enterprise multicast design and troubleshooting
DESCRIPTION
IP mulitcast design and troubleshooting technique for Enterprise DeploymentTRANSCRIPT
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
1/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
EnterpriseIP Multicast Design and
Troubleshooting
Part 1
Cisco Advanced ServicesMaurice Flint, CCIE #9003
June 3rd, 2009
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
2/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2
I
N
T
E
G
R
A
TI
O
N
I
N
T
E
G
R
A
TI
O
N
mLDP and P2MP, RSVP-TEMulticast MPLS
PIM SM, SSM, MLD v2IPv6 Multicast
MVPNMulticast VPN
PGMReliable Multicast
MBGP , MSDP, Anycast RP, RGMP, BSRInterdomain Multicast
PIM Bi-DirectionalMany-to-Many
SSM & IGMP v3One-to-Many
PIM SM, DM, Auto RP, IGMP v2, CGMPBasic Multicast
mLDP and P2MP, RSVP-TEMulticast MPLS
PIM SM, SSM, MLD v2IPv6 Multicast
MVPNMulticast VPN
PGMReliable Multicast
MBGP , MSDP, Anycast RP, RGMP, BSRInterdomain Multicast
PIM Bi-DirectionalMany-to-Many
SSM & IGMP v3One-to-Many
PIM SM, DM, Auto RP, IGMP v2, CGMPBasic Multicast M
A
N
A
G
E
M
EN
T
M
A
N
A
G
E
M
EN
T
High Availability
Wireless Multicast
Multicast OAM
Multicast Security
High Availability
Wireless Multicast
Multicast OAM
Multicast Security
Multicast Components Topics for Discussion
Interdomain MulticastInterdomain MulticastCampus MulticastCampus Multicast
ISP B
Multicast Source
Y
ISP A
Multicast Source
XISP B
DR
RP
RP
DRDR
IGMPIGMP PIM-SMPIM-SSM
MVPN
PIM-SMPIM-SSM
MVPN
IGMP SnoopingIGMP Snooping MBGPMBGP
MSDPMSDP
Core
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
3/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3
Agenda
Multicast Essentials
Enterprise Multicast Service Model
Any Source Multicast / Internet Standard Multicast
Source Specific Multicast
Case Study
Multicast Campus Network
IGMP Snooping
PIM Snooping
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
4/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4
IP Multicast Essentials
RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
5/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 5
IP Multicast Essentials
Unicast vs Multicast
Host
Router
Unicast
Host
Router
Multicast
Number of Streams
One-to-Many
One-to-One
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
6/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 6
Information Delivery
Server-to-Server, Server-to-Desktop
Database replication
Software distribution
Stock Quotes
News Feeds
White boarding
Interactive Gaming
Replication
Video, Web servers
Kiosks
Content delivery
Live Video (IPTV)
Video conferencing
Live Internet Audio
Hoot & Holler
Non-Real TimeReal Time
Multimed
ia
Data-only
Multicast Applications
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
7/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7
Cisco Applications that use Multicast:
Its more than just the technology
wwwin.cisco.com/sp/messaging/ipngn7.shtmlEntertainmentGrade IP/TV
Video 2.0 (VQE-S,VQE-C)
2
cco/en/US/products/sw/voicesw/ps556/products_administration_guide_chapter09186a00803edad7.html
Music on HoldCisco Call Manager8
wwwin.cisco.com/marketing/datacenter/solutions/launches/acns_5_3.shtmlData Center
Solution
Application &Content Network
System9
wwwin.cisco.com/WWSales/wwops/wwssp/sai/archives/scientificatlanta/Commercial
Quality IP VideoScientific Atlanta1
wwwin-nmbu.cisco.com/fieldportal/products/cmm/summary.cfm?family=Domain%20Managers&prod=cmm
Network
Management
Cisco Multicast
Manager3
wwwin.cisco.com/emtg/dm2bu/Unified
CommunicationsCisco Digital Media
System5
www.cisco.com/en/US/products/sw/voicesw/ps1913/products_feature_guide09186a008022b3fb.html/
Supports TIBCO
RV forManagement
Cisco MediaGateway Controller6
VideoSurveillance
Safety & Security
CorporateCommunications
Cisco Video
Surveillance
Cisco IPInteroperability &
CollaborationSystem (IPICS)
Cisco IP/TV
wwwin.cisco.com/emtg/csibu/
wwwin.cisco.com/emtg/s3bu/
www.cisco.com/en/US/netsol/ns340/ns394/ns158/ns88/networking_solutions_package.html
10
7
4
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
8/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 8
Why Multicast
Multicast Advantages Supports One-to-Many Applications: Streaming multimedia, Music on Hold, etc.
Supports Periodic data delivery- push technology: Finance, Entertainment, Resource Apps
Enhanced Efficiency & Performance: Eliminates traffic redundancy & reduces server CPU loads
Challenges: Why isnt IP Multicast widely deployed?
Protocol complexity & support for a widely-deployed implementation
Security Denial of Service Attacks (Intranet & Internet)
Best Effort Delivery UDP-based with no Congestion-Avoidance
Example: Audio StreamingAll Clients Listening to the Same 8 Kbps Audio
0
0.2
0.4
0.60.8
Traffic(Mbps)
1 20 40 60 80 100
Number of Clients
Multicast
Unicast
* Pragmatic General Multicast (PGM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
9/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9
IP MulticastTechnical Overview:
Building a SolidFoundation
224.0.0.0/401-00-5e-00-00-00
DenseMode
SparseMode
IGMP v2(*,G)(S,G)
(*,G)(S,G)
(*,G)(S,G)
RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
10/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 10
Rube Goldberg (1883-1970)Inventor / Cartoonist
Whats Multicast Routing Have Anything
to do with a Goldberg Machine?
http://www.rube-goldberg.com
A Rube Goldberg Machine is an extremelycomplicated device that executes a verysimple task in a complex, indirect way.
Traditional Multicast is our Rube Goldberg Machine!
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
11/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 11
Multicast Address RangeIPv4 Assignment Class D Address Space
Link-Local Address Range
224.0.0.0/24 local subnet (TTL=1)
Global Address Range
224.0.1.0 238.255.255.255 (Globally scoped to/from Internet)
232.0.0.0/8 Source Specific Multicast (SSM)
233.0.0.0/ - GLOP (ASN Registered)AS number is inserted in middle two octets.Remaining low-order octet (233.x.x.0/24) used for group assignment
Extended GLOP Addresses (EGLOP RFC 3180)Make use of private AS numbers
Assigned by a Registration Authority
Administratively Scoped Address Range
239.0.0.0 239.255.255.255 (Private address range similar to RFC 1918)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
12/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12
Layer 2-3 Multicast Addressing
IP Multicast MAC Address Mapping
Gotcha:Caveat exists concerning multicast address overlap.
Multicast represented by MAC 0x01005e 5 bits lost only 1 OUI purchased IEEE Creates 32:1 address overlap 32 L3 addresses can map to the same MAC!
32 Bits
28 Bits
25 Bits 23 Bits
48 Bits
01-00-5e-7f-00-0101-00-5e-7f-00-01
1110
5 BitsLost
239.255.0.1239.255.0.1
32 Bits
28 Bits
25 Bits 23 Bits
48 Bits
01-00-5e-7f-00-0101-00-5e-7f-00-01
1110
5 BitsLost
239.255.0.1239.255.0.1
224.1.1.1
224.129.1.1
225.1.1.1
225.129.1.1...
238.1.1.1
238.129.1.1
239.1.1.1
239.129.1.1
0x0100.5E01.0101
1Multicast MAC Address
(Ethernet)
32IP Multicast Addresses
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
13/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13
RFC 2365Local
Scope
RFC 2365Local ScopeExpansion
RFC 2365Org.-Local
Expansion
239.255.0.0
239.255.255.255
239.0.0.0
RFC 2365Org-LocalScope
239.196.0.0
239.192.0.0
Multicast Address Assignment
Administratively Scoped Address Range
Address Range: 239.0.0.0/8
- Private multicast address space
- Similar to RFC1918 private unicast address space
RFC 2365 Administratively Scoped Zones
Organization-Local Scope (239.192/14)- Largest scope within the Enterprise network- Regional or global applications that are used withina private enterprise network.
