Beruflich Dokumente
Kultur Dokumente
Session RST-2051
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 1
Geekometer
Agenda
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 2
PIM Configuration Steps
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 3
Configure PIM on Every Router
Classic Partial Multicast Cloud Mistake #2
src
RPF Failure!!!!!
Multicast Enabled Multicast Disabled
A B
.1 192.168.1.0/24 .2
X E0
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 4
Which ModeSparse or Dense
Dense mode
Flood and Prune behavior very inefficient
Can cause problems in certain network topologies
Creates (S, G) state in EVERY router
Even when there are no receivers for the traffic
Complex Assert mechanism
Mixed control and data planes
Results in (S, G) state in every router in the network
Can result in non-deterministic topological behavior
Read: It can black-
black-hole traffic and/or melt down your network!
Primarily usage:
Testing a routers performance in the lab
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 9
Sparse mode
Must configure a Rendezvous Point (RP)
Very efficient
Uses Explicit Join model
Traffic only flows to where its needed
Separated control and data planes
Router state only created along flow paths
Deterministic topological behavior
Scales well
Works for both sparsely or densely populated networks
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 5
Which ModeSparse or Dense
CONCLUSION
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 6
Group Mode
Configuring Interface
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 7
Basic Multicast Engineering
RP Engineering
RP Configuration Methods
General RP Recommendations
Avoiding DM Fallback
Using Multiple Group Ranges
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 8
RP Configuration Methods
Static
Auto-RP
BSR
Anycast-RPs
Static RPs
Hard-coded RP address
When used, must be configured on every router
All routers must have the same RP address
RP fail-over not possible
Exception: If Anycast RPs are used. (More on that later.)
Group can never fall back into Dense mode.
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 9
Auto-RP Overview
Announce
MA MA
Announce
A
A B
B
Announce
Announce
Auto-RP Overview
ry
ery
ove
cov
Disc
Dis
Dis Disc
cov
ery ove
MA ry MA
Dis Disc
A
A cov
ery B
B ove
ry
ry
ery
ove
cov
Disc
C D
Dis
C D
C-RP C-RP
1.1.1.1 2.2.2.2
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 10
BSR Overview
Msg
Msg
Msg
BSR
BSR
BSR
BSR
BSR
Msg C-BSR BSR
Msg C-BSR Msg C-BSR
A BSR
Msg F
D BSR BSR
Msg Msg
Msg
Msg
Msg
BSR
BSR
BSR
B C
BSR Msgs
E
BSR Msgs Flooded Hop -by-Hop
BSR Overview
Highest Priority C-BSR
is elected as BSR
BSR
A
D F
B C
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 11
BSR Overview
BSR
A
D C- F
RP
nt Ad
me v
tise (un ertise
dver st) ica me
A a st) nt
RP (unic
C-
C-RP C-RP
B C
BSR Overview
G
Msg
BSR
BSR
Msg
BSR
A BSR
D Msg F
Msg
BSR
C-RP C-RP
B C
BSR Msgs
E
BSR Msgs containing RP-set
Flooded Hop-by-Hop
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 12
Anycast RPOverview
Src Src
RP1 RP2
MSDP
X
A
A B
B
SA SA
10.1.1.1 10.1.1.1
Anycast RPOverview
Src Src
RP1 RP2
X
A
A B
B
10.1.1.1 10.1.1.1
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 13
RP Engineering
RP Configuration Methods
General RP Recommendations
Avoiding DM Fallback
Using Multiple Group Ranges
General RP Recommendations
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 14
General RP Recommendations
Use Auto-RP
When minimum configuration is desired and/or
When maximum flexibility is desired
Pros
Most flexible method
Easiest to maintain
Cons
Increased RP Failover times vs Anycast
Special care needed to avoid DM Fallback
Some methods greatly increase configuration
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 29
General RP Recommendations
Use BSR:
When Static/Anycast RPs cannot be used and
When maximum interoperability is needed
Pros
Interoperates with all Vendors
Cons
Increased RP Failover times vs Anycast
Special care needed to avoid DM Fallback
Some methods greatly increase configuration
Not as field-proven as other methods
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 30
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 15
Dense Mode Fallback
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 16
Avoiding DM Fallback Current Workaround
Define an RP-of-last-resort
Configure as a Static RP on every router
Will only be used if all Candidate-RPs fail
Can be a dummy address or local Loopback
Recommendation: Use local Loopback on each router
MUST use ACL to avoid breaking Auto-
Auto-RP!
