4. Help Please: igmpproxy fails to properly config ifs, uses lo0 for upstream

Help Please: igmpproxy fails to properly config ifs, uses lo0 for upstream

  • R

    Hi.  I have been hijacking this thread: https://forum.pfsense.org/index.php?topic=93293.0 for some time while trying to figure out why I can't seem to get igmpproxy working properly.

    For reference, I am running a fresh, full install of 2.2.4 on a 40gb HDD.  I was previously running 2.2.3 and 2.2.4 embedded on a 4GB CF card, but decided to go with the full install to try to rule out nanoBSD as a possible cause of the problems I've been having.  After much trial and error, I am still having problems.

    First, my igmpproxy.conf:

    ##------------------------------------------------------
## Enable Quickleave mode (Sends Leave instantly)
##------------------------------------------------------
quickleave
phyint em0 upstream ratelimit 0 threshold 1
altnet 224.0.0.0/4
altnet 184.60.0.0/16
altnet 184.61.0.0/16

phyint em1_vlan10 downstream ratelimit 0 threshold 1
altnet 10.10.0.0/24

phyint lagg0_vlan80 disabled
phyint lagg0_vlan10 disabled
phyint em1_vlan12 disabled
phyint em1_vlan80 disabled
phyint bridge2 disabled

    em0 is double natted behind my ISPs residential gateway for the moment, until I can get igmpproxy working properly on pfSense, and then replace the RG.  So, the IP address assigned to my WAN interface (192.168.0.2) is reserved from among the RG's DHCP range.

    em1_vlan10 is assigned to the LAN interface in pfSense.  I do not have the em1 port assigned to any interface in pfSense at the moment.  When I run "igmpproxy -d -v -v /tmp/igmpproxy.conf" from the console, I receive the following debug output, which in a nutshell, attempts to configure lo0 as the upstream interface.

    Searching for config file at '/tmp/igmpproxy.conf'
Config: Quick leave mode enabled.
Config: Got a phyint token.
Config: IF: Config for interface em0.
Config: IF: Got upstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 224.0.0.0/4.
Config: IF: Altnet: Parsed altnet to 224/4.
Config: IF: Got altnet token 184.60.0.0/16.
Config: IF: Altnet: Parsed altnet to 184.60/16.
Config: IF: Got altnet token 184.61.0.0/16.
Config: IF: Altnet: Parsed altnet to 184.61/16.
IF name : em0
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 1
Allowednet ptr : 1018040
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan10.
Config: IF: Got downstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 10.10.0.0/24.
Config: IF: Altnet: Parsed altnet to 10.10.0/24.
IF name : em1_vlan10
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 2
Allowednet ptr : 1018080
Config: Got a phyint token.
Config: IF: Config for interface lagg0_vlan80.
Config: IF: Got disabled token.
IF name : lagg0_vlan80
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface lagg0_vlan10.
Config: IF: Got disabled token.
IF name : lagg0_vlan10
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan12.
Config: IF: Got disabled token.
IF name : em1_vlan12
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan80.
Config: IF: Got disabled token.
IF name : em1_vlan80
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface bridge2.
Config: IF: Got disabled token.
IF name : bridge2
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
buildIfVc: Interface em0 Addr: 192.168.0.2, Flags: 0xffff8943, Network: 192.168.0/24
buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
Found config for em0
adding VIF, Ix 0 Fl 0x0 IP 0x0200a8c0 em0, Threshold: 1, Ratelimit: 0
        Network for [em0] : 192.168.0/24
        Network for [em0] : 224/4
        Network for [em0] : 184.60/16
        Network for [em0] : 184.61/16
There must be at least 2 Vif's where one is upstream

    I have tried assigning the port underlying my vlan port to an interface in pfSense.  When I do that, igmpproxy does create the upstream Vif (instead of failing, as above), but it creates it on em1, instead of em1_vlan.

    I haven't been able to pull the debug information for that scenario yet- for some reason, when I configured the interface in the GUI, I lost my remote connection to all of the machines behind the pfSense box.  I expected it to drop after it reapplied the filters, etc, but thought it would come back up after a short time.  Alas it has not.  So, I will have to try it and post results later.

    But, if anyone has any input as to why igmpproxy is trying to configure the loopback interface in the above scenario, I'd love to hear it.  I don't really see any reason why the above config should not work.

    Thanks in advance for any input.

    0
  • R

    So, here is the debug results now that I have assigned em1 to the GUEST (OPT6) interface in pfSense.  igmpproxy is still stubbornly ignoring the em1_vlan interface and configuring the em1 interface, in spite of the fact that it acknowledges the "disabled" token for that interface.  I wish I knew how to step through the code, so I could at least try to figure this out on my own.