Local Scope (239.255/16)- Smallest possible scope within the Enterprise network- Expands downward in address range- Other scopes may be equal but not smaller
- Targets local applications that are isolated within asite/region & blocked on defined boundaries.
(Not to Scale)
239.255.253.0
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
14/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 14
Scope Relative ExampleLocal Scope
Top 256 Addresses of Every Admin. Scope Range are reserved.
239.255.255.255
239.255.0.0
Local Scope
Scope Relative
239.255.255.0
Local Scope
239.254.255.255
239.0.0.0
(Not to Scale)
MBUS239.255.255.247
MADCAP Protocol239.255.255.254
SAP Session Announcement Protocol (SDR)239.255.255.255
SLPv2 Protocol239.255.255.253
MZAP Protocol239.255.255.252
Multicast Discovery of DNS Services239.255.255.251
SSDP239.255.255.250
DHCPv4239.255.255.249
AAP239.255.255.248
DescriptionAddress
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
15/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15
Scope Relative Example Org-Local Scope
Top 256 Addresses of Every Admin. Scope Range are reserved.
239.255.255.255
Org-LocalScope Relative
Org-Local
Scope
239.195.255.255
239.0.0.0
(Not to Scale)
239.192.0.0
239.195.255.0
MBUS239.195.255.247
MADCAP Protocol239.195.255.254SAP Session Announcement Protocol (SDR)239.195.255.255
SLPv2 Protocol239.195.255.253
MZAP Protocol239.195.255.252
Multicast Discovery of DNS Services239.195.255.251
SSDP239.195.255.250
DHCPv4239.195.255.249
AAP239.195.255.248
DescriptionAddress
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
16/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 16
RFC 2365Local Scope
Local ScopeExpansion
Org.-Local
Expansion
239.255.0.0
239.196.0.0
239.255.255.255
239.0.0.0
RegionScope (/16)
Campus
Scope (/16)
EnterpriseScope (/16)
239.192.0.0 BuildingScope (/16)
239.191.0.0
Multicast Address Assignment
Address Ranges to Avoid
Avoid ranges that map to a MACaddress of 0x0100-5E00-00xx!
i.e. 239.128.0/24 and 239.0.0/24
239.0.0.0/24
239.128.0.0/24
RFC 2365Org-Local
Scope
Are the same as 224.0.0.0/24 - Link Local
These addresses are always flooded byLayer 2 switches!
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
17/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 17
Multicast Address Design
Administrative Scoping Example Any Source Multicast
Develop an Enterprise Multicast Address Assignment Design
Global Scope 239.192.0.0/16
Regional ScopeUS/CALA 239.195.0.0/16
EMEA - 239.196.0.0/16APAC - 239.197.0.0/16
Site-Local Scope 239.255.0.0/16 Internet - 233.0.0.0/8: GLOP (RFC 2770)
ASN registered & have /24 per AS number.
Develop an Enterprise Multicast Application Assignment Policy
IP/TV or DMS, MoH, Others
High-Rate and Low-Rate Streams
Guidelines for Enterprise IP Multicast Address Allocation:http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6552/ps6592/prod_white_paper0900aecd80310d68.pdf
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
18/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18
Serial0 Serial1
Administrative Boundary = 239.0.0.0/8
239.x.x.x multicasts239.x.x.x multicasts
Multicast Forwarding
Administrative Boundaries /Scoping
Configured using the ip multicast boundary interface command
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
19/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 19
Region 3 Region 2
S1
S0
S0
S0
Border C Border B
239.195.0.0/16 239.194.0.0/16
239.193.0.0/16
RegionalBoundaries
RegionalBoundary
Border A
Administratively-Scoped Zones
Multicast Boundary Filters
Interface Serial0
ip multicast boundary 10
access-list 10 deny 239.194.0.0 0.0.255.255
access-list 10 permit any
Interface Serial0
ip multicast boundary 10
access-list 10 deny 239.195.0.0 0.0.255.255
access-list 10 permit any
Interface Serial0
ip multicast boundary 10
Interface Serial1
ip multicast boundary 10
access-list 10 deny 239.193.0.0 0.0.255.255
access-list 10 permit any
Region 1
Multicast Boundary filters
block multicast traffic in
both directions on the
configured interface.
The use of TTL fil ters are nolonger recommended.
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
20/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20
Multicast Boundary Extensions
Boundary Extensions Supported
ip multicast boundary [ in | out | filter-autorp ]
access-list 10 deny 239.192.0.0 0.0.255.255
access-list 10 permit any in filters source traffic coming into interface
out prevents state from being created on interface
IGMP reports and PIM Joins will not create state
Interface will not be added to OIL
More that one boundary command is allowed on interface but onlyone instance of in, out or fil ter-autorp
Available in IOS (12.2 and above) Will be available on 6500 in 12.2SXI (Whitney 2)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
21/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 21
IP Multicast Essentials Terms
Distribution Tree(s)
Source Tree
Rooted at the Source
Represented by (S,G) entry
Shared Tree
Rooted at the Rendevous Point
Represented by (*,G) entry(Sparse Mode)
Source
RP
Receiver
Receiver
Shared Tree
Source Tree
Source
RP
Receiver
Receiver
Shared TreeShared Tree
Source TreeSource Tree
Source Receiver
Receiver
Shared TreeShared Tree
Source TreeSource Tree
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
22/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 22
IP Multicast Essentials - Terms
Anatomy of Mroute Table
Rout er #sh i p mr out e 224. 1. 2. 3
I P Mul t i cast Rout i ng Tabl e
Fl ags: D - Dense, S - Spar se, C - Connect ed, L - Local , P - Pr uned
R - RP- bi t set , F - Regi st er f l ag, T - SPT- bi t s et , J - J oi n SPTM - MSDP cr eat ed ent r y, X - Pr oxy J oi n Ti mer Runni ng
A - Adver t i sed vi a MSDP
Out goi ng i nt er f ace f l ags: H - Har dwar e swi t ched
Ti mer s: Upt i me/ Expi r es
I nt er f ace st at e: I nt er f ace, Next - Hop or VCD, St at e/ Mode(*, 224.1.2.3), 00:04:28/00:01:32, RP 171.68.28.140, f l ags: SC
I ncomi ng i nt er f ace: Ser i al 1, RPF nbr 171. 68. 28. 140,
Out goi ng i nt er f ace l i st :
Et her net 0, For war d/ Spar se, 00: 00: 30/ 00: 02: 30
( 10.10.10.1/32, 224.1.2.3), 00:04:28/00:01:32, f l ags: CT
I ncomi ng i nt er f ace: Ser i al 0, RPF nbr 171. 68. 28. 190
Out goi ng i nt er f ace l i st :
Ser i al 1, For war d/ Spar se, 00: 04: 28/ 00: 01: 32
Et her net 0, For war d/ Spar se, 00: 00: 30/ 00: 02: 30
Shared Tree
Entry Used
Exclusively
by Sparse
Mode
Source Tree
Used by
Dense or
Sparse
Mode
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
23/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23
IP Multicast Essentials
IP Multicast Routing/ Multicast Forwarding
What is RPF?What is RPF?A router forwards a multicast datagram only if received onthe up stream interface to the source (i.e. it fol lows the
distribution tree).
The RPF CheckThe RPF Check
The routing table used for multicasting is checked againstthe source address in the multicast datagram.
If the datagram arrived on the interface specified in therouting table for the source address; then the RPF checksucceeds. This becomes the Incoming or RPF Interface.
Otherwise, the RPF Check fails.
Reverse Path Forwarding (RPF)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
24/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 24
IP Multicast Essentials
IP Multicast Routing/ Multicast Forwarding
RPF Check Fails!
A closer look: RPF Check FailsRPF Check Fails
Packet Arrived on Wrong Interface!
E0
S1
S0
S2
Multicast Packet fromSource 151.10.3.21
X
Discard Packet!
Unicast Route TableUnicast Route Table
NetworkNetwork InterfaceInterface
151.10.0.0/16151.10.0.0/16 S1S1
198.14.32.0/24198.14.32.0/24 S0S0
204.1.16.0/24204.1.16.0/24 E0E0
S1
E
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
25/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 25
IP Multicast Essentials
IP Multicast Routing/ Multicast Forwarding
RPF Check Fails!
A closer look: RPF Check FailsRPF Check Fails
Packet Arrived on Wrong Interface!
E0
S1
S0
S2
Multicast Packet fromSource 151.10.3.21
X
Discard Packet!
Unicast Route TableUnicast Route Table
NetworkNetwork InterfaceInterface
151.10.0.0/16151.10.0.0/16 S1S1
198.14.32.0/24198.14.32.0/24 S0S0
204.1.16.0/24204.1.16.0/24 E0E0
S1
E
R1#sh ip mroute 239.192.1.1 countIP Multicast Statistics5 routes using 3052 bytes of memory3 groups, 0.66 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 1, Packets forwarded: 92, Packets received: 92
RP-tree: Forwarding: 92/0/100/0, Other: 92/0/0Source: 10.4.1.6/32, Forwarding: 0/0/0/0, Other: 0/0/0
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
26/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 26
IP Multicast Essentials
IP Multicast Routing/ Multicast Forwarding
A closer look: RPF Check SucceedsRPF Check Succeeds
RPF Check Succeeds!
Unicast Route TableUnicast Route Table
NetworkNetwork InterfaceInterface
151.10.0.0/16151.10.0.0/16 S1S1
198.14.32.0/24198.14.32.0/24 S0S0
204.1.16.0/24204.1.16.0/24 E0E0
E0
S1
S0
S2
Multicast Packet from
Source 151.10.3.21
Packet Arrived on Correct Interface!S1S1
Forward out all outgoing interfaces.
(i. e. down the distribution tree)
B
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
27/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 27
Well just usethe spare 56K line
for the IP Multicast
traffic and not
the T1.
no ip pim sparse-mode ip pim sparse-mode
IP Multicast Essentials
Configure Multicast on Every Interface
T1/E1 56K/64K
src
rcvrNetwork
Engineer
XX
RPF to disabled link!!!!!
Classic Partial Multicast Cloud Mistake #1
T1/E1 line has best metric to source
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
28/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 28
Well just usethe spare 56K line
for the IP Multicast
traffic and not
the T1.
no ip pim sparse-mode ip pim sparse-mode
IP Multicast Essentials
Configure Multicast on Every Interface
T1/E1 56K/64K
src
rcvrNetwork
Engineer
XX
RPF to disabled link!!!!!
Classic Partial Multicast Cloud Mistake #1
T1/E1 line has best metric to source
Static multicast routing (static mroutes) can be to resolve this designrequirement.
!Ip mroute 10.77.86.75 255.255.255.255 10.2.255.72 (RP = 10.77.86.75)
ip mroute 10.77.76.0 255.255.255.0 10.2.255.72 (Source Subnet = 10.77.76.0/24)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
29/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 29
Well just keep
multicast traffic off
of certain routers in
the network.
IP Multicast Essentials
Configure Multicast on Every Router
src
rcvr
Blackhole Failure!!!!!
Classic Partial Multicast Cloud Mistake #2
Multicast DisabledMulticast Enabled
.2.1 192.168.1.0/24
AA BB
CC
E0
E1
Highest next-hop IP address used for
RPF when equal cost paths exist .
Complies with RFC 2362!
PIM Join
Network
Engineer
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
30/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 30
IP Multicast Essentials
IP Multicast Load Splitting
Two Options exist for load-sharing multicastacross equal cost multiple paths (ECMP).
GRE Tunnels IP Multicast Multipath Feature (12.4T)
IP Multicast Multipath
Randomly distribute (*, G) and (S, G) traffic streams
across multiple equal-cost reverse path forwarding(RPF) paths.
Does not necessarily result in balanced IP multicasttraffic loads. Networks where there are manytraffic streams that utilize approximately the sameamount of bandwidth benefit the most.
Can be configured to load split based on Source, (S,G),or (S,G) and next-hop address.
All participating interfaces still require PIM.
Receiver
.2.1 192.168.1.0/24
AAAA BBBB
CCCC
E0
E1
Source
(S,G) Join 1
(S,G) Join 2
Joins create the OIL
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
31/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 31
IP Multicast Essentials
Types of Multicast Routing Protocols
DVMRPv3 (Internet-draft)
MOSPF (RFC 1584)
CBT (Internet-draft)
PIM-DM(Internet-draft)
PIM Sparse Mode (RFC 2362)
Source Specific Multicast (SSM)
Bi-directional PIM (Bidir)
Multicast VPN (MVPN)
All
protocolsaresupportedin this box
Only PIM-DM issupported in
this box
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
32/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 32
Multicast Service ModelsRP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
33/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 33
Multicast Service ModelIP Multicast Enabled Network
There are two kinds of multicast-enabled networks available.
Any Source Multicast ASM is the original multicast service modelas defined in RFC 1112 [Deering]. In this model, a receiver simply
joins the group and does not need to know the identity of thesource(s). (Also called Internet Standard or Traditional Multicast)
Source Specific Multicast RFC 3569 (2003)SSM modifies the original service such that in addition to knowing the
group address, a receiver must know the relevant source(s). Itbecomes the application's responsibility to know what kind ofmulticast capability the network provides.
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
34/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 34
Multicast Service ModelEssential Protocol Components
An IP multicast enabled network requires two essential protocolcomponents:
Internet Group Membership Protocol IGMP is the IP
host-based protocol that allows a receiver application to notify alocal router(s) that it has joined the group, and initiate the dataflow from all sender(s) within the scope.
Protocol Independent Multicast - PIM is a IP router-basedprotocol that allows routers with multicast group members(receivers) on the local networks to communicate with otherrouters to ensure that all datagrams sent to the group address areforwarded to all receivers within the intended scope.
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
35/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 35
Any Source MulticastRP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
36/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 36
Multicast Service Model
Any Source Multicast (ASM) RFC 1112
IGMPv2 (Host to Router Signaling)
RFC 2236Membership reports used to Join multicast groups > 224.0.0.1
Classic (original) PIMv2 Sparse Mode (Router Signaling)
Current PIMv2 specification is RFC 4601
Uses both Shared and Source Path Trees
Requires a Rendezvous Point (RP) and Shared Tree for network-based Source discovery.
Complex to Troubleshoot
Susceptible to Denial of Service Attacks
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
37/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 37
H2
Any Source Multicast Host-Router Signaling
IGMPv2Joining a Group
Joining member sends reports for the multicast groupthat they want to Join. Called unsolicited reports.