ip pim rp-address <RP-of-last-resort> 10
access-list 10 deny 224.0.1.39
access-list 10 deny 224.0.1.40
access-list 10 permit any
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 17
Avoiding DM Flooding Future
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 18
RP Engineering
RP Configuration Methods
General RP Recommendations
Avoiding DM Fallback
Using Multiple Group Ranges
Definition:
Different RPs for different group ranges
Often used to:
Directly connect an RP to group sources
Assumes Few-to-many application model
Split up RP workload over multiple RPs
Provide different Shared Tree topologies
Used with spt-threshold = infinity
Caveats:
Try to avoid overlapping group ranges
Can cause unexpected RP election results
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 38
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 19
Using Multiple Group Ranges
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Sparse Mode
C RP/Mapping Agent D
LO0: 172.16.25.1
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Rtr-B#show ip pim rp mapping
PIM Group-to-RP Mappings
Sparse Mode
This system is an RP (Auto-RP)
This system is an RP-mappingCagent (Loopback0)
RP/Mapping Agent D
LO0: 172.16.25.1
Group(s) 224.0.0.0/4
RP 172.16.25.1 (R5), v2v1
Info source: 172.16.25.1 (R5), via Auto-RP
Uptime: 01:05:03, expires: 00:02:27
RP 172.16.22.1 (R2), v2v1
Info source: 172.16.22.1 (R2), via Auto-RP Mapping Agents Group -to-RP
Uptime: 01:05:11, expires: 00:02:43 mapping cache contains all learned
Group(s) 225.0.0.0/8 C-RPs ordered by Group, Mask length,
RP 172.16.25.1 (R5), v2v1 and C-RP address.
Info source: 172.16.25.1 (R5), via Auto-RP
Uptime: 00:17:29, expires: 00:02:29
Group(s) 239.255.0.0/16
RP 172.16.22.1 (R2), v2v1
Info source: 172.16.22.1 (R2), via Auto-RP
Uptime: 00:56:18, expires: 00:02:41
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 20
Using Multiple Group Ranges
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Rtr-B#show ip pim rp mapping
PIM Group-to-RP Mappings
Sparse Mode
This system is an RP (Auto-RP)
This system is an RP-mappingCagent (Loopback0)
RP/Mapping Agent D
LO0: 172.16.25.1
Group(s) 224.0.0.0/4
RP 172.16.25.1 (R5), v2v1
Info source: 172.16.25.1 (R5), via Auto-RP
Uptime: 01:05:03, expires: 00:02:27
RP 172.16.22.1 (R2), v2v1
Info source: 172.16.22.1 (R2), via Auto-RP
Uptime: 01:05:11, expires: 00:02:43
Group(s) 225.0.0.0/8 Mapping Agent advertises elected
RP 172.16.25.1 (R5), v2v1 RPs in Discovery Messages
Info source: 172.16.25.1 (R5), via Auto-RP
Uptime: 00:17:29, expires: 00:02:29 Note: Elected RP is always listed as
Group(s) 239.255.0.0/16 first C-RP for a Group Range.
