Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help Please: igmpproxy fails to properly config ifs, uses lo0 for upstream

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rudelerius
      last edited by

      Hi.  I have been hijacking this thread: https://forum.pfsense.org/index.php?topic=93293.0 for some time while trying to figure out why I can't seem to get igmpproxy working properly.

      For reference, I am running a fresh, full install of 2.2.4 on a 40gb HDD.  I was previously running 2.2.3 and 2.2.4 embedded on a 4GB CF card, but decided to go with the full install to try to rule out nanoBSD as a possible cause of the problems I've been having.  After much trial and error, I am still having problems.

      First, my igmpproxy.conf:

      ##------------------------------------------------------
      ## Enable Quickleave mode (Sends Leave instantly)
      ##------------------------------------------------------
      quickleave
      phyint em0 upstream ratelimit 0 threshold 1
      altnet 224.0.0.0/4
      altnet 184.60.0.0/16
      altnet 184.61.0.0/16
      
      phyint em1_vlan10 downstream ratelimit 0 threshold 1
      altnet 10.10.0.0/24
      
      phyint lagg0_vlan80 disabled
      phyint lagg0_vlan10 disabled
      phyint em1_vlan12 disabled
      phyint em1_vlan80 disabled
      phyint bridge2 disabled
      

      em0 is double natted behind my ISPs residential gateway for the moment, until I can get igmpproxy working properly on pfSense, and then replace the RG.  So, the IP address assigned to my WAN interface (192.168.0.2) is reserved from among the RG's DHCP range.

      em1_vlan10 is assigned to the LAN interface in pfSense.  I do not have the em1 port assigned to any interface in pfSense at the moment.  When I run "igmpproxy -d -v -v /tmp/igmpproxy.conf" from the console, I receive the following debug output, which in a nutshell, attempts to configure lo0 as the upstream interface.

      Searching for config file at '/tmp/igmpproxy.conf'
      Config: Quick leave mode enabled.
      Config: Got a phyint token.
      Config: IF: Config for interface em0.
      Config: IF: Got upstream token.
      Config: IF: Got ratelimit token '0'.
      Config: IF: Got threshold token '1'.
      Config: IF: Got altnet token 224.0.0.0/4.
      Config: IF: Altnet: Parsed altnet to 224/4.
      Config: IF: Got altnet token 184.60.0.0/16.
      Config: IF: Altnet: Parsed altnet to 184.60/16.
      Config: IF: Got altnet token 184.61.0.0/16.
      Config: IF: Altnet: Parsed altnet to 184.61/16.
      IF name : em0
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 1
      Allowednet ptr : 1018040
      Config: Got a phyint token.
      Config: IF: Config for interface em1_vlan10.
      Config: IF: Got downstream token.
      Config: IF: Got ratelimit token '0'.
      Config: IF: Got threshold token '1'.
      Config: IF: Got altnet token 10.10.0.0/24.
      Config: IF: Altnet: Parsed altnet to 10.10.0/24.
      IF name : em1_vlan10
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 2
      Allowednet ptr : 1018080
      Config: Got a phyint token.
      Config: IF: Config for interface lagg0_vlan80.
      Config: IF: Got disabled token.
      IF name : lagg0_vlan80
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 0
      Allowednet ptr : 0
      Config: Got a phyint token.
      Config: IF: Config for interface lagg0_vlan10.
      Config: IF: Got disabled token.
      IF name : lagg0_vlan10
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 0
      Allowednet ptr : 0
      Config: Got a phyint token.
      Config: IF: Config for interface em1_vlan12.
      Config: IF: Got disabled token.
      IF name : em1_vlan12
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 0
      Allowednet ptr : 0
      Config: Got a phyint token.
      Config: IF: Config for interface em1_vlan80.
      Config: IF: Got disabled token.
      IF name : em1_vlan80
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 0
      Allowednet ptr : 0
      Config: Got a phyint token.
      Config: IF: Config for interface bridge2.
      Config: IF: Got disabled token.
      IF name : bridge2
      Next ptr : 0
      Ratelimit : 0
      Threshold : 1
      State : 0
      Allowednet ptr : 0
      buildIfVc: Interface em0 Addr: 192.168.0.2, Flags: 0xffff8943, Network: 192.168.0/24
      buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
      Found config for em0
      adding VIF, Ix 0 Fl 0x0 IP 0x0200a8c0 em0, Threshold: 1, Ratelimit: 0
              Network for [em0] : 192.168.0/24
              Network for [em0] : 224/4
              Network for [em0] : 184.60/16
              Network for [em0] : 184.61/16
      There must be at least 2 Vif's where one is upstream
      

      I have tried assigning the port underlying my vlan port to an interface in pfSense.  When I do that, igmpproxy does create the upstream Vif (instead of failing, as above), but it creates it on em1, instead of em1_vlan.

