r/networking

•

3 yr. ago

Multicast and VPNs

Hi my fellow networking friends. I am fairly new to this field, and very new to anything using multicast. However we have two servers using multicast across a customer provided network. Our vendor states not all of the multicast traffic is getting through, and that the customer is blocking this somewhere. Our customer claims they are not blocking anything.

When we put in a VPN tunnel between the connection, everything flows through just fine. When we remove it, it fails.

Is it possible multicast would require a VPN over a point to point connection? Thanks in advance

Sort by:

Best

Open comment sort options

networksmuggler

•

3y ago

From personal experience a lot of VPN's do not support multicast. We have a requirement to pass multicast over VPN internally and the only thing that works right is strongswan and it's not even 'official' but it works. Just very cpu intensive.

What VPN are you using?

jniel44

•

3y ago

That's what's strange, the multicast only works when we put the VPN in place. Our customer is providing us with what they say is a direct connection, but multicast is still failing. Only works when we put the VPN up. I would have to check details on the VPN as it was provided by our vendor.

More replies

muxie2007

•

3y ago

Are there specific multicast IPs that the servers are using? Make sure that these IP are allowed on both ends of the network (not sure how your connection is like). If the customer claims that they are not blocking anything, have them put a rule on their firewall allowing multicast IP/s to the other end of the network. Do the same on the other end

PeFClic

•

3y ago

Multicast is limited to a LAN, or with the support of your routers to your site. If you use a VPN based on GRE that is not encrypted by default you can encapsulate multicast packets. If you need encryption you can encrypt your GRE packets with IPSec. You can also use Wireguard tunnels instead of GRE+IPSec.

Jackol1

•

3y ago

• Edited 3y ago

I have seen this before and it was caused by IGMP snooping on a providers switch pruning the multicast group. This was for IPTV stream and nothing was joining the feed on the multicast group from the other end of the PtP circuit. As a result the provider switch was pruning the multicast feed from its uplink port. They noticed it because the port connected to the broadcast server was taking 2G of traffic, but nothing was leaving the uplink port on their switch in the same Vlan. Disable igmp snooping on that Vlan and it started flowing.

Multicast and VPNs

Comments Section

Multicast (IPTV) Over VPN

Multicast Traffic VPN solution

Configuring Multicast

Multicast Routing Troubleshooting

Multicast over IPSec

AT&T MPLS Multicast Support

Multicast-questions

How are you handling multicast at the office these days?

Need help configuring multicast over WireGuard

multicast when service provider does not support over mpls

Forwarding multicast video to WAN

Multicast in an enterprise network - does it make sense to globally enable it?

Not a fan of Multicast

How can I broadcast Video over WAN using multicast?

What is ipv6 multicast pass-through that is mentioned in VxRail doc?

Massive subnet for a small network?

Wi-Fi Monitoring

VPN within network

Allowing LAN traffic TO VPN Clients

Juniper Secure Connect and Dynamic VPN Clients

How many devices can you practically put on one IPv6 subnet?

Fiber optic wireless access points? Also techniques to get power over fiber optic?

ISP BGP Announcement Multi-Site

Looking for recommendations for SMB router/firewall

Advices for Becoming Network Engineer

Top Posts