freebsd-skq/share/man/man4/multicast.4

1012 lines
31 KiB
Groff
Raw Permalink Normal View History

.\" Copyright (c) 2001-2003 International Computer Science Institute
.\"
.\" Permission is hereby granted, free of charge, to any person obtaining a
.\" copy of this software and associated documentation files (the "Software"),
.\" to deal in the Software without restriction, including without limitation
.\" the rights to use, copy, modify, merge, publish, distribute, sublicense,
.\" and/or sell copies of the Software, and to permit persons to whom the
.\" Software is furnished to do so, subject to the following conditions:
.\"
.\" The above copyright notice and this permission notice shall be included in
.\" all copies or substantial portions of the Software.
.\"
.\" The names and trademarks of copyright holders may not be used in
.\" advertising or publicity pertaining to the software without specific
.\" prior permission. Title to copyright in this software and any associated
.\" documentation will at all times remain with the copyright holders.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
.\" IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
.\" FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
.\" AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
.\" LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
.\" FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
.\" DEALINGS IN THE SOFTWARE.
.\"
.\" $FreeBSD$
.\"
Merge final round of MLD changes from p4: ip6_input.c, in6.h: * Add netinet6-specific mbuf flag M_RTALERT_MLD, shadowing M_PROTO6. * Always set this flag if HBH Router Alert option is present for MLD, even when not forwarding. icmp6.c: * In icmp6_input(), spell m->m_pkthdr.rcvif as ifp to be consistent. * Use scope ID for verifying input. Do not apply SSM filters here, no inpcb. * Check for M_RTALERT_MLD when validating MLD traffic, as we can't see IPv6 hop options outside of ip6_input(). in6_mcast.c: * Use KAME scope/zone ID in in6_multi. * Update net.inet6.ip6.mcast.filters implementation to use scope IDs for comparisons. * Fix scope ID treatment in multicast socket option processing. Scope IDs passed in from userland will be ignored as other less ambiguous APIs exist for specifying the link. * Tighten userland input checks in IPv6 SSM delta and full-state ops. * Source filter embedded scope IDs need to be revisited, for now just clear them and ignore them on input. * Adapt KAME behaviour of looking up the scope ID in the default zone for multicast leaves, when the interface is ambiguous. mld6.c: * Tighten origin checks on MLD traffic as per RFC3810 Section 6.2: * ip6_src MAY be the unspecified address for MLDv1 reports. * ip6_src MAY have link-local address scope for MLDv1 reports, MLDv1 queries, and MLDv2 queries. * Perform address field validation *before* accepting queries. * Use KAME scope/zone ID in query/report processing. * Break const correctness for mld_v1_input_report(), mld_v1_input_query() as we temporarily modify the input mbuf chain. * Clear the scope ID before handoff to userland MLD daemon. * Fix MLDv1 old querier present timer processing. With the protocol defaults, hosts should revert to MLDv2 after 260s. * Add net.inet6.mld.v1enable sysctl, default to on. ifmcstat.c: * Use sysctl by default; -K requests kvm(3) if so compiled. mld.4: * Connect man page to build. Tested using PCS.
2009-05-27 18:57:13 +00:00
.Dd May 27, 2009
.Dt MULTICAST 4
.Os
.\"
.Sh NAME
.Nm multicast
.Nd Multicast Routing
.\"
.Sh SYNOPSIS
.Cd "options MROUTING"
.Pp
.In sys/types.h
.In sys/socket.h
.In netinet/in.h
.In netinet/ip_mroute.h
.In netinet6/ip6_mroute.h
.Ft int
.Fn getsockopt "int s" IPPROTO_IP MRT_INIT "void *optval" "socklen_t *optlen"
.Ft int
.Fn setsockopt "int s" IPPROTO_IP MRT_INIT "const void *optval" "socklen_t optlen"
.Ft int
.Fn getsockopt "int s" IPPROTO_IPV6 MRT6_INIT "void *optval" "socklen_t *optlen"
.Ft int
.Fn setsockopt "int s" IPPROTO_IPV6 MRT6_INIT "const void *optval" "socklen_t optlen"
.Sh DESCRIPTION
.Tn "Multicast routing"
is used to efficiently propagate data
packets to a set of multicast listeners in multipoint networks.
If unicast is used to replicate the data to all listeners,
then some of the network links may carry multiple copies of the same
data packets.
With multicast routing, the overhead is reduced to one copy
(at most) per network link.
.Pp
All multicast-capable routers must run a common multicast routing
protocol.
It is recommended that either
Protocol Independent Multicast - Sparse Mode (PIM-SM),
or Protocol Independent Multicast - Dense Mode (PIM-DM)
are used, as these are now the generally accepted protocols
in the Internet community.
The
.Sx HISTORY
section discusses previous multicast routing protocols.
.Pp
To start multicast routing,
the user must enable multicast forwarding in the kernel
(see
.Sx SYNOPSIS
about the kernel configuration options),
and must run a multicast routing capable user-level process.
From developer's point of view,
the programming guide described in the
.Sx "Programming Guide"
section should be used to control the multicast forwarding in the kernel.
.\"
.Ss Programming Guide
This section provides information about the basic multicast routing API.
The so-called
.Dq advanced multicast API
is described in the
.Sx "Advanced Multicast API Programming Guide"
section.
.Pp
First, a multicast routing socket must be open.
That socket would be used
to control the multicast forwarding in the kernel.
