By default Linux ignores Broadcast and Multicast ICMP messages. That's why you need to enable it first:
sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=0
To join any mutlicast address (e.g. 224.10.10.10/24
) just add it to your active interface (e.g. eth0
) and append the keyword autojoin
at the end:
ip addr add 224.10.10.10/24 dev eth0 autojoin
Now you can verify the join:
ip -f inet maddr show dev eth0
Finally to test the Multicast communication, ping to the chosen IP address from another host:
ping 224.10.10.10
You should now get an answer from your Multicast enabled host. That's it.
The Linux Kernel normally uses IGMP version 3 to join Multicast groups. If you would rather use IGMP version 2, just change it via the command down here:
echo "2" > /proc/sys/net/ipv4/conf/eth0/force_igmp_version
In order to get the commands above here working inside a Docker container, it must be started with the Linux capability NET_ADMIN
:
docker run --rm -it --cap-add NET_ADMIN alpine /bin/sh
Fun fact: GNS3 starts all containers with all Linux capabilities added and in priviledged mode.
At first I was going to say "just use ip maddress add and be done with it". The problem is ip maddress only affects link layer multicast addresses not protocol multicast addresses (man 8 ip-maddress).
That being said using the autojoin flag with the address verb does the trick just nicely.
This raises some subsequent questions though. I assume since you'll be running tcpdump or tshark that you have root permission. In the event that you do not 22001 is a high numbered port and other utilities like socat will also get things done.
Don't take my word for it though. Just to test this out we can generate multicast UDP packets with socat or ncat (generally packaged via nmap/nmap-ncat).
On some number of hosts run one of the following two combinations:
Option 1:
sudo ip addr add 233.54.12.234/32 dev eth1 autojoin
Option 2:
socat -u UDP4-RECV:22001,ip-add-membership=233.54.12.234:eth1 /dev/null &
The first option will require either root, or at least the capability CAP_NET_ADMIN. The second option doesn't require root, but also expects to run in the foreground and thus may be less conducive to scripting (though tracking the child process ID and cleaning it up with a trap in BASH may be just what you're looking for.
Once that's done (but before we go nuts testing our tcpdump/tshark command) make sure that the kernel recognizes the interface having joined the correct IGMP group. If you're feeling super fancy you can go nuts parsing the hex out of /proc/net/igmp, but I'd suggest just running netstat -gn.
Once you've verified that you see the interface subscribed to the correct group fire up your tcpdump command:
tcpdump -nnXs 0 -i eth1 udp port 22001 and dst 233.54.12.234
Alternatively, if you don't want to fully go the route of tcpdump (or stumbled upon this answer and are just curious to see multicast in action) you can use socat command above to join and echo the content to STDOUT by replacing /dev/null with STDOUT:
socat -u UDP4-RECV:22001,ip-add-membership=233.54.12.234:eth1
Then, from another machine use one of the following two options to send some simple test data:
Option 1:
socat STDIO UDP-DATAGRAM:233.54.12.234:22001
Option 2:
ncat -u 233.54.12.234 22001
When you run either of those commands it will then interactively wait for input. Just type some things in, hit enter to send, then CTRL+D when you're done to send an EOF message.
At this point you should have seen an end to end test and with a few commands built the worst, most insecure chat system in the world.
N.B. If you want to leave the multicast group joined using ip addr add ... (option 1), you can do this:
sudo ip addr del 233.54.12.234/32 dev eth1 autojoin