We have specified and implemented a multicast routing protocol named HPIM-DM (Hard-state Protocol Independent Multicast - Dense Mode). This repository stores the implementation of this protocol. The implementation is written in Python language and is destined to Linux systems.
Additionally, IGMPv2 and MLDv1 are implemented alongside with HPIM-DM to detect interest of hosts.
- HPIM-DM: A fast and reliable dense-mode multicast routing protocol - Published Paper
- The HPIM-DM Multicast Routing Protocol - Full High Level Description
- HPIM-DM state machines
- Python implementation of IGMPv2, PIM-DM and HPIM-DM
- Test to Python implementation of IGMPv2, PIM-DM, and HPIM-DM
- SPIN/Promela correctness tests of HPIM-DM
- Linux machine
- Unicast routing protocol*
- Python3 (we have written all code to be compatible with at least Python v3.3)
- pip (to install all dependencies)
- tcpdump
*HPIM-DM uses the Linux unicast routing table for RPF checks and also to detect loops. For this reason the Linux routing table must have consistent information. However some routing packages like most recent versions of Quagga set the metric of routes with a dummy value causing HPIM-DM to false suspect a loop and to not create multicast trees as expected.
pip3 install hpim-dm
You may need sudo permissions, in order to run this protocol. This is required because we use raw sockets to exchange control messages. For this reason, some sockets to work properly need to have super user permissions.
To interact with the protocol you need to execute the hpim-dm command. You may need to specify a command and corresponding arguments:
hpim-dm -COMMAND ARGUMENTS
IPv4 and IPv6 multicast is supported. By default all commands will be executed on IPv4 daemon. To execute a command on the IPv6 daemon use -6.
In order to start the protocol you first need to explicitly start it. This will start a daemon process, which will be running in the background.
We support multiple tables. Each daemon process will be bind to a given multicast and unicast table id, which can be defined at startup with -mvrf and -uvrf.
If -mvrf is not defined, the default multicast table id will be used (table id 0).
If -uvrf is not defined, the default unicast table id will be used (table id 254).
sudo hpim-dm -start [-mvrf MULTICAST_TABLE_ID] [-uvrf UNICAST_TABLE_ID]
After starting the protocol process, if the default multicast table is not used, the following commands (for adding interfaces and listing state) need to have the argument -mvrf defined to specify the corresponding daemon process.
Multiple daemons are supported, each bind to a given multicast routing table id.
To perform configurations on one of these daemons use -mvrf command and define the daemon by its multicast table id.
To see all daemons that are currently running:
sudo hpim-dm -instances
After starting the protocol process you can enable the protocol in specific interfaces. You need to specify which interfaces will have IGMP/MLD enabled and which interfaces will have HPIM-DM enabled.
-
To have a given interface being monitored by HPIM-DM (to exchange control packets with it), you need to run the following command:
sudo hpim-dm -ai INTERFACE_NAME [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
To have a given interface being monitored by IGMPv2 (to monitor the IPv4 multicast interest of directly connected hosts), you need to run the following command:
sudo hpim-dm -aiigmp INTERFACE_NAME [-mvrf MULTICAST_TABLE_ID] -
To have a given interface being monitored by MLDv1 (to monitor the IPv6 multicast interest of directly connected hosts), you need to run the following command:
sudo hpim-dm -aimld INTERFACE_NAME [-mvrf MULTICAST_TABLE_ID]
To remove a previously added interface, you need to run the following commands:
-
To remove a previously added HPIM-DM interface:
sudo hpim-dm -ri INTERFACE_NAME [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
To remove a previously added IGMP interface:
sudo hpim-dm -riigmp INTERFACE_NAME [-mvrf MULTICAST_TABLE_ID] -
To remove a previously added MLD interface:
sudo hpim-dm -rimld INTERFACE_NAME [-mvrf MULTICAST_TABLE_ID]
If you want to stop the protocol process, and stop the daemon process, you need to explicitly run this command:
If a specific multicast table id was defined on startup, you need to define the daemon by its multicast table id.
sudo hpim-dm -stop [-mvrf MULTICAST_TABLE_ID]
HPIM-DM offers integrity, authentication and freshness guarantees on control messages. These guarantees are achieved by appending an HMAC on all control messages and by having monotonically increasing sequence numbers.
All control messages carry a Security Identifier, which is a number that identifies the algorithm and key used on the HMAC calculation (same as Key ID on OSPF). All routers connected to a link must agree on the security identifier, algorithm and key. This security is per interface meaning that different interfaces can have different security identifiers, algorithms and keys (which is highly recommended).
