gluon-ebtables: don't filter incoming MLD Reports via ebtables

If there is no multicast router behind a bridge port then the Linux bridge multicast snooping code itself will refrain from forwarding a report, as recommended/required by RFC4541 ("Considerations for Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Snooping Switches). So these rules are in most cases redundant. On the other hand, removing them allows to actually run an IPv6 multicast router behind a Gluon node. Since OpenWrt 23.05 it will allow detecting multicast routers via Multicast Router Discovery (RFC4286). And removing these ebtables rules will allow a layer 3 multicast router to then receive MLD reports from the mesh properly and by that to learn about others listeners in the mesh. Signed-off-by: Linus Lüssing <[email protected]>
freifunk-gluon · Mar 26, 2024 · cf37b5d · cf37b5d
1 parent 7e85cd5
commit cf37b5d
Showing 1 changed file with 0 additions and 4 deletions.
diff --git a/package/gluon-ebtables/luasrc/lib/gluon/ebtables/105-mcast-drop-igmp-mld b/package/gluon-ebtables/luasrc/lib/gluon/ebtables/105-mcast-drop-igmp-mld
@@ -13,8 +13,4 @@ if site.mesh.filter_membership_reports(true) then
 	rule('MULTICAST_OUT_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 131 -j DROP') -- MLDv1 Report
 	rule('MULTICAST_OUT_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 132 -j DROP') -- MLDv1 Done
 	rule('MULTICAST_OUT_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 143 -j DROP') -- MLDv2 Report
-
-	rule('MULTICAST_IN_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 131 -j DROP', 'nat') -- MLDv1 Report
-	rule('MULTICAST_IN_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 132 -j DROP', 'nat') -- MLDv1 Done
-	rule('MULTICAST_IN_ICMPV6 -p IPv6 --ip6-protocol ipv6-icmp --ip6-icmp-type 143 -j DROP', 'nat') -- MLDv2 Report
 end