From owner-freebsd-pf@FreeBSD.ORG Mon Dec 20 07:07:04 2010 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1EA5D106566B for ; Mon, 20 Dec 2010 07:07:04 +0000 (UTC) (envelope-from artem@aws-net.org.ua) Received: from lazy.aws-net.org.ua (lazy.aws-net.org.ua [IPv6:2a00:1db0:20::828:140]) by mx1.freebsd.org (Postfix) with ESMTP id 5CBF78FC0A for ; Mon, 20 Dec 2010 07:07:03 +0000 (UTC) Received: from rainbow.vl.net.ua (rainbow.vl.net.ua [188.230.120.215]) (authenticated bits=0) by lazy.aws-net.org.ua (8.14.3/8.14.3) with ESMTP id oBK76s1E080435 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=OK); Mon, 20 Dec 2010 09:07:01 +0200 (EET) (envelope-from artem@aws-net.org.ua) Message-ID: <4D0F008E.4070204@aws-net.org.ua> Date: Mon, 20 Dec 2010 09:06:54 +0200 From: Artyom Viklenko Organization: Art&Co. User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; ru-RU; rv:1.9.2.11) Gecko/20101025 Thunderbird/3.1.5 MIME-Version: 1.0 To: dave jones References: <4D0A01B8.8010009@aws-net.org.ua> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (lazy.aws-net.org.ua [188.230.120.140]); Mon, 20 Dec 2010 09:07:01 +0200 (EET) Cc: freebsd-pf@freebsd.org Subject: Re: Questions about multicast forwarding X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Dec 2010 07:07:04 -0000 20.12.2010 07:47, dave jones пишет: > Hi Artyom, > > I tried to use igmpproxy with no lock. "netstat -g" shows: > IPv4 Virtual Interface Table > Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out > 0 1 172.16.112.2 0 0 > 1 1 172.16.113.8 0 0 > 2 1 172.16.112.2 0 0 > > Ipv4 Multicast Forwarding Table is empty > > > In /usr/local/etc/igmpporxy: > > quickleave > phyint re0 upstream ratelimit 0 threashold 1 > phyint re1 downstream ratelimit 0 threshold 1 > Hi, Dave! Actually, my config like yours except one additional thing 'altnet': quickleave phyint fxp0 upstream ratelimit 0 threshold 1 altnet m.m.m.m/32 phyint fxp1 downstream ratelimit 0 threshold 1 m.m.m.m/32 is the IP address of the multicast streams source in our network sveral hops away, but in you case it is on the same subnet as upstream interface. But I have only two Vif-s after igmpproxy started: IPv4 Virtual Interface Table Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out 0 1 x.x.x.y 0 0 1 1 x.x.x.z 0 0 And then I start to watch TV on my notebook, connected to network on fxp1 interface, multicast flow appears on interfaces and I see: IPv4 Virtual Interface Table Vif Thresh Local-Address Remote-Address Pkts-In Pkts-Out 0 1 x.x.x.y 391353 0 1 1 x.x.x.z 0 391353 IPv4 Multicast Forwarding Table Origin Group Packets In-Vif Out-Vifs:Ttls m.m.m.m MMM.MMM.2.2 17641 0 1:1 Also, check rules in your firewall to enable igmp traffic and multicast streams. One additional thing to check is a switches through which you connect your equipment. If it's an unmanaged switch, it should unconditionally pass group traffic. If it is some kind of managed or "smart" switch, you have to check is igmp snooping enabled and configured on it and multicast forwarding works. Hope this helps! > Did I set something wrong? Thanks! > > Cheers, > Dave. > > On Thu, Dec 16, 2010 at 8:10 PM, Artyom Viklenko wrote: >> 16.12.2010 12:04, dave jones пишет: >>> >>> Hi, >>> >>> I have the following networks: >>> >>> ----------------------------------------------- >>> | | >>> | | >>> iptv device (172.16.113.2) FreeBSD (re0:172.16.113.8) >>> | (re1:172.16.112.2) >>> | >>> PCs >>> >>> The iptv device which sends to multicast 224.0.3.2, I want my PCs to >>> receive multicast packets and let clients watch TV. >>> Should I use net/mrouted or use pf can do that? >>> Would anyone tell me how to do? Thanks. >>> >> >> I'd suggest to use igmpproxy from ports. >> >> >> -- >> Sincerely yours, >> Artyom Viklenko. >> ------------------------------------------------------- >> artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem >> artem@viklenko.net | JID: artem@jabber.aws-net.org.ua >> FreeBSD: The Power to Serve - http://www.freebsd.org >> -- Sincerely yours, Artyom Viklenko. ------------------------------------------------------- artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem artem@viklenko.net | JID: artem@jabber.aws-net.org.ua FreeBSD: The Power to Serve - http://www.freebsd.org