usr.sbin/mrouted/mrouted.8

.\"	$OpenBSD: mrouted.8,v 1.27 2020/02/10 13:18:21 schwarze Exp $
.\" The mrouted program is covered by the license in the accompanying file
.\" named "LICENSE".  Use of the mrouted program represents acceptance of
.\" the terms and conditions listed in that file.
.\"
.\" The mrouted program is COPYRIGHT 1989 by The Board of Trustees of
.\" Leland Stanford Junior University.
.Dd $Mdocdate: February 10 2020 $
.Dt MROUTED 8
.Os
.Sh NAME
.Nm mrouted
.Nd IP multicast routing daemon
.Sh SYNOPSIS
.Nm mrouted
.Op Fl p
.Op Fl c Ar config_file
.Op Fl d Op Ar debug_level
.Sh DESCRIPTION
.Nm
is an implementation of the Distance-Vector Multicast Routing
Protocol (DVMRP), an earlier version of which is specified in RFC 1075.
It maintains topological knowledge via a distance-vector routing protocol
(like RIP, described in RFC 1058), upon which it implements a multicast
datagram forwarding algorithm called Reverse Path Multicasting.
.Pp
.Nm
forwards a multicast datagram along a shortest (reverse) path tree
rooted at the subnet on which the datagram originates.
The multicast delivery tree may be thought of as a broadcast delivery
tree that has been pruned back so that it does not extend beyond those
subnetworks that have members of the destination group.
Hence, datagrams are not forwarded along those branches which have no
listeners of the multicast group.
The IP time-to-live of a multicast datagram can be
used to limit the range of multicast datagrams.
.Pp
In order to support multicasting among subnets that are separated by (unicast)
routers that do not support IP multicasting,
.Nm
includes support for
"tunnels", which are virtual point-to-point links between pairs of
.Nm
daemons located anywhere in an internet.
IP multicast packets are encapsulated for transmission through tunnels,
so that they look like normal unicast datagrams to intervening routers
and subnets.
The encapsulation is added on entry to a tunnel, and stripped off on exit
from a tunnel.
By default, the packets are encapsulated using the IP-in-IP protocol
(IP protocol number 4).
Older versions of
.Nm
tunnel use IP source routing, which puts a heavy load on some
types of routers.
This version does not support IP source route tunnelling.
.Pp
The tunnelling mechanism allows
.Nm
to establish a virtual internet, for the purpose of multicasting only,
which is independent of the physical internet, and which may span
multiple Autonomous Systems.
This capability is intended for experimental support of internet
multicasting only, pending widespread support for multicast routing
by the regular (unicast) routers.
.Nm
suffers from the well-known scaling problems of any distance-vector
routing protocol, and does not (yet) support hierarchical multicast routing.
.Pp
.Nm
handles multicast routing only; there may or may not be unicast routing
software running on the same machine as
.Nm mrouted .
With the use of tunnels, it is not necessary for
.Nm
to have access to more than one physical subnet
in order to perform multicast forwarding.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl c Ar config_file
Specify an alternative configuration file,
instead of the default
.Pa mrouted.conf .
.It Fl d Op Ar debug_level
By default,
.Nm
detaches from the invoking terminal.
If this option is specified,
.Nm
remains attached to the invoking terminal and responsive
to signals from that terminal.
If
.Fl d
is given with no argument, the debug level defaults to 2.
Regardless of the debug level,
.Nm
always writes warning and error messages to the system log daemon.
Debug levels have the following effects:
.Pp
.Bl -hang -compact -offset indent
.It 0
Detach from the invoking terminal.
.It 1
All
.Xr syslog 3
messages are also printed to stderr.
.It 2
All level 1 messages plus notifications of "significant"
events are printed to stderr.
.It 3
All level 2 messages plus notifications of all packet
arrivals and departures are printed to stderr.
.El
.It Fl p
Start
.Nm
in a non-pruning mode.
