Why is Igmpproxy + VPN PPTP not multicasting in VPN?

J

jidckii2014-09-03 08:16:08

linux

jidckii, 2014-09-03 08:16:08

Good day to all.
There is a server (home), VPN PPTP is raised on it, the Internet through the tunnel works fine, but multicast does not go into it.
Actually what is there:

$ uname -a
Linux keikogi.ru 3.2.0-4-686-pae #1 SMP Debian 3.2.60-1+deb7u3 i686 GNU/Linux

Installed igmpproxy from here .
And his config:

quickleave

phyint eth0 upstream  ratelimit 0  threshold 1
  altnet 192.168.0.0/24
  altnet 224.0.0.0/4

phyint ppp0 downstream  ratelimit 0  threshold 1

phyint eth1 disabled

Next iptables :

$ iptables -L -n -v
Chain INPUT (policy ACCEPT 7825K packets, 589M bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     47   --  *      *       0.0.0.0/0            0.0.0.0/0           
 1016 33381 ACCEPT     all  --  eth0   *       0.0.0.0/0            224.0.0.0/4         
    0     0 ACCEPT     all  --  eth0   *       224.0.0.0/4          0.0.0.0/0           

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x02 TCPMSS clamp to PMTU
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            224.0.0.0/4         
    0     0 ACCEPT     all  --  *      *       224.0.0.0/4          0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 12M packets, 12G bytes)
 pkts bytes target     prot opt in     out     source               destination

# правила для VPN
iptables -A INPUT -p gre -j ACCEPT
iptables -t nat -A POSTROUTING -s 172.16.0.0/12 -j MASQUERADE
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

# Правила для igmpproxy
modprobe ipt_TTL
iptables -t filter -A INPUT -d 224.0.0.0/240.0.0.0 -i eth0 -j   ACCEPT
iptables -t filter -A INPUT -s 224.0.0.0/240.0.0.0 -i eth0 -j ACCEPT
iptables -t filter -A FORWARD -d 224.0.0.0/240.0.0.0 -j ACCEPT
iptables -t filter -A FORWARD -s 224.0.0.0/240.0.0.0 -j ACCEPT
iptables -t mangle -A PREROUTING -d 224.0.0.0/240.0.0.0 -p udp -j TTL --ttl-inc 1

The provider uses IGMP v2.

$ cat sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
#  Enabling this option disables Stateless Address Autoconfiguration
#  based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1


# Do not send ICMP redirects (we are not a router)
net.ipv4.conf.all.send_redirects = 0

net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eth0.send_redirects = 0

net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0

net.ipv4.conf.all.force_igmp_version=2

net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0

Tell me what could be the problem?
The multicast subscription equipment provider is not visible when I try to subscribe via VPN.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

J

jidckii, 2016-03-10
@jidckii

Need multicast routing
xgu.ru/wiki/Multicast_%D0%B2_Linux

V

Vladimir Goncharov, 2014-09-04
@mikluha

Here, in addition to the IGMP proxy, you still need "something" that will multicast routing.
Do you really need multicast via PPTP? Maybe it's easier to convert it to Unicast? There is such a thing called udpxy. I didn’t install it myself, but I know that in my network several subscribers take IPTV from me through it and watch it in another place (including through PPTP). The meaning is this: udpxy takes the stream via UDP (including the ability to Join to multicast groups), and sends it via HTTP, which already obeys the Unicast routing rules :)