Note that most operations below require certain privilege
(i.e., root privilege):
.Bd -literal
/* IPv4 */
int mrouter_s4;
mrouter_s4 = socket(AF_INET, SOCK_RAW, IPPROTO_IGMP);
.Ed
.Bd -literal
int mrouter_s6;
mrouter_s6 = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
.Ed
.Pp
Note that if the router needs to open an IGMP or ICMPv6 socket
(in case of IPv4 and IPv6 respectively)
for sending or receiving of IGMP or MLD multicast group membership messages,
2004-07-09 09:22:36 +00:00
then the same
.Va mrouter_s4
or
.Va mrouter_s6
sockets should be used
for sending and receiving respectively IGMP or MLD messages.
2004-07-09 09:22:36 +00:00
In case of
.Bx Ns
-derived kernel, it may be possible to open separate sockets
for IGMP or MLD messages only.
2004-07-09 09:22:36 +00:00
However, some other kernels (e.g.,
.Tn Linux )
require that the multicast
routing socket must be used for sending and receiving of IGMP or MLD
messages.
Therefore, for portability reason the multicast
routing socket should be reused for IGMP and MLD messages as well.
.Pp
After the multicast routing socket is open, it can be used to enable
or disable multicast forwarding in the kernel:
.Bd -literal
/* IPv4 */
int v = 1; /* 1 to enable, or 0 to disable */
setsockopt(mrouter_s4, IPPROTO_IP, MRT_INIT, (void *)&v, sizeof(v));
.Ed
.Bd -literal
/* IPv6 */
int v = 1; /* 1 to enable, or 0 to disable */
setsockopt(mrouter_s6, IPPROTO_IPV6, MRT6_INIT, (void *)&v, sizeof(v));
\&...
/* If necessary, filter all ICMPv6 messages */
struct icmp6_filter filter;
ICMP6_FILTER_SETBLOCKALL(&filter);
setsockopt(mrouter_s6, IPPROTO_ICMPV6, ICMP6_FILTER, (void *)&filter,
sizeof(filter));
.Ed
.Pp
After multicast forwarding is enabled, the multicast routing socket
can be used to enable PIM processing in the kernel if we are running PIM-SM or
PIM-DM
(see
.Xr pim 4 ) .
.Pp
For each network interface (e.g., physical or a virtual tunnel)
that would be used for multicast forwarding, a corresponding
multicast interface must be added to the kernel:
.Bd -literal
/* IPv4 */
struct vifctl vc;
memset(&vc, 0, sizeof(vc));
/* Assign all vifctl fields as appropriate */
vc.vifc_vifi = vif_index;
vc.vifc_flags = vif_flags;
vc.vifc_threshold = min_ttl_threshold;
vc.vifc_rate_limit = 0;
memcpy(&vc.vifc_lcl_addr, &vif_local_address, sizeof(vc.vifc_lcl_addr));
setsockopt(mrouter_s4, IPPROTO_IP, MRT_ADD_VIF, (void *)&vc,
sizeof(vc));
.Ed
.Pp
The
2004-07-09 09:22:36 +00:00
.Va vif_index
must be unique per vif.
The
2004-07-09 09:22:36 +00:00
.Va vif_flags
contains the
2004-07-09 09:22:36 +00:00
.Dv VIFF_*
flags as defined in
.In netinet/ip_mroute.h .
The
.Dv VIFF_TUNNEL
flag is no longer supported by
.Fx .
Users who wish to forward multicast datagrams over a tunnel should consider
configuring a
.Xr gif 4
or
.Xr gre 4
tunnel and using it as a physical interface.
.Pp
The
2004-07-09 09:22:36 +00:00
.Va min_ttl_threshold
contains the minimum TTL a multicast data packet must have to be
forwarded on that vif.
Typically, it would have value of 1.
.Pp
The
2004-07-09 09:22:36 +00:00
.Va max_rate_limit
argument is no longer supported in
.Fx
and should be set to 0.
Users who wish to rate-limit multicast datagrams should consider the use of
.Xr dummynet 4
or
.Xr altq 4 .
.Pp
2004-07-02 19:07:33 +00:00
The
2004-07-09 09:22:36 +00:00
.Va vif_local_address
contains the local IP address of the corresponding local interface.
The
2004-07-09 09:22:36 +00:00
.Va vif_remote_address
contains the remote IP address in case of DVMRP multicast tunnels.
.Bd -literal
/* IPv6 */
struct mif6ctl mc;
memset(&mc, 0, sizeof(mc));
/* Assign all mif6ctl fields as appropriate */
mc.mif6c_mifi = mif_index;
mc.mif6c_flags = mif_flags;
mc.mif6c_pifi = pif_index;
setsockopt(mrouter_s6, IPPROTO_IPV6, MRT6_ADD_MIF, (void *)&mc,
sizeof(mc));
.Ed
.Pp
The
2004-07-09 09:22:36 +00:00
.Va mif_index
must be unique per vif.
The
2004-07-09 09:22:36 +00:00
.Va mif_flags
contains the
2004-07-09 09:22:36 +00:00
.Dv MIFF_*
flags as defined in
.In netinet6/ip6_mroute.h .
The
2004-07-09 09:22:36 +00:00
.Va pif_index
is the physical interface index of the corresponding local interface.
.Pp
A multicast interface is deleted by:
.Bd -literal
/* IPv4 */
vifi_t vifi = vif_index;
setsockopt(mrouter_s4, IPPROTO_IP, MRT_DEL_VIF, (void *)&vifi,
sizeof(vifi));
.Ed
.Bd -literal
/* IPv6 */
mifi_t mifi = mif_index;
setsockopt(mrouter_s6, IPPROTO_IPV6, MRT6_DEL_MIF, (void *)&mifi,
sizeof(mifi));
.Ed
.Pp
After the multicast forwarding is enabled, and the multicast virtual
interfaces are
added, the kernel may deliver upcall messages (also called signals
later in this text) on the multicast routing socket that was open
earlier with
2004-07-09 09:22:36 +00:00
.Dv MRT_INIT
or
2004-07-09 09:22:36 +00:00
.Dv MRT6_INIT .