It is expected that a router would be configured in this manner for test
purposes only.
The default mode is pruning enabled.
.El
.Pp
.Nm
automatically configures itself to forward on all multicast-capable
interfaces, i.e. interfaces that have the IFF_MULTICAST flag set (excluding
the loopback "interface"), and it finds other
.Nm
directly reachable via those interfaces.
To override the default configuration, or to add tunnel links to other
.Nm mrouted ,
configuration commands may be placed in
.Pa /etc/mrouted.conf .
There are five types of configuration commands:
.Bl -item -offset indent
.It
.Cm cache_lifetime
.Ar ct
.It
.Cm name
.Ar boundary-name | scoped-addr Ns / Ns Ar mask-len
.It
.Cm phyint
.Ar local-addr
.Oo
.Cm altnet
.Ar network Ns / Ns Ar mask-len
.Oc
.br
.Oo
.Cm boundary
.Ar boundary-name | scoped-addr Ns / Ns Ar mask-len
.Oc
.Op Cm disable
.br
.Op Cm metric Ar m
.Op Cm rate_limit Ar b
.Op Cm threshold Ar t
.It
.Cm pruning
.Op Cm off | on
.It
.Cm tunnel
.Ar local-addr
.Ar remote-addr
.br
.Oo
.Cm boundary
.Ar boundary-name | scoped-addr Ns / Ns Ar mask-len
.Oc
.Op Cm metric Ar m
.Op Cm rate_limit Ar b
.Op Cm threshold Ar t
.El
.Pp
The file format is free-form: whitespace (including newlines) is not
significant.
The
.Cm boundary
option
can accept either a name or a boundary;
the
.Cm boundary
and
.Cm altnet
options may be specified as many times as necessary.
.Pp
The
.Nm cache_lifetime
is a value that determines the amount of time that a
cached multicast route stays in kernel before timing out.
The value of this entry should lie between 300 (5 min) and 86400 (1 day).
It defaults to 300.
.Pp
The
.Nm name
option assigns names to boundaries to make configuration easier.
.Pp
The
.Nm phyint
command can be used to disable multicast routing on the physical
interface identified by local IP address
.Ar local-addr ,
or to associate a non-default metric or threshold with the specified
physical interface.
The local IP address
.Ar local-addr
may be replaced by the interface name (e.g. le0).
If a phyint is attached to multiple IP subnets, describe each additional
subnet with the
.Cm altnet
keyword.
Phyint commands must precede tunnel commands.
.Pp
The
.Nm pruning
option is provided for
.Nm
to act as a non-pruning router.
.Pp
The
.Nm tunnel
command can be used to establish a tunnel link between local IP address
.Ar local-addr
and remote IP address
.Ar remote-addr ,
and to associate a non-default metric or threshold with that tunnel.
The local IP address
.Ar local-addr
may be replaced by the interface name (e.g. le0).
The remote IP address
.Ar remote-addr
may be replaced by a host name, if and only if the host name has a single
IP address associated with it.
The tunnel must be set up in the mrouted.conf files of both routers before
it can be used.
.\"For backwards compatibility with older versions of
.\".Nm ,
.\"the srcrt keyword specifies
.\"encapsulation using IP source routing.
.Pp
.Cm boundary
allows an interface to be configured as an administrative boundary
for the specified scoped address.
Packets belonging to this address will not be forwarded on a scoped interface.
The boundary option accepts either a name or a boundary spec.
.Pp
.Cm metric
is the "cost" associated with sending a datagram on the given
interface or tunnel; it may be used to influence the choice of routes.
The metric defaults to 1.
Metrics should be kept as small as possible, because
.Nm
cannot route along paths with a sum of metrics greater than 31.
.Pp
.Cm rate_limit
allows the network administrator to specify a
certain bandwidth in Kbits/second which would be allocated to multicast
traffic.
It defaults to 500Kbps on tunnels, and 0 (unlimited) on physical interfaces.