-
List all available hash algorithms that can be used to create the HMAC.
sudo hpim-dm -lsec [-mvrf MULTICAST_TABLE_ID] -
Enable security on HPIM-DM interface named INTERFACE_NAME. The SECURITY_IDENTIFIER is a number and identifies the algorithm and key of the HMAC. To check the available algorithms run -lsec.
sudo hpim-dm -aisec INTERFACE_NAME SECURITY_IDENTIFIER SECURITY_ALGORITHM SECURITY_KEY [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
Disable security identified by SECURITY_IDENTIFIER from HPIM-DM interface named INTERFACE_NAME.
sudo hpim-dm -risec INTERFACE_NAME SECURITY_IDENTIFIER [-4 | -6] [-mvrf MULTICAST_TABLE_ID]
We have built some list commands that can be used to check the "internals" of the protocol.
-
Show all router interfaces and which ones have HPIM-DM and IGMP/MLD enabled. For IGMP/MLD enabled interfaces outputs the Querier state. For HPIM enabled interfaces outputs security settings.
sudo hpim-dm -li [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
Verify neighbors that have established a neighborhood relationship.
sudo hpim-dm -ln [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
Verify all stored sequence numbers.
sudo hpim-dm -lsn [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
Verify all state regarding each neighbor, whether they are UPSTREAM or NOT UPSTREAM and in the latter whether they are INTERESTED or NOT INTERESTED in receiving data packets.
sudo hpim-dm -lns [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
List all state machines and corresponding state of all trees that are being monitored. Also list IGMP/MLD state for each group being monitored.
sudo hpim-dm -ls [-4 | -6] [-mvrf MULTICAST_TABLE_ID] -
List Linux Multicast Routing Table (equivalent to
ip mroute show)sudo hpim-dm -mr [-4 | -6] [-mvrf MULTICAST_TABLE_ID]
-
Control flooding behavior (whether to flood or not data packets during the broadcast tree formation)
sudo hpim-dm -fid [-mvrf MULTICAST_TABLE_ID] -
This setting allows during an AW replacement (for example due to RPC changes) for the previous AW to hold its forwarding state for a small amount of time. This way it is possible to prevent loss of data packets during this event, however it may introduce traffic duplication (while the new and the previous AW both forward traffic). By default this setting is enabled with a time period of 2 seconds.
sudo hpim-dm -hfs [-mvrf MULTICAST_TABLE_ID]
Files tree/hpim_globals.py, igmp/igmp_globals.py and mld/mld_globals.py store all timer values and some configurations regarding HPIM-DM, IGMPv2 and MLDv1. If you want to tune the protocol, you can change the values of these files. These configurations are used by all interfaces, meaning that there is no tuning per interface.
It is possible to configure the protocol using a YAML file. This configuration file can be used to set all interfaces that will have HPIM-DM/IGMP/MLD enabled, as well to fine tune these protocols by setting their timers. Currently the settings are shared by all interfaces. In a future release it will be possible to set timers per interface.
To use this feature you need to manually install PyYaml. PyYaml is not automatically installed with hpim-dm to support older Python versions (as of now PyYaml requires at least Python v3.5).
This YAML file is a configuration file example.
It it also possible to get an YAML configuration file from the current settings of the daemon. This will output an YAML template that can be used later for enabling the daemon with the same settings (enabled interfaces and timers). The command for this matter is the following:
sudo hpim-dm -get_config [-mvrf MULTICAST_TABLE_ID]
To input an YAML configuration file to the daemon:
sudo hpim-dm -config CONFIGURATION_FILE_PATH
In order to determine which commands and corresponding arguments are available you can call the help command:
hpim-dm -h
We have created a wireshark dissector in order to interpret HPIM-DM control packets using Wireshark. The plugin can be found on our dissector branch.
We have performed tests to our specification and implementation. You can check on the corresponding branches:
- promela - Validation of correctness properties, through model checking, of different HPIM-DM state machines using Promela and Spin.
- Test_HPIM_BroadcastTree - Topology used to test our implementation regarding the creation and maintenance of the broadcast tree.
- Test_HPIM_Sync_Without_Trees - Topology used to test the implementation of HPIM-DM neighbor discovery and synchronization without trees established on the network.
- Test_HPIM_Sync_With_Trees - Topology used to test the implementation of HPIM-DM neighbor discovery and synchronization mechanism with trees already established on the network.
- Test_HPIM_Assert - Topology used to test the implementation of the HPIM-DM AssertWinner election.
- Test_HPIM_Interest - Topology used to test HPIM-DM implementation regarding the forwarding decision of routers by having multicast interest changes.
- Test_HPIM_Loop - Topology used to test the avoidance of trees being maintained indefinitely in the presence of loops on HPIM-DM.
- Test_HPIM_Source_Loop - Topology used to test the prevention of data packets being looped when a originator router has multiple interfaces directly connected to the source.
- Test_IGMP - Topology used to test our IGMPv2 implementation.