[Xorp-users] Newbie Xorp & m'cast problem

Pavlin Radoslavov pavlin@icir.org
Tue, 07 Jun 2005 13:36:19 -0700 

> I've got a firewall (running shorewall actually) with two NICs and I've 
> been trying to get m'cast to pass in either way without much success. 
> Our setup's a bit unusual in that the two NICs are actually on the same 
> network address range, and unicast routing is achieved by proxyarp'ing. 

This may be problematic for multicast routing. Are the two NICs
connected physically to the same LAN? If yes, you cannot really do
multicast routing between the two interfaces. The reason you cannnot
forward multicast packets from-to the same LAN is because this
creates a loop.
Can you draw a diagram of what exactly you want to do and we can
verify whether it is really possible.

> Not a nice solution, but it works. However, I've tried using Xorp to get 
> the m'cast to be conveyed without much joy, and I'd appreciate if anyone 
> here can spot where I'm going wrong. Here's our config.boot file:

<DEL>

The config seems fine.

> The firewall is configured to allow all IGMP and packets in the range 
> 224.0.0.0/4 through, and Xorp comes up cleanly enough, but it seems to 

You need to enable the PIM packets as well.

> get the information about the interfaces which are already there wrong, 
> i.e. here's what Xorp reports:
> 
> [ 2005/06/07 17:26:05 INFO xorp_igmp MLD6IGMP ] Added new address to vif 
> eth0: addr: 131.111.20.148 subnet: 131.111.20.0/24 broadcast: 
> 131.111.20.191 peer:0.0.0.0
> [ 2005/06/07 17:26:05 INFO xorp_igmp MLD6IGMP ] Interface flags changed: 
> Vif[eth0] pif_index: 0 vif_index: 0 addr: 131.111.20.148 subnet: 
> 131.111.20.0/24 broadcast: 131.111.20.191 peer: 0.0.0.0 Flags: MULTICAST 
> BROADCAST UNDERLYING_VIF_UP
> [ 2005/06/07 17:26:05 INFO xorp_igmp MLD6IGMP ] Interface added: 
> Vif[eth1] pif_index: 0 vif_index: 1 Flags:
> [ 2005/06/07 17:26:05 INFO xorp_igmp MLD6IGMP ] Added new address to vif 
> eth1: addr: 131.111.20.132 subnet: 131.111.20.0/24 broadcast: 
> 131.111.20.191 peer:0.0.0.0
> 
> However, those two addresses have subnet 131.111.20.0/26. Also, what's 
> that peer:0.0.0.0 all about?

Can you double check with "ifconfig -a" and "ip addr" that your IP
addresses are really 131.111.20.0/26. Also, use the xorpsh command
"show interface" to see what the XORP FEA thinks the interface
addresses should be.

If the peer address is 0.0.0.0, you can ignore it (it is used in
case of p2p links).

> Anyway, when I try to run an mping job across the f/w, with one machine 
> listening on 229.255.255.2, here's Xorp's output. The listening machine 
> has IP 131.111.20.151 and is outside the firewall on eth0 on the f/w, 
> while the sender is 131.111.20.167 and is firewalled behind eth1:

>From the logs below it looks like that 131.111.20.151 is listening
to 224.0.1.41.
On the other hand, 131.111.20.167 and 131.111.20.163 appear to have
joined group 229.255.255.2, hence please double-check the groups
each host has joined.

Few more comments are inlined below.

> [ 2005/06/07 17:28:39 TRACE xorp_pimsm4 PIM ] TX PIM_HELLO from 
> 131.111.20.148 to 224.0.0.13 on vif eth0
> [ 2005/06/07 17:28:41 TRACE xorp_pimsm4 PIM ] TX PIM_HELLO from 
> 131.111.20.132 to 224.0.0.13 on vif eth1
> [ 2005/06/07 17:28:41 TRACE xorp_igmp MLD6IGMP ] TX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.148 to 224.0.0.1
> [ 2005/06/07 17:28:41 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.148 to 224.0.0.1 on vif eth0
> [ 2005/06/07 17:28:41 TRACE xorp_igmp MLD6IGMP ] TX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.132 to 224.0.0.1
> [ 2005/06/07 17:28:41 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.132 to 224.0.0.1 on vif eth0
> [ 2005/06/07 17:28:42 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.132 to 224.0.0.2 on vif eth0
> [ 2005/06/07 17:28:42 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.167 to 229.255.255.2 on vif eth0
> [ 2005/06/07 17:28:43 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.132 to 224.0.0.13 on vif eth0
> [ 2005/06/07 17:28:45 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.144 to 239.255.255.250 on vif eth0
> [ 2005/06/07 17:28:46 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.148 to 224.0.0.13 on vif eth0
> [ 2005/06/07 17:28:47 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.163 to 229.255.255.2 on vif eth0
> [ 2005/06/07 17:28:47 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.151 to 224.0.1.41 on vif eth0
> [ 2005/06/07 17:28:51 WARNING xorp_fea MFEA ] proto_socket_read() 
> failed: RX packet from 192.153.213.109 to 224.0.0.13: no vif found

This "no vif found" error is probably because the XORP router
doesn't have an interface that shares the same subnet as
192.153.213.109.

> [ 2005/06/07 17:28:51 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.148 to 224.0.0.2 on vif eth0
> [ 2005/06/07 17:28:52 TRACE xorp_igmp MLD6IGMP ] RX IGMP_V2_LEAVE_GROUP 
> from 131.111.20.151 to 224.0.0.2 on vif eth0

I presume here you have stopped the 131.111.20.151 receiver.

> [ 2005/06/07 17:28:52 TRACE xorp_igmp MLD6IGMP ] TX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.148 to 229.255.255.2
> [ 2005/06/07 17:28:52 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_MEMBERSHIP_QUERY from 131.111.20.148 to 229.255.255.2 on vif eth0
> [ 2005/06/07 17:28:53 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.163 to 229.255.255.2 on vif eth0
> [ 2005/06/07 17:28:56 TRACE xorp_igmp MLD6IGMP ] RX 
> IGMP_V2_MEMBERSHIP_REPORTfrom 131.111.20.167 to 229.255.255.2 on vif eth0
> [ 2005/06/07 17:28:57  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:28:57  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:29:02  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:29:02  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:29:02  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:29:02  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0
> [ 2005/06/07 17:29:02  ERROR xorp_fea:16848 MFEA +1340 
> mfea_proto_comm.cc proto_socket_read ] proto_socket_read() failed: 
> invalid unicast sender address: 0.0.0.0

Those "invalid unicast sender address: 0.0.0.0" messages are odd.
Do you run a sender or a receiver on the same box as the XORP
router?
In any case, please run tcpdump on all network interfaces and try to
catch if there are any IP packets that have indeed source address of
0.0.0.0.
If you cannot catch such packets in action, I will send you a patch
to fea/mfea_proto_comm.cc that will print some extra debug info
about those misterious packets.

Pavlin

> 
> I know this is a lot of stuff I've cut 'n' pasted, but any help on where 
> I'm going wrong would be appreciated!
> 
> Thanks,
> Mark
> 
> _______________________________________________
> Xorp-users mailing list
> Xorp-users@xorp.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users