[Cerowrt-devel] mdns reflector issues on ipv6/babel routing through nat.
Dave Taht
dave.taht at gmail.com
Sun Mar 18 17:35:49 EDT 2012
On Sun, Mar 18, 2012 at 2:30 PM, Dave Taht <dave.taht at gmail.com> wrote:
> On Sun, Mar 18, 2012 at 2:27 PM, Jim Gettys <jg at freedesktop.org> wrote:
>> Oh, cool. Broadcast storms are soooo much fun...
>
> I ended up having to disable avahi entirely.
(as I found ipv4 multicast going wild, too, on a few links)
I note that I have had pimd installed for ages, but nothing to try it
on seems to work.
uftp does not want to route across multiple interfaces, either.
now, after todays diversion, some might think that's a good thing, but
routed multicast USED to sort of work a decade ago....
I'd had to rip out mrd6 earlier due to excessive cpu usage, so I have
no idea if that works.
About the only 'current' multicast capable daemon that looks well
maintained is Xorp, but it's huge.
Quagga has some pimd support but it's basically a glorified igmp implementation.
multicast research seems to have died in the last decade.
I sure would like to beat up on multicast in the large, so I can get a
better grip on how it's malfunctioning in the small....
>
> the NEAT thing about this, was that although my network was basically
> saturated, it still more or less worked and I hardly noticed I had a
> problem, due to having sfq everywhere....
>
>> - Jim
>>
>>
>> On 03/18/2012 05:24 PM, Dave Taht wrote:
>>> On Sun, Mar 18, 2012 at 2:22 PM, Dave Taht <dave.taht at gmail.com> wrote:
>>>> Once you get to a few routers, a few deep, (3 in series in this case,
>>>> 9 overall), the avahi mdns proxy starts to malfunction over ipv6, and
>>>> I ended up with a rather nasty broadcast storm.
>>>>
>>>> So I had to disable the ipv6 multicast of mdns in order to get my
>>>> network back in this (excessively) complex network.
>>>>
>>>> use-ipv6=no in the /etc/avahi/avahi-daemon file
>>>>
>>>> Seems to work fine, two deep. Curiously, I did not observe a similar
>>>> storm for ipv4...
>>>>
>>>> Now this is across like 5 different versions of cerowrt, but it would
>>>> not surprise me that this is a generic problem with avahi on ipv6,
>>>> and/or a symptom of the brain-damaged-ness of mdns in the first place.
>>>>
>>>> use-ipv6=no
>>>>
>>>> I note that when you connect cero boxes together in a babel mesh
>>>> configuration, site-local multicast is not a problem, because it
>>>> doesn't work in the first place (by design). This can be construed as
>>>> an advantage (no broadcast storm), or disadvantage (mdns and
>>>> site-local multicast doesn't work across meshed links)
>>> Actually I was wrong. I'm STILL observing a broadcast storm, AND it
>>> is taking place across the meshed links too.... aggggh.....
>>>
>>>> Incidentally, I don't know if anyone would purposely inflict a network
>>>> this complex on themselves:
>>>>
>>>> http://pastebin.com/LzeeiCXg
>>>>
>>>> but it does illustrate that a complex, automagically routed, fault
>>>> tolerant ipv4 and ipv6 network IS feasible, so long as all internal
>>>> addresses are unique.
>>>>
>>>> The biggest problem I run into is that 'failover-capable,
>>>> fault-tolerant routing' introduces major headaches with firewall
>>>> rules.
>>>>
>>>> Another thing the above paste illustrates that you can mix and match
>>>> ipv4 nat with ipv6 fully meshed routing.
>>>>
>>>> The box I took that trace off has babel enabled on all interfaces, and
>>>> has the following rule at the top of it's babeld.conf file
>>>>
>>>> out if ge00 ip 0.0.0.0/0 deny
>>>>
>>>> (as do multiple other boxes in the lab on the external network)
>>>>
>>>> this prohibits announcing ipv4 routes across the natted ge00
>>>> interface, but allows ipv6. In the caseof that paste, this particular
>>>> router has NO internal wired connections at all, it just meshes
>>>> internally for ipv4, and because ge00 is a higher quality (ethernet)
>>>> interface, babel chooses it for the default for ipv6 for most routes.
>>>>
>>>>
>>>>
>>>> --
>>>> Dave Täht
>>>> SKYPE: davetaht
>>>> US Tel: 1-239-829-5608
>>>> http://www.bufferbloat.net
>>>
>>>
>>
>
>
>
> --
> Dave Täht
> SKYPE: davetaht
> US Tel: 1-239-829-5608
> http://www.bufferbloat.net
--
Dave Täht
SKYPE: davetaht
US Tel: 1-239-829-5608
http://www.bufferbloat.net
More information about the Cerowrt-devel
mailing list