search

troglobit / smcroute

Static multicast routing for UNIX
https://troglobit.com/projects/smcroute/
GNU General Public License v2.0
244 stars 63 forks source link

Advice: ping/netcat to multicast address is not forwarded by smcrouted #172

Closed Malvineous closed 2 years ago

Malvineous commented 2 years ago

I'm a bit stuck trying to get smcroute to forward IPv6 traffic. I have three multicast streams and two streams are forwarded but one is not. To experiment, I tried using ping and netcat but I cannot get smcroute to forward the traffic generated by these utilities. I am not sure where the problem is so any advice you can offer would be much appreciated.

I am running smcroute on an OpenWRT router with this config:

mroute from eth0 group ff08:1500::/64 to wlan0

I then go to a machine attached to the router's eth0 interface and send traffic to the multicast address:

$ nc -u ff08:1500::1 5006
aa
$ ping ff08:1500::1

When I do this I immediately see smcrouted notice the new packet:

New multicast data from 2001:0db8::1 to group ff08:1500::1 on VIF 0
Add 2001:0db8::1 -> ff08:1500::1 from VIF 0

If I use tcpdump on the router, I can confirm that the packets are coming in:

$ tcpdump -nn -i eth0 udp port 5006 or icmp6
19:07:08.861937 IP6 2001:0db8::1.32975 > ff08:1500::1.5006: UDP, length 3
19:07:18.113447 IP6 2001:0db8::1 > ff08:1500::1: ICMP6, echo request, seq 19, length 64

However if I run the same tcpdump command for the outgoing interface, the packets are never forwarded:

$ tcpdump -nn -i wlan0 udp port 5006 or icmp6

What am I doing wrong? How do I get these packets arriving on one interface to be sent out the other network interface?

troglobit commented 2 years ago

What is the TTL of the incoming multicast data? If you use ping, you must also supply the -t NUM flag. The Linux kernel will not route a packet that has a TTL value in its IP header that, once decremented, is less than the TTL threshold for the outbound interface. By default the TTL threshold of an interface is set to 1, so the TTL in an inbound multicast stream must be > 1 to be allowed to be routed. This is covered in the documentation, and even in the project's README.

Malvineous commented 2 years ago

Oh I'm so sorry, you're completely right! I was thrown off because it was originally NodeJS code, which I then tried to simplify down to netcat, then finally ping. Now I realise that everything emitting multicast packets has to have the TTL set, my bad for not reading the doco properly! Sorry for the noise.

For the record yes, setting the TTL in ping (and using setMulticastTTL() in the NodeJS code) completely solves the problem.