-
Notifications
You must be signed in to change notification settings - Fork 8
/
README
138 lines (107 loc) · 4.56 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
$Id: README,v 1.1.1.8 2007/05/09 20:40:42 sachin Exp $
Copyright (c) 2004-2005, Juniper Networks, Inc.
All rights reserved.
Automatic Multicast without Explicit Tunnels (AMT)
AMT provides a way for a host, proxy, or router on a non-multicast
capable network to join multicast groups on a remote multicast
capable network through a relay on that network.
AMT is the product of the MBONED Working Group of the Operations
and Management Area of the IETF. More information about the MBONED
Working group can be found at
http://www.ietf.org/html.charters/mboned-charter.html.
The lastest version of the internet-draft describing this protocol
at the time of this release are provided in this distribution. Later
versions of the draft or an RFC of this protocol may be found at
the IETF location above.
This distribution provides AMT relay and AMT gateway implementations.
It was developed using FreeBSD 4 and FreeBSD 5. Porting to other
similar operating systems should require only minor modifications.
The gateway in particular uses the tun(4) pseudo-interface driver
which may require modifications for porting. The relay uses some
low-level socket options that may require changes for use on other
similar operating systems.
Funding for this work was provided by Juniper Networks, Inc.
More information about Juniper Networks, Inc. can be found at
http://www.juniper.net.
Formatting applied with:
clang-format -style="{BasedOnStyle: mozilla, ColumnLimit: 76, IndentWidth: 4, BinPackParameters: false, AlignAfterOpenBracket: DontAlign, ContinuationIndentWidth: 6}"
Currently open issues:
1. Deal with this error correctly when the relay shuts down
amtgwd: recv relay communication trouble: Connection refused
2. fprintf -> syslog
3. Carefully go through daemonize code and close file descriptors.
4. periodic IGMP queries/timeout through some stateful firewalls
5. SIGINT needs to dump stats
6. XMLRPC interface for management
7. get mtu and allocate packet buffer based on mtu size
8. check for memory leaks (I know there is at least one).
To build:
~~~
apt-get install \
autoconf \
libtool-bin \
make \
cmake \
build-essential
./configure
make
~~~
To build the docker container:
~~~
docker build -t amtgw:latest -f gateway/docker/Dockerfile .
~~~
1. v4 data inside v4 tunnel (using mcrx-check from https://github.com/GrumpyOldTroll/libmcrx):
~~~
# point source of (S,G) to docker:
# (NB: use the group's route instead for some apps like VLC)
sudo ip route add 23.212.185.0/24 dev docker0
docker container run -d --rm --name amtgw --privileged amtgw:latest -d 4 -t 4 $(python3 ~/libmcrx/driad.py -f 4 23.212.185.6)
sleep 1
libmcrx/mcrx-check -g 232.1.1.1 -p 5001 -s 23.212.185.6 -c 0 -d 0 -v
~~~
2-4:
For any use of v6 traffic you first need to enable v6 in docker:
~~~
# enable IPv6 using a /64 in a ULA prefix (RFC4193)
cat <<EOF | sudo tee /etc/docker/daemon.json
{
"ipv6": true,
"fixed-cidr-v6": "$(python3 -c 'import os; import ipaddress; print(ipaddress.ip_network("fd%s:%s%s:%s%s::/64"%tuple("%02x"%b for b in os.urandom(5))))')"
}
EOF
sudo systemctl reload docker
~~~
2. v6 data inside v4 tunnel:
~~~
# point source of (S,G) to docker:
sudo ip -6 route add 2600:14e0::/48 dev docker0
docker container run -d --rm --name amtgw --privileged \
grumpyoldtroll/amtgw -d 6 $(python3 ~/libmcrx/driad.py -f 4 2600:14e0::6)
sleep 1
libmcrx/mcrx-check -g ff3e::8000:1 -p 5001 -s 2600:14e0::6 -c 0 -d 0 -v
~~~
3. v6 data inside v6 tunnel:
(breadcrumbs for the v6 nat:
https://medium.com/@skleeschulte/how-to-enable-ipv6-for-docker-containers-on-ubuntu-18-04-c68394a219a2)
~~~
# set up v6 nat for the ULA:
DKRNET=$(grep fixed-cidr-v6 /etc/docker/daemon.json | awk '{print $2;}' | sed -e 's/"\([^"]*\)"/\1/')
sudo ip6tables -t nat -A POSTROUTING -s ${DKRNET} ! -o docker0 -j MASQUERADE
# point source of (S,G) to docker:
sudo ip -6 route add 2600:14e0::/48 dev docker0
docker container run -d --rm --name amtgw --privileged \
grumpyoldtroll/amtgw -d 6 -t 6 $(python3 ~/libmcrx/driad.py -f 6 2600:14e0::6)
sleep 1
libmcrx/mcrx-check -g ff3e::8000:1 -p 5001 -s 2600:14e0::6 -c 0 -d 0 -v
~~~
4. v4 data inside v6 tunnel:
~~~
# set up v6 nat for the ULA:
DKRNET=$(grep fixed-cidr-v6 /etc/docker/daemon.json | awk '{print $2;}' | sed -e 's/"\([^"]*\)"/\1/')
sudo ip6tables -t nat -A POSTROUTING -s ${DKRNET} ! -o docker0 -j MASQUERADE
# point source of (S,G) to docker:
sudo ip route add 23.212.185.0/24 dev docker0
docker container run -d --rm --name amtgw --privileged amtgw:latest -d 4 -t 6 $(python3 ~/libmcrx/driad.py -f 6 23.212.185.6)
sleep 1
libmcrx/mcrx-check -g 232.1.1.1 -p 5001 -s 23.212.185.6 -c 0 -d 0 -v
~~~