    Searching for config file at '/tmp/igmpproxy.conf'
Config: Quick leave mode enabled.
Config: Got a phyint token.
Config: IF: Config for interface em0.
Config: IF: Got upstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 224.0.0.0/4.
Config: IF: Altnet: Parsed altnet to 224/4.
Config: IF: Got altnet token 184.60.0.0/16.
Config: IF: Altnet: Parsed altnet to 184.60/16.
Config: IF: Got altnet token 184.61.0.0/16.
Config: IF: Altnet: Parsed altnet to 184.61/16.
IF name : em0
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 1
Allowednet ptr : 1018040
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan10.
Config: IF: Got downstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 10.10.0.0/24.
Config: IF: Altnet: Parsed altnet to 10.10.0/24.
IF name : em1_vlan10
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 2
Allowednet ptr : 1018080
Config: Got a phyint token.
Config: IF: Config for interface lagg0_vlan80.
Config: IF: Got disabled token.
IF name : lagg0_vlan80
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface lagg0_vlan10.
Config: IF: Got disabled token.
IF name : lagg0_vlan10
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan12.
Config: IF: Got disabled token.
IF name : em1_vlan12
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface em1_vlan80.
Config: IF: Got disabled token.
IF name : em1_vlan80
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface bridge2.
Config: IF: Got disabled token.
IF name : bridge2
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface em1.
Config: IF: Got disabled token.
IF name : em1
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
buildIfVc: Interface em0 Addr: 192.168.0.2, Flags: 0xffff8943, Network: 192.168.0/24
buildIfVc: Interface em1 Addr: 192.168.2.1, Flags: 0xffff8943, Network: 192.168.2/24
buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
Found config for em0
Found config for em1
adding VIF, Ix 0 Fl 0x0 IP 0x0200a8c0 em0, Threshold: 1, Ratelimit: 0
        Network for [em0] : 192.168.0/24
        Network for [em0] : 224/4
        Network for [em0] : 184.60/16
        Network for [em0] : 184.61/16
adding VIF, Ix 1 Fl 0x0 IP 0x0102a8c0 em1, Threshold: 1, Ratelimit: 0
        Network for [em1] : 192.168.2/24
[/codee]
    0
  • C

    Hi,
    did you (or anybody else) solve this issue in the meantime?

    I have more or less the same problem.
    Instead of connecting my WAN(re0_VLAN4)/LAN(re1) interfaces to the proxy, it uses apparently during the final BuildIfVc process other ones.
    The igmpproxy version is 0.1

    Any idea how to solve the issue would be very much appreciated.

    cyberax.

    My .conf:

    
quickleave
phyint re1 downstream ratelimit 0 threshold 1
altnet 192.168.1.0/24

phyint re0_vlan4 upstream ratelimit 0 threshold 1
altnet 10.123.23.0/18

phyint pppoe2 disabled
phyint ovpnc1 disabled


    
searching for config file at '/usr/local/etc/igmpproxy.conf'
Config: Quick leave mode enabled.
Config: Got a phyint token.
Config: IF: Config for interface re1.
Config: IF: Got downstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 192.168.1.0/24.
Config: IF: Altnet: Parsed altnet to 192.168.1/24.
IF name : re1
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 2
Allowednet ptr : 1018040
Config: Got a phyint token.
Config: IF: Config for interface re0_vlan4.
Config: IF: Got upstream token.
Config: IF: Got ratelimit token '0'.
Config: IF: Got threshold token '1'.
Config: IF: Got altnet token 10.123.23.0/18.
Config: IF: Altnet: Parsed altnet to 10.123.23.0/18.
Config: IF: Got altnet token 213.75.0.0/16.
Config: IF: Altnet: Parsed altnet to 213.75/16.
Config: IF: Got altnet token 192.168.1.105/24.
Config: IF: Altnet: Parsed altnet to 192.168.1/24.
IF name : re0_vlan4
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 1
Allowednet ptr : 1018060
Config: Got a phyint token.
Config: IF: Config for interface pppoe2.
Config: IF: Got disabled token.
IF name : pppoe2
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
Config: Got a phyint token.
Config: IF: Config for interface ovpnc1.
Config: IF: Got disabled token.
IF name : ovpnc1
Next ptr : 0
Ratelimit : 0
Threshold : 1
State : 0
Allowednet ptr : 0
buildIfVc: Interface re1 Addr: 192.168.1.1, Flags: 0xffff8843, Network: 192.168.1/24
buildIfVc: Interface lo0 Addr: 127.0.0.1, Flags: 0xffff8049, Network: 127/8
buildIfVc: Interface ovpnc1 Addr: 10.8.0.6, Flags: 0xffff8051, Network: 10.8.0.6/32
buildIfVc: Interface ovpns2 Addr: 10.9.0.1, Flags: 0xffff8051, Network: 10.9.0.1/32
Found config for re1
Found config for ovpnc1
adding VIF, Ix 0 Fl 0x0 IP 0x0101a8c0 re1, Threshold: 1, Ratelimit: 0
        Network for [re1] : 192.168.1/24
        Network for [re1] : 192.168.1/24
adding VIF, Ix 1 Fl 0x0 IP 0x0600080a ovpnc1, Threshold: 1, Ratelimit: 0
        Network for [ovpnc1] : 10.8.0.6/32
adding VIF, Ix 2 Fl 0x0 IP 0x0100090a ovpns2, Threshold: 1, Ratelimit: 0
        Network for [ovpns2] : 10.9.0.1/32
There must be at least 2 Vif's where one is upstream.
    0
  • C

    Folks,

    problem solved – after update the issue disappeared.

    Hope this helps you, too.

    Cheers,
    Cyberax. :)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy