Zak Elep wrote: > I read dhcpd(8) as I wanted to enable synchronization between a couple > of CARP firewalls. I see the "-Y" and "-y" flags accept interface > names for dhcpd to send multicast messages to; do I need to change my > multicast routing settings from the default, as described in > netstart(8)? >
Yes, I think so. > Note that I have synchronization enabled, and it seems both dhcpds are > synchronizing, but I'm seeing these messages in /var/log/daemon: > > Jun 14 16:33:40 exia dhcpd[31967]: sending DHCP_SYNC_LEASE for hw > xx:xx:xx:xx:xx:xx -> ip 192.168.x.xxx, start xx, end xx > Jun 14 16:33:40 exia dhcpd[31967]: sending sync message failed: No route > to host > I'm not using this for DHCP but this is my experience with multicast so far: I think by default your (inet4) multicast routing entry looks like: 224/4 127.0.0.1 URS 0 0 33160 8 lo0 Notice the R flag, AFAICT this means that traffic matching this rule will be rejected. After configuring as multicast_host=YES, the entry looks like: 224/4 link#1 UCS 0 0 - 8 em0 This made multicast work for me on hosts on the local subnet. (No need to fiddle with net.inet.ip.mforwarding) For forwarding multicast traffic between subnets on a router you'll need something like: sysctl.conf: net.inet.ip.mforwarding=1 rc.conf.local: multicast_router=YES mrouted_flags= To cross subnets a multicast sender should use a proper ttl. And of course there shouldn't be a firewall blocking the multicast traffic.