H2224.1.1.1
Report
1.1.1.1
H1 H3
1.1.1.10 1.1.1.11 1.1.1.12
rtr-a
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
38/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 38
r t r - a >show ip igmp groupI GMP Connect ed Gr oup Membershi pGr oup Addr ess I nt er f ace Upt i me Expi r es Last Repor t er239.192.1.1 Ethernet0 6d17h 00:02:31 1.1.1.11
Any Source Multicast Host-Router Signaling
IGMPv2 Verify the Group
1.1.1.1
H1 H3
1.1.1.10 1.1.1.11 1.1.1.12
rtr-a
IGMP State in rtr-a
H2
Group 239.192.1.1 is active
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
39/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 39
Any Source Multicast Host-Router Signaling
IGMPv2 Maintaining the Group
Router sends periodic queries to 224.0.0.1 @ 60-120s
Query
One member per group per subnet reports
224.1.1.1
Report
Other members suppress reports
224.1.1.1
Suppressed
X224.1.1.1
Suppressed
XH1 H2 H3
Group 224.1.1.1 Example
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
40/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 40
Host sends leave message to 224.0.0.2
H1 H3H3
Leave to
224.0.0.2
224.1.1.1
#1
Router sends group-specific query for Group 224.1.1.1
Group Specific
Query to 224.1.1.1
#2
No IGMP report is received within ~ 3 seconds
Group 224.1.1.1 times out
H2
Leaving a Group (224.1.1.1)
Any Source Multicast Host-Router Signaling
IGMPv2 Leaving a Group
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
41/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 41
Any Source Multicast Host-Router Signaling
IGMPv2Querier Election
Initially all routers send out a query @ 224.0.0.1
Router with lowest IP address elected querier
Other routers become non-queriers
IGMPv2
1.1.1.11.1.1.2
H1 H2 H3
1.1.1.10 1.1.1.11 1.1.1.12
Query Query
IGMP
Querier
IGMP
Non-Querier
rtr-artr-b
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
42/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 42
IGMPv2Querier Election
Determining Which Router is the IGMP Querier
r t r - a>show i p i gmp i nt er f ace e0Et her net 0 i s up, l i ne pr ot ocol i s up
I nt er net addr ess i s 1. 1. 1. 1, subnet mask i s 255. 255. 255. 0
IGMP is enabled on interface
Cur r ent I GMP ver si on i s 2CGMP i s di sabl ed on i nt er f aceI GMP quer y i nt er val i s 60 secondsI GMP quer i er t i meout i s 120 seconds
I GMP max quer y r esponse t i me i s 10 secondsI nbound I GMP access gr oup i s not setMul t i cast r out i ng i s enabl ed on i nt er f aceMul t i cast TTL t hr eshol d i s 0Mul t i cast desi gnat ed r out er ( DR) i s 1. 1. 1. 1 ( t hi s syst em)IGMP querying router is 1.1.1.1 (this system)
Mul t i cast gr oups j oi ned: 224. 0. 1. 40 224. 2. 127. 254
r t r - a>show i p i gmp i nt er f ace e0Et her net 0 i s up, l i ne pr ot ocol i s up
I nt er net addr ess i s 1. 1. 1. 1, subnet mask i s 255. 255. 255. 0IGMP is enabled on interface
Cur r ent I GMP ver si on i s 2CGMP i s di sabl ed on i nt er f aceI GMP quer y i nt er val i s 60 secondsI GMP quer i er t i meout i s 120 seconds
I GMP max quer y r esponse t i me i s 10 secondsI nbound I GMP access gr oup i s not setMul t i cast r out i ng i s enabl ed on i nt er f aceMul t i cast TTL t hr eshol d i s 0Mul t i cast desi gnat ed r out er ( DR) i s 1. 1. 1. 1 ( t hi s syst em)IGMP querying router is 1.1.1.1 (this system)
Mul t i cast gr oups j oi ned: 224. 0. 1. 40 224. 2. 127. 254
IGMP is automaticallyenabled when PIM isenabled under theinterface
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
43/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 43
IGMPv2
Designated Router (DR)
If there are multiple routers on a LAN, a designated router (DR) mustbe elected to avoid duplicating multicast traffic.
PIM routers follow an election process to select a DR - the PIM routerwith the highest Interface IP address becomes the DR.
The DR is responsible for: Sending PIM register and PIM Join and Prune messages toward the
rendezvous point (RP) to inform it about host group membership.
Sending PIM Join messages for the Shortest Path Tree.
Gotcha: When troubleshooting PIM, make sure that you identify the DR.The non-DRs will show (*,G) and (S,G) state, but take no action.
DR Failover - 3 x - default interval 30s
AA
192.168.1.0/24.2 (DR) .1
BB
IGMP
Querier
Designated
Router
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
44/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 44
Any Source Multicast Router to Router Signaling
Activating PIM-SM (Sparse-Mode)
Interface configuration command - ip pim sparse-modeEnables multicast forwarding on the interface
Controls the interfaces mode of operationSeparate control and data plane > Unicast routing protocol-independent
Explicit Join ModelReceivers must first be connected to the tree before traffic begins to flow
Traffic only sent down joined branches
Must configure an RPUsed to map the source multicast group address to the IPv4 unicastaddress of the source.
Uses both Shared and Shortest Path Distribution TreesStarts out using Shared Tree, then switches over to the source-treeVery complex to troubleshoot
S ( S )
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
45/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 45
Any Source Multicast (ASM)
PIM-SM with IGMPv2 Operation
10.1.1.5/24
Receiver wants to join 239.192.1.1, but doesnt
know the unicast IP address of the source.
Source
Receiver
10.4.1.6/24
Source transmits thestream @ 239.192.1.1,but isnt responsible todetermine where to sendthe packets.
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
46/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 46
Any Source Multicast (ASM)
PIM-SM with IGMPv2 > Map the Group to the Source IP
RPSource
Receiver
Any Source Multicast requires acontrol plane which is anchored bythe Rendezvous Point tojoin the Source and Receivers.
The Rendezvous Point isresponsible for multicast Groupto Source IP address mapping.
10.4.1.6/24
10.1.1.5/24
Multicast Group239.192.1.1
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
47/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 47
Any Source Multicast (ASM)
PIM-SM Shared Tree Join Process
Receiver
RP
PIM (*, G) Join
(*, G) State created v ia the
Shared Tree. The Outgoing
Interface List (OIL) is created.
Shared Tree
IGMP Join
1. Receiver sends IGMPv2 Join
2. Last hop PIM router forwards the Join to the RP for 239.192.1.1
The receiver has joined the
group, but is waiting for thesource.
(*,G)
(*,G)
(*,G)
S ( S )
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
48/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 48
Any Source Multicast (ASM)
PIM-SM Shared Tree Join Process Case Study
R5(config-if)# ip igmp join-group 239.192.1.1
R6# ping 239.192.1.1
R5
R6
A S M lti t (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
49/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 49
Any Source Multicast (ASM)
PIM-SM Shared Tree Join Process Case Study
1. Receiver sends IGMPv2 Join
2. Last hop PIM router forwards the Join toward the RP for 239.192.1.1
R1#sh ip mrou te 239.192.1.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/ExpiresInterface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.192.1.1), 00:06:07/00:02:19, RP 10.3.3.3, flags: SJCIncoming interface: Ethernet0/1, RPF nbr 10.21.1.2Outgoing interface list:Ethernet0/0, Forward/Sparse, 00:06:07/00:02:19
A S M lti t (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
50/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 50
Any Source Multicast (ASM)
PIM-SM Shared Tree Join Process Case Study
R2#sh ip mroute 239.192.1.1
IP Multicast Routing TableFlags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/ExpiresInterface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.192.1.1), 00:17:38/00:02:42, RP 10.3.3.3, flags: SIncoming interface: Ethernet0/2, RPF nbr 10.32.1.3 > towards RPOutgoing interface list:
Ethernet0/1, Forward/Sparse, 00:17:38/00:02:42 > towards receiver
3. All PIM routers in the path forwards the Join to the RP for 239.192.1.1
A S M lti t (ASM)
R3#sh ip mroute 239 192 1 1 count
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
51/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 51
Any Source Multicast (ASM)
PIM-SM Shared Tree Join Process Case Study
R3#sh ip mroute 239.192.1.1
IP Multicast Routing TableFlags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/ExpiresInterface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.192.1.1), 00:23:36/00:03:00, RP 10.3.3.3, flags: SIncoming interface: Null, RPF nbr 0.0.0.0 > Always Null for the RPOutgoing interface list:
Ethernet0/2, Forward/Sparse, 00:23:36/00:03:00 > towards the Receiver
4. RP receives the Join for 239.192.1.1 and creates the (*,G) Tree
(*, G) State created v ia the
Shared Tree. The Outgoing
Interface List (OIL) is created.
R3#sh ip mroute 239.192.1.1 countIP Multicast Statistics5 routes using 3830 bytes of memory
3 groups, 0.66 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 0, Packets forwarded: 0, Packets received: 0
5. Use the show ip mroute x.x.x.x count keyword to verify traffic for the *,G tree
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
52/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 52
Any Source Multicast (ASM)
PIM-SM Source Registration Process
Receiver
RPSource
8. RP sends a Join
toward the source.
(S, G) Register-Stop (unicast)
(S, G) Register (unicast)
7. Multicast (S, G) traffic arrives at the
RP (encapsulated in unicast IPv4
packets). The RP forwards the traffic
based on the Outgoing Interface List
(OIL). Note: No RPF for Receive Joins.Source Tree
Traffic Flow
Shared Tree
5. Source comes online . The 1st hop router builds the (*,G) and (S,G) entries
10. RP sends a Register-Stop
back to the first-hop
router to complete the
Register process.
(*,G)
(*,G)
(*,G)
(S,G)
(S,G)
(S,G)
9. The Shortest Path Tree from
the RP to the Source is buil t.
Building the PIM-SM Shared Tree is Complete!
