Problem: pimd does not seem to handle IGMP joins, perhaps due to
VLAN tagging.
Consider a set of three VLANs (brains, boxen, music) on a
single physical interface eth3:
vyos@vyos# show interfaces ethernet eth3
address 10.187.88.1/24
description LAN
hw-id REDACTED
vif 64 {
address 10.187.64.1/24
description brains
}
vif 66 {
address 10.187.66.1/24
description boxen
}
vif 69 {
address 10.187.69.1/24
description media
}
[edit]
The physical interface eth3 is connected to a HP L2 switch with
port-based VLAN tagging; the L2 switch’s querier and IGMP snooping
functionality are both turned off for ease of debugging. Everything
goes through wired ethernet. Hosts on any of the three VLANs can
ping hosts on the other two VLANs.
The goal is to accept several different multicast streams between
these VLANs:
| Dest brains.64 | Dest boxen.66 | Dest media.69 | |
|---|---|---|---|
| Src brains.64 | Yes | Yes | |
| Src boxen.66 | Yes | Yes | |
| Src media.69 | Yes | Yes |
Some of those multicast streams are UPnP, which is not correctly
handled by igmpproxy. Hence, we need to use pimd. So we set up a
dummy interface dum0 and set it as the PIM RP following Sagitta
documentation:
vyos@vyos# show interfaces dummy
dummy dum0 {
address 10.187.91.1/24
description "Dummy interface for PIM RP"
}
[edit]
vyos@vyos# show protocols pim
interface dum0 {
}
interface eth3.64 {
}
interface eth3.66 {
}
interface eth3.69 {
}
rp {
address 10.187.91.1 {
group 224.0.0.0/4
}
}
[edit]
vyos@vyos# show protocols ospf
area 0 {
network 10.187.91.0/24
network 10.187.64.0/24
network 10.187.66.0/24
network 10.187.69.0/24
}
[edit]
After setting up one host on brains (vlan 64) and one host on media
(vlan 69) as multicast senders, we can see that the VyOS router
identifies multicast sources correctly:
vyos@vyos:~$ show ip pim rpf
RPF Cache Refresh Delay: 50 msecs
RPF Cache Refresh Timer: 0 msecs
RPF Cache Refresh Requests: 0
RPF Cache Refresh Events: 0
RPF Cache Refresh Last: --:--:--
Nexthop Lookups: 435
Nexthop Lookups Avoided: 0
Source Group RpfIface RpfAddress RibNextHop Metric Pref
10.187.64.60 224.17.17.17 eth3.64 0.0.0.0 10.187.64.60 0 0
10.187.69.68 239.255.250.250 eth3.69 0.0.0.0 10.187.69.68 0 0
10.187.69.68 239.255.255.250 eth3.69 0.0.0.0 10.187.69.68 0 0
Packets at the VyOS router showing TTL=4 for the multicast stream
224.17.17.17 coming from VLAN 64 (brains):
vyos@vyos:~$ tcpdump -i eth3 -nn -e -v -c 3 dst host 224.17.17.17
tcpdump: listening on eth3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
03:33:48.020047 94:c6:91:1a:64:db > 01:00:5e:11:11:11, ethertype 802.1Q (0x8100), length 146: vlan 64, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 4, id 5428, offset 0, flags [DF], proto UDP (17), length 128)
10.187.64.60.34485 > 224.17.17.17.8211: UDP, length 100
03:33:49.021612 94:c6:91:1a:64:db > 01:00:5e:11:11:11, ethertype 802.1Q (0x8100), length 146: vlan 64, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 4, id 6168, offset 0, flags [DF], proto UDP (17), length 128)
10.187.64.60.34485 > 224.17.17.17.8211: UDP, length 100
03:33:50.023293 94:c6:91:1a:64:db > 01:00:5e:11:11:11, ethertype 802.1Q (0x8100), length 146: vlan 64, p 0, ethertype IPv4 (0x0800), (tos 0x0, ttl 4, id 7011, offset 0, flags [DF], proto UDP (17), length 128)
10.187.64.60.34485 > 224.17.17.17.8211: UDP, length 100
Starting the receiver on VLAN 66 (boxen):
mcjoin -p 8211 224.17.17.17
results in the appropriate IGMPv3 packets on the VyOS router:
vyos@vyos:~$ tcpdump -i eth3 -nn -e -v igmp
tcpdump: listening on eth3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
03:37:42.858392 dc:fe:07:d5:09:dd > 01:00:5e:00:00:16, ethertype 802.1Q (0x8100), length 64: vlan 66, p 7, ethertype IPv4 (0x0800), (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
10.187.66.67 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.17.17.17 to_ex, 0 source(s)]
03:37:43.724523 dc:fe:07:d5:09:dd > 01:00:5e:00:00:16, ethertype 802.1Q (0x8100), length 64: vlan 66, p 7, ethertype IPv4 (0x0800), (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto IGMP (2), length 40, options (RA))
10.187.66.67 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr 224.17.17.17 to_ex, 0 source(s)]
However, pimd does not seem to get anything, and there is no
multicast routed back on to eth3.66.
vyos@vyos:~$ show ip pim join
Interface Address Source Group State Uptime Expire Prune
vyos@vyos:~$ show ip pim statistics
BSM Statistics :
----------------
Number of Received BSMs : 0
Number of Forwared BSMs : 0
Number of Dropped BSMs : 0
Interface : dum0
-------------------
Number of BSMs dropped due to config miss : 0
Number of unicast BSMs dropped : 0
Number of BSMs dropped due to invalid scope zone : 0
Interface : eth3.64
-------------------
Number of BSMs dropped due to config miss : 0
Number of unicast BSMs dropped : 0
Number of BSMs dropped due to invalid scope zone : 0
Interface : eth3.66
-------------------
Number of BSMs dropped due to config miss : 0
Number of unicast BSMs dropped : 0
Number of BSMs dropped due to invalid scope zone : 0
Interface : eth3.69
-------------------
Number of BSMs dropped due to config miss : 0
Number of unicast BSMs dropped : 0
Number of BSMs dropped due to invalid scope zone : 0
Interface : pimreg
-------------------
Number of BSMs dropped due to config miss : 0
Number of unicast BSMs dropped : 0
Number of BSMs dropped due to invalid scope zone : 0
vyos@vyos:~$ show ip pim state
Codes: J -> Pim Join, I -> IGMP Report, S -> Source, * -> Inherited from (*,G), V -> VxLAN, M -> Muted
Active Source Group RPT IIF OIL
1 10.187.64.60 224.17.17.17 n eth3.64 pimreg( J )
1 10.187.69.68 239.255.250.250 n eth3.69 pimreg( J )
1 10.187.69.68 239.255.255.250 n eth3.69 pimreg( J )
The same behavior occurs with self-built VyOS images:
1: 1.4-rolling-202112271610 (default boot) (running image)
2: 1.4-rolling-202110200218
Is this some sort of misconfiguration or is it a bug?