.Pp
.Cm threshold
is the minimum IP time-to-live required for a multicast datagram
to be forwarded to the given interface or tunnel.
It is used to control the scope of multicast datagrams.
(The TTL of forwarded packets is only compared to the threshold,
it is not decremented by the threshold.
Every multicast router decrements the TTL by 1.)
The default threshold is 1.
.Pp
In general, all
.Nm
connected to a particular subnet or tunnel should
use the same metric and threshold for that subnet or tunnel.
.Pp
.Nm
will not initiate execution
if it has fewer than two enabled virtual interfaces (vifs),
where a vif is either a physical multicast-capable
interface or a tunnel.
It will log a warning if all of its vifs are tunnels; such an
.Nm
configuration would be better replaced by more
direct tunnels (i.e. eliminate the middle man).
.Sh EXAMPLE CONFIGURATION
This is an example configuration for a mythical multicast router at a big
school.
.Bd -unfilled -offset left
#
# mrouted.conf example
#
# Name our boundaries to make it easier.
name LOCAL 239.255.0.0/16
name EE 239.254.0.0/16
#
# le1 is our gateway to compsci, don't forward our
# local groups to them.
phyint le1 boundary EE
#
# le2 is our interface on the classroom net, it has four
# different length subnets on it.
# Note that you can use either an ip address or an
# interface name
phyint 172.16.12.38 boundary EE altnet 172.16.15.0/26
	altnet 172.16.15.128/26 altnet 172.16.48.0/24
#
# atm0 is our ATM interface, which doesn't properly
# support multicasting.
phyint atm0 disable
#
# This is an internal tunnel to another EE subnet.
# Remove the default tunnel rate limit, since this
# tunnel is over Ethernets.
tunnel 192.168.5.4 192.168.55.101 metric 1 threshold 1
	rate_limit 0
#
# This is our tunnel to the outside world.
# Careful with those boundaries, Eugene.
tunnel 192.168.5.4 10.11.12.13 metric 1 threshold 32
	boundary LOCAL boundary EE
.Ed
.Sh SIGNALS
.Nm
responds to the following signals:
.Pp
.Bl -tag -width TERM -compact
.It HUP
Restarts
.Nm mrouted .
The configuration file is reread every time this signal is evoked.
.It INT
Terminates execution gracefully (i.e. by sending
good-bye messages to all neighboring routers).
.It TERM
The same as INT.
.It USR1
Dumps the internal routing tables to
.Pa /var/tmp/mrouted.dump .
.It USR2
Dumps the internal cache tables to
.Pa /var/tmp/mrouted.cache .
.It QUIT
Dumps the internal routing tables to stderr (only if
.Nm
was invoked with a non-zero debug level).
.El
.Sh FILES
.Bl -tag -width /etc/examples/mrouted.conf -compact
.It Pa /etc/mrouted.conf
.It Pa /etc/examples/mrouted.conf
.It Pa /var/tmp/mrouted.cache
.It Pa /var/tmp/mrouted.dump
.El
.Sh EXAMPLES
The routing tables look like this:
.Bd -unfilled -offset left
Virtual Interface Table
 Vif  Local-Address                    Metric  Thresh  Flags
  0   36.2.0.8      subnet: 36.2          1       1    querier
                    groups: 224.0.2.1
                            224.0.0.4
                   pkts in: 3456
                  pkts out: 2322323

  1   36.11.0.1     subnet: 36.11         1       1    querier
                    groups: 224.0.2.1
                            224.0.1.0
                            224.0.0.4
                   pkts in: 345
                  pkts out: 3456

  2   36.2.0.8      tunnel: 36.8.0.77     3       1
                     peers: 36.8.0.77 (2.2)
                boundaries: 239.0.1
                          : 239.1.2
                   pkts in: 34545433
                  pkts out: 234342

  3   36.2.0.8	    tunnel: 36.6.8.23	  3       16

Multicast Routing Table (1136 entries)
 Origin-Subnet   From-Gateway    Metric Tmr In-Vif  Out-Vifs
 36.2                               1    45    0    1* 2  3*
 36.8            36.8.0.77          4    15    2    0* 1* 3*
 36.11                              1    20    1    0* 2  3*
 .