The IPv4 upcalls have
2004-07-09 09:22:36 +00:00
.Vt "struct igmpmsg"
header (see
.In netinet/ip_mroute.h )
with field
.Va im_mbz
set to zero.
Note that this header follows the structure of
2004-07-09 09:22:36 +00:00
.Vt "struct ip"
with the protocol field
2004-07-09 09:22:36 +00:00
.Va ip_p
set to zero.
The IPv6 upcalls have
2004-07-09 09:22:36 +00:00
.Vt "struct mrt6msg"
header (see
.In netinet6/ip6_mroute.h )
with field
.Va im6_mbz
set to zero.
Note that this header follows the structure of
2004-07-09 09:22:36 +00:00
.Vt "struct ip6_hdr"
with the next header field
2004-07-09 09:22:36 +00:00
.Va ip6_nxt
set to zero.
.Pp
The upcall header contains field
2004-07-09 09:22:36 +00:00
.Va im_msgtype
and
2004-07-09 09:22:36 +00:00
.Va im6_msgtype
with the type of the upcall
2004-07-09 09:22:36 +00:00
.Dv IGMPMSG_*
and
2004-07-09 09:22:36 +00:00
.Dv MRT6MSG_*
for IPv4 and IPv6 respectively.
The values of the rest of the upcall header fields
and the body of the upcall message depend on the particular upcall type.
.Pp
If the upcall message type is
2004-07-09 09:22:36 +00:00
.Dv IGMPMSG_NOCACHE
or
2004-07-09 09:22:36 +00:00
.Dv MRT6MSG_NOCACHE ,
this is an indication that a multicast packet has reached the multicast
router, but the router has no forwarding state for that packet.
Typically, the upcall would be a signal for the multicast routing
user-level process to install the appropriate Multicast Forwarding
Cache (MFC) entry in the kernel.
.Pp
2004-07-09 09:22:36 +00:00
An MFC entry is added by:
.Bd -literal
/* IPv4 */
struct mfcctl mc;
memset(&mc, 0, sizeof(mc));
memcpy(&mc.mfcc_origin, &source_addr, sizeof(mc.mfcc_origin));
memcpy(&mc.mfcc_mcastgrp, &group_addr, sizeof(mc.mfcc_mcastgrp));
mc.mfcc_parent = iif_index;
for (i = 0; i < maxvifs; i++)
mc.mfcc_ttls[i] = oifs_ttl[i];
setsockopt(mrouter_s4, IPPROTO_IP, MRT_ADD_MFC,
(void *)&mc, sizeof(mc));
.Ed
.Bd -literal
/* IPv6 */
struct mf6cctl mc;
memset(&mc, 0, sizeof(mc));
memcpy(&mc.mf6cc_origin, &source_addr, sizeof(mc.mf6cc_origin));
memcpy(&mc.mf6cc_mcastgrp, &group_addr, sizeof(mf6cc_mcastgrp));
mc.mf6cc_parent = iif_index;
for (i = 0; i < maxvifs; i++)
if (oifs_ttl[i] > 0)
IF_SET(i, &mc.mf6cc_ifset);
setsockopt(mrouter_s6, IPPROTO_IPV6, MRT6_ADD_MFC,
(void *)&mc, sizeof(mc));
.Ed
.Pp
The
2004-07-09 09:22:36 +00:00
.Va source_addr
and
2004-07-09 09:22:36 +00:00
.Va group_addr
are the source and group address of the multicast packet (as set
in the upcall message).
The
2004-07-09 09:22:36 +00:00
.Va iif_index
is the virtual interface index of the multicast interface the multicast
packets for this specific source and group address should be received on.
The
2004-07-09 09:22:36 +00:00
.Va oifs_ttl[]
array contains the minimum TTL (per interface) a multicast packet
should have to be forwarded on an outgoing interface.
If the TTL value is zero, the corresponding interface is not included
in the set of outgoing interfaces.
Note that in case of IPv6 only the set of outgoing interfaces can
be specified.
.Pp
2004-07-09 09:22:36 +00:00
An MFC entry is deleted by:
.Bd -literal
/* IPv4 */
struct mfcctl mc;
memset(&mc, 0, sizeof(mc));
memcpy(&mc.mfcc_origin, &source_addr, sizeof(mc.mfcc_origin));
memcpy(&mc.mfcc_mcastgrp, &group_addr, sizeof(mc.mfcc_mcastgrp));
setsockopt(mrouter_s4, IPPROTO_IP, MRT_DEL_MFC,
(void *)&mc, sizeof(mc));
.Ed
.Bd -literal
/* IPv6 */
struct mf6cctl mc;
memset(&mc, 0, sizeof(mc));
memcpy(&mc.mf6cc_origin, &source_addr, sizeof(mc.mf6cc_origin));
memcpy(&mc.mf6cc_mcastgrp, &group_addr, sizeof(mf6cc_mcastgrp));
setsockopt(mrouter_s6, IPPROTO_IPV6, MRT6_DEL_MFC,
(void *)&mc, sizeof(mc));
.Ed
.Pp
The following method can be used to get various statistics per
installed MFC entry in the kernel (e.g., the number of forwarded
packets per source and group address):
.Bd -literal
/* IPv4 */
struct sioc_sg_req sgreq;
memset(&sgreq, 0, sizeof(sgreq));
memcpy(&sgreq.src, &source_addr, sizeof(sgreq.src));
memcpy(&sgreq.grp, &group_addr, sizeof(sgreq.grp));
ioctl(mrouter_s4, SIOCGETSGCNT, &sgreq);
.Ed
.Bd -literal
/* IPv6 */
struct sioc_sg_req6 sgreq;
memset(&sgreq, 0, sizeof(sgreq));
memcpy(&sgreq.src, &source_addr, sizeof(sgreq.src));
memcpy(&sgreq.grp, &group_addr, sizeof(sgreq.grp));
ioctl(mrouter_s6, SIOCGETSGCNT_IN6, &sgreq);
.Ed
.Pp
The following method can be used to get various statistics per
multicast virtual interface in the kernel (e.g., the number of forwarded
packets per interface):
.Bd -literal
/* IPv4 */
struct sioc_vif_req vreq;
memset(&vreq, 0, sizeof(vreq));
vreq.vifi = vif_index;
ioctl(mrouter_s4, SIOCGETVIFCNT, &vreq);
.Ed
.Bd -literal
/* IPv6 */
struct sioc_mif_req6 mreq;
memset(&mreq, 0, sizeof(mreq));
mreq.mifi = vif_index;
ioctl(mrouter_s6, SIOCGETMIFCNT_IN6, &mreq);
.Ed
.Ss Advanced Multicast API Programming Guide
If we want to add new features in the kernel, it becomes difficult
to preserve backward compatibility (binary and API),
and at the same time to allow user-level processes to take advantage of
the new features (if the kernel supports them).