6. The 1st hop router sends Register with unicast stream to the RP for 239.192.1.1
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
53/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 53
Any Source Multicast (ASM)
PIM-SM Shared Tree Source Registration Case Study
R4#sh ip mrou te 239.192.1.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/ExpiresInterface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.192.1.1), 00:00:21/stopped, RP 10.3.3.3, flags: SPF > Register FlagIncoming interface: Ethernet0/0, RPF nbr 10.34.1.3Outgoing interface list: Null
(10.4.1.6, 239.192.1.1), 00:00:21/00:02:58, flags: PFT > Register FlagIncoming interface: Ethernet0/1, RPF nbr 0.0.0.0Outgoing interface list: Null
4. Source comes onl ine . The 1st hop router sends Register to the RP for 239.192.1.1
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
54/111
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
55/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 55
Any Source Multicast (ASM)
PIM-SM Shared Tree Traffic Flow Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
R6
R3#sh ip mroute 239.192.1.1 countIP Multicast Statistics
6 routes using 4340 bytes of memory3 groups, 1.00 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5RP-tree: Forwarding: 1/0/100/0, Other: 1/0/0Source: 10.4.1.6/32, Forwarding: 4/1/100/0, Other: 4/0/0
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
56/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 56
Any Source Multicast (ASM)
PIM-SM Shared Tree Traffic Flow Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
R6
R2#sh ip mroute 239.192.1.1 countIP Multicast Statistics5 routes using 3194 bytes of memory3 groups, 0.66 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 0, Packets forwarded: 5, packets received: 5RP-tree: Forwarding: 5/1/100/0, Other: 5/0/0
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
57/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 57
Any Source Multicast (ASM)
PIM-SM Shared Tree Traffic Flow Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
R6
R1#sh ip mroute 239.192.1.1 countIP Multicast Statistics5 routes using 3052 bytes of memory3 groups, 0.66 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5RP-tree: Forwarding: 5/0/100/0, Other: 5/0/0Source: 10.4.1.6/32, Forwarding: 0/0/0/0, Other: 0/0/0
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
58/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 58
Any Source Multicast (ASM)
PIM-SM Shared Tree Traffic Flow Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
R6
R6#pingProtocol [ip]:Target IP address: 239.192.1.1Repeat count [1]: 5Datagram size [100]:Timeout in seconds [2]:Extended commands [n]:Sweep range of sizes [n]:Type escape sequence to abort.Sending 5, 100-byte ICMP Echo to 239.192.1.1, timeout is 2 seconds:
Reply to request 0 from 10.1.1.5, 20 msReply to request 1 from 10.1.1.5, 4 msReply to request 2 from 10.1.1.5, 4 msReply to request 3 from 10.1.1.5, 8 msReply to request 4 from 10.1.1.5, 4 ms
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
59/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 59
Any Source Multicast (ASM)PIM-SM SPT Switchover Process
Receiver
RP
Source
Source Tree
11. Once multicast traffic arrives
at the last hop PIM router via
the Shared Tree, a Join
request is sent toward the source.
Traffic Flow
Shared Tree
12. Traffic flows down theShortest Path Tree
(*,G)
(*,G)
(*,G)
(S,G)
(S,G) (S,G)
(S,G)
(S,G)
13. The Shared Tree Path is
Pruned toward the RP.
14. If no other Receivers
exist, the RP Prunes
the Source Path Tree.
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
60/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 60
y ( )PIM-SM SPT Switchover Process Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
1. Packets arrive at R1 via the Shared (*,G) tree the purpose of the Shared Tree is Complete!2. R1 performs PIM SPT switchover by send (S,G) Join.
The purpose of the SharedTree Join is complete > theLast-hop Router has learnedthe IP address of the Source!
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
61/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 61
y ( )PIM-SM SPT Switchover Process Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
3. Packets begin to flow down the Source (S,G) Tree to R1. R1 also sends a Prune message toward the RP.
R1#sh ip mroute 239.192.1.1
IP Multicast Routing TableFlags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP
U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.192.1.1), 00:00:42/stopped, RP 10.3.3.3, flags: SJCIncoming interface: Ethernet0/1, RPF nbr 10.21.1.2Outgoing interface list:Ethernet0/0, Forward/Sparse, 00:00:42/00:02:20
(10.4.1.6, 239.192.1.1), 00:00:04/00:02:55, flags: JT
Incoming interface: Ethernet0/2, RPF nbr 10.41.1.4Outgoing interface list:Ethernet0/0, Forward/Sparse, 00:00:04/00:02:55
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
62/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 62
y ( )PIM-SM SPT Switchover Process Case Study
Source Tree
Traffic Flow
Shared Tree
Building the PIM-SM Shared Tree is Complete!
R1#sh ip mroute 239.192.1.1 countIP Multicast Statistics4 routes using 2794 bytes of memory2 groups, 1.00 average sources per groupForwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per secondOther counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5RP-tree: Forwarding: 1/1/100/0, Other: 1/0/0Source: 10.4.1.6/32, Forwarding: 4/0/100/0, Other: 4/0/0
3. Packets begin to flow down the Source (S,G) Tree to R1. R1 also sends a Prune message toward the RP.
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
63/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 63
y ( )Issue concerning Multiple Sources
Receiver 1
RP
Source
Eventually, (S, G) Traffic
flow creates an issue as
two sources exist .Traffic Flow
Error Multicast
Source #2
239.192.1.1239.192.1.1
Issue: A 2nd Source appears in the network streaming the same multicast group
(S, G) Register.
Solution: Accept-Register filters to
prevent unwanted Multicast flows
Receiver 2
ip pim accept-register list 10
access-list 10 permit 10.4.1.610.4.1.6172.30.1.1
Any Source Multicast (ASM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
64/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 64
How Does the Network Know About the RP?
Static configuration
Manually on every router in the PIM domain
AutoRP
Routers learn RP automatically
Option exists to provide Load-Balancing & Redundancy
BSR (Bootstrap Router)
draft-ietf-pim-sm-bsr
PIMv2 for Sparse-mode (RFC 2362) defines a Bootstrapmechanism that permits all PIM-SM routers within a domain todynamically learn all Group-to-RP mappings and avoid anymanual RP configurations > AutoRP & BSR
St ti RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
65/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 65
Static RPs
Hard-configured RP address
When used, must be configured on every router
All routers must have the same RP address
RP failover not possible
Exception: if anycast RPs are used
Commandip pim rp-address [group-list ] [override]
Optional group list specifies group range
Default: range = 224.0.0.0/4 (includes auto-RP groups!!!)
Override keyword overrides auto-RP information
Default: auto-RP learned info takes precedence
Auto-RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
66/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 66
Auto RP
Dynamic Group to RP Mapping
Announce Announce
A
nnounce
Announce
Announce Announce
A
nnounce
Announce
Announce
RP-Announcements Multicast to the
Cisco Announce (224.0.1.39) Group
A
C DC-RP
1.1.1.1
C-RP
2.2.2.2
B
Mapping
Agent
Mapping
Agent
ip pim send-rp-announce loopback0 scope 255 group-list 20
access-list 20 permit 239.192.0.0 0.0.255.255
Auto-RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
67/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 67
uto
Dynamic Group to RP Mapping
Announce Announce
A
nnounce
Announce
Announce Announce
A
nnounce
Announce
Announce
RP-Announcements Multicast to the
Cisco Announce (224.0.1.39) Group
A
C DC-RP
1.1.1.1
C-RP
2.2.2.2
B
Mapping
Agent
Mapping
Agent
The active RP for each Multicast group range isselected based on the highest Loopback IPaddress (router ID) from the candidate RPs.
RP Mapping Agents store the candidate-RPs in a Group-to-RP mappingcache. Each entry in the Group-to-RP mapping cache has an expiration
timer that is initialized to the holdtime value (3X) in the received RP-Announce message (60s).
