Closed commiepinko closed 2 years ago
alsmith
commented
2 years ago Morning ! Either of the options ought to work: --interfaces eth0 eth0.10 eth0.20 eth0.30 --noTransmitInterfaces eth0.10 eth0.20 eth0.30 should do the trick, leaving packets to only be sent out of eth0.
Or indeed, --ifFilter, where if eth0 is 10.0.0.0/8, eth0.10 is 172.20.0.0/16 and eth0.20 is 192.168.0.0/16 then this ought to do the trick:
{ "172.20.0.0/16": ["eth0.20"], "192.168.0.0/16": ["eth0.10"]}
commiepinko
commented
2 years ago That's what I thought, and yet after I get and running with…
podman run -it -d \
--restart=always \
--name="multicast-relay" \
--network=host \
-e OPTS="--verbose" \
-e INTERFACES="br0 br101 br102 br103 br104 br105 br106 br107 br108 br109" \
-e NOTRANSMITINTERFACES="br101 br102 br103 br104 br105 br106 br107 br108 br109" \
docker.io/scyto/multicast-relay…I still have thousands of lines of MDNS traffic originating from all the no transmit interfaces.
Attempting to achieve the same end using IFFILTER gives the same non-result. Am I an idiot?
Thanks again for your attention
alsmith
commented
2 years ago Try this instead:
podman run -it -d \ --restart=always \ --name="multicast-relay" \ --network=host \ -e OPTS="--verbose --noTransmitInterfaces br101 br102 br103 br104 br105 br106 br107 br108 br109" \ -e INTERFACES="br0 br101 br102 br103 br104 br105 br106 br107 br108 br109" \ docker.io/scyto/multicast-relay
commiepinko
commented
2 years ago Ah - thanks. Every day has its "duh" moment.
I thought I'd try it the other way…
podman run -it -d \
--restart=always \
--name="multicast-relay" \
--network=host \
-e INTERFACES="br0 br101 br102 br103 br104 br105 br106 br107 br108 br109" \
-e OPTS="--verbose --ifFilter /mnt/data/on_boot.d_support/ifFilter.json" \
docker.io/scyto/multicast-relay…but I get a
FileNotFoundError: [Errno 2] No such file or directory: '/mnt/data/on_boot.d_support/ifFilter.json'
error no matter what path I give ifFilter, or what syntax I use to specify it.
Again, thanks for taking the time to help with this.
alsmith
commented
2 years ago No worries - glad you're a step closer.
The next problem is that your container does not have access to the files on the host's filesystem - you could map one to the other with the --volume flag, like this:
podman run ...other options... --volume /mnt/data/on_boot.d_support:/config --ifFilter /config/ifFilter.json docker.io/scyto/multicast-relayWhoopee! And the winner is…
podman run -it -d \
--restart=on-failure:10 \
--name="multicast-relay" \
--network=host \
--mount type=bind,src=/mnt/data/on_boot.d_support,dst=/multicast-relay-config \
-e OPTS="--ifFilter=/multicast-relay-config/ifFilter.json" \
-e INTERFACES="br0 br101 br102 br103 br104 br105 br106 br107 br108 br109" \
docker.io/scyto/multicast-relay…with ifFilter.json…
{
"192.168.0.0/24": ["br0", "br101", "br102", "br103", "br104", "br105", "br106", "br107", "br108", "br109"],
"192.168.1.0/24": ["br0"],
"192.168.2.0/24": ["br0"],
"192.168.3.0/24": ["br0"],
"192.168.4.0/24": ["br0"],
"192.168.5.0/24": ["br0"],
"192.168.6.0/24": ["br0"],
"192.168.7.0/24": ["br0"],
"192.168.9.0/24": ["br0"],
"192.168.9.0/24": ["br0"]
}Everyone can see services advertised by hosts on 192.168.0.0/24, but none of the other subnets can see whatever nonsense they're all broadcasting.
Thanks again for your help. You've been most generous.
alsmith
commented
2 years ago Excellent - glad it worked out for you, and thanks so much for posting the result - no doubt it will also help others in due course !
VeniceNerd
commented
1 year ago Try this instead:
podman run -it -d --restart=always --name="multicast-relay" --network=host -e OPTS="--verbose --noTransmitInterfaces br101 br102 br103 br104 br105 br106 br107 br108 br109" -e INTERFACES="br0 br101 br102 br103 br104 br105 br106 br107 br108 br109" docker.io/scyto/multicast-relay
I'm still struggling with the ifFiler.json so I am trying to go the NoTransmitInterfaces route instead. I have three VLANS 10, 20, and 30. My IOT devices are all on VLAN 30 so that is the only one I want to transmit mdns. So this is the command I used:
docker run -it -d \ --network=host \ --name relay \ --restart=always \ -e OPTS="--noTransmitInterfaces eth0.10 eth0.20" \ -e INTERFACES="eth0.10 eth0.20 eth0.30" \ docker.io/scyto/multicast-relay
docker logs -f relay shows the following:
However, once I include the noTransmitInterfaces line I do not see and mdns traffic from VLAN30 on VLAN10 or VLAN20. It's like nothing is being transmitted anywhere.
Am I not using this correctly?
I have multi-cast relay up and running on a UniFi UDMP, thanks to boost chicken’s excellent on-boot-script. However, I've been unable to get it to do what I want, likely due to a lack of expertise.
I have a main LAN which hosts shared services, and multiple VLANs I would like to access it. The VLANs however, should not broadcast to other VLANs. In sum, VLAN clients should see only broadcasts from the LAN, and not those from other VLANs. I've tried dozens of configurations using noTransmitInterfaces and ifFilter, to no avail.
Thanks for any tips you care to provide.