      I haven't been able to pull the debug information for that scenario yet- for some reason, when I configured the interface in the GUI, I lost my remote connection to all of the machines behind the pfSense box.  I expected it to drop after it reapplied the filters, etc, but thought it would come back up after a short time.  Alas it has not.  So, I will have to try it and post results later.

      But, if anyone has any input as to why igmpproxy is trying to configure the loopback interface in the above scenario, I'd love to hear it.  I don't really see any reason why the above config should not work.

      Thanks in advance for any input.

      1 Reply Last reply Reply Quote 0
      • R
        rudelerius
        last edited by

        So, here is the debug results now that I have assigned em1 to the GUEST (OPT6) interface in pfSense.  igmpproxy is still stubbornly ignoring the em1_vlan interface and configuring the em1 interface, in spite of the fact that it acknowledges the "disabled" token for that interface.  I wish I knew how to step through the code, so I could at least try to figure this out on my own.

        Searching for config file at '/tmp/igmpproxy.conf'
        Config: Quick leave mode enabled.
        Config: Got a phyint token.
        Config: IF: Config for interface em0.
        Config: IF: Got upstream token.
        Config: IF: Got ratelimit token '0'.
        Config: IF: Got threshold token '1'.
        Config: IF: Got altnet token 224.0.0.0/4.
        Config: IF: Altnet: Parsed altnet to 224/4.
        Config: IF: Got altnet token 184.60.0.0/16.
        Config: IF: Altnet: Parsed altnet to 184.60/16.
        Config: IF: Got altnet token 184.61.0.0/16.
        Config: IF: Altnet: Parsed altnet to 184.61/16.
        IF name : em0
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 1
        Allowednet ptr : 1018040
        Config: Got a phyint token.
        Config: IF: Config for interface em1_vlan10.
        Config: IF: Got downstream token.
        Config: IF: Got ratelimit token '0'.
        Config: IF: Got threshold token '1'.
        Config: IF: Got altnet token 10.10.0.0/24.
        Config: IF: Altnet: Parsed altnet to 10.10.0/24.
        IF name : em1_vlan10
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 2
        Allowednet ptr : 1018080
        Config: Got a phyint token.
        Config: IF: Config for interface lagg0_vlan80.
        Config: IF: Got disabled token.
        IF name : lagg0_vlan80
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        Config: Got a phyint token.
        Config: IF: Config for interface lagg0_vlan10.
        Config: IF: Got disabled token.
        IF name : lagg0_vlan10
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        Config: Got a phyint token.
        Config: IF: Config for interface em1_vlan12.
        Config: IF: Got disabled token.
        IF name : em1_vlan12
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        Config: Got a phyint token.
        Config: IF: Config for interface em1_vlan80.
        Config: IF: Got disabled token.
        IF name : em1_vlan80
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        Config: Got a phyint token.
        Config: IF: Config for interface bridge2.
        Config: IF: Got disabled token.
        IF name : bridge2
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        Config: Got a phyint token.
        Config: IF: Config for interface em1.
        Config: IF: Got disabled token.
        IF name : em1
        Next ptr : 0
        Ratelimit : 0
        Threshold : 1
        State : 0
        Allowednet ptr : 0
        buildIfVc: Interface em0 Addr: 192.168.0.2, Flags: 0xffff8943, Network: 192.168.0/24
        buildIfVc: Interface em1 Addr: 192.168.2.1, Flags: 0xffff8943, Network: 192.168.2/24
        buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
        Found config for em0
        Found config for em1
        adding VIF, Ix 0 Fl 0x0 IP 0x0200a8c0 em0, Threshold: 1, Ratelimit: 0
                Network for [em0] : 192.168.0/24
                Network for [em0] : 224/4
                Network for [em0] : 184.60/16
                Network for [em0] : 184.61/16
        adding VIF, Ix 1 Fl 0x0 IP 0x0102a8c0 em1, Threshold: 1, Ratelimit: 0
                Network for [em1] : 192.168.2/24
        [/codee]
        
        1 Reply Last reply Reply Quote 0
        • C
          cyberax
          last edited by

          Hi,
          did you (or anybody else) solve this issue in the meantime?

