I want to build an overlay network through VXLAN multicast to achieve communication between virtual machines, but I found that multicast packets can only be transmitted on the same subnet. In order to allow virtual machines on hosts that are not on the same subnet to communicate, I am thinking whether "capture and forward packets" would work. That is, grab a UDP packet with a destination address of 239.1.1.1 and a port of 4789 on hostA on network1, and send it to hostB on network2, and let hostB send the multicast packet. Then I found that the hosts on network2 all can catch this packet with wireshark, but no host corresponds to it. I wonder if Linux has a mechanism to discard fake multicast packets? If this is the case, how should this mechanism be prevented?
1 Answers
Unhandled, multicast is essentially broadcast. For IPv4 multicast that broadcast effect can be mitigated with IGMP. On switched networks with semi-intelligent switches there may be IGMP snooping functionality to further aid in this. Provided this exists, an end-device must subscribe to a multicast group by sending an IGMP join for the given group to "unfilter" that traffic towards itself. Routing multicast between subnets can be done with PIM or DVRMP implementations, or even static multicast routing daemons.
Only exception to this filtering is the 224.0.0.x range, which is reserved for link-local communication, usually IETF protocols. Traffic to these groups must never be filtered in any way.
Hence, to prevent filtering, either the end devices join the group (recommended!), or you send traffic to a group in the reserved range, e.g. on 224.0.0.1 the all-hosts group. (It's ugly and you may trigger ugly bugs on devices in the LAN, but it works.)
