I’m trying to configure my CRS326 to allow uPNP/DLNA traffic between a media server (Synology NAS) and a media renderer (Cambridge Audio CXNv2, an audio player).
These devices are both directly connected to the CRS326 using ethernet cables. The media server is on vlan040, the renderer is on vlan100.
Both devices obtain an IP through DHCP. I tried to configure PIM/uPNP on the CRS326, however the devices still don’t see each other (the renderer does not see the media server, and I have no clue about what I'm doing wrong)
Could you please help me make it work (and understand) ?
Here is the relevant part of the configuration:
Code: Select all
/interface bridge
add add-dhcp-option82=yes admin-mac=XX:XX:XX:XX:XX:XX arp=proxy-arp auto-mac=no comment="Main Bridge" dhcp-snooping=yes igmp-snooping=yes multicast-router=permanent name=bridge vlan-filtering=yes
/interface vlan add interface=bridge name=vlan040-services-internal vlan-id=40
/interface vlan add interface=bridge name=vlan100-entertainment-audio vlan-id=100
/interface bridge vlan
add bridge=bridge tagged=bridge vlan-ids=40
add bridge=bridge tagged=bridge vlan-ids=100
/interface bridge port
add bridge=bridge comment="WAN port" disabled=yes interface=ether1
add bridge=bridge comment="Internal services server 1 port" frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether6 multicast-router=permanent pvid=40
add bridge=bridge comment="Music player port" frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether20 multicast-router=permanent pvid=100
/ip address add address=10.70.40.1/24 interface=vlan040-services-internal network=10.70.40.0
/ip address add address=10.80.100.1/29 interface=vlan100-entertainment-audio network=10.80.100.0
/ip pool add name=dhcp_pool_vlan040 ranges=10.70.40.2
/ip pool add name=dhcp_pool_vlan100 ranges=10.80.100.2
# 0x180A4628000A462801 -> net mask = 24, network = 10.70.40.0, gateway = 10.70.40.1
/ip dhcp-server option add code=121 name=vlan040-mcast-route value=0x180A4628000A462801
# 0x180A4628000A506401 -> net mask = 24, network = 10.70.40.0, gateway = 10.80.100.1
/ip dhcp-server option add code=121 name=vlan100-mcast-route value=0x180A4628000A506401
/ip dhcp-server option sets add name=vlan100-dhcp-opts options=vlan100-mcast-route
/ip dhcp-server option sets add name=vlan040-dhcp-opts options=vlan040-mcast-route
/ip dhcp-server add address-pool=dhcp_pool_vlan100 dhcp-option-set=vlan100-dhcp-opts disabled=no interface=vlan100-entertainment-audio lease-time=5m name=dhcp-vlan100
/ip dhcp-server add address-pool=dhcp_pool_vlan040 dhcp-option-set=vlan040-dhcp-opts disabled=no interface=vlan040-services-internal lease-time=5m name=dhcp-vlan040
/ip dhcp-server network add address=10.70.40.0/24 dns-server=10.71.60.2 gateway=10.70.40.1
/ip dhcp-server network add address=10.80.100.0/30 dns-server=10.71.60.2 gateway=10.80.100.1