.Pp
2004-07-02 19:07:33 +00:00
One of the mechanisms that allows us to preserve the backward
compatibility is a sort of negotiation
between the user-level process and the kernel:
.Bl -enum
.It
The user-level process tries to enable in the kernel the set of new
features (and the corresponding API) it would like to use.
.It
The kernel returns the (sub)set of features it knows about
and is willing to be enabled.
.It
The user-level process uses only that set of features
the kernel has agreed on.
.El
.\"
.Pp
2004-07-09 09:22:36 +00:00
To support backward compatibility, if the user-level process does not
ask for any new features, the kernel defaults to the basic
multicast API (see the
.Sx "Programming Guide"
section).
.\" XXX: edit as appropriate after the advanced multicast API is
.\" supported under IPv6
Currently, the advanced multicast API exists only for IPv4;
in the future there will be IPv6 support as well.
.Pp
Below is a summary of the expandable API solution.
Note that all new options and structures are defined
2004-07-09 09:22:36 +00:00
in
.In netinet/ip_mroute.h
and
.In netinet6/ip6_mroute.h ,
unless stated otherwise.
.Pp
2004-07-09 09:22:36 +00:00
The user-level process uses new
.Fn getsockopt Ns / Ns Fn setsockopt
options to
perform the API features negotiation with the kernel.
This negotiation must be performed right after the multicast routing
socket is open.
The set of desired/allowed features is stored in a bitset
2004-07-09 09:22:36 +00:00
(currently, in
.Vt uint32_t ;
i.e., maximum of 32 new features).
The new
.Fn getsockopt Ns / Ns Fn setsockopt
options are
.Dv MRT_API_SUPPORT
and
2004-07-09 09:22:36 +00:00
.Dv MRT_API_CONFIG .
Example:
.Bd -literal
uint32_t v;
getsockopt(sock, IPPROTO_IP, MRT_API_SUPPORT, (void *)&v, sizeof(v));
.Ed
.Pp
would set in
2004-07-09 09:22:36 +00:00
.Va v
the pre-defined bits that the kernel API supports.
2004-07-09 09:22:36 +00:00
The eight least significant bits in
.Vt uint32_t
are same as the
eight possible flags
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_FLAGS_*
that can be used in
2004-07-09 09:22:36 +00:00
.Va mfcc_flags
as part of the new definition of
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl"
(see below about those flags), which leaves 24 flags for other new features.
2004-07-09 09:22:36 +00:00
The value returned by
.Fn getsockopt MRT_API_SUPPORT
is read-only; in other words,
.Fn setsockopt MRT_API_SUPPORT
would fail.
.Pp
To modify the API, and to set some specific feature in the kernel, then:
.Bd -literal
uint32_t v = MRT_MFC_FLAGS_DISABLE_WRONGVIF;
if (setsockopt(sock, IPPROTO_IP, MRT_API_CONFIG, (void *)&v, sizeof(v))
!= 0) {
return (ERROR);
}
if (v & MRT_MFC_FLAGS_DISABLE_WRONGVIF)
return (OK); /* Success */
else
return (ERROR);
.Ed
.Pp
2004-07-09 09:22:36 +00:00
In other words, when
.Fn setsockopt MRT_API_CONFIG
is called, the
argument to it specifies the desired set of features to
be enabled in the API and the kernel.
The return value in
2004-07-09 09:22:36 +00:00
.Va v
is the actual (sub)set of features that were enabled in the kernel.
To obtain later the same set of features that were enabled, then:
.Bd -literal
getsockopt(sock, IPPROTO_IP, MRT_API_CONFIG, (void *)&v, sizeof(v));
.Ed
.Pp
The set of enabled features is global.
2004-07-09 09:22:36 +00:00
In other words,
.Fn setsockopt MRT_API_CONFIG
should be called right after
.Fn setsockopt MRT_INIT .
.Pp
Currently, the following set of new features is defined:
.Bd -literal
#define MRT_MFC_FLAGS_DISABLE_WRONGVIF (1 << 0) /* disable WRONGVIF signals */
#define MRT_MFC_FLAGS_BORDER_VIF (1 << 1) /* border vif */
#define MRT_MFC_RP (1 << 8) /* enable RP address */
#define MRT_MFC_BW_UPCALL (1 << 9) /* enable bw upcalls */
.Ed
.\" .Pp
.\" In the future there might be:
.\" .Bd -literal
.\" #define MRT_MFC_GROUP_SPECIFIC (1 << 10) /* allow (*,G) MFC entries */
.\" .Ed
.\" .Pp
.\" to allow (*,G) MFC entries (i.e., group-specific entries) in the kernel.
