From nobody@FreeBSD.org  Fri Jun 28 18:56:30 2013
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
	by hub.freebsd.org (Postfix) with ESMTP id DB8CDCE8
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 28 Jun 2013 18:56:30 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from oldred.freebsd.org (oldred.freebsd.org [8.8.178.121])
	by mx1.freebsd.org (Postfix) with ESMTP id CE8071F70
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 28 Jun 2013 18:56:30 +0000 (UTC)
Received: from oldred.freebsd.org ([127.0.1.6])
	by oldred.freebsd.org (8.14.5/8.14.7) with ESMTP id r5SIuUYP098410
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 28 Jun 2013 18:56:30 GMT
	(envelope-from nobody@oldred.freebsd.org)
Received: (from nobody@localhost)
	by oldred.freebsd.org (8.14.5/8.14.5/Submit) id r5SIuU0u098409;
	Fri, 28 Jun 2013 18:56:30 GMT
	(envelope-from nobody)
Message-Id: <201306281856.r5SIuU0u098409@oldred.freebsd.org>
Date: Fri, 28 Jun 2013 18:56:30 GMT
From: Bernd Walter <ticso@cicely.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Multicast support within jails
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         180067
>Category:       kern
>Synopsis:       [jail] [patch] fix multicast support within jails
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-jail
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 28 19:00:00 UTC 2013
>Closed-Date:    
>Last-Modified:  Fri Jun 28 20:00:44 UTC 2013
>Originator:     Bernd Walter
>Release:        9.1-STABLE
>Organization:
>Environment:
>Description:
To have multicast support in Jails it is required to allow group addresses to be configured for the jail.
In reality this is impossible as multicast groups are not always a local decision.
It also disallows joining the same multicast group within multiple jails.
The tiny patch allows IPv6 multicast adresses to be used within jails without special configuration.
It is used in production since more than one year, but considered more as an example than a complete patch.
A similar check should also be done for IPv4 and maybe placed under a sysctl or jail option which is disabled by default.
This change was worked out together with Aron Schlesinger <as@paefchen.net>.

>How-To-Repeat:

>Fix:
Index: kern/kern_jail.c
===================================================================
--- kern/kern_jail.c    (revision 251406)
+++ kern/kern_jail.c    (working copy)
@@ -3282,6 +3282,9 @@
 {
        int i, a, z, d;
 
+       if (IN6_IS_ADDR_MULTICAST(ia6))
+              return (0);
+
        /*
         * Check the primary IP.
         */


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-jail 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Jun 28 20:00:04 UTC 2013 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=180067 
>Unformatted:
