From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-we0-f171.google.com (mail-we0-f171.google.com [74.125.82.171]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 53B49200830 for ; Sun, 18 Mar 2012 14:35:51 -0700 (PDT) Received: by werm1 with SMTP id m1so9455090wer.16 for ; Sun, 18 Mar 2012 14:35:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=O61wHp3JxfobLuFdpV4Uss92RxFOzM6vsVT4ggKEkmc=; b=LMoohWwwdPpOmZJVF4oH6A4ycGBMvJ3QyT5rBwDhd5OGJUFCgXfz7Nbl0ny3JEkz6U KnaOUFr7nD1BExF3kKy6DWN6gvomQ+hsPKm5RUAxbp6p/2l+EmLqdxSOtEwmtZV4QWHI j0tBjxJdUI2HFu72NBnUUD7+Qeg3bbzTKeBeXfQHHERFxh/Gv82/HXjZIR8MAbL/wC16 v17NrPRtIqxMD4vYTFJk7JpXza5lgIVbnBNJ0OZ7MtvJcdWkxy1fjAtIRNSOn1zb4hFQ 3BNi+9m4fY8W+CAa1+iK5FI53tGuy23Llh3ha1J99gVXxbi07pnEj6dT3RsiPMbYlZBr za0g== MIME-Version: 1.0 Received: by 10.180.14.73 with SMTP id n9mr14621189wic.16.1332106549441; Sun, 18 Mar 2012 14:35:49 -0700 (PDT) Received: by 10.223.126.209 with HTTP; Sun, 18 Mar 2012 14:35:49 -0700 (PDT) In-Reply-To: References: <4F665342.2080103@freedesktop.org> Date: Sun, 18 Mar 2012 14:35:49 -0700 Message-ID: From: Dave Taht To: Jim Gettys Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] mdns reflector issues on ipv6/babel routing through nat. X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Mar 2012 21:35:51 -0000 On Sun, Mar 18, 2012 at 2:30 PM, Dave Taht wrote: > On Sun, Mar 18, 2012 at 2:27 PM, Jim Gettys wrote: >> Oh, cool. =A0Broadcast storms are soooo much fun... > > I ended up having to disable avahi entirely. (as I found ipv4 multicast going wild, too, on a few links) I note that I have had pimd installed for ages, but nothing to try it on seems to work. uftp does not want to route across multiple interfaces, either. now, after todays diversion, some might think that's a good thing, but routed multicast USED to sort of work a decade ago.... I'd had to rip out mrd6 earlier due to excessive cpu usage, so I have no idea if that works. About the only 'current' multicast capable daemon that looks well maintained is Xorp, but it's huge. Quagga has some pimd support but it's basically a glorified igmp implementa= tion. multicast research seems to have died in the last decade. I sure would like to beat up on multicast in the large, so I can get a better grip on how it's malfunctioning in the small.... > > the NEAT thing about this, was that although my network was basically > saturated, it still more or less worked and I hardly noticed I had a > problem, due to having sfq everywhere.... > >> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0- Jim >> >> >> On 03/18/2012 05:24 PM, Dave Taht wrote: >>> On Sun, Mar 18, 2012 at 2:22 PM, Dave Taht wrote: >>>> Once you get to a few routers, a few deep, (3 in series in this case, >>>> 9 overall), the avahi mdns proxy starts to malfunction over ipv6, and >>>> I ended up with a rather nasty broadcast storm. >>>> >>>> So I had to disable the ipv6 multicast of mdns in order to get my >>>> network back in this (excessively) complex network. >>>> >>>> use-ipv6=3Dno in the /etc/avahi/avahi-daemon file >>>> >>>> Seems to work fine, two deep. Curiously, I did not observe a similar >>>> storm for ipv4... >>>> >>>> Now this is across like 5 different versions of cerowrt, but it would >>>> not surprise me that this is a =A0generic problem with avahi on ipv6, >>>> and/or a symptom of the brain-damaged-ness of mdns in the first place. >>>> >>>> use-ipv6=3Dno >>>> >>>> I note that when you connect cero boxes together in a babel mesh >>>> configuration, site-local multicast is not a problem, because it >>>> doesn't work in the first place (by design). This can be construed as >>>> an advantage (no broadcast storm), or disadvantage (mdns and >>>> site-local multicast doesn't work across meshed links) >>> Actually =A0I was wrong. I'm STILL observing a broadcast storm, AND it >>> is taking place across the meshed links too.... aggggh..... >>> >>>> Incidentally, I don't know if anyone would purposely inflict a network >>>> this complex on themselves: >>>> >>>> http://pastebin.com/LzeeiCXg >>>> >>>> but it does illustrate that a complex, automagically routed, fault >>>> tolerant ipv4 and ipv6 network IS feasible, so long as all internal >>>> addresses are unique. >>>> >>>> The biggest problem I run into is that 'failover-capable, >>>> fault-tolerant routing' introduces major headaches with firewall >>>> rules. >>>> >>>> Another thing the above paste illustrates that you can mix and match >>>> ipv4 nat with ipv6 fully meshed routing. >>>> >>>> The box I took that trace off has babel enabled on all interfaces, and >>>> has the following rule at the top of it's babeld.conf file >>>> >>>> out if ge00 ip 0.0.0.0/0 deny >>>> >>>> (as do multiple other boxes in the lab on the external network) >>>> >>>> this prohibits announcing ipv4 routes across the natted ge00 >>>> interface, but allows ipv6. In the caseof that paste, this particular >>>> router has NO internal wired connections at all, it just meshes >>>> internally for ipv4, and because ge00 is a higher quality (ethernet) >>>> interface, babel chooses it for the default for ipv6 for most routes. >>>> >>>> >>>> >>>> -- >>>> Dave T=E4ht >>>> SKYPE: davetaht >>>> US Tel: 1-239-829-5608 >>>> http://www.bufferbloat.net >>> >>> >> > > > > -- > Dave T=E4ht > SKYPE: davetaht > US Tel: 1-239-829-5608 > http://www.bufferbloat.net --=20 Dave T=E4ht SKYPE: davetaht US Tel: 1-239-829-5608 http://www.bufferbloat.net