.\" For now this is left-out until it is clear whether
.\" (*,G) MFC support is the preferred solution instead of something more generic
.\" solution for example.
.\"
.\" 2. The newly defined struct mfcctl2.
.\"
.Pp
The advanced multicast API uses a newly defined
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl2"
instead of the traditional
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl" .
The original
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl"
is kept as is.
The new
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl2"
is:
.Bd -literal
/*
* The new argument structure for MRT_ADD_MFC and MRT_DEL_MFC overlays
* and extends the old struct mfcctl.
*/
struct mfcctl2 {
/* the mfcctl fields */
struct in_addr mfcc_origin; /* ip origin of mcasts */
struct in_addr mfcc_mcastgrp; /* multicast group associated*/
vifi_t mfcc_parent; /* incoming vif */
u_char mfcc_ttls[MAXVIFS];/* forwarding ttls on vifs */
/* extension fields */
uint8_t mfcc_flags[MAXVIFS];/* the MRT_MFC_FLAGS_* flags*/
struct in_addr mfcc_rp; /* the RP address */
};
.Ed
.Pp
The new fields are
2004-07-09 09:22:36 +00:00
.Va mfcc_flags[MAXVIFS]
and
2004-07-09 09:22:36 +00:00
.Va mfcc_rp .
Note that for compatibility reasons they are added at the end.
.Pp
The
2004-07-09 09:22:36 +00:00
.Va mfcc_flags[MAXVIFS]
field is used to set various flags per
interface per (S,G) entry.
Currently, the defined flags are:
.Bd -literal
#define MRT_MFC_FLAGS_DISABLE_WRONGVIF (1 << 0) /* disable WRONGVIF signals */
#define MRT_MFC_FLAGS_BORDER_VIF (1 << 1) /* border vif */
.Ed
.Pp
The
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_FLAGS_DISABLE_WRONGVIF
flag is used to explicitly disable the
2004-07-09 09:22:36 +00:00
.Dv IGMPMSG_WRONGVIF
kernel signal at the (S,G) granularity if a multicast data packet
arrives on the wrong interface.
Usually, this signal is used to
complete the shortest-path switch in case of PIM-SM multicast routing,
or to trigger a PIM assert message.
However, it should not be delivered for interfaces that are not in
the outgoing interface set, and that are not expecting to
become an incoming interface.
Hence, if the
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_FLAGS_DISABLE_WRONGVIF
flag is set for some of the
interfaces, then a data packet that arrives on that interface for
that MFC entry will NOT trigger a WRONGVIF signal.
If that flag is not set, then a signal is triggered (the default action).
.Pp
The
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_FLAGS_BORDER_VIF
flag is used to specify whether the Border-bit in PIM
Register messages should be set (in case when the Register encapsulation
is performed inside the kernel).
If it is set for the special PIM Register kernel virtual interface
(see
.Xr pim 4 ) ,
the Border-bit in the Register messages sent to the RP will be set.
.Pp
The remaining six bits are reserved for future usage.
.Pp
The
2004-07-09 09:22:36 +00:00
.Va mfcc_rp
field is used to specify the RP address (in case of PIM-SM multicast routing)
for a multicast
group G if we want to perform kernel-level PIM Register encapsulation.
The
2004-07-09 09:22:36 +00:00
.Va mfcc_rp
field is used only if the
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_RP
advanced API flag/capability has been successfully set by
2004-07-09 09:22:36 +00:00
.Fn setsockopt MRT_API_CONFIG .
.Pp
.\"
.\" 3. Kernel-level PIM Register encapsulation
.\"
If the
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_RP
flag was successfully set by
2004-07-09 09:22:36 +00:00
.Fn setsockopt MRT_API_CONFIG ,
then the kernel will attempt to perform
the PIM Register encapsulation itself instead of sending the
2004-07-09 09:22:36 +00:00
multicast data packets to user level (inside
.Dv IGMPMSG_WHOLEPKT
upcalls) for user-level encapsulation.
The RP address would be taken from the
2004-07-09 09:22:36 +00:00
.Va mfcc_rp
field
inside the new
2004-07-09 09:22:36 +00:00
.Vt "struct mfcctl2" .
However, even if the
2004-07-09 09:22:36 +00:00
.Dv MRT_MFC_RP
flag was successfully set, if the
2004-07-09 09:22:36 +00:00
.Va mfcc_rp
field was set to
2004-07-09 09:22:36 +00:00
.Dv INADDR_ANY ,
then the
2004-07-09 09:22:36 +00:00
kernel will still deliver an
.Dv IGMPMSG_WHOLEPKT
upcall with the
multicast data packet to the user-level process.
.Pp
In addition, if the multicast data packet is too large to fit within
a single IP packet after the PIM Register encapsulation (e.g., if
its size was on the order of 65500 bytes), the data packet will be
fragmented, and then each of the fragments will be encapsulated
separately.
Note that typically a multicast data packet can be that
large only if it was originated locally from the same hosts that
performs the encapsulation; otherwise the transmission of the
multicast data packet over Ethernet for example would have
fragmented it into much smaller pieces.
.\"
.\" Note that if this code is ported to IPv6, we may need the kernel to
.\" perform MTU discovery to the RP, and keep those discoveries inside
.\" the kernel so the encapsulating router may send back ICMP
.\" Fragmentation Required if the size of the multicast data packet is
.\" too large (see "Encapsulating data packets in the Register Tunnel"
.\" in Section 4.4.1 in the PIM-SM spec
.\" draft-ietf-pim-sm-v2-new-05.{txt,ps}).
