[Xorp-users] PIM problem: not forwarding from internal to external interface
Melih Bitim
bitim@cascv.brown.edu
Thu, 23 Jun 2005 13:08:19 -0400
Hi,
We are trying to route multicast through our firewall primarily for Accessgrid
access. The fw has a 2.6.9 Linux kernel, and two active interfaces, namely
eth0 (internal) and eth2 (external). eth1 is NOT configured. A campus router
provides the static RP, though the RP is not a next hop from the firewall.
Is that a problem?
Linux local
Internet-- Router -- ... --Campus -- (eth2)Firewall/(eth0)--switch-- beacon
(is RP) Router1 Router node
a.b.r.1 a.b.c.75 a.b.c.74 a.b.d.1 a.b.d.14
ping to 224.0.0.13 from the 'beacon node' shows a.b.d.1.
ping to 224.0.0.13 from the firewall (interface eth0) shows itself (a.b.d.1)
ping to 224.0.0.13 from the firewall (interface eth2) shows itself(a.b.c.74) and
the neighbor a.b.c.75
The firewall rules have been mended to allow IGMP, ICMP and PIM through after
analyzing the firewall LOG, and nothing related is rejected or dropped by the
firewall (as far as I can see).
We are using a fresh CVS copy of XORP, and a pretty standart configuration
file. The firewall has static routes on it for a bunch of networks behind it,
and no dynamic routing protocols are used. So my assumption is that fib2mrib
should be used.
The 'beacon node' and the firewall have interfaces on the same network. Running
the beacon software, we see multicast traffic from outside hit the beacon
node. But multicast initiated from the beacon node hits the internal interface
on the firewall (eth0), and doesn't get send out on eth2 (external interface).
Unicast routing works perfectly. We don't have different paths for
incoming/outgoing packets, so I don't think we need rp_filter=0, but it is set
like that.
/proc/sys/net/ipv4/conf/eth0/mc_forwarding:1
/proc/sys/net/ipv4/conf/eth2/mc_forwarding:1
/proc/sys/net/ipv4/conf/lo/mc_forwarding:0
/proc/sys/net/ipv4/conf/pimreg/mc_forwarding:1
/proc/sys/net/ipv4/ip_forward:1
/proc/sys/net/ipv4/conf/eth0/rp_filter:0
/proc/sys/net/ipv4/conf/eth2/rp_filter:0
/proc/sys/net/ipv4/conf/lo/rp_filter:1
/proc/sys/net/ipv4/conf/pimreg/rp_filter:0
Xorp> show mfea interface
Interface State Vif/PifIndex Addr Flags
eth0 UP 0/2 a.b.d.1 MULTICAST BROADCAST KERN_UP
eth2 UP 1/4 a.b.c.74 MULTICAST BROADCAST KERN_UP
register_vif UP 2/2 a.b.d.1 PIM_REGISTER KERN_UP
Xorp> show igmp interface
Interface State Querier Timeout Version Groups
eth0 UP a.b.d.1 None 2 3
eth2 UP a.b.c.74 None 2 2
Xorp> show pim neighbors
Interface DRpriority NeighborAddr V Mode Holdtime Timeout
eth2 1 a.b.c.75 2 Sparse 105 94
Xorp> show pim interface
Interface State Mode V PIMstate Priority DRaddr Neighbors
eth0 UP Sparse 2 DR 1 a.b.d.1 0
eth2 UP Sparse 2 NotDR 1 a.b.c.75 1
register_vif UP Sparse 2 DR 1 a.b.d.1 0
Xorp> show pim rps
RP Type Pri Holdtime Timeout ActiveGroups GroupPrefix
a.b.r.1 static 192 -1 -1 1 224.0.0.0/4
Xorp> show pim mfc
233.4.200.19 random_beacon_IP a.b.r.1
Incoming interface : eth2
Outgoing interfaces: O..
.... tons of beacon nodes just like the on above
233.4.200.19 a.b.d.14 a.b.r.1
Incoming interface : eth0
Outgoing interfaces: ..O
Xorp> show pim mrib
shows the whole unicast table
Xorp> show pim scope
GroupPrefix Interface
Xorp> show pim join
Group Source RP Flags
233.4.200.19 0.0.0.0 a.b.r.1 WC
Upstream interface (RP): eth2
Upstream MRIB next hop (RP): a.b.c.75
Upstream RPF'(*,G): a.b.c.75
Upstream state: Joined
Join timer: 39
Local receiver include WC: O..
