I have exactly the same issue as described by
byron.moore. PIM on the receiver(vMX running Junos 18.2R1.9) ingress interface is enabled and the router control plane receives the ICMP "echo request" messages, but does not send ICMP "echo reply" as a response:
root@r8> monitor traffic interface ge-0/0/0 no-resolve matching icmp
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is OFF.
Listening on ge-0/0/0, capture size 96 bytes
10:44:35.345907 In IP 10.10.111.1 > 225.1.1.1: ICMP echo request, id 51945, seq 33, length 64
10:44:36.351178 In IP 10.10.111.1 > 225.1.1.1: ICMP echo request, id 51945, seq 34, length 64
10:44:37.406408 In IP 10.10.111.1 > 225.1.1.1: ICMP echo request, id 51945, seq 35, length 64
10:44:38.355660 In IP 10.10.111.1 > 225.1.1.1: ICMP echo request, id 51945, seq 36, length 64
^C
8 packets received by filter
0 packets dropped by kernel
root@r8>
I also made sure, that the FreeBSD net.inet.icmp.bmcastecho is set to 1:
root@r8> start shell sh
# sysctl net.inet.icmp.bmcastecho
net.inet.icmp.bmcastecho: 1
# exit
root@r8>
Still, for some reason, the vMX did not reply to ICMP "echo request" messages addressed to multicast address.
As a workaround, I joined to multicast group on a host machine:
martin@lab-svr:~$ ip a sh dev ge-0.0.1-r8
634: ge-0.0.1-r8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN
group default qlen 1000
link/ether fe:78:dd:0e:ff:f1 brd ff:ff:ff:ff:ff:ff
inet 10.10.13.2/24 scope global ge-0.0.1-r8
valid_lft forever preferred_lft forever
inet6 fe80::fc78:ddff:fe0e:fff1/64 scope link
valid_lft forever preferred_lft forever
martin@lab-svr:~$
martin@lab-svr:~$ sudo socat STDIO UDP4-DATAGRAM:225.1.1.1:5000,ip-add-membership=225.1.1.1:10.10.13.2
One can confirm the membership status with "ip maddr":
martin@lab-svr:~$ ip -4 maddr sh dev ge-0.0.1-r8
634: ge-0.0.1-r8
inet 225.1.1.1
inet 224.0.0.251
inet 224.0.0.1
martin@lab-svr:~$
Also, the value of the /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts in Linux has to be 0 and iptables/netfilter has to be configured properly.
Original Message:
Sent: 10-24-2019 22:52
From: Unknown User
Subject: Issue with simple multicast ping
Hello,
I labbed up Your setup and in order to have multicast pings replied to, You need to enable PIM on the receiver' ingress interface.
PIM-DM should suffice.
IGMP is not enough.
HTH
Thx
Alex