How to force multicast packet to go via different interface?

UNIX Solaris
1

Hi folks,

I am working on a Solaris-10 global server, which is hosting 7 non-global zones. There are two kind of network interfaces on our servers, admin and prod. There is one route, which is going via admin interface, I want to delete that and have that from prod interface.
e1000g0 is admin interface
e1000g3 is prod interface

# ifconfig e1000g0
e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.244.20 netmask ffffff80 broadcast 192.168.244.127
        ether 0:14:4f:78:f8:84
# ifconfig e1000g3
e1000g3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 216.221.133.250 netmask ffffffc0 broadcast 216.221.133.255
        ether 0:14:4f:78:f8:87
#

If I check route of all zones, I see that multicast packets are going via e1000g0 (excep first one). I want it to go with prod interface e1000g3.

# for i in `cat /var/tmp/all_zones.out`; do zlogin $i netstat -nrv | grep 224.0.0.0; done
224.0.0.0            240.0.0.0       192.168.241.21       e1000g1:1  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.24       e1000g0:5  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.22       e1000g0:4  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.23       e1000g0:2  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.25       e1000g0:3  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.32       e1000g0:6  1500*    0   1 U        0      0
224.0.0.0            240.0.0.0       192.168.244.33       e1000g0:7  1500*    0   1 U        0      0
#

That means, I want to delete above routes and add route going via gw 216.221.133.193 and e1000g3. I am not sure, how to change this. I assumed that it is coming from static_routes file. I commented one line (see below) and rebooted server, still no luck.

# cat /etc/inet/static_routes
# File generated by route(1M) - do not edit.
default 192.168.241.1
-net 192.168.110.0/24 192.168.244.1
-net 192.168.201.0/24 192.168.244.1
-net 192.168.202.0/24 192.168.244.1
-net 192.168.246.64 -netmask 255.255.255.224 192.168.244.1
-net 172.16.0.0/16 192.168.244.1
10.0.0.0/8 192.168.244.1
192.168.64.0/22 192.168.244.1
192.168.78.0/24 192.168.244.1
192.168.69.0/24 192.168.244.1
net 192.168.244.0 -netmask 255.255.252.0 192.168.244.1
224.0.0.0/4 216.221.133.251 -ifp e1000g3:5
#224.0.0.0/4 192.168.244.20 -ifp e1000g0
host 192.168.244.22 216.221.133.193
#

Please suggest, how can it be done. Network team already enabled multicast for that VLAN. By suggestion on one of the forum, I changed index number of e1000g0 from 2 to 5 (e1000g3 is index 4)and then test, but seems like, this wrkaround doesn't work.
How I tested ? I took two sessions of zone-1. On one session I issued mcSend command

# mcSend -a 239.93.97.0 -p 9700 -t 6 
multicastIP: 239.93.97.0 
multicastIF: 0.0.0.0 
multicastPort: 9700 
TTL:  6 
loopback enabled: 0

On another session, I ran snoop command on e1000g0 and then e1000g3. It still doesn't show packets on e1000g3

# snoop -d e1000g3 -x0 host 239.93.97.0 
Using device e1000g3 (promiscuous mode) 
^C 
# 
# snoop -d e1000g0 -x0 host 239.93.97.0 
Using device e1000g0 (promiscuous mode) 
zone-1 -> 239.93.97.0  UDP D=9700 S=51392 LEN=136 
 
           0: 0100 5e5d 6100 0014 4f78 f884 0800 4500    ..^]a...Ox....E. 
          16: 009c 3153 0000 0611 0000 c0a8 f416 ef5d    ..1S...........] 
          32: 6100 c8c0 25e4 0088 05b7 4865 6c6c 6f2c    a...%.....Hello, 
          48: 2057 6f72 6c64 2100 0000 0000 0000 0000     World!......... 
          64: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
          80: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
          96: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         112: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         128: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         144: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         160: 0000 0000 0000 0000 0000                   .......... 
 
zone-1 -> 239.93.97.0  UDP D=9700 S=51392 LEN=136 
 
           0: 0100 5e5d 6100 0014 4f78 f884 0800 4500    ..^]a...Ox....E. 
          16: 009c 3154 0000 0611 0000 c0a8 f416 ef5d    ..1T...........] 
          32: 6100 c8c0 25e4 0088 05b7 4865 6c6c 6f2c    a...%.....Hello, 
          48: 2057 6f72 6c64 2100 0000 0000 0000 0000     World!......... 
          64: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
          80: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
          96: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         112: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         128: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         144: 0000 0000 0000 0000 0000 0000 0000 0000    ................ 
         160: 0000 0000 0000 0000 0000                   .......... 
 
^C 
#

Thanks in advance.

2

You did not mention, are you running a dynamic routing protocol like OSPF, RIP, EIGRP or IS-IS in your network?

3

I've read your post a number of times but I still don't understand exactly what you are trying to do.

This is all Solaris 10? One global zone (Solaris 10) and seven non-global zones (all Solaris 10)?

One of the non-global zones you want to change its routing? The other six zones are routing okay?

To start with, what default gateways are these zones configured to and reading at boot time?

Please post the configuration of one working zone and the faulty routing zone.

# cat /etc/defaultrouter

(This, of course, assumes that you haven't executed commands to change the routing since boot-time, but it's somewhere to start.)

4

Global and all zones are Solaris 10.

I want multicast packets to go with prod interface (e1000g3), instead of current admin interface (e1000g0) on all zones.

I don't have defaultrouter file, but can see it here for global server and zones

# cat /etc/defaultrouter
cat: cannot open /etc/defaultrouter
# netstat -nr | grep default
default              192.168.241.1        UG        1       1442
default              216.221.133.193      UG        1      17358 e1000g3
# for i in `cat /var/tmp/zones.out`; do zlogin $i netstat -nrv | grep default; done
default              0.0.0.0         192.168.241.1                1500*    0   1 UG    1442      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
default              0.0.0.0         216.221.133.193      e1000g3  1500*    0   1 UG   17359      0
#

Neo : I am not sure, if we have dynamic routing protocol in our setup. Still checking it.

5

I found the issue, it was tricky.

Multicast packets are going through admin interface because it is managed by /lib/svc/method/net-svc configuration. One of its parameter says

if [ "$_INIT_NET_STRATEGY" = "dhcp" ]; then 
        mcastif=`/sbin/dhcpinfo Yiaddr` || mcastif=$_INIT_UTS_NODENAME 
else 
        mcastif=$_INIT_UTS_NODENAME 
fi

It says multicast should go via NODENAME. That means, whatever is hostname and uname -n returns. By default hostname is set to admin interface. Two changes I made :

-Changed hostname and zonename in /etc/hosts, so at zonemanager level, it look to pubic IP
-In zonecfg, I moved up the public interface, so it goes FIRST in zone description file.

2 Likes