          I have more or less the same problem.
          Instead of connecting my WAN(re0_VLAN4)/LAN(re1) interfaces to the proxy, it uses apparently during the final BuildIfVc process other ones.
          The igmpproxy version is 0.1

          Any idea how to solve the issue would be very much appreciated.

          cyberax.

          My .conf:

          
          quickleave
          phyint re1 downstream ratelimit 0 threshold 1
          altnet 192.168.1.0/24
          
          phyint re0_vlan4 upstream ratelimit 0 threshold 1
          altnet 10.123.23.0/18
          
          phyint pppoe2 disabled
          phyint ovpnc1 disabled
          
          
          
          searching for config file at '/usr/local/etc/igmpproxy.conf'
          Config: Quick leave mode enabled.
          Config: Got a phyint token.
          Config: IF: Config for interface re1.
          Config: IF: Got downstream token.
          Config: IF: Got ratelimit token '0'.
          Config: IF: Got threshold token '1'.
          Config: IF: Got altnet token 192.168.1.0/24.
          Config: IF: Altnet: Parsed altnet to 192.168.1/24.
          IF name : re1
          Next ptr : 0
          Ratelimit : 0
          Threshold : 1
          State : 2
          Allowednet ptr : 1018040
          Config: Got a phyint token.
          Config: IF: Config for interface re0_vlan4.
          Config: IF: Got upstream token.
          Config: IF: Got ratelimit token '0'.
          Config: IF: Got threshold token '1'.
          Config: IF: Got altnet token 10.123.23.0/18.
          Config: IF: Altnet: Parsed altnet to 10.123.23.0/18.
          Config: IF: Got altnet token 213.75.0.0/16.
          Config: IF: Altnet: Parsed altnet to 213.75/16.
          Config: IF: Got altnet token 192.168.1.105/24.
          Config: IF: Altnet: Parsed altnet to 192.168.1/24.
          IF name : re0_vlan4
          Next ptr : 0
          Ratelimit : 0
          Threshold : 1
          State : 1
          Allowednet ptr : 1018060
          Config: Got a phyint token.
          Config: IF: Config for interface pppoe2.
          Config: IF: Got disabled token.
          IF name : pppoe2
          Next ptr : 0
          Ratelimit : 0
          Threshold : 1
          State : 0
          Allowednet ptr : 0
          Config: Got a phyint token.
          Config: IF: Config for interface ovpnc1.
          Config: IF: Got disabled token.
          IF name : ovpnc1
          Next ptr : 0
          Ratelimit : 0
          Threshold : 1
          State : 0
          Allowednet ptr : 0
          buildIfVc: Interface re1 Addr: 192.168.1.1, Flags: 0xffff8843, Network: 192.168.1/24
          buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
          buildIfVc: Interface ovpnc1 Addr: 10.8.0.6, Flags: 0xffff8051, Network: 10.8.0.6/32
          buildIfVc: Interface ovpns2 Addr: 10.9.0.1, Flags: 0xffff8051, Network: 10.9.0.1/32
          Found config for re1
          Found config for ovpnc1
          adding VIF, Ix 0 Fl 0x0 IP 0x0101a8c0 re1, Threshold: 1, Ratelimit: 0
                  Network for [re1] : 192.168.1/24
                  Network for [re1] : 192.168.1/24
          adding VIF, Ix 1 Fl 0x0 IP 0x0600080a ovpnc1, Threshold: 1, Ratelimit: 0
                  Network for [ovpnc1] : 10.8.0.6/32
          adding VIF, Ix 2 Fl 0x0 IP 0x0100090a ovpns2, Threshold: 1, Ratelimit: 0
                  Network for [ovpns2] : 10.9.0.1/32
          There must be at least 2 Vif's where one is upstream.
          
          
          1 Reply Last reply Reply Quote 0
          • C
            cyberax
            last edited by

            Folks,

            problem solved – after update the issue disappeared.

            Hope this helps you, too.

            Cheers,
            Cyberax. :)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.