 .
 .
.Ed
.Pp
In this example, there are four vifs connecting to two subnets and two
tunnels.
The vif 3 tunnel is not in use (no peer address).
The vif 0 and vif 1 subnets have some groups present;
tunnels never have any groups.
This instance of
.Nm
is the one responsible for sending periodic group membership queries on the
vif 0 and vif 1 subnets, as indicated by the "querier" flags.
The list of boundaries indicate the scoped addresses on that interface.
A count of the number of incoming and outgoing packets is also
shown at each interface.
.Pp
Associated with each subnet from which a multicast datagram can originate
is the address of the previous hop router (unless the subnet is directly-
connected), the metric of the path back to the origin, the amount of time
since we last received an update for this subnet, the incoming vif for
multicasts from that origin, and a list of outgoing vifs.
"*" means that the outgoing vif is connected to a leaf of the broadcast
tree rooted at the origin, and a multicast datagram from that origin will
be forwarded on that outgoing vif only if there are members of the
destination group on that leaf.
.Pp
.Nm
also maintains a copy of the kernel forwarding cache table.
Entries are created and deleted by
.Nm mrouted .
.Pp
The cache tables look like this:
.Bd -unfilled -offset left
Multicast Routing Cache Table (147 entries)
 Origin             Mcast-group     CTmr  Age Ptmr IVif Forwvifs
 13.2.116/22        224.2.127.255     3m   2m    -  0    1
\*(Gt13.2.116.19
\*(Gt13.2.116.196
 138.96.48/21       224.2.127.255     5m   2m    -  0    1
\*(Gt138.96.48.108
 128.9.160/20       224.2.127.255     3m   2m    -  0    1
\*(Gt128.9.160.45
 198.106.194/24     224.2.135.190     9m  28s   9m  0P
\*(Gt198.106.194.22
.Ed
.Pp
Each entry is characterized by the origin subnet number and mask and the
destination multicast group.
The 'CTmr' field indicates the lifetime of the entry.
The entry is deleted from the cache table when the timer decrements to zero.
The 'Age' field is the time since this cache entry was originally created.
Since cache entries get refreshed if traffic is flowing,
routing entries can grow very old.
The 'Ptmr' field is simply a dash if no prune was sent upstream, or the
amount of time until the upstream prune will time out.
The 'Ivif' field indicates the incoming vif for multicast packets from
that origin.
Each router also maintains a record of the number of prunes received from
neighboring routers for a particular source and group.
If there are no members of a multicast group on any downward link of the
multicast tree for a subnet, a prune message is sent to the upstream router.
They are indicated by a "P" after the vif number.
The Forwvifs field shows the interfaces along which datagrams belonging to
the source-group are forwarded.
A "p" indicates that no datagrams are being forwarded along that interface.
An unlisted interface is a leaf subnet with no members of the particular
group on that subnet.
A "b" on an interface indicates that it is a boundary interface, i.e.\&
traffic will not be forwarded on the scoped address on that interface.
An additional line with a
.Sq \*(Gt
as the first character is printed for
each source on the subnet.
Note that there can be many sources in one subnet.
.Sh SEE ALSO
.Xr map-mbone 8 ,
.Xr mrinfo 8 ,
.Xr mtrace 8
.Sh STANDARDS
.Rs
.%A S. Deering
.%O Proceedings of the ACM SIGCOMM '88 Conference
.%T Multicast Routing in Internetworks and Extended LANs
.Re
.Sh AUTHORS
.An -nosplit
.An Steve Deering ,
.An Ajit Thyagarajan ,
.An Bill Fenner