/ip upnp set enabled=yes
/ip upnp interfaces add interface=vlan040-services-internal type=internal
/ip upnp interfaces add interface=vlan100-entertainment-audio type=external
/routing pim interface add interface=vlan040-services-internal
/routing pim interface add interface=vlan100-entertainment-audio
/routing pim rp add address=10.70.40.1
# firewall filter rules related to DLNA.
# Set 1) Input chain rules to handle multicast traffic. I see no drops, second accept rule has no hits.
/ip firewall filter add action=jump chain=input comment="Jump to input_multicast chain" dst-address-type=multicast jump-target=input_multicast
/ip firewall filter add action=accept chain=input_multicast dst-port=1900,1902,5353 in-interface=vlan040-services-internal log-prefix=in-SSDP protocol=udp
/ip firewall filter add action=accept chain=input_multicast dst-port=1900,1902,5353 in-interface=vlan100-entertainment-audio log-prefix=in-SSDP protocol=udp
/ip firewall filter add action=accept chain=input_multicast in-interface=vlan040-services-internal protocol=igmp
/ip firewall filter add action=accept chain=input_multicast in-interface=vlan100-entertainment-audio protocol=igmp
/ip firewall filter add action=drop chain=input_multicast comment="Drop other input_multicast" log=yes
# Set 2) Forward chain rules to handle multicast traffic. All rules hit, no drops are observed
/ip firewall filter add action=jump chain=forward comment="Jump to forward_multicast chain" dst-address-type=multicast jump-target=forward_multicast
/ip firewall filter add action=accept chain=forward_multicast dst-port=1900,1902,5353 in-interface=vlan100-entertainment-audio out-interface=vlan040-services-internal protocol=udp
/ip firewall filter add action=accept chain=forward_multicast in-interface=vlan040-services-internal out-interface=vlan100-entertainment-audio
/ip firewall filter add action=drop chain=forward_multicast comment="Drop other forward_multicast" log=yes
# Set 3) Forward chain rules to handle traffic to the media server (Synology NAS). Only 2nd action has hits, no drops are observed.
/ip firewall filter add action=jump chain=forward comment="Jump to forward_service_internal_nas_clients_dlna chain" in-interface-list=Clients_DLNA jump-target=forward_service_internal_nas_clients_dlna
/ip firewall filter add action=accept chain=forward_service_internal_nas_clients_dlna dst-port=50001,50002 in-interface=vlan100-entertainment-audio out-interface=vlan040-services-internal protocol=tcp
/ip firewall filter add action=accept chain=forward_service_internal_nas_clients_dlna in-interface=vlan100-entertainment-audio out-interface=vlan040-services-internal protocol=udp src-port=1900
/ip firewall filter add action=drop chain=forward_service_internal_nas_clients_dlna comment="Drop other forward_service_internal_nas_clients_dlna" log=yes
# Set 4) Forward chain rules to handle traffic to the media renderer (CXNv2). Only 2nd accept has hits, no drops
/ip firewall filter add action=jump chain=forward comment="Jump to forward_entertainment_audio chain" jump-target=forward_entertainment_audio out-interface=vlan100-entertainment-audio
/ip firewall filter add action=accept chain=forward_entertainment_audio in-interface=vlan040-services-internal out-interface=vlan100-entertainment-audio protocol=tcp src-port=50002
/ip firewall filter add action=accept chain=forward_entertainment_audio dst-port=8050 in-interface=vlan040-services-internal out-interface=vlan100-entertainment-audio protocol=tcp
/ip firewall filter add action=accept chain=forward_entertainment_audio dst-port=1900 in-interface=vlan040-services-internal out-interface=vlan100-entertainment-audio protocol=udp
/ip firewall filter add action=accept chain=forward_entertainment_audio in-interface=vlan040-services-internal out-interface=vlan100-entertainment-audio protocol=udp
/ip firewall filter add action=drop chain=forward_entertainment_audio comment="Drop other forward_entertainment_audio" log=yes
# Set 5) Output chain rules to handle multicast traffic. No drops, the last accept is never hit.
/ip firewall filter add action=jump chain=output comment="Jump to output_multicast chain" dst-address-type=multicast jump-target=output_multicast
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan040-services-internal protocol=pim
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan100-entertainment-audio protocol=pim
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan040-services-internal protocol=igmp
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan100-entertainment-audio protocol=igmp
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan040-services-internal port=1900,1902,5353 protocol=udp
/ip firewall filter add action=accept chain=output_multicast out-interface=vlan100-entertainment-audio port=1900,1902,5353 protocol=udp
/ip firewall filter add action=drop chain=output_multicast comment="Drop other output_multicast" log=yes
I also added two mangle rules to increase the TTL of the discovery related packets, but it changed nothing.