Once the timer expires, the Mapping Agent selects a new RP from itsGroup-to-RP mapping cache and sends out an RP-Discovery message
with the updated Group-to-RP mapping. Failover is less than 3 minutesfor any NEW connections (Established Source Path Trees dont need RPs)
ip pim send-rp-announce loopback0 scope 255 group-list 20
access-list 20 permit 239.192.0.0 0.0.255.255
Dynamic Group to RP Mapping
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
68/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 68
C DC-RP
1.1.1.1
C-RP
2.2.2.2
Auto-RPFrom 10,000 Feet
Discovery
RP-Discoveries Multicast to the
Cisco Discovery (224.0.1.40) Group
MappingAgent
Mapping
Agent
Discovery
Discovery
Dis
cov
ery
Dis
cove
ry
A
Discovery
Discovery
Dis
cov
ery
Dis
cov
ery
B
ip pim send-rp-discovery loopback0 scope 255
Dynamic Group to RP Mapping
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
69/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 69
C DC-RP
1.1.1.1
C-RP
2.2.2.2
Auto-RPFrom 10,000 Feet
Discovery
RP-Discoveries Multicast to the
Cisco Discovery (224.0.1.40) Group
MappingAgent
Mapping
Agent
Discovery
Discovery
Dis
cov
ery
Dis
cove
ry
A
Discovery
Discovery
Dis
cov
ery
Dis
cov
ery
B
RP announcements and RP discovery messages occurs every 60seconds by default with holdtime of 180 seconds. If no RP is found, thenext search is done locally on each router for a static RP mapping. If no
static RP mapping is configured, the router defaults to dense mode.
Mapping Agents function independently, multicasting identical Group-to-RPmapping information to all routers in the network. Based on this functionality,each device configured as a mapping agent will advertise identical Group-to-
RP mapping information based on the fact that they are using the sameselection algorithm of highest IP address to select the active RP. Thismethodology is recommended as Auto-RP Discovery packets are sentunreliably because the protocol has no provision to detect missed packetsand no way to request retransmission. MA updates are sent every 60s or
when changes are detected.
ip pim send-rp-discovery loopback0 scope 255
Any Source Multicast (ASM)Auto RP Failover
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
70/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 70
Auto-RP Failover
Auto-RP failover time (Default)
Function of Holdtime in C-RP Announcement
Holdtime = 3 x
Default < rp-announce-interval> = 60 seconds
Default Failover ~ 3 minutes
Tuning Auto-RP failoverTune candidate RPs using the interval clause to control failover times
ip pim send-rp-announce scope
[group-list acl] interval ]
Smaller intervals = faster RP failover + increased amount of RP traffic
Increase is usually insignificantTotal RP failover time reduced > Min. failover ~ 3 seconds
Any Source Multicast (ASM)PIM SM AutoRP Case Study
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
71/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 71
PIM-SM AutoRP Case Study
Source Tree
Traffic Flow
Shared Tree
R1#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s) 239.192.0.0/16RP 10.3.3.3 (?), v2v1Info source: 10.3.3.3 (?), elected via Auto-RP
Uptime: 16:30:44, expires: 00:02:00Acl: 10, Static
RP: 10.3.3.3 (?)
R1#sh access-lis ts 10Standard IP access list 10
10 permit 239.192.1.1
Any Source Multicast (ASM)PIM SM AutoRP Case Study
R1#sh ip mroute
IP Multicast Routing Table
Fl D D S S B Bidi G SSM G C C t d
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
72/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 72
PIM-SM AutoRP Case Study
Source Tree
Traffic Flow
Shared Tree
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,T - SPT-bit set, J - Join SPT, M - MSDP created entry,X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,U - URD, I - Received Source Specific Host Report,Z - Multicast Tunnel, z - MDT-data group sender,Y - Joined MDT-data group, y - Sending to MDT-data group
Outgoing interface flags: H - Hardware switched, A - Assert winnerTimers: Uptime/ExpiresInterface state: Interface, Next-Hop or VCD, State/Mode
(*, 224.0.1.39), 00:14:44/stopped, RP 0.0.0.0, flags: DIncoming interface: Null, RPF nbr 0.0.0.0Outgoing interface list:Ethernet0/2, Forward/Sparse, 00:14:44/00:00:00Ethernet0/1, Forward/Sparse, 00:14:44/00:00:00
(10.3.3.3, 224.0.1.39), 00:02:44/00:00:28, flags: PTIncoming interface: Ethernet0/1, RPF nbr 10.21.1.2Outgoing interface list:
Ethernet0/2, Prune/Sparse, 00:02:44/00:00:25
(*, 224.0.1.40), 00:18:09/stopped, RP 0.0.0.0, flags: DCLIncoming interface: Null, RPF nbr 0.0.0.0Outgoing interface list:Ethernet0/2, Forward/Sparse, 00:18:10/00:00:00Ethernet0/1, Forward/Sparse, 00:18:10/00:00:00Ethernet0/0, Forward/Sparse, 00:18:10/00:00:00
(10.3.3.3, 224.0.1.40), 00:17:42/00:02:20, flags: LT
Incoming interface: Ethernet0/1, RPF nbr 10.21.1.2Outgoing interface list:Ethernet0/0, Forward/Sparse, 00:17:42/00:00:00Ethernet0/2, Prune/Sparse, 00:01:45/00:01:21
Fast RP Failover = Anycast RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
73/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 73
Multicast Source Discovery Protocol
MSDP
RecRec RecRec
Src239.193.1.1
Src239.194.1.1
SA SA
A
RP1
10.1.1.1
B
RP2
10.1.1.1
X
When a source registers with one RP, a Source-Active (SA) messagewill be sent to the other RPs informing them that there is an activesource for a particular multicast group.
Fast RP Failover = Anycast RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
74/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 74
Multicast Source Discovery Protocol
MSDP
RecRec RecRec
Src239.193.1.1
Src239.194.1.1
SA SA
A
RP1
10.1.1.1
B
RP2
10.1.1.1
X
By default, RP failover is 3-180s.Anycast RP can be used to reduce failover interval.
Anycast RP
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
75/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 75
Anycast RP
RecRec RecRec
Src239.194.1.1
Src239.193.1.1
A
RP1
10.1.1.1
B
RP2
10.1.1.1
X
Anycast RP Configuration
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
76/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 76
With Static RP
ip pim rp-address 10.0.0.1 ip pim rp-address 10.0.0.1
Interface loopback 0
description Anycast RP
ip address 10.0.0.1 255.255.255.255
Interface loopback 1
ip address 10.0.0.2 255.255.255.255
!
ip msdp peer 10.0.0.3 connect-source loopback 1
ip msdp originator-id loopback 1
Interface loopback 0
description Anycast RP
ip address 10.0.0.1 255.255.255.255
Interface loopback 1
ip address 10.0.0.3 255.255.255.255
!
ip msdp peer 10.0.0.2 connect-source loopback 1
ip msdp originator-id loopback 1
MSDPB
RP2
A
RP1
C D
Any Source Multicast
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
77/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 77
Design Recommendations Use PIM-SM on interfaces in conjunction with the
IP PIM Auto-RP Listener command. This featurepermits the two AutoRP groups 224.0.1.39 and224.0.1.40 to be flooded across interfaces operatingin PIM sparse mode. (Available 12.3(4)T, 12.2(28)S)
As described, Mapping Agents operate independently using the same selectionalgorithm. Depending on when checked, the mroute table will reflect whicheverupdate it received first. This provides Mapping Agent Failover design.
Using a Catch-All RP (224.0.0.0/4) on the network promotes unauthorizedmulticast states (applications that have multicast enabled by default) > someMPLS service providers limit the number of IP mroutes permitted on thenetwork. Filtering is on option, but hard to manage.
A caveat exists with PIM such that multicast group and interface states aretreated separately. Although no dense-mode flooding will occur on sparse-mode interfaces, the mroute group cache can be impacted (DM-Fallback)resulting in broken SPT state during RP outages. Use the no ip pim dm-fallback global command or RP of Last Resort design to maintain the sparse-mode state. (DM-Fallback is enabled by default)
Any Source Multicast
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
78/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 78
Design Recommendation Filter RPs Mapping Agent Security - Caveat for fil tering RPs - CSCdv79987
The ip pim rp-announce-filter rp-list group-list command isinsufficiently documented. The filter should be configured as described in the
example below.This following filter allows the rogue rp ip-address to pass the rp filter and. then befiltered by the group-list filter which denies all groups. The valid RPs (10.1.1.1 &10.1.1.2) are exempt.
