i have a problem with rp_filter.
The issus is the following: i need to join the following multicast address: 237.2.1.41:5500 with source 10.60.101.24 on interface ens513f0
Interface ens513f0 has following settings:
Code: Select all
ens513f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.216.137.29 netmask 255.255.255.0 broadcast 10.216.137.255
inet6 fe80::21e:67ff:fe9c:79ee prefixlen 64 scopeid 0x20<link>
ether 00:1e:67:9c:79:ee txqueuelen 1000 (Ethernet)
RX packets 977751 bytes 1006531335 (959.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 207 bytes 12134 (11.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0x91b60000-91b7ffff
I have add a static route for the 237.2.1.41 multicast:
Code: Select all
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.216.68.1 0.0.0.0 UG 0 0 0 ens513f2
10.39.28.0 10.216.13.1 255.255.255.0 UG 0 0 0 enp4s0f0
10.69.157.0 10.216.13.1 255.255.255.0 UG 0 0 0 enp4s0f0
10.216.13.0 0.0.0.0 255.255.255.0 U 0 0 0 enp4s0f0
10.216.68.0 0.0.0.0 255.255.255.0 U 0 0 0 ens513f2
10.216.137.0 0.0.0.0 255.255.255.0 U 0 0 0 ens513f0
172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0
[color=#FF0000]237.2.0.0 10.216.137.1 255.255.0.0 UG 0 0 0 ens513f0[/color]
I was not able to join multicast, so i disabled rp_filter on ens513f0 interface and enabled the log martian. this is my /etc/sysctl.conf
Code: Select all
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.ens513f0.rp_filter = 0
net.ipv4.conf.all.log_martians = 1
This is strange to me, and in addition i o not know what 10.69.137.83 is![root@node1 conf]# tail -f /var/log/messages | grep -B1 martian
May 6 08:05:28 node1 serf[101]: agent.ipc: Accepted client: 127.0.0.1:46702
May 6 08:05:29 node1 kernel: IPv4: martian source 10.69.137.82 from 10.69.137.82, on dev ens513f0
May 6 08:05:29 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 2c 08 06 ........M..,..
May 6 08:05:30 node1 kernel: IPv4: martian source 10.69.137.82 from 10.69.137.82, on dev ens513f0
May 6 08:05:30 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 2c 08 06 ........M..,..
May 6 08:05:33 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
May 6 08:05:33 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 1a 08 06 ........M.....
May 6 08:05:34 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
May 6 08:05:34 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 1a 08 06 ........M.....
May 6 08:05:35 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
--
May 6 08:05:35 node1 mesos-master[5024]: W0506 06:05:35.237177 5065 master.cpp:3876] Implicitly declining offers: [ d182b309-4fa1-4229-8cb3-d2c271544efa-O172694 ] in ACCEPT call for framework fb6b2e0a-c701-4bb7-9ac1-0ed19c2cc876 as the launch operation specified no tasks
May 6 08:05:36 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
May 6 08:05:36 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 1a 08 06 ........M.....
May 6 08:05:37 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
May 6 08:05:37 node1 kernel: ll header: 00000000: ff ff ff ff ff ff 00 06 4d 02 1c 1a 08 06 ........M.....
May 6 08:05:38 node1 kernel: IPv4: martian source 10.69.137.83 from 10.69.137.83, on dev ens513f0
in any case, I found two mays to make things work:
1) if i disable the rp_filter on all the interfaces "net.ipv4.conf.all.rp_filter = 0" things works
2) alteratively if i add a static route for the source of the multicast things works
Code: Select all
Destination Gateway Genmask Flags MSS Window irtt Iface
10.69.101.0 10.216.137.1 255.255.255.0 UG 0 0 0 ens513f0
Can someone explain/help me?
i would like to avoid to have the rp_filter disabled on all interfaces and i would lieke to avoid to add stati routes for each multicast/source i have to join.
thanks guys!