Recently, for an Intershop on Amazon Web Services Proof of Concept, a requirement was to enable multicast traffic between two EC2 instances, each running in another availability zone. As you might know, multicast traffic is natively not supported on AWS VPC, not in an availability zone nor between availability zones.
This article explains how to enable multicast traffic between two (or more) hosts using an n2n L2 tunnel (we use CentOS 6.5).
#First; install compile tools & s3cmd yum -y install svn make gcc s3cmd #Download the code svn co https://svn.ntop.org/svn/ntop/trunk/n2n #Disable encryption and compression before compiling the binaries; this should improve performance cd n2n/n2n_v2 sed -i "s/#N2N_OPTION_AES=no/N2N_OPTION_AES=no/g" Makefile sed -i "s/#define N2N_COMPRESSION_ENABLED 1/#define N2N_COMPRESSION_ENABLED 0/g" n2n.h make
The make process should now have created two binaries:
- supernode -> to be run on the supernode, used for connection setup and VPN tunnel registration
- edge -> to be run on the nodes that will participate in multicast traffic
#Install the supernode binary on this host cp ./supernode /usr/bin/ #store binaries in s3 s3cmd put supernode s3://bucketname/files/supernode s3cmd put edge s3://bucketname/files/edge # on the edge servers, install the edge binary s3cmd get s3://bucketname/files/edge /usr/bin/edge chmod +x /usr/bin/edge
On the supernode, start the supernode process and add it to rc.local so it starts automatically when we start the instance. The deamon is listening on UDP port 1200, so don’t forget to create an AWS Security Group that allows UDP traffic on this port between all nodes that participate in the n2n tunnel (also include the supernode).
#start the supernode and automatically start it on reboot supernode -l 1200 echo "supernode -l 1200" >> /etc/rc.local
We then start the edge process on the multicast-enabled nodes. Please note that 192.168.1.1 and 192.168.1.2 are the tunnel’s endpoint addresses which will be associated with the edge0 interface created by the edge process. n2na1 is the hostname of the supernode, the -E parameter allows multicast over the tunnel:
#App server 1 edge -l n2na1:1200 -c Intershop -a 192.168.1.1 -E echo "edge -l n2na1:1200 -c Intershop -a 192.168.1.1" >> /etc/rc.local #App server 2 edge -l n2na1:1200 -c Intershop -a 192.168.1.2 -E echo "edge -l n2na1:1200 -c Intershop -a 192.168.1.2" >> /etc/rc.local
We can verify if edge was started correctly by checking if the edge0 interface was created:
root@Appa1 $ ifconfig edge0 edge0 Link encap:Ethernet HWaddr c7:5a:4b:ba:34:21 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1400 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:0 (0.0 B) TX bytes:816 (816.0 B)
At this stage, multicast traffic between both EC2 instance over the edge0 interface should be possible. To make sure that all multicast traffic chooses the edge0 interface, we set up a static route:
#route multicast trough n2n, but during startup, wait 10 secs for the edge0 interface to become available route add -net 188.8.131.52 netmask 240.0.0.0 dev edge0 echo "sleep 10" >> /etc/rc.local echo "route add -net 184.108.40.206 netmask 240.0.0.0 dev edge0" >> /etc/rc.local
Tx to buckhill for their post on n2n