Documentation:!access-list 14 permit 10.1.1.1 (RP #1)access-list 14 permit 10.1.1.2 (RP #2)access-list 14 deny any!access-list 15 permit 224.0.0.0 15.255.255.255
Actual Configuration
!ip pim rp-announce-filter rp-list 14 group-list 15!access-list 14 deny 10.1.1.1access-list 14 deny 10.1.1.2access-list 14 permit any!access-list 15 deny 224.0.0.0 15.255.255.255
Any Source MulticastRP Placement
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
79/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 79
Q: Where do I put the RP?
A: Generally speaking, its not critical
Shortest Path Trees (SPTs) are normally used by defaultRP is a place for source and receivers to meetTraffic does not normally flow through the RPRP is therefore not a bottleneck
Exception: SPT-Threshold = Infinity
Default = 0Traffic stays on the shared tree
RP couldcould become a bottleneck
RP Resource Requirements
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
80/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 80
q
Each (*,G) entry requires 380 bytes + outgoing interface list (OIL)overhead.
Each (S,G) entry requires 220 bytes + outgoing interface listoverhead.
The outgoing interface list overhead is 150 bytes per OIL entry.
For example, if there are 10 groups with 6 sources per group and 3
outgoing interfaces:
# of (*,G)s x (380 + (# of OIL entries x 150)) = 10 x (380 + (3 x150)) = 8300 bytes for (*,G)
# of (S,G)s x (220 + (# of OIL entries x 150)) = 60 x (220 + (3 x150))= 40,200 bytes for (S,G)
A total of 48,500 bytes of memory is required for the mroute table.
General RP Recommendations
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
81/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 81
Use Auto-RP
When minimum configuration is desired and/or
When maximum flexibility is desired
Pros
Most flexible method
Easiest to maintain
Cons
Increased RP Failover times vs Anycast
Special care needed to avoid DM Fallback
Some methods greatly increase configuration
Use PIM Sparse-Mode with IP PIM AutoRP Listener!
General RP Recommendations
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
82/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 82
Use Anycast RPs:
When network must connect to Internet or
When rapid RP failover is critical
Pros
Fastest RP Convergence method
Required when connecting to Internet
Cons
Requires more configuration
Requires use of MSDP between RPs
Remember: RPs are only used for new Connections
Multicast Service Model
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
83/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 83
Any Source Multicast (ASM) Evaluation
Uses both Shared Trees and Source Path Trees
Requires RP and Shared Tree for network-based Source Discovery
Group to RP Mapping must be consistent in the PIM domain
Pros:
Traffic only sent down joined branches
Can switch to optimal source-trees for high traffic sources dynamically
Unicast routing protocol-independent
Cons:
Need some form of RP Failover mechanism No Single Pt. of Failure
Dense Mode Fallback can be a problem
Shared to Source Tree switchover complexities
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
84/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 84
Source Specific MulticastRP
Multicast Service ModelSource Specific Multicast (SSM) RFC 4607 (2006)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
85/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 85
IGMPv3 (Host to Router Signaling) RFC 3376Adds Include/Exclude Source Lists
New IGMPv3 stack required in the O/S
Apps must be rewritten to use IGMPv3 Include/Exclude features Receivers subscribe to the SSM Channel (S,G)
Hosts responsible for source discovery (learning the (S,G) information)
Uses out-of-band mechanism to learn the source (web page, content server)
Hosts uses IGMPv3 to join specific (S,G) instead of (*,G)
PIM-SM (Router to Router Signaling)No RPs or Shared Trees > Uses Source Trees Only
Only the specified (S,G) flow is delivered to host
Data and control planes are decoupled
Eliminates possibility of Multicast Content Jammers Simplifies Address Allocation
IANA - 232.0.0.0/8
Private SSM Range 239.232.0.0/16 recommended
Different sources can use the same multicast group address
SSM Host to Router SignalingIGMPv3 Source Discovery Example
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
86/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 86
Source = 1.1.1.1
Group = 224.1.1.1
H1Member of 224.1.1.1
R1
R3
R2
Source = 2.2.2.2
Group = 224.1.1.1
H1 wants to receiveonly S = 1.1.1.1and no other.
With IGMP, specificsources can bejoined. S = 1.1.1.1in this case
IGMPv3:Join 224.1.1.1Include: 1.1.1.1
SSM Host to Router SignalingIGMPv3Joining a Group
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
87/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 87
H2
Joining member sends IGMPv3 Report to 224.0.0.22immediately upon joining
H2
Group: 224.1.1.1
Exclude:
v3 Report
(224.0.0.22)
1.1.1.1
H1 H3
1.1.1.10 1.1.1.11 1.1.1.12
rtr-a
SSM Host to Router SignalingIGMPv3Joining Specific Source(s)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
88/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 88
H2
IGMPv3 report contains desired source(s)in the Include list
Only Included source(s) are joined
H2
1.1.1.1
H1 H3
1.1.1.10 1.1.1.11 1.1.1.12
rtr-a
Group: 224.1.1.1
Include: 10.0.0.1
v3 Report
(224.0.0.22)
SSM Host to Router SignalingIGMPv3Excluding Specific Source(s)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
89/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 89
H2
IGMPv3 report contains undesired source(s) in theExclude list
All sources except Excluded source(s) are joined
H2
1.1.1.1
H1 H3
1.1.1.10 1.1.1.11 1.1.1.12
rtr-a
Group: 224.1.1.1
Exclude: 7.7.7.7
v3 Report
(224.0.0.22)
SSM Host to Router SignalingIGMPv3Maintaining State
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
90/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 90
Router sends periodic queriesAll IGMPv3 members respond
Reports contain multiple Group state records
Query1.1.1.1
1.1.1.10 1.1.1.11 1.1.1.12
H1 H2 H3
v3 Report
(224.0.0.22)
v3 Report
(224.0.0.22)
v3 Report
(224.0.0.22)
SSM Router to Router SignalingPIM Source Specific Mode (PIM-SSM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
91/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 91
Receiver
Source
Out-of-band
source directory,
example: web page,
content server, etc.
Receiver learns of source, group/port
BA C D
FEIGMPv3 (S, G) Join
Receiver sends IGMPv3 (S,G) Join
PIM-SM (S, G) Join
First-hop sends PIM (S,G) Join directlytoward Source
S,G
S,G
SSM Router to Router SignalingPIM Source Specific Mode (PIM SSM)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
92/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 92
Result: Shortest path tree rooted
at the source, with no shared tree.
Out-of-bandsource directory,
example: web page,
content server, etc.
Receiver
BA C D
FE
Source
It doesnt get any simpler than this!
PIM-SSMIP Addressing
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
93/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 93
R2(config)# ip pim ssm ?default Use 232/8 group range for SSMrange ACL for group range to be used for
SSM
There are 2 options for PIM SSM Addresses
1. Use IANA assigned SSM group range 232.0.0.0/8 or
2. Use ACL to specify multicast address from 224.0.0.0 through239.255.255.255 > Cisco recommends 239.232.0.0/16
R2(config)# ip pim ssm ?
default Use 232/8 group range for SSM
range ACL for group range to be used for SSM
Use ssm range ACL for PIM-SSMip pim ssm range ssm_group_map ! Use SSM based on ACL ssm_group_map
ip access-list standard ssm_group_map ! ACL for SSM multicast groups
permit 232.0.0.0 0.255.255.255
permit 239.232.0.0 0.0.255.255
PIM-SSMWhat if the Application does not support IGMPv3?
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
94/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 94
Why isnt Everyone using it?
Multicast Applications must support IGMPv3Application support to learn the Source Out-of-Band
Option - IGMPv2 Mapping1. Static mapping
2. DNS mapping
Static SSM Mapping!ip igmp ssm-map enableip igmp ssm-map static
* Only Last-hop PIM routers require the static mapping.
DNS SSM Mapping!ip igmp ssm-map enableip igmp ssm-map query dnsip domain multicast domain-prefixip name-serverserver-address1 [server-address2...]
SSM Mapping DNS Example
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
95/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 95
IGMPv2 join
Receiver
Reverse DNS
lookup for
group G
DNS response:
Group G -> Source S
PIM (S,G) join
PIM (S,G) join
DNS Record Format:
3.2.1.232 IN A 172.23.20.70
H1
(S,G)
(S,G)
(S,G)
SSMSummary
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
96/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 96
Uses Source Trees only
Hosts are responsible for source and group discovery
Hosts must use IGMPv3 to signal which (S,G) to join Pros:
IP Multicast Address Management Simplified
Denial of Service Attacks from Unwanted Sources Inhibited
Easy to Troubleshoot and Manage
Mechanism provided to migrate from Any Source Multicast.