Code: Select all
/ip firewall mangle add action=change-ttl chain=prerouting dst-address-type=multicast log-prefix=TTL+ new-ttl=set:64 passthrough=yes port=1900 protocol=udp
/ip firewall mangle add action=change-ttl chain=prerouting new-ttl=set:64 passthrough=yes protocol=igmp
Code: Select all
/routing igmp-proxy mfc print detail
Flags: X - disabled, A - active, D - dynamic
0 AD group=239.255.255.250 source=10.70.40.1 upstream-interface=*FFFFFFFF downstream-interfaces="" active-downstream-interfaces="" bytes=4698 packets=45 wrong-packets=0
1 AD group=239.255.255.250 source=10.70.40.2 upstream-interface=*FFFFFFFF downstream-interfaces="" active-downstream-interfaces="" bytes=1640444 packets=3336 wrong-packets=0
/routing pim rp print
Flags: D - dynamic, X - disabled
# ADDRESS TYPE PRIORITY
0 10.70.40.1 static 192
/routing pim interface print
Flags: X - disabled, I - inactive, D - dynamic, R - designated-router, v1 - IGMPv1, v2 - IGMPv2, v3 - IGMPv3
# INTERFACE PROTOCOLS
0 Rv2 vlan040-services-internal pim
igmp
1 Rv2 vlan100-entertainment-audio pim
igmp
2 DR register pim
/routing pim mfc print detail terse
group=239.255.255.250 source=10.70.40.1 rp=10.70.40.1 upstream-interface=vlan040-services-internal downstream-interfaces=vlan100-entertainment-audio
group=239.255.255.250 source=10.70.40.2 rp=10.70.40.1 upstream-interface=vlan040-services-internal downstream-interfaces=vlan100-entertainment-audio
group=239.255.255.250 source=10.80.100.2 rp=10.70.40.1 upstream-interface=vlan100-entertainment-audio downstream-interfaces=vlan040-services-internal
/routing pim mrib print detail terse
6 D destination=10.70.40.0/24 gateway=0.0.0.0 interface=vlan040-services-internal metric=0
12 D destination=10.80.100.0/29 gateway=0.0.0.0 interface=vlan100-entertainment-audio metric=0
/routing pim join print
Flags: RP - (*,*,RP), WC - (*,G), SG - (S,G), SG_rpt - (S,G,rpt)
GROUP SOURCE RP
WC 224.0.0.0 10.70.40.1 10.70.40.1
SG 239.255.3.22 0.0.0.0 10.70.40.1
SG 239.255.90.90 0.0.0.0 10.70.40.1
SG 239.255.255.250 0.0.0.0 10.70.40.1
SG_rpt 239.255.255.250 10.70.40.1 10.70.40.1
SG_rpt 239.255.255.250 10.70.40.2 10.70.40.1
/routing pim igmp-group print terse
v2E interface=vlan100-entertainment-audio group=224.0.0.2 source=0.0.0.0 last-reported=10.80.100.1 timeout=2m49s
v2E interface=vlan100-entertainment-audio group=224.0.0.13 source=0.0.0.0 last-reported=10.80.100.1 timeout=2m51s
v2E interface=vlan100-entertainment-audio group=224.0.0.22 source=0.0.0.0 last-reported=10.80.100.1 timeout=2m43s
v2E interface=vlan100-entertainment-audio group=239.255.3.22 source=0.0.0.0 last-reported=10.80.100.2 timeout=2m43s
v2E interface=vlan100-entertainment-audio group=239.255.90.90 source=0.0.0.0 last-reported=10.80.100.2 timeout=2m48s
v2E interface=vlan040-services-internal group=224.0.0.2 source=0.0.0.0 last-reported=10.70.40.1 timeout=2m47s
v2E interface=vlan040-services-internal group=224.0.0.13 source=0.0.0.0 last-reported=10.70.40.1 timeout=2m52s
v2E interface=vlan040-services-internal group=224.0.0.22 source=0.0.0.0 last-reported=10.70.40.1 timeout=2m52s
v2E interface=vlan040-services-internal group=239.255.255.250 source=0.0.0.0 last-reported=10.70.40.2 timeout=2m47s
/ip route print detail terse
6 ADC dst-address=10.70.40.0/24 pref-src=10.70.40.1 gateway=vlan040-services-internal gateway-status=vlan040-services-internal reachable distance=0 scope=10
12 ADC dst-address=10.80.100.0/29 pref-src=10.80.100.1 gateway=vlan100-entertainment-audio gateway-status=vlan100-entertainment-audio reachable distance=0 scope=10
/ip arp print terse
3 DC address=10.70.40.2 mac-address=YY:YY:YY:YY:YY:YY interface=vlan040-services-internal published=no
7 DC address=10.80.100.2 mac-address=ZZ:ZZ:ZZ:ZZ:ZZ:ZZ interface=vlan100-entertainment-audio published=no
Code: Select all
Mar26 12:23:24 Error: DMSClientList::UpdateKeys - MAC address is empty by 10.80.100.2 from ARP talble
Michel