.\" For IPv4 we may be able to get away without it, but for IPv6 we need
.\" that.
.\"
.\" 4. Mechanism for "multicast bandwidth monitoring and upcalls".
.\"
.Pp
Typically, a multicast routing user-level process would need to know the
forwarding bandwidth for some data flow.
For example, the multicast routing process may want to timeout idle MFC
entries, or in case of PIM-SM it can initiate (S,G) shortest-path switch if
the bandwidth rate is above a threshold for example.
.Pp
The original solution for measuring the bandwidth of a dataflow was
that a user-level process would periodically
query the kernel about the number of forwarded packets/bytes per
(S,G), and then based on those numbers it would estimate whether a source
has been idle, or whether the source's transmission bandwidth is above a
threshold.
That solution is far from being scalable, hence the need for a new
mechanism for bandwidth monitoring.
.Pp
Below is a description of the bandwidth monitoring mechanism.
.Bl -bullet
.It
If the bandwidth of a data flow satisfies some pre-defined filter,
the kernel delivers an upcall on the multicast routing socket
to the multicast routing process that has installed that filter.
.It
The bandwidth-upcall filters are installed per (S,G).
There can be
more than one filter per (S,G).
.It
Instead of supporting all possible comparison operations
(i.e., < <= == != > >= ), there is support only for the
<= and >= operations,
because this makes the kernel-level implementation simpler,
and because practically we need only those two.
Further, the missing operations can be simulated by secondary
user-level filtering of those <= and >= filters.
For example, to simulate !=, then we need to install filter
.Dq bw <= 0xffffffff ,
and after an
upcall is received, we need to check whether
.Dq measured_bw != expected_bw .
.It
The bandwidth-upcall mechanism is enabled by
2004-07-09 09:22:36 +00:00
.Fn setsockopt MRT_API_CONFIG
for the
.Dv MRT_MFC_BW_UPCALL
flag.
.It
The bandwidth-upcall filters are added/deleted by the new
2004-07-09 09:22:36 +00:00
.Fn setsockopt MRT_ADD_BW_UPCALL
and
.Fn setsockopt MRT_DEL_BW_UPCALL
respectively (with the appropriate
2004-07-09 09:22:36 +00:00
.Vt "struct bw_upcall"
argument of course).
.El
.Pp
From application point of view, a developer needs to know about
the following:
.Bd -literal
/*
* Structure for installing or delivering an upcall if the
* measured bandwidth is above or below a threshold.
*
* User programs (e.g. daemons) may have a need to know when the
* bandwidth used by some data flow is above or below some threshold.
* This interface allows the userland to specify the threshold (in
* bytes and/or packets) and the measurement interval. Flows are
* all packet with the same source and destination IP address.
* At the moment the code is only used for multicast destinations
* but there is nothing that prevents its use for unicast.
*
* The measurement interval cannot be shorter than some Tmin (currently, 3s).
* The threshold is set in packets and/or bytes per_interval.
*
* Measurement works as follows:
*
2004-07-02 19:07:33 +00:00
* For >= measurements:
* The first packet marks the start of a measurement interval.
* During an interval we count packets and bytes, and when we
* pass the threshold we deliver an upcall and we are done.
* The first packet after the end of the interval resets the
* count and restarts the measurement.
*
* For <= measurement:
* We start a timer to fire at the end of the interval, and
* then for each incoming packet we count packets and bytes.
* When the timer fires, we compare the value with the threshold,
* schedule an upcall if we are below, and restart the measurement
* (reschedule timer and zero counters).
*/
struct bw_data {
struct timeval b_time;
uint64_t b_packets;
uint64_t b_bytes;
};
struct bw_upcall {
struct in_addr bu_src; /* source address */
struct in_addr bu_dst; /* destination address */
uint32_t bu_flags; /* misc flags (see below) */
#define BW_UPCALL_UNIT_PACKETS (1 << 0) /* threshold (in packets) */
#define BW_UPCALL_UNIT_BYTES (1 << 1) /* threshold (in bytes) */
#define BW_UPCALL_GEQ (1 << 2) /* upcall if bw >= threshold */
#define BW_UPCALL_LEQ (1 << 3) /* upcall if bw <= threshold */
#define BW_UPCALL_DELETE_ALL (1 << 4) /* delete all upcalls for s,d*/
struct bw_data bu_threshold; /* the bw threshold */
struct bw_data bu_measured; /* the measured bw */
};
/* max. number of upcalls to deliver together */
#define BW_UPCALLS_MAX 128
/* min. threshold time interval for bandwidth measurement */
#define BW_UPCALL_THRESHOLD_INTERVAL_MIN_SEC 3
#define BW_UPCALL_THRESHOLD_INTERVAL_MIN_USEC 0
.Ed
.Pp
The
2004-07-09 09:22:36 +00:00
.Vt bw_upcall
structure is used as an argument to
2004-07-09 09:22:36 +00:00
.Fn setsockopt MRT_ADD_BW_UPCALL
and
.Fn setsockopt MRT_DEL_BW_UPCALL .
Each
.Fn setsockopt MRT_ADD_BW_UPCALL
installs a filter in the kernel
for the source and destination address in the
2004-07-09 09:22:36 +00:00
.Vt bw_upcall
argument,
and that filter will trigger an upcall according to the following
pseudo-algorithm:
.Bd -literal
if (bw_upcall_oper IS ">=") {
if (((bw_upcall_unit & PACKETS == PACKETS) &&
(measured_packets >= threshold_packets)) ||
((bw_upcall_unit & BYTES == BYTES) &&
(measured_bytes >= threshold_bytes)))
SEND_UPCALL("measured bandwidth is >= threshold");
}
if (bw_upcall_oper IS "<=" && measured_interval >= threshold_interval) {
if (((bw_upcall_unit & PACKETS == PACKETS) &&
(measured_packets <= threshold_packets)) ||
((bw_upcall_unit & BYTES == BYTES) &&
(measured_bytes <= threshold_bytes)))
SEND_UPCALL("measured bandwidth is <= threshold");
}
.Ed
.Pp
In the same
2004-07-09 09:22:36 +00:00
.Vt bw_upcall
the unit can be specified in both BYTES and PACKETS.