Joins RP: ...
Joins WC: ...
Join state: ...
Prune state: ...
Prune pending state: ...
I am assert winner state: O..
I am assert loser state: ...
Assert winner WC: O..
Assert lost WC: ...
Assert tracking WC: OO.
Could assert WC: O..
I am DR: O.O
Immediate olist RP: ...
Immediate olist WC: O..
Inherited olist SG: O..
Inherited olist SG_RPT: O..
PIM include WC: O..
233.4.200.19 a.b.d.14 a.b.r.1 SG_RPT DirectlyConnectedS
Upstream interface (S): eth0
Upstream interface (RP): eth2
Upstream MRIB next hop (RP): a.b.c.75
Upstream RPF'(S,G,rpt): a.b.c.75
Upstream state: Pruned
Override timer: -1
Local receiver include WC: O..
Joins RP: ...
Joins WC: ...
Prunes SG_RPT: ...
Join state: ...
Prune state: ...
Prune pending state: ...
Prune tmp state: ...
Prune pending tmp state: ...
Assert winner WC: O..
Assert lost WC: ...
Assert lost SG_RPT: ...
Could assert WC: O..
Could assert SG: ..O
I am DR: O.O
Immediate olist RP: ...
Immediate olist WC: O..
Inherited olist SG: O.O
Inherited olist SG_RPT: O..
PIM include WC: O..
233.4.200.19 a.b.d.14 a.b.r.1 SG SPT DirectlyConnectedS
Upstream interface (S): eth0
Upstream interface (RP): eth2
Upstream MRIB next hop (RP): a.b.c.75
Upstream MRIB next hop (S): UNKNOWN
Upstream RPF'(S,G): UNKNOWN
Upstream state: Joined
Register state: RegisterJoin RegisterCouldRegister
Join timer: 39
KAT(S,G) running: true
Local receiver include WC: O..
Local receiver include SG: ...
Local receiver exclude SG: ...
Joins RP: ...
Joins WC: ...
Joins SG: ..O
Join state: ..O
Prune state: ...
Prune pending state: ...
I am assert winner state: ...
I am assert loser state: ...
Assert winner WC: O..
Assert winner SG: ...
Assert lost WC: ...
Assert lost SG: ...
Assert lost SG_RPT: ...
Assert tracking SG: O.O
Could assert WC: O..
Could assert SG: ..O
I am DR: O.O
Immediate olist RP: ...
Immediate olist WC: O..
Immediate olist SG: ..O
Inherited olist SG: O.O
Inherited olist SG_RPT: O..
PIM include WC: O..
PIM include SG: ...
PIM exclude SG: ...
Before I send the complete log, I would like to send warning/error messages
and see if they make sense to you, and if we need to to be concerned:
ERROR xorp_fea:1703 MFEA +1781 mfea_proto_comm.cc proto_socket_write ] sendmsg(proto 103 from a.b.d.1 to a.b.r.1 on vif register_vif) failed: Message too long
ERROR xorp_pimsm4:1729 PIM +2617 xrl_pim_node.cc mfea_client_send_protocol_message_cb ] Cannotdsend a protocol message: 102 Command failed Cannot send PIMSM_4 protocol message from a.b.d.1 to a.b.r.1 on vif register_vif
WARNING xorp_fea MFEA ] proto_socket_read() failed: RX packet from a.b.r.1 to 224.0.0.2: no vif found
WARNING xorp_fea XrlMfeaTarget ] Handling method for mfea/0.1/send_protocol_message4 failed: XrlCmdError 102 Command failed Cannot send PIMSM_4 protocol message from a.b.d.1 to a.b.r.1 on vif register_vif
After XORP initialization, we continuosly see the following printed from XORP:
[ 2005/06/23 12:49:28 TRACE xorp_pimsm4 PIM ] TX PIM_REGISTER from a.b.d.1 to a.b.r.1 on vif register_vif
[ 2005/06/23 12:49:28 TRACE xorp_pimsm4 PIM ] RX WHOLEPKT signal from MFEA_4: vif_index = 2 src = a.b.d.14 dst = 233.4.200.19
[ 2005/06/23 12:49:28 TRACE xorp_pimsm4 PIM ] TX PIM_REGISTER from a.b.d.1 to a.b.r.1 on vif register_vif
Any ideas ? Many thanks, your help is greatly appreciated,
--
Melih Bitim
Brown Univ.