RP 172.16.22.1 (R2), v2v1
Info source: 172.16.22.1 (R2), via Auto-RP
Uptime: 00:56:18, expires: 00:02:41
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 41
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Sparse Mode
C RP/Mapping Agent D
LO0: 172.16.25.1
Rtr-D#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s) 224.0.0.0/4
RP 172.16.25.1 (Rtr-C), v2v1
Info source: 172.16.25.1 (Rtr-C), via Auto -RP
Uptime: 01:00:14, expires: 00:02:25
Group(s) 225.0.0.0/8 Resulting Group-to-RP Mapping
RP 172.16.25.1 (Rtr-C), v2v1 Cache in all non-MA routers
Info source: 172.16.25.1 (Rtr-C), via Auto -RP
Uptime: 00:12:40, expires: 00:02:24
Group(s) 239.255.0.0/16 (Notice that only elected RPs
RP 172.16.22.1 (Rtr-B), v2v1 are contained the Group-to-RP
Info source: 172.16.25.1 (Rtr-C), via Auto -RP mapping cache in non-MA
Uptime: 00:51:28, expires: 00:02:24
routers.)
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 42
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 21
Using Multiple Group Ranges
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Sparse Mode Join 239.255.1.1
C RP/Mapping Agent D
LO0: 172.16.25.1
Rtr-D#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s) 224.0.0.0/4
RP 172.16.25.1 (Rtr-C), v2v1 Which entry will the router use
Info source: 172.16.25.1 (Rtr-C), via Auto -RP to determine RP address?
Uptime: 01:00:14, expires: 00:02:25
Group(s) 225.0.0.0/8
RP 172.16.25.1 (Rtr-C), v2v1 This one? (It has the highest
Info source: 172.16.25.1 (Rtr-C), via Auto -RP RP address.)
Uptime: 00:12:40, expires: 00:02:24
Group(s) 239.255.0.0/16 Or this one? (It has the
RP 172.16.22.1 (Rtr-B), v2v1
Info source: 172.16.25.1 (Rtr-C), via Auto -RP longest mask.)
Uptime: 00:51:28, expires: 00:02:24
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 43
RP/Mapping Agent
LO0: 172.16.22.1
A B
PIM
Sparse Mode Join 239.255.1.1
C RP/Mapping Agent D
LO0: 172.16.25.1
Rtr-D#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s) 224.0.0.0/4
RP 172.16.25.1 (Rtr-C), v2v1 Answer:
Info source: 172.16.25.1 (Rtr-C), via Auto -RP Router uses longest match
Uptime: 01:00:14, expires: 00:02:25 to find matching entry in the
Group(s) 225.0.0.0/8
RP 172.16.25.1 (Rtr-C), v2v1 Group-to-RP mapping cache.
Info source: 172.16.25.1 (Rtr-C), via Auto -RP
Uptime: 00:12:40, expires: 00:02:24
Group(s) 239.255.0.0/16 Moral:
RP 172.16.22.1 (Rtr-B), v2v1 Avoid overlapping group
Info source: 172.16.25.1 (Rtr-C), via Auto -RP ranges to reduce the chances
Uptime: 00:51:28, expires: 00:02:24
of incorrect RP selection.
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 44
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 22
Overlapping Group Ranges
239.255.255.255
Local Scope Local Scope
239.255.0.0/16 239.255.0.0/16
239.255.0.0
239.252.255.255
Organization -Local Scope Organization -Local Scope
239.192.0.0/14 239.192.0.0/14
239.192.0.0
Use non-
non-overlapping group
ranges. Especially when
Global Scope using Admin. Scoping.
224.0.0.0/4
238.255.255.255 Global Scope
224.0.0.0/8
225.0.0.0/8
Avoid!!! 226.0.0.0/8
.
Can result in .
confusion and .
misconfiguration 236.0.0.0/8
237.0.0.0/8
224.0.0.0 238.0.0.0/8
239.252.255.255
access-list 20 permit 239.192.0.0 0.0.64.255
Organization -Local Scope
239.192.0.0/14
239.192.0.0
Use non-
non-overlapping group
ranges. Especially when
using Admin. Scoping.
