Igmpproxy does not work



  • Hello to all,
    I split my network in some subnetworks, each separated by vlan: this network has been operating for years without problems.

    At home I use Konnex (a standard for building automation) for which I have:

    • the pc that runs the software (ETS) is on a network:  192.168.10.0/24

    • the gateway IP / KNX is on another network:  192.168.50.0/24

    the transmission between ETS and the gateway is multicast (224.0.23.12) then I have to enable IGMP proxy.
    Unfortunately I could not get it to work.
    (ETS and the gateway work well because if I put them on a single subnet they work well)

    My network is structured as follows:

    • WAN x.x.x.x

    • MODEM 192.168.3.0/24

    • LAN Backup 192.168.2.0/24    (not used)

    • LAN DEFAULT 192.168.10.0/24

    • LAN FAMIGLIA 192.168.20.0/24 (where there is ETS)

    • CAM 192.168.40.0/24

    • DOMOTICA 192.168.50.0/24 (where reside the Knx Gateway)

    • MANAGEMENT 192.168.99.0/24

    • WIFI ADMIN 192.168.210.0/24

    • WIFI FAMIGLIA 192.168.220.0/24

    • WIFI OSPITI 192.168.230.0/24

    each subnet has a vlan:

    192.168.10.0/24 Vlan_10
    192.168.50.0/24 Vlan_50
    and so on.

    I configured  igmpproxy as suggested here on the forum, namely:

    • igmpproxy upgrade to version 0.1 (not beta 2)

    • edit /etc/inc/services.inc putting
      mwexec**_bg**("/usr/local/sbin/igmpproxy -v -v {$g['tmp_path']}/igmpproxy.conf");

    igmpproxy service configured as:

    LAN_DEFAULT  //  upstream  // 224.0.0.0/4
    DOMOTICA  //  dowmstream  // 192.168.50.0/24

    and I added the two rules:

    LAN_DEFAULT
    IPv4 UDP  pass any to destination 224.0.0.0/4

    DOMOTICA
    IPv4  pass IGMP to any, and activated the flag on “Advanced option → This allows packet IP option to pass.”

    It should be all right, but not working.

    The file /tmp/igmpproxy.conf is as follow:

    ##------------------------------------------------------
    ## Enable Quickleave mode (Sends Leave instantly)
    ##------------------------------------------------------
    quickleave
    phyint re1_vlan10 upstream ratelimit 0 threshold 1
    altnet 224.0.0.0/4
    
    phyint re1_vlan50 downstream ratelimit 0 threshold 1
    altnet 192.168.50.0/24
    
    phyint pppoe0 disabled
    phyint re0 disabled
    phyint re2 disabled
    phyint re1_vlan20 disabled
    phyint re1_vlan40 disabled
    phyint re1_vlan99 disabled
    phyint re1_vlan210 disabled
    phyint re1_vlan220 disabled
    phyint re1_vlan230 disabled
    
    

    and it seems ok.

    I tried to do a minimum of debugging and notice two strange things:

    1. if I do the command "netstat -g4" I get the following output:
    IPv4 Virtual Interface Table
     Vif   Thresh   Local-Address   Remote-Address    Pkts-In   Pkts-Out
      0         1   192.168.3.1                             0          0
      1         1   192.168.2.1                             0          0
      2         1   192.168.10.1                            0          0
      3         1   192.168.20.1                            0          0
      4         1   192.168.40.1                            0          0
    
    IPv4 Multicast Forwarding Table
     Origin          Group             Packets In-Vif  Out-Vifs:Ttls
     192.168.10.101  239.255.255.250         0  65535   
    
    

    Question: why I only see 5 virtual interfaces?
    in particular I do not see Vlan_50 that is the one where ETS runs. To me it does not seem right ….

    1. if I do the command "ifconfig | grep RUNNING" I get:
    re0: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    re1: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    re2: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
    re1_vlan10: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    re1_vlan20: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    re1_vlan40: flags=8a43 <up,broadcast,running,allmulti,simplex,multicast>metric 0 mtu 1500
    re1_vlan50: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    re1_vlan99: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    re1_vlan210: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    re1_vlan220: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    re1_vlan230: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
    pppoe0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>metric 0 mtu 1492</up,pointopoint,running,noarp,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,loopback,running,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast></up,broadcast,running,allmulti,simplex,multicast> 
    

    MULTIALL appears on the first interface, but not from VLAN 50 (the same as before). Why?

    Thank you in advance for your help!!
    Andrea



  • I'm trying something quite similar. Did you find a fix yet?



  • No sorry. :-\

    I had other evidence, for example by removing the first VLAN. In doing so the vlan_50 had appeared as output of "netstat -g4" (not seen before). From there I had found on freebsd forum a post that talked about a known issue related to a maximum limit of virtual interfaces …. but then I gave up: I was losing too much time.

    In the end I think it's the igmp proxy module to be quite buggy, maybe the developer should think of alternatives .....


Log in to reply