Sending multicast over a openvpn tunnel

[wberg]

Hi,

I recently stumbled upon this issue, I'm trying to join a multicast group (233.x.x.x) via an openvpn tunnel, the multicast soruce is located on the other side of the tunnel. I'm trying to send igmp-join from my pc over the tunnel to the server on the other side. But nothing.

If I do some tcp-dumping on the server side, I can see that my openvpn server is sending out the usual multicast crap every machine sends, but it get no incoming packets. While reading up on this I found that it seems like openvpn does not forward multicast, only unicast.

There also seems to be some bogus ideas with bridging the tap interface with the ethernet interface or such, the only problem here is that I cannot do that with the current configuration on my server.

Is this as good as it gets, or are there any other solutions that can work ? Also worth mentioning is that one side is linux, the other side windows, this might maybe have something to do with windows being a crappy operating system?

Thank you.

BR,

[janjust]

Interesting question!
I'd try switching to 'dev tap' (no bridging) to see if that helps.
I did see some old reports about multicast/igmp not working over tun devices, but have also read reports that it 'now works' ...
Also make sure you've disabled rp_filter on the tun device, as multicast address don't pass the 'rp_filter' check (/proc/sys/net/ipv4/conf/*/rp_filter)

[wberg]

Interesting question!
I'd try switching to 'dev tap' (no bridging) to see if that helps.
I did see some old reports about multicast/igmp not working over tun devices, but have also read reports that it 'now works' ...
Also make sure you've disabled rp_filter on the tun device, as multicast address don't pass the 'rp_filter' check (/proc/sys/net/ipv4/conf/*/rp_filter)

Running tap instead of tun actually worked. I can now see traffic going both directions!

Thank you for the idea!