238.255.255.255 Global Scope
224.0.0.0/8
access-list 30 permit 224.0.0.0 0.0.255.255
access-list 30 permit 225.0.0.0 0.0.255.255 225.0.0.0/8
access-list 30 permit 226.0.0.0 0.0.255.255 226.0.0.0/8
. .
.
. .
access-list 30 permit 236.0.0.0 0.0.255.255 .
access-list 30 permit 237.0.0.0 0.0.255.255
access-list 30 permit 238.0.0.0 0.0.255.255 236.0.0.0/8
237.0.0.0/8
224.0.0.0 238.0.0.0/8
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 23
Overlapping Group Ranges
Agenda
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 24
Advanced Multicast Engineering
Security
High Availability
Using Admin. Scoped Zones
Scaling Multicast Performance
Controlling Receivers
IGMP Access-Group Approach
interface VLAN100
ip igmp access-group IPMC -ACL
No filter (default)
VL
AN
101
IP/TV
100
AN
VL Permit VT Stream
Deny Executive Meeting Stream
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 25
Controlling Source Registration
Global command
ip pim accept-register [list <acl>] | [route-map <map>]
Used on RP to filter incoming Register messages
Filter on Source address alone (Simple ACL)
Filter on (S, G) pair (Extended ACL)
May use route-map to specify what to filter
Filter by AS-PATH if (m)BGP is in use.
Helps prevents unwanted sources from sending
First hop router blocks traffic from reaching net
Note: Traffic can still flow under certain situations
RP
RP configured to only accept
Registers from specific source.
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 26
Controlling Source Registration
RP
Register-Stop
Register
Unwanted source traffic hits
first-hop router.
Unwanted Sender
First-hop router creates (S,G)
state and sends Register.
First-hop
RP rejects Register, sends
Source Traffic back a Register-Stop.
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 27
Disabling Entire Group Ranges
Accept-Register Method
ip pim accept-register group-list 10
access-list 10 deny 224.2.0.0 0.0.255.255
access-list 10 permit any
Pros
Only configured on RP(s)
Cons
Shared Trees and (*,G) state still created.
Results in unwanted (*,G) PIM Control Traffic.
Source traffic can still flow.
(See previous section on Accept-Register)
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 55
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 28
Disabling Entire Group Ranges
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 29
Disabling Entire Group Ranges
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 30
Disabling Entire Group Ranges
Recommendation
Use Local Loopback RP Method
Effectively disables unauthorized group traffic.
Can also serve as RP-of-last-resort
ip pim rp-address <local_loopback> 10
access-list 10 deny 224.0.1.39
access-list 10 deny 224.0.1.40
access-list 10 permit any
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 31
Preventing RP-Spoofing DoS Attacks
Global command
ip pim rp-announce-filter rp-list <acl> [group-list <acl>]
rp-list <acl>
Specifies from which routers C-RP Announcements are
accepted.
group-list <acl>
Specifies which groups in the C-RP Announcement are
accepted.
If not specified, defaults to deny all groups
Using this configuration allows the router to accept RP announcements from only
the RP in access-list 11 for group ranges described in access-list 12
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 32
Advanced Multicast Engineering
Security
High Availability
Using Admin. Scoped Zones
Scaling Multicast Performance
Auto-RP Failover
RP failover time
Function of Holdtime in C-RP Announcement
Holdtime = 3 x <rp-announce-interval>
Default < rp-announce-interval> = 60 seconds
Default Failover ~ 3 minutes
Minimizing impact of RP failure
Use SPTs to reduce impact
Traffic on SPTs not affected by RP failure
Immediate switch to SPTs is on by default
New and/or bursty sources still a problem
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 66
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 33
Tuning Auto-RP Failover
DR Failover
A B
.2 (DR) 192.168.1.0/24 .1
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 34
DR Failover
Security
High Availability
Using Admin. Scoped Zones
Scaling Multicast Performance
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 35
Administratively-Scoped Zones
Used to limit:
High