However, the GEQ and LEQ flags are mutually exclusive.
.Pp
Basically, an upcall is delivered if the measured bandwidth is >= or
<= the threshold bandwidth (within the specified measurement
interval).
For practical reasons, the smallest value for the measurement
interval is 3 seconds.
If smaller values are allowed, then the bandwidth
estimation may be less accurate, or the potentially very high frequency
of the generated upcalls may introduce too much overhead.
For the >= operation, the answer may be known before the end of
2004-07-09 09:22:36 +00:00
.Va threshold_interval ,
therefore the upcall may be delivered earlier.
For the <= operation however, we must wait
until the threshold interval has expired to know the answer.
.Pp
Example of usage:
.Bd -literal
struct bw_upcall bw_upcall;
/* Assign all bw_upcall fields as appropriate */
memset(&bw_upcall, 0, sizeof(bw_upcall));
memcpy(&bw_upcall.bu_src, &source, sizeof(bw_upcall.bu_src));
memcpy(&bw_upcall.bu_dst, &group, sizeof(bw_upcall.bu_dst));
bw_upcall.bu_threshold.b_data = threshold_interval;
bw_upcall.bu_threshold.b_packets = threshold_packets;
bw_upcall.bu_threshold.b_bytes = threshold_bytes;
if (is_threshold_in_packets)
bw_upcall.bu_flags |= BW_UPCALL_UNIT_PACKETS;
if (is_threshold_in_bytes)
bw_upcall.bu_flags |= BW_UPCALL_UNIT_BYTES;
do {
if (is_geq_upcall) {
bw_upcall.bu_flags |= BW_UPCALL_GEQ;
break;
}
if (is_leq_upcall) {
bw_upcall.bu_flags |= BW_UPCALL_LEQ;
break;
}
return (ERROR);
} while (0);
setsockopt(mrouter_s4, IPPROTO_IP, MRT_ADD_BW_UPCALL,
(void *)&bw_upcall, sizeof(bw_upcall));
.Ed
.Pp
2004-07-09 09:22:36 +00:00
To delete a single filter, then use
.Dv MRT_DEL_BW_UPCALL ,
and the fields of bw_upcall must be set
2004-07-09 09:22:36 +00:00
exactly same as when
.Dv MRT_ADD_BW_UPCALL
was called.
.Pp
To delete all bandwidth filters for a given (S,G), then
only the
2004-07-09 09:22:36 +00:00
.Va bu_src
and
2004-07-09 09:22:36 +00:00
.Va bu_dst
fields in
2004-07-09 09:22:36 +00:00
.Vt "struct bw_upcall"
need to be set, and then just set only the
2004-07-09 09:22:36 +00:00
.Dv BW_UPCALL_DELETE_ALL
flag inside field
2004-07-09 09:22:36 +00:00
.Va bw_upcall.bu_flags .
.Pp
The bandwidth upcalls are received by aggregating them in the new upcall
message:
.Bd -literal
#define IGMPMSG_BW_UPCALL 4 /* BW monitoring upcall */
.Ed
.Pp
This message is an array of
2004-07-09 09:22:36 +00:00
.Vt "struct bw_upcall"
elements (up to
.Dv BW_UPCALLS_MAX
= 128).
The upcalls are
delivered when there are 128 pending upcalls, or when 1 second has
expired since the previous upcall (whichever comes first).
In an
2004-07-09 09:22:36 +00:00
.Vt "struct upcall"
element, the
2004-07-09 09:22:36 +00:00
.Va bu_measured
field is filled-in to
indicate the particular measured values.
However, because of the way
the particular intervals are measured, the user should be careful how
2004-07-09 09:22:36 +00:00
.Va bu_measured.b_time
is used.
2004-07-02 19:07:33 +00:00
For example, if the
filter is installed to trigger an upcall if the number of packets
is >= 1, then
2004-07-09 09:22:36 +00:00
.Va bu_measured
may have a value of zero in the upcalls after the
first one, because the measured interval for >= filters is
.Dq clocked
by the forwarded packets.
Hence, this upcall mechanism should not be used for measuring
the exact value of the bandwidth of the forwarded data.
To measure the exact bandwidth, the user would need to
2004-07-09 09:22:36 +00:00
get the forwarded packets statistics with the
.Fn ioctl SIOCGETSGCNT
mechanism
(see the
.Sx Programming Guide
section) .
.Pp
Note that the upcalls for a filter are delivered until the specific
filter is deleted, but no more frequently than once per
2004-07-09 09:22:36 +00:00
.Va bu_threshold.b_time .
For example, if the filter is specified to
deliver a signal if bw >= 1 packet, the first packet will trigger a
signal, but the next upcall will be triggered no earlier than
2004-07-09 09:22:36 +00:00
.Va bu_threshold.b_time
after the previous upcall.
