Enabling multicast for a project

    Multicast traffic between OKD pods is disabled by default. If you are using the OpenShift SDN default Container Network Interface (CNI) network provider, you can enable multicast on a per-project basis.

    When using the OpenShift SDN network plug-in in isolation mode:

    • Multicast packets sent by a pod will be delivered to all other pods in the project, regardless of NetworkPolicy objects. Pods might be able to communicate over multicast even when they cannot communicate over unicast.

    • Multicast packets sent by a pod in one project will never be delivered to pods in any other project, even if there are NetworkPolicy objects that allow communication between the projects.

    When using the OpenShift SDN network plug-in in multitenant isolation mode:

    • Multicast packets sent by a pod will be delivered to all other pods in the project.

    • Multicast packets sent by a pod in one project will be delivered to pods in other projects only if each project is joined together and multicast is enabled in each joined project.

    Enabling multicast between pods

    Prerequisites

    • Install the OpenShift CLI (oc).

    • You must log in to the cluster with a user that has the cluster-admin role.

    Procedure

    • Run the following command to enable multicast for a project. Replace <namespace> with the namespace for the project you want to enable multicast for.

    Verification

    To verify that multicast is enabled for a project, complete the following procedure:

    1. Change your current project to the project that you enabled multicast for. Replace <project> with the project name.

      1. $ oc project <project>
      1. $ cat <<EOF| oc create -f -
      2. apiVersion: v1
      3. metadata:
      4.   name: mlistener
      5.   labels:
      6.     app: multicast-verify
      7. spec:
      8.   containers:
      9.     - name: mlistener
      10.       image: registry.access.redhat.com/ubi8
      11.       command: ["/bin/sh", "-c"]
      12.       args:
      14.       ports:
      15.         - containerPort: 30102
      16.           name: mlistener
      17. EOF

    3. Create a pod to act as a multicast sender:

    4. Start the multicast listener.

      1. Get the IP address for the Pod:

        1. $ POD_IP=$(oc get pods mlistener -o jsonpath='{.status.podIP}')

      2. To start the multicast listener, in a new terminal window or tab, enter the following command:

        1. $ oc exec mlistener -i -t -- \
        2.     socat UDP4-RECVFROM:30102,ip-add-membership=224.1.0.1:$POD_IP,fork EXEC:hostname

    5. Start the multicast transmitter.

      1. Get the pod network IP address range:

      2. To send a multicast message, enter the following command:

        1. $ oc exec msender -i -t -- \
        2.     /bin/bash -c "echo | socat STDIO UDP4-DATAGRAM:224.1.0.1:30102,range=$CIDR,ip-multicast-ttl=64"

        If multicast is working, the previous command returns the following output: