Multicast enabled is creating an internal DDOS-like scenario
You can message and share files inside your intranet without a server.
Brought to you by:
mastroddi
Menu
▾
▴
1 Attachments
#657 Multicast enabled is creating an internal DDOS-like scenario
I am trying to set the "UseMulticastDns=false" in the beebeep.rc file and while it is setting it, what is not happening is that in the settings for the Network the "Use default multicast group address (239.255.64.75)" stays checked. As soon as I manually uncheck the box, the setting stays and the packet storm that is currently happening stops. What am I missing.
Discussion
Anonymous
Hello. There was a misunderstanding on the option. In the file BEEBEEP-HELP.txt
https://sourceforge.net/p/beebeep/code/HEAD/tree/BEEBEEP-HELP.txt
there is
UseMulticastDns=[true/false] if enabled BeeBEEP use Zero Configuration Networking (default=true in macosx, default=false in others)
Zero Configuration Networking, also called Apple Bonjour or Multicast DNS is also a multicast service but it is not related to BeeBEEP multicast discover service.
I forgot to add an option in beebeep.rc to disable multicast so the only way is uncheck the option in Network "Use default multicast group addres..." as you made.
I also want to understand why there was a packet storm... normally the "multicast" is one small packet sent once at BeeBEEP startup or every about 30 seconds only if the "user list" is empy...
I will make more tests.
Thank you for your ticket!
UPDATE: if you want to disable multicast now you can also create a beehosts.ini file and place the addresses you want to broadcast.
https://sourceforge.net/p/beebeep/code/HEAD/tree/misc/beehosts_example.ini
And them in beebeep.rc enable the option
BroadcastOnlyToHostsIni=true
And it should work in this way also.
I have added in source code a new option in beebeep.rc file called "DisableMulticast" but it will be available from version 5.8.3.
To update you with what caused the packed storm, here is what happened. The our network is build and designed for security, so while we have 750+ office locations, we have built the network to not allow traffic between offices. The problem was that there are some ports open to allow certian specific applications to communicate with the central offce, so the application was trying to connect between offices. This escalated to generating approximatey 2.6 trillon data packets. It completely saturated our internal network and stopped all traffic. We also discovered that when we checked the box for "Disable Multicast" it created a new ini file in a user profile that had settings that were in conflict with the .rc file in the Application directory.
It is a multicast TTL problem also. The default setting is 32 to it will try to bypass all routers in your LAN. I will set it to 2 so BeeBEEP area is more restricted.
BeeBEEP creates always a beebeep.ini file in user profile with user related settings.
Can you tell me what are the options in conflict? Normally the beebeep.rc has a "starting configuration" and some options cannot be overruled by ini file: maybe I forget some options...