За шлюзом (ClearOS - клон CentOS) через udpxy раздаю IPTV На клиентском компьютере показывает отлично любой канал в течении нескольких секунд потом канал перестает показывать. Либо переключается на следующий, если есть в списке каналов, либо схлопывается, если он единственный в списке. Интернет + IPTV подается через VLAN на eth0. Раскладывается на транки eth0.21 (Интернет) и eth0.146=10.0.0.1 (IPTV). На eth0.21 подымается pppoe. eth1 = 192.168.10.x - внутренняя сетка.
IPTV подается через udpxy -a eth1 -p 4022 -m eth0.146 все каналы имеют вид 239.1.1.x:1234
При просмотре IPTV затыкается, наверняка, с приходом такого пакета all-routers.mcast.net: igmp leave 239.1.1.21
# tcpdump -i eth0.146 igmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0.146, link-type EN10MB (Ethernet), capture size 96 bytes
13:35:55.490957 IP 10.0.0.1 > 239.1.1.21: igmp v2 report 239.1.1.21
13:35:55.814672 IP 172.20.57.2 > all-systems.mcast.net: igmp query v3 [max resp time 50s]
13:35:56.475921 IP 10.0.0.1 > 239.1.1.21: igmp v2 report 239.1.1.21
13:35:58.469883 IP 10.0.0.1 > 239.1.1.21: igmp v2 report 239.1.1.21
13:36:05.813574 IP 172.20.57.2 > all-systems.mcast.net: igmp query v3 [max resp time 50s]
13:36:15.853704 IP 172.20.57.2 > all-systems.mcast.net: igmp query v3 [max resp time 50s]
13:36:20.864773 IP 172.20.57.2 > 239.1.1.21: igmp query v3 [max resp time 10s] [gaddr 239.1.1.21]
13:36:22.736642 IP 10.0.0.1 > all-routers.mcast.net: igmp leave 239.1.1.21
8 packets captured
8 packets received by filter
0 packets dropped by kernel
На всякий случай:
#sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 4294967295
kernel.shmall = 268435456
net.ipv4.conf.all.force_igmp_version = 2
iptables -A INPUT -i eth1 -p tcp --dport 4022 -j ACCEPT
iptables -A INPUT -i eth0.146 -p udp -s 239.1.1.0/24 -j ACCEPT
iptables -A INPUT -i eth0.146 -p udp -d 239.1.1.0/24 -j ACCEPT
iptables -t mangle -A PREROUTING -d 224.0.0.0/240.0.0.0 -p udp -j TTL --ttl-inc 1
Попытался понять кто источник сигнала. Назначил eth0.146 произвольный MAC адрес и словил пакет, который все останавливает.
# ip link set eth0.146 down
# ifconfig eth0.146 hw ether 00:80:48:BA:d1:30
# ip link set eth0.146 up
# ifconfig eth0.146
eth0.146 Link encap:Ethernet HWaddr 00:80:48:BA:D1:30
inet addr:10.0.0.1 Bcast:10.0.0.1 Mask:255.255.255.255
inet6 addr: fe80::280:48ff:feba:d130/64 Scope:Link
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:1795606 errors:0 dropped:0 overruns:0 frame:0
TX packets:935 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2272404119 (2.1 GiB) TX bytes:43734 (42.7 KiB)
[root@system ~]# tethereal -n -i eth0.146 -V host 224.0.0.2
Running as user "root" and group "root". This could be dangerous.
Capturing on eth0.146
Frame 1 (46 bytes on wire, 46 bytes captured)
Arrival Time: Nov 24, 2011 14:13:42.741977000
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 46 bytes
Capture Length: 46 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:igmp]
Ethernet II, Src: 00:80:48:ba:d1:30 (00:80:48:ba:d1:30), Dst: 01:00:5e:00:00:02 (01:00:5e:00:00:02)
Destination: 01:00:5e:00:00:02 (01:00:5e:00:00:02)
Address: 01:00:5e:00:00:02 (01:00:5e:00:00:02)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: 00:80:48:ba:d1:30 (00:80:48:ba:d1:30)
Address: 00:80:48:ba:d1:30 (00:80:48:ba:d1:30)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.0.0.1 (10.0.0.1), Dst: 224.0.0.2 (224.0.0.2)
Version: 4
Header length: 24 bytes
Differentiated Services Field: 0xc0 (DSCP 0x30: Class Selector 6; ECN: 0x00)
1100 00.. = Differentiated Services Codepoint: Class Selector 6 (0x30)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 32
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
0... = Reserved bit: Not set
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset: 0
Time to live: 1
Protocol: IGMP (0x02)
Header checksum: 0xfa14 [correct]
[Good: True]
[Bad : False]
Source: 10.0.0.1 (10.0.0.1)
Destination: 224.0.0.2 (224.0.0.2)
Options: (4 bytes)
Router Alert: Every router examines packet
Internet Group Management Protocol
IGMP Version: 2
Type: Leave Group (0x17)
Max Response Time: 0.0 sec (0x00)
Header checksum: 0xf8e8 [correct]
Multicast Address: 239.1.1.21 (239.1.1.21)
1 packet captured
Помогите, пожалуйста, побороть.