Page MenuHomeVyOS Platform

igmp-proxy issue: Address already in use
Closed, ResolvedPublicBUG

Description

Reproduction steps:

set protocols igmp-proxy interface eth1 alt-subnet '224.0.0.0/8'
set protocols igmp-proxy interface eth1 role 'upstream'
set protocols igmp-proxy interface eth1 threshold '1'
set protocols igmp-proxy interface eth3 alt-subnet '192.168.0.0/24'
set protocols igmp-proxy interface eth3 role 'downstream'
set protocols igmp-proxy interface eth3 threshold '1'

After commit command, we receive the message in logs

Jul 30 13:26:10 vyos igmpproxy[2464]: MC-Router API already in use; Errno(98): Address already in use

It seems FRR/PIMD always listening and used

Details

Difficulty level
Unknown (require assessment)
Version
1.3-rolling-202007200117
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Security vulnerability

Event Timeline

Unknown Object (User) created this task.Jul 30 2020, 1:31 PM

This issue also exists in:

Version:          VyOS 1.3-rolling-202009271030
Release Train:    equuleus

When trying to show multicast mfc:

$ show ip multicast mfc
IGMP proxy not configured

killing FRR
sudo service stop frr
restart igmp-proxy
restart igmp-proxy

I have the same results, igmp-proxy is not able to start.

I used PIM to get multicast working.

Can we replace igmp-proxy with pimd?

Can we replace igmp-proxy with pimd?

I'm not a big expert on multicast.. So I don't know if there's any downsides to using PIM over igmp-proxy.
Also I'm not sure if the configuration (that's working for me) is the correct way of doing it.

I'm willing to give the configuration that I have running, just let me know.

@christophedc0 Could you provide me with your pim configuration? i am not getting any further

terminating watchfrr and pimd has solved the problem.
With my configuration everything was OK...

for reference:
my PIM config for allowing multicast from eth1.112 to eth1 (10.10.10.10 is a fictional ip):

show protocols pim 
 interface dum0 {
 }
 interface eth1 {
 }
 interface eth1.112 {
 }
 rp {
     address 10.10.10.10 {
         group 224.0.0.0/4
     }
 }

@Dmitry I dont really know if this is a good idea.
The reason for this is that the configuration synchronisation between frr daemons depends on the daemons started at the same time, and always running when global configuration is applied.. this is also one of the reasons why frr-daemons starts prior to vyos starting on bootup and not when a daemon is configured. I do not know if this will be a issue with PIM, so i'm not sure what will happen with this daemon.
as an example for such synctonization is a prefix-list.
If you start bgp and ospf and then create a prefix-list, the list will be created in both ospf and bgp.
If you start bgp , then create the prefix-list and then start ospf, ospf will not automatically add the prefix-list but when you show the combined configuration is is still show'ed as a global prefix-list.. to get the prefix-list into ospf you need to manually add the commands to the daemon to get in sync.

We for now have the same issue when a process failes.. but thats another storry..

what do you think @c-po @dmbaturin ?

Unknown Object (User) closed this task as Resolved.Dec 5 2020, 1:41 PM

successfully tested on the self-build image from crux branch and the latest rolling image

erkin set Issue type to Security vulnerability.Aug 29 2021, 1:40 PM
erkin removed a subscriber: Active contributors.