.\"
.Sh SEE ALSO
.Xr getsockopt 2 ,
.Xr recvfrom 2 ,
.Xr recvmsg 2 ,
.Xr setsockopt 2 ,
.Xr socket 2 ,
.Xr sourcefilter 3 ,
.Xr altq 4 ,
.Xr dummynet 4 ,
.Xr gif 4 ,
.Xr gre 4 ,
.Xr icmp6 4 ,
.Xr igmp 4 ,
.Xr inet 4 ,
.Xr inet6 4 ,
.Xr intro 4 ,
.Xr ip 4 ,
.Xr ip6 4 ,
Merge final round of MLD changes from p4: ip6_input.c, in6.h: * Add netinet6-specific mbuf flag M_RTALERT_MLD, shadowing M_PROTO6. * Always set this flag if HBH Router Alert option is present for MLD, even when not forwarding. icmp6.c: * In icmp6_input(), spell m->m_pkthdr.rcvif as ifp to be consistent. * Use scope ID for verifying input. Do not apply SSM filters here, no inpcb. * Check for M_RTALERT_MLD when validating MLD traffic, as we can't see IPv6 hop options outside of ip6_input(). in6_mcast.c: * Use KAME scope/zone ID in in6_multi. * Update net.inet6.ip6.mcast.filters implementation to use scope IDs for comparisons. * Fix scope ID treatment in multicast socket option processing. Scope IDs passed in from userland will be ignored as other less ambiguous APIs exist for specifying the link. * Tighten userland input checks in IPv6 SSM delta and full-state ops. * Source filter embedded scope IDs need to be revisited, for now just clear them and ignore them on input. * Adapt KAME behaviour of looking up the scope ID in the default zone for multicast leaves, when the interface is ambiguous. mld6.c: * Tighten origin checks on MLD traffic as per RFC3810 Section 6.2: * ip6_src MAY be the unspecified address for MLDv1 reports. * ip6_src MAY have link-local address scope for MLDv1 reports, MLDv1 queries, and MLDv2 queries. * Perform address field validation *before* accepting queries. * Use KAME scope/zone ID in query/report processing. * Break const correctness for mld_v1_input_report(), mld_v1_input_query() as we temporarily modify the input mbuf chain. * Clear the scope ID before handoff to userland MLD daemon. * Fix MLDv1 old querier present timer processing. With the protocol defaults, hosts should revert to MLDv2 after 260s. * Add net.inet6.mld.v1enable sysctl, default to on. ifmcstat.c: * Use sysctl by default; -K requests kvm(3) if so compiled. mld.4: * Connect man page to build. Tested using PCS.
2009-05-27 18:57:13 +00:00
.Xr mld 4 ,
.Xr pim 4
.\"
.Sh HISTORY
The Distance Vector Multicast Routing Protocol (DVMRP)
was the first developed multicast routing protocol.
Later, other protocols such as Multicast Extensions to OSPF (MOSPF)
and Core Based Trees (CBT), were developed as well.
Routers at autonomous system boundaries may now exchange multicast
routes with peers via the Border Gateway Protocol (BGP).
Many other routing protocols are able to redistribute multicast routes
for use with
.Dv PIM-SM
and
.Dv PIM-DM .
.Sh AUTHORS
.An -nosplit
The original multicast code was written by
.An David Waitzman
(BBN Labs),
and later modified by the following individuals:
.An Steve Deering
(Stanford),
.An Mark J. Steiglitz
(Stanford),
.An Van Jacobson
(LBL),
.An Ajit Thyagarajan
(PARC),
.An Bill Fenner
(PARC).
The IPv6 multicast support was implemented by the KAME project
2004-07-09 09:22:36 +00:00
.Pq Pa http://www.kame.net ,
and was based on the IPv4 multicast code.
The advanced multicast API and the multicast bandwidth
monitoring were implemented by
.An Pavlin Radoslavov
(ICSI)
in collaboration with
.An Chris Brown
(NextHop).
Merge final round of MLD changes from p4: ip6_input.c, in6.h: * Add netinet6-specific mbuf flag M_RTALERT_MLD, shadowing M_PROTO6. * Always set this flag if HBH Router Alert option is present for MLD, even when not forwarding. icmp6.c: * In icmp6_input(), spell m->m_pkthdr.rcvif as ifp to be consistent. * Use scope ID for verifying input. Do not apply SSM filters here, no inpcb. * Check for M_RTALERT_MLD when validating MLD traffic, as we can't see IPv6 hop options outside of ip6_input(). in6_mcast.c: * Use KAME scope/zone ID in in6_multi. * Update net.inet6.ip6.mcast.filters implementation to use scope IDs for comparisons. * Fix scope ID treatment in multicast socket option processing. Scope IDs passed in from userland will be ignored as other less ambiguous APIs exist for specifying the link. * Tighten userland input checks in IPv6 SSM delta and full-state ops. * Source filter embedded scope IDs need to be revisited, for now just clear them and ignore them on input. * Adapt KAME behaviour of looking up the scope ID in the default zone for multicast leaves, when the interface is ambiguous. mld6.c: * Tighten origin checks on MLD traffic as per RFC3810 Section 6.2: * ip6_src MAY be the unspecified address for MLDv1 reports. * ip6_src MAY have link-local address scope for MLDv1 reports, MLDv1 queries, and MLDv2 queries. * Perform address field validation *before* accepting queries. * Use KAME scope/zone ID in query/report processing. * Break const correctness for mld_v1_input_report(), mld_v1_input_query() as we temporarily modify the input mbuf chain. * Clear the scope ID before handoff to userland MLD daemon. * Fix MLDv1 old querier present timer processing. With the protocol defaults, hosts should revert to MLDv2 after 260s. * Add net.inet6.mld.v1enable sysctl, default to on. ifmcstat.c: * Use sysctl by default; -K requests kvm(3) if so compiled. mld.4: * Connect man page to build. Tested using PCS.
2009-05-27 18:57:13 +00:00
The IGMPv3 and MLDv2 multicast support was implemented by
.An Bruce Simpson .
.Pp
This manual page was written by
.An Pavlin Radoslavov
(ICSI).