解决非相同网段的包被丢弃的问题

close the firewell


echo 0 > /proc/sys/net/ipv4/conf/ethx/rp_filter
net.ipv4.netfilter.ip_conntrack_max
或者


/etc/sysctl.conf 中添加或者修改如下项


# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0


/sbin/sysctl -p




如果交换机不支持igmp v3，那设置如下配置
echo 2 > /proc/sys/net/ipv4/conf/ethx/force_igmp_version // 强制使用IGMP v2




可能需要的配置命令：
ifup eth2
ifdown eth2


ifconfig em2 192.168.103.117 netmask 255.255.0.0
route add -net 192.168.103.0 netmask 255.255.255.0 gw 192.168.103.254
route del -net 192.168.103.0 netmask 255.255.255.0


route add default gw 192.168.1.1


查看IGMP协议交互：
tcpdump -i eth0 igmp


tcpdump -s 0 dst port 1156


23:36:14.113877 IP 172.18.0.1 > 224.0.0.1: igmp query v2
23:36:14.230570 IP 192.168.103.117 > 239.0.0.39: igmp v2 report 239.0.0.39
23:36:17.008630 IP 192.168.103.117 > 224.0.0.251: igmp v2 report 224.0.0.251




如果发现没有发送加入组播IGMP，而是以下这种，说明服务器在查找支持IGMP V3的交换机，
这时可以强制使用IGMP v2


23:36:14.113877 IP 172.18.0.1 > 224.0.0.1: igmp query v2
23:36:17.008630 IP 192.168.103.117 > 224.0.0.22: igmp v2 report 224.0.0.22

23:36:17.008630 IP 192.168.103.117 > 224.0.0.22: igmp v2 report 224.0.0.22

cat /proc/sys/net/ipv4/conf/ethx/rp_filter