the default timers.

Qinn

Maybe a long shot, but I'm having problems using IGMPproxy. I am getting

The IGMP message was local multicast. Ignoring. 

did a

igmpproxy --vv 

but I still can't figure this error message out. So I "think" that the discovery (239.255.255.250 SSDP ) of the devices won't traverse over the IGMP proxy and thus they cannot connect across VLAN's. I tried PIMD, but alas no avail.

Can someone help or point me in the right direction.

Cheers Qinn

Rai80

Can you post your igmpproxy.conf and pimd.conf ?

And your network overview.

Qinn

@rai80 Thanks for your reply, I added the conf files

In the pimd config I only added the devices I wanted disabled. So there remains phyint igb1.1005 and phyint igb1.1010 ( there is no 1006 and 1009 VLAN)

I copied pimd.conf to

/var/etc

and started pimd with

 pimd -d -c /var/etc/pimd.conf

I hope it helps, thanks in advance for your time

Cheers Qinn

[0_1546340228249_igmpproxy.conf](Uploading 100%) 0_1546340265865_igmp.zip

Qinn

Update....I was far too quick in my judgement, after say 25 sec it worked . Pimd did it, with the above conf, but now I would like to know why, for instance what I don't understand is why don't I have to define an up- or downstream. Could you give me some insight how and why this works.

Cheers Qinn

Qinn

This post is deleted!