Cons:
Requires IGMPv3 support on host or SSM MappingHosts can create unlimited (S,G) state for non-existent sources
L2 Multicast Mgmt Protocols (IGMPv3 Snooping support required)
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
97/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 97
IP Multicast at Layer 2RP
L2 Multicast Frame SwitchingIGMP Snooping
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
98/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 98
IGMP
Problem: Older L2 switches treat multicast traffic as unknownor broadcast and flood the frame to every port
IGMP
Todays L3 aware switches implement IGMPSnooping without suffering performancedegradation using L3 ASICs and the TCAM.
IGMP packets intercepted by the NMP or by
special hardware ASICs. Switch examines content of IGMP messages to
determine which ports want what traffic
IGMP membership reportsIGMP leave messages
PIM
IGMP SnoopingL3 Aware Switches
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
99/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 99
2
0
Host 1
3
Host 2
4
Host 3
5
Host 4
CAMCAM
TableTable
CPUCPU
LAN Switch
1
Router A
MAC Address L3 Ports0100.5exx.xxxx IGMP 0
IGMP Processing Entry
Switching Engine
(w/L3 ASICs)
Switching Engine
(w/L3 ASICs)
(IGMP Snooping Enabled)
The CPU populates the CAM Table with a wildcard MAC address that matches on any IGMP packets.
Frames that match, will be forwarded to the CPU. This prevents the switch from being overloaded
IGMP Snooping
L3 Aware Switches
Hosts join multicast groups either by sendingan unsolicited IGMP join message or bysending an IGMP join message in response
to a general query from a multicast router
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
100/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 100
2 3 4 5
Host 1 Host 2 Host 3 Host 4
CPUCPU
LAN Switch
(IGMP Snooping Enabled)
1
Router A
0
CAMCAM
TableTable
IGMP Report
224.1.2.3
Switching Engine
(w/L3 ASICs)
Switching Engine
(w/L3 ASICs)
MAC Address L3 Ports
0100.5e01.0203 !IGMP 1,20100.5exx.xxxx IGMP 0
L3 Aware Switches
The second entry tells the switching engine to send frames addressed to the 0x0100.5E01.0203 multicast MACaddress that are not IGMP packets (!IGMP) to the multicast router and to the host that has joined the group.
Router A
IGMP Snooping
L3 Aware Switches
2nd Join
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
101/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 101
2 3 4 5
Host 1 Host 2 Host 3 Host 4
CPUCPU
LAN Switch (IGMP Snooping Enabled)
1
Router A
0
CAMCAM
TableTable
Switching Engine
(w/L3 ASICs)
Switching Engine
(w/L3 ASICs)
IGMP Report
224.1.2.3
3 a e S tc es
MAC Address L3 Ports
0100.5e01.0203 !IGMP 1,20100.5exx.xxxx IGMP 0
,5
Port Added
IGMP snooping suppresses all but one of the hostjoin messages per multicast group and forwardsthis one join message to the multicast router.
IGMP SnoopingL3 Aware Switches
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
102/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 102
2 3 4 5
Host 1 Host 2 Host 3 Host 4
CPUCPU
LAN Switch
(IGMP Snooping Enabled)
1
Router A
0
CAMCAM
TableTable
Switching Engine
(w/L3 ASICs)
Switching Engine
(w/L3 ASICs)
MAC Address L3 Ports
0100.5e01.0203 !IGMP 1,20100.5exx.xxxx IGMP 0
6MbpsMPEG Video
,5
Packets in the stream match on the second CAM Table entry and are switched to ports 2 and 5.The CPU is not burdened with this mult icast stream.
IGMP Snooping CaveatIssues when no Mrouter exists
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
103/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 103http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008059a9df.shtml
IGMP Snooping Gotcha
By default, IGMP Snooping is enabled on Catalyst Switches. Expects to listen for IGMP messages to build the Snooping table map.
Only forwards some of the IGMP reports to the mrouter.
This mechanism "breaks down" in the absence of an mrouter port.
Two scenarios exist where multicast is impacted:L2 Multicast applications within a VLAN that do not use IGMP.Daisy-chained switch absorbs the IGMP report from its local receiver.
Solutions1. Enable PIM on the VLAN interface2. Enable the IGMP Querier feature3. Configure a static mrouter port ip igmp snooping vlan 1 mrouter int fa 1/0/334. Configure static multicast MAC entries5. Disable IGMP Snooping risk of L2 Flooding
SolutionIGMP Snooping Querier
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
104/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 104
In a routed multicast network, the PIM router acts as the querier,but when multicast routing is not needed, the IGMP SnoopingQuerier functionality can be used as a way to trigger membership
reports. The feature allows the Layer 2 switch to proxy for a multicast
router and send out periodic IGMP queries in that network. Thisaction causes the switch to consider itself an mrouter port. The
remaining switches in the network simply define their respectivemrouter ports as the interface on which they received this IGMPquery.
Configuration per-VLAN!Interface vlan 1ip igmp snooping querier
IGMP Snooping CaveatFlooding Multicast to the Mrouters
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
105/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 105
By default, routers do not sendIGMP Membership Reports fordesired multicast flows - They use
PIM control messages. IGMP Snooping can constrain
multicast on host ports, but hasnoability to control mrouter ports.
PIM Snooping is configured toenable the switch to listen to PIMcontrol messages and onlyforwards multicast flows to themrouters that need it.
Works with IGMP Snooping
Layer 2 SwitchLayer 2 Switch
72007200
Receiver
Group 2
Receiver
Group 1
26002600
T1WAN
Video Server
1.5MB
MPEG
VideoStreams
Unnecessary
Multicast
Traffic !!!
Unnecessary
Multicast
Traffic !!!
Unnecessary
Multicast
Traffic !!!
Unnecessary
Multicast
Traffic !!!
Holy Multicast, Batman!!
3MB of unwanted data!
(Choke, gasp, wheeze!)
Holy Multicast, Batman!!
3MB of unwanted data!
(Choke, gasp, wheeze!)
72007200 72007200
Router A
Router B Router C
Router D
Constraining MulticastIGMP & PIM Snooping
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
106/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 106
No Snooping. Flood on
all ports
h1
h2 h3
mr1
R
Traffic in
IGMP Snooping only.
Flood only on
multicast router ports
h1 h2 h3
R
IGMP and PIM
Snooping. No flooding
h1 h2 h3
R
mr2 mr3 mr4
mr1 mr2 mr3 mr4
Enterprise Multicast Design & TroubleshootingSummary
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
107/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 107
IP Multicast is technology that still provides the best solution for one-to-many communication over an IP infrastructure. Understanding IPmulticast design and how to troubleshoot the control-plane permits
network engineers to effectively plan and support multicastapplications in concert with the rest of their business-criticalinfrastructure.
Source Specific Multicast significantly reduces network infrastructure
complexity as compared to traditional multicast. Configuring interfaces to support PIM Sparse-Mode in conjunction
with IP PIM AutoRP listenerreduces the impact of dense-modeflooding within a traditional multicast deployment.
Use IGMP Snooping to reduce flooding in switched infrastructure. It isrecognized that IGMP Snooping cannot solve all L2 flooding issues.
IP Multicast EssentialsDisabling Multicast Groups New Method
N l b l d i
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
108/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 108
New global command extension
ip multicast-routing [group-range ]
Router drops all control packets (PIM, IGMP)for denied groups
Router drops all data packets for denied groups
No IGMP or PIM state created for denied groups
IPv4 support ships in 12.5(1st)T and 12.2XSIWhitney 2
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
109/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 109
Thank You!Q and A
More Information
White papers
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
110/111
2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 110
White papers
Web and mailers
Cisco Press
CCO Multicast page:http://www.cisco.com/go/ipmulticast
Questions:
Customer support mailing list:[email protected]
RTFB = Read the Fine Book
-
5/20/2018 Enterprise Multicast Design and Troubleshooting
111/111