Hi,
I have seen
http://www.tinc-vpn.org/pipermail/tinc-devel/2010-October/000473.html
and so tried out for myself to see if multicast would work in tinc
using routing mode. I'm using tinc 1.0.19. My test involved sending a
ping out on 224.1.1.1 (as 224.0.0.0/24 is a special case), and while I
could see the traffic reaching the other tinc daemons, it never seemed
to go out to the local network. Turning on debugging, I could see the
packet reach the other site, but it doesn't get broadcast out onto the
network (wireshark shows nothing; I'm not expected any machines to
respond to the ping, it's just an easy way to send out something
multicast).
site1: 10.1.0.1/24
# ip route add 224.1.1.1/16 dev vpn
# ip route list
default via x.x.x.x dev eth0 metric 100
10.0.0.0/8 dev vpn scope link
224.1.0.0/16 dev vpn scope link
# ip route get 224.1.1.1
multicast 224.1.1.1 dev alpha src 10.1.0.1
cache <mc>
# ping -c 5 224.1.1.1
site3: 10.211.55.30/24
# ip route list
10.211.55.0/24 dev eth0 proto kernel scope link src 10.211.55.30 metric 1
192.168.0.0/16 dev vpn scope link
10.0.0.0/8 dev vpn scope link
default via 10.211.55.1 dev eth0 proto static
When I ping I see:
Feb 25 18:05:26 site1 tinc.vpn[22928]: Read packet of 98 bytes from
Linux tun/tap device (tun mode)
Feb 25 18:05:26 site1 tinc.vpn[22928]: Broadcasting packet of 98 bytes
from site1 (MYSELF)
Feb 25 18:05:26 site1 tinc.vpn[22928]: Sending packet of 98 bytes to
site2 (x.x.x.x port 1386)
Feb 25 18:05:26 site3 tinc.vpn[2790]: Received packet of 98 bytes from
site1 (y.y.y.y port 655)
Feb 25 18:05:26 site3 tinc.vpn[2790]: Writing packet of 98 bytes to
Linux tun/tap device (tun mode)
Feb 25 18:05:26 site3 tinc.vpn[2790]: Broadcasting packet of 98 bytes
from site1 (y.y.y.y port 655)
Looking at the code corresponding to "Broadcast packet", which from
what I can tell, sends the packet to other nodes, as well as sends it
to itself: send_packet(myself, packet);, however nothing shows up on
wireshark.
Ideas? I also see the same problem if I tried to do a broadcast ping
remotely vs locally: ping -c 5 10.211.55.255
Regards,
Mike
On Mon, Feb 25, 2013 at 06:12:13PM +0000, Mike C wrote:> I have seen http://www.tinc-vpn.org/pipermail/tinc-devel/2010-October/000473.html > and so tried out for myself to see if multicast would work in tinc > using routing mode. I'm using tinc 1.0.19. My test involved sending a > ping out on 224.1.1.1 (as 224.0.0.0/24 is a special case), and while I > could see the traffic reaching the other tinc daemons, it never seemed > to go out to the local network. Turning on debugging, I could see the > packet reach the other site, but it doesn't get broadcast out onto the > network (wireshark shows nothing; I'm not expected any machines to > respond to the ping, it's just an easy way to send out something > multicast).That is just the way Linux works. It doesn't forward multicast traffic by default. You have to have multicast routes to all interfaces you want multicast on, enable IP forwarding, and you might also need to run a multicast routing daemon (pimd, smcroute, igmpproxy, et cetera). I haven't done multicast stuff for a long time, I'm afraid I cannot help you here.> # ip route add 224.1.1.1/16 dev vpnI don't think it is a good idea to assign a multicast IP address directly to an interface. In principle, hosts which have multicast configured correctly should respond to ping packets to 224.0.0.1.> Looking at the code corresponding to "Broadcast packet", which from > what I can tell, sends the packet to other nodes, as well as sends it > to itself: send_packet(myself, packet);, however nothing shows up on > wireshark.You should at least see it on the VPN interface. However, that is as far as tinc's responsibilities go. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130225/f820280c/attachment.pgp>