[ previous ] [ next ] [ threads ]
 
 From:  =?ISO-8859-1?Q?Bj=F6rn?= Axelsson <bjorn dot axelsson at intinor dot se>
 To:  "Alexander C.H. Lorenz" <al at dsncon dot de>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: AW: [m0n0wall-dev] Multicast support
 Date:  Fri, 03 Sep 2004 08:45:27 +0200
On Thu, 2004-09-02 at 14:56, Alexander C.H. Lorenz wrote:

> 
> We working on multicast too - but when we get the sources for it, we're happy.

Our sources are not ready for release yet (and won't be until our field
tests prove successful and we finalize the system as a product), but I
can give you a mini-howto:

M0n0wall Multicast Mini-HowTo
-----------------------------
1. First step is to enable multicast routing in the kernel and
recompile. You need to add options MROUTING" to your kernel
configuration file for this.

2. Next, copy /usr/sbin/mrouted from a FreeBSD distro onto your m0n0wall
CF image. If you are happy with the default settings (multicast enabled
on all physical interfaces, and no multicast tunnels) you can ignore the
configuration file /etc/mrouted.conf or leave it empty.

3. mrouted needs to be started after at least two interfaces have been
brought up. An easy (but not very elegant) way is to add the following
somewhere near the end of /etc/rc.bootup: 
mwexec_bg("/usr/sbin/mrouted");

4. By default m0n0wall filters out IGMP packets with hard-coded firewall
rules, so we need to add the following lines to /etc/inc/filter.inc:

---
# Allow for multicast IGMP
pass in quick proto igmp from any to 224.0.0.0/4
pass out quick proto igmp from any to 224.0.0.0/4
---

Insert it between the rules "block in $log quick all with short" and
"block in $log quick all with ipopts" (it is somewhere near line 384).

5. Another simple firewall rule is needed to allow multicast traffic
from the WAN through the router. Add the following firewall rule using
the web gui:
Action: pass
Interface: WAN
Protocol: any
Source: any
Destination: network 224.0.0.0/4

You should now have a working rudimentary multicast enabled router.

For our purposes (broadcast-quality IP-TV) we had to use the traffic
shaper to reduce priority on all non-multicast traffic, and modify
mrouted to decrease the multicast group membership timeout. We are also
planning other modifications to mrouted to further optimize it for
IP-TV.

-- 

Intinor AB                      Fax: +46 (0)920 75710
www.intinor.se
Interactive Television          e-mail: bjorn dot axelsson at intinor dot se