how to enable multicast between subnets through a Palo Alto firewallHow far does a multicast message go?How...
Extract substring according to regexp with sed or grep
Trouble reading roman numeral notation with flats
Why can't I get pgrep output right to variable on bash script?
Do people actually use the word "kaputt" in conversation?
Can a Knock spell open the door to Mordenkainen's Magnificent Mansion?
What's the meaning of "what it means for {something} to be {something}"?
Relations between homogeneous polynomials
Why would five hundred and five same as one?
How can a new country break out from a developed country without war?
Friend wants my recommendation but I don't want to give it to him
Toggle window scroll bar
PTIJ: Which Dr. Seuss books should one obtain?
Not hide and seek
Strange behavior in TikZ draw command
Travelling in US for more than 90 days
Do I have to take mana from my deck or hand when tapping this card?
Is there a distance limit for minecart tracks?
Could a welfare state co-exist with mega corporations?
Capacitor electron flow
What is the tangent at a sharp point on a curve?
Checking @@ROWCOUNT failing
Recursively move files within sub directories
Why is implicit conversion not ambiguous for non-primitive types?
How do you say "Trust your struggle." in French?
how to enable multicast between subnets through a Palo Alto firewall
How far does a multicast message go?How do I enable/set multicast rules using firewalld in RHEL7 / CentOS 7Enable multicast between server/client applicationWindows 7 firewall different subnetsHow to improve multicast in APHost a website through a firewallGetting an OpenVPN connection through restrictive firewallSSH between two subnetsReceiving UDP packets through firewallFTP Between Different Subnets/Routers/Firewalls
I have two subnets that are connected through a Palo Alto 850 firewall.
I've been working with my networks guy and he says he "set up a static RP, enabled IGMP PIM on the interfaces and PIM permitted neighbor is set to any".
Nevertheless, a trivial multicast server on one subnet fails to pass data to a trivial client on the other. The same trivial client works on the same subnet as the server. Client and Server are running CentOS 7; firewalld is disabled on both; server is running in a VMware VM. The working client (on the same subnet) is another VMware VM, but the client on the other subnet is a stand-alone workstation.
Trivial Client:
#! /usr/bin/python
from __future__ import print_function
import socket
import struct
import time
def Log(*args, **kw):
print(time.strftime("%H:%M:%S"), *args, **kw)
class Monitor(object):
def __init__(self, name="Client", args=(), kwargs={}):
self.args = args
self.kwargs = kwargs
def start(self):
self._run(*(self.args), **(self.kwargs))
def _run(self, *args, **kw):
group = kw["mgroup"]
port = kw["mport"]
Log("mcast group", group, "port", port)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((group, port))
sock.settimeout(5)
mreq = struct.pack("4sl", socket.inet_aton(group), socket.INADDR_ANY)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP, mreq)
count = 0
while True:
try:
packet = sock.recv(8192)
count += 1
except socket.timeout:
Log("mcast timeout")
finally:
if count > 0 and count % 10 == 0:
Log("mcast received", count, "packets")
def main(kw):
client = Monitor(kwargs=kw)
client.start()
if __name__ == "__main__":
kw = { "mgroup" : "239.1.2.49", "mport" : 20000,
}
main(kw)
Trivial server:
#! /usr/bin/python
from __future__ import print_function
import socket
import time
def_mgroup = "239.1.2.49"
def_mport = 20000
def_rate = 2
def usage():
import sys
print("Usage:", sys.argv[0],
"[multicast group address [multicast port [rate]]]")
print()
print(" multicast group address - default", def_mgroup)
print(" multicast port - default", def_mport)
print(" rate - default", def_rate)
def main(**kw):
mgroup = kw.get("mgroup", def_mgroup)
mport = kw.get("mport", def_mport)
rate = kw.get("rate", def_rate)
sleepdur = 1.0 / rate # divide by zero if you ask for it
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 10)
npackets = 0
while True:
sock.sendto("robot", (mgroup, mport))
npackets += 1
if npackets % 10 == 0: print(time.strftime("%H:%M:%S"), "sent", npackets)
time.sleep(sleepdur)
if __name__ == "__main__":
args = {}
import sys
try:
if len(sys.argv) > 1:
args["mgroup"] = sys.argv[1]
if len(sys.argv) > 2:
args["mport"] = int(sys.argv[2])
if len(sys.argv) > 3:
args["rate"] = int(sys.argv[3])
main(**args)
except Exception as e:
print(e)
usage()
Neither of us really know what we are doing. Can someone shed some light on this?
networking firewall multicast
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I have two subnets that are connected through a Palo Alto 850 firewall.
I've been working with my networks guy and he says he "set up a static RP, enabled IGMP PIM on the interfaces and PIM permitted neighbor is set to any".
Nevertheless, a trivial multicast server on one subnet fails to pass data to a trivial client on the other. The same trivial client works on the same subnet as the server. Client and Server are running CentOS 7; firewalld is disabled on both; server is running in a VMware VM. The working client (on the same subnet) is another VMware VM, but the client on the other subnet is a stand-alone workstation.
Trivial Client:
#! /usr/bin/python
from __future__ import print_function
import socket
import struct
import time
def Log(*args, **kw):
print(time.strftime("%H:%M:%S"), *args, **kw)
class Monitor(object):
def __init__(self, name="Client", args=(), kwargs={}):
self.args = args
self.kwargs = kwargs
def start(self):
self._run(*(self.args), **(self.kwargs))
def _run(self, *args, **kw):
group = kw["mgroup"]
port = kw["mport"]
Log("mcast group", group, "port", port)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((group, port))
sock.settimeout(5)
mreq = struct.pack("4sl", socket.inet_aton(group), socket.INADDR_ANY)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP, mreq)
count = 0
while True:
try:
packet = sock.recv(8192)
count += 1
except socket.timeout:
Log("mcast timeout")
finally:
if count > 0 and count % 10 == 0:
Log("mcast received", count, "packets")
def main(kw):
client = Monitor(kwargs=kw)
client.start()
if __name__ == "__main__":
kw = { "mgroup" : "239.1.2.49", "mport" : 20000,
}
main(kw)
Trivial server:
#! /usr/bin/python
from __future__ import print_function
import socket
import time
def_mgroup = "239.1.2.49"
def_mport = 20000
def_rate = 2
def usage():
import sys
print("Usage:", sys.argv[0],
"[multicast group address [multicast port [rate]]]")
print()
print(" multicast group address - default", def_mgroup)
print(" multicast port - default", def_mport)
print(" rate - default", def_rate)
def main(**kw):
mgroup = kw.get("mgroup", def_mgroup)
mport = kw.get("mport", def_mport)
rate = kw.get("rate", def_rate)
sleepdur = 1.0 / rate # divide by zero if you ask for it
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 10)
npackets = 0
while True:
sock.sendto("robot", (mgroup, mport))
npackets += 1
if npackets % 10 == 0: print(time.strftime("%H:%M:%S"), "sent", npackets)
time.sleep(sleepdur)
if __name__ == "__main__":
args = {}
import sys
try:
if len(sys.argv) > 1:
args["mgroup"] = sys.argv[1]
if len(sys.argv) > 2:
args["mport"] = int(sys.argv[2])
if len(sys.argv) > 3:
args["rate"] = int(sys.argv[3])
main(**args)
except Exception as e:
print(e)
usage()
Neither of us really know what we are doing. Can someone shed some light on this?
networking firewall multicast
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I have two subnets that are connected through a Palo Alto 850 firewall.
I've been working with my networks guy and he says he "set up a static RP, enabled IGMP PIM on the interfaces and PIM permitted neighbor is set to any".
Nevertheless, a trivial multicast server on one subnet fails to pass data to a trivial client on the other. The same trivial client works on the same subnet as the server. Client and Server are running CentOS 7; firewalld is disabled on both; server is running in a VMware VM. The working client (on the same subnet) is another VMware VM, but the client on the other subnet is a stand-alone workstation.
Trivial Client:
#! /usr/bin/python
from __future__ import print_function
import socket
import struct
import time
def Log(*args, **kw):
print(time.strftime("%H:%M:%S"), *args, **kw)
class Monitor(object):
def __init__(self, name="Client", args=(), kwargs={}):
self.args = args
self.kwargs = kwargs
def start(self):
self._run(*(self.args), **(self.kwargs))
def _run(self, *args, **kw):
group = kw["mgroup"]
port = kw["mport"]
Log("mcast group", group, "port", port)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((group, port))
sock.settimeout(5)
mreq = struct.pack("4sl", socket.inet_aton(group), socket.INADDR_ANY)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP, mreq)
count = 0
while True:
try:
packet = sock.recv(8192)
count += 1
except socket.timeout:
Log("mcast timeout")
finally:
if count > 0 and count % 10 == 0:
Log("mcast received", count, "packets")
def main(kw):
client = Monitor(kwargs=kw)
client.start()
if __name__ == "__main__":
kw = { "mgroup" : "239.1.2.49", "mport" : 20000,
}
main(kw)
Trivial server:
#! /usr/bin/python
from __future__ import print_function
import socket
import time
def_mgroup = "239.1.2.49"
def_mport = 20000
def_rate = 2
def usage():
import sys
print("Usage:", sys.argv[0],
"[multicast group address [multicast port [rate]]]")
print()
print(" multicast group address - default", def_mgroup)
print(" multicast port - default", def_mport)
print(" rate - default", def_rate)
def main(**kw):
mgroup = kw.get("mgroup", def_mgroup)
mport = kw.get("mport", def_mport)
rate = kw.get("rate", def_rate)
sleepdur = 1.0 / rate # divide by zero if you ask for it
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 10)
npackets = 0
while True:
sock.sendto("robot", (mgroup, mport))
npackets += 1
if npackets % 10 == 0: print(time.strftime("%H:%M:%S"), "sent", npackets)
time.sleep(sleepdur)
if __name__ == "__main__":
args = {}
import sys
try:
if len(sys.argv) > 1:
args["mgroup"] = sys.argv[1]
if len(sys.argv) > 2:
args["mport"] = int(sys.argv[2])
if len(sys.argv) > 3:
args["rate"] = int(sys.argv[3])
main(**args)
except Exception as e:
print(e)
usage()
Neither of us really know what we are doing. Can someone shed some light on this?
networking firewall multicast
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I have two subnets that are connected through a Palo Alto 850 firewall.
I've been working with my networks guy and he says he "set up a static RP, enabled IGMP PIM on the interfaces and PIM permitted neighbor is set to any".
Nevertheless, a trivial multicast server on one subnet fails to pass data to a trivial client on the other. The same trivial client works on the same subnet as the server. Client and Server are running CentOS 7; firewalld is disabled on both; server is running in a VMware VM. The working client (on the same subnet) is another VMware VM, but the client on the other subnet is a stand-alone workstation.
Trivial Client:
#! /usr/bin/python
from __future__ import print_function
import socket
import struct
import time
def Log(*args, **kw):
print(time.strftime("%H:%M:%S"), *args, **kw)
class Monitor(object):
def __init__(self, name="Client", args=(), kwargs={}):
self.args = args
self.kwargs = kwargs
def start(self):
self._run(*(self.args), **(self.kwargs))
def _run(self, *args, **kw):
group = kw["mgroup"]
port = kw["mport"]
Log("mcast group", group, "port", port)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((group, port))
sock.settimeout(5)
mreq = struct.pack("4sl", socket.inet_aton(group), socket.INADDR_ANY)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_ADD_MEMBERSHIP, mreq)
count = 0
while True:
try:
packet = sock.recv(8192)
count += 1
except socket.timeout:
Log("mcast timeout")
finally:
if count > 0 and count % 10 == 0:
Log("mcast received", count, "packets")
def main(kw):
client = Monitor(kwargs=kw)
client.start()
if __name__ == "__main__":
kw = { "mgroup" : "239.1.2.49", "mport" : 20000,
}
main(kw)
Trivial server:
#! /usr/bin/python
from __future__ import print_function
import socket
import time
def_mgroup = "239.1.2.49"
def_mport = 20000
def_rate = 2
def usage():
import sys
print("Usage:", sys.argv[0],
"[multicast group address [multicast port [rate]]]")
print()
print(" multicast group address - default", def_mgroup)
print(" multicast port - default", def_mport)
print(" rate - default", def_rate)
def main(**kw):
mgroup = kw.get("mgroup", def_mgroup)
mport = kw.get("mport", def_mport)
rate = kw.get("rate", def_rate)
sleepdur = 1.0 / rate # divide by zero if you ask for it
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
sock.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 10)
npackets = 0
while True:
sock.sendto("robot", (mgroup, mport))
npackets += 1
if npackets % 10 == 0: print(time.strftime("%H:%M:%S"), "sent", npackets)
time.sleep(sleepdur)
if __name__ == "__main__":
args = {}
import sys
try:
if len(sys.argv) > 1:
args["mgroup"] = sys.argv[1]
if len(sys.argv) > 2:
args["mport"] = int(sys.argv[2])
if len(sys.argv) > 3:
args["rate"] = int(sys.argv[3])
main(**args)
except Exception as e:
print(e)
usage()
Neither of us really know what we are doing. Can someone shed some light on this?
networking firewall multicast
networking firewall multicast
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 4 mins ago
jwmjwm
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 4 mins ago
jwmjwm
1012
asked 4 mins ago
jwmjwm
1012
1012
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
jwm is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
jwm is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1415490%2fhow-to-enable-multicast-between-subnets-through-a-palo-alto-firewall%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
jwm is a new contributor. Be nice, and check out our Code of Conduct.
jwm is a new contributor. Be nice, and check out our Code of Conduct.
jwm is a new contributor. Be nice, and check out our Code of Conduct.
jwm is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1415490%2fhow-to-enable-multicast-between-subnets-through-a-palo-alto-firewall%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
