[LARTC] UDP multicast stream and NAT
Andy Furniss
lists at andyfurniss.entadsl.com
Sat Jul 22 20:07:15 CEST 2006
Gabriel wrote:
> Hi, my ISP is streaming some local concert using UDP
> multicasting. I followed the instructions on the site which
> described how to set VLC in order to view the stream, but
> it didn't work. I am behind a Linux router/firewall doing
> NAT. Using google, I quickly found out that the
> netfilter/conntrack code doesn't support NATing multicast
> traffic. I thought about bridging the internet facing
> interface (eth0) and (one of) the internal interfaces (the
> one my computer is plugged into). This way I could set my
> IP to be public and no routing/NAT would be done on the
> Linux box. The only problem is that the box has 2 more NICs
> in it and there are other people connected to those NICs
> that need to use that connection (hence need to be NATed).
>
> Then I tried thinking about a DMZ-like solution where my
> box would be in the DMZ, but I can't see that working
> either because I only have one public IP assigned.
>
> Can anyone think of any other way for me to be able to view
> the stream?
>
> Thanks.
>
I recently changed ISP to one that does multicast so got a chance to play.
If you want to do it properly then www.xorp.org is the place to look - I
didn't as for our situation proper routing is a bit OTT.
There is a project on sf.net called igmpproxy - I didn't really try with
this as I read it didn't work, but more recently I've read that it is OK
if you are carefull with the config.
The way I did it it to use smcroute to set up static route(s) and issue
igmp joins manually from the gateway.
http://www.cschill.de/smcroute
All I needed to do with iptables was to let multicast dst into the gateway.
If the stream link is a .sdp you can read the addresses, if it's some
propritory crap then tcpdump -nnvv net 224.0.0.0/4 on the lan side while
the player is trying to connect to get them - one multicast address =
dst on incoming one unicast addr for the source.
eg. in the UK for the BBC1 1.2mbit H.264 stream -
smcroute -d
smcroute -a ppp0 132.185.224.80 233.122.227.151 eth0
smcroute -j ppp0 233.122.227.157
to stop
smcroute -l ppp0 233.122.227.157
For those in the UK that can test the BBCs - half of them have been down
whenever I've looked - so try several
Andy.
More information about the LARTC
mailing list