Multicast traffic

Started by dcol, March 30, 2018, 12:31:13 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 30, 2018, 12:31:13 AM
What is generally the best practice for IGMP Multicast traffic. Allow or block on the internal networks?
I do see occasional hits from a WiFi router, which are now blocked with a default deny rule.
March 31, 2018, 08:17:34 PM #1
Bump, anyone.....
March 31, 2018, 09:54:50 PM #2
Allow on the local net :) It's actually a tool to improve network traffic in some cases.
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
March 31, 2018, 09:57:53 PM #3 Last Edit: April 01, 2018, 06:30:37 PM by dcol
That's what I thought. I will create a floating rule including all my internal interfaces, but not to WAN, to allow IGMP.
Thanks
March 31, 2018, 10:15:52 PM #4
You're welcome. Go ahead, although, just as a side note, in very secured setups, all (except the very minimum) TCP/IP processed stuff are disabled, including IGMP. And also worth mentioning that older OSs are vulnerable (regarding IGMP) but patches are available :)
OPNsense v18 | HW: Gigabyte Z370N-WIFI, i3-8100, 8GB RAM, 60GB SSD, | Controllers: 82575GB-quad, 82574, I221, I219-V | PPPoE: RDS Romania | Down: 980Mbit/s | Up: 500Mbit/s

Team Rebellion Member
April 01, 2018, 06:53:53 AM #5
It only works in the local LAN if you don't use multicast routing (which is currently unsupported), so you can either create a rule for allowing or a rule for dropping with logging disabled.
Print
Go Up Pages1
User actions