Linux多网卡收不到组播流,Linux下多网卡组播接收不到数据的问题

最新推荐文章于 2024-07-17 17:43:34 发布

weixin_39988197

最新推荐文章于 2024-07-17 17:43:34 发布

阅读量1.2k

点赞数 1

文章标签： Linux多网卡收不到组播流

一、现象：tcpdump有包，协议栈收不到。即select超时返回0。

系统：

[root@ahuner /]# cat /etc/issue

CentOS release 6.3 (Final)

Kernel \r on an \m

[root@ahuner /]# cat /proc/version

Linux version 2.6.32-279.el6.x86_64

二、原因：reverse-path filtering，反向路径过滤技术，系统在接收到一个IP包后，检查该IP是不是合乎要求，不合要求的IP包会被系统丢弃。该技术就称为rp filter.

The rp_filter can reject incoming packets if their source address doesn’t match the network interface that they’re arriving on, which helps to prevent IP spoofing. Turning this on, however, has its consequences: If your host has several IP addresses on different interfaces, or if your single interface has multiple IP addresses on it, you’ll find that your kernel may end up rejecting valid traffic. It’s also important to note that even if you do not enable the rp_filter, protection against broadcast spoofing is always on. Also, the protection it provides is only against spoofed internal addresses; external addresses can still be spoofed.. By default, it is disabled.

其内核参数:

rp_filter - INTEGER

0 - No source validation.

1 - Strict mode as defined in RFC3704 Strict Reverse Path

Each incoming packet is tested against the FIB and if the interface

is not the best reverse path the packet check will fail.

By default failed packets are discarded.

2 - Loose mode as defined in RFC3704 Loose Reverse Path

Each incoming packet's source address is also tested against the FIB

and if the source address is not reachable via any interface

the packet check will fail.

Current recommended practice in RFC3704 is to enable strict mode