Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Multicast overload?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Multicast overload? (Read 2039 times)
ittim
Newbie
Posts: 3
Karma: 0
Multicast overload?
«
on:
November 16, 2021, 03:48:05 am »
Hello - I am using a Protectli Vault with OPNsense for an industrial application.
OPT1 connects an instrument and OPT2 connects a control computer.
The instrument sends multicast traffic and I have created a rule so that the traffic only goes to OPT2. The rule works fine, but after about a minute and a half the network connections drop and the Protectli unit freezes. A hard reset will bring everything back to the operational state.
The instrument sends multicast traffic at about 5 Mbps. That doesn't seem high enough to overload the system, but something is and I have no clue what it might be.
Shooting in the dark I wonder if Enabling TCP Offload Engine and Enabling Hardware Checksum Offloading would remedy this.
Any ideas or insights are greatly appreciated.
Logged
benyamin
Full Member
Posts: 224
Karma: 13
Re: Multicast overload?
«
Reply #1 on:
November 16, 2021, 05:32:30 am »
Possibly flooding the state table. Hard to say.
It's possible it appears to be working because multicast traffic is leaking everywhere.
You might need to share the relevant rules. I presume a floating rule is in effect too...?
Did you configure IGMP Proxy as well?
Logged
ittim
Newbie
Posts: 3
Karma: 0
Re: Multicast overload?
«
Reply #2 on:
November 16, 2021, 07:50:23 pm »
Thanks Benyamin;
Using Wireshark I see multicast only between OPT1 and OPT2 - nothing on the other interfaces.
Relevant rules:
Floating - block - outgoing - IGMP - source * - destination * (don't think this is actually needed)
OPT1 - block - incoming - IGMP - source * - destination ! OPT2 Net (inverse rule meaning * but OPT2 Net)
OPT1 - allow - incoming - IPV4 - source * - destination *
OPT2 - allow - incoming - IPV4 - source * - destination *
No IGMP Proxy
Logged
ittim
Newbie
Posts: 3
Karma: 0
Re: Multicast overload?
«
Reply #3 on:
November 16, 2021, 09:45:46 pm »
State table size is fine and stable.
MBUF usage looks to be a problem. With the instrument running this fills up rapidly and then cases the system to shut down. Increasing the size would buy some time, but it will no doubt fill up again.
now what?
Logged
benyamin
Full Member
Posts: 224
Karma: 13
Re: Multicast overload?
«
Reply #4 on:
November 16, 2021, 10:47:26 pm »
I presume there's nothing obvious in the
General
log. Searching for "mbuf" or "kernel" might help.
Also, grabbing the output of a couple of goes of
netstat -m
or
netstat -m | grep mbuf
might help to see where the delta changes are occurring.
Having said all that, perhaps it would be a good idea to install the
IGMP Proxy
plugin. AFAIK,
mrouted
is not part of core - not that I would necessarily expect it to be - but I understand the
IGMP Proxy
plugin is at least based on
mrouted
, so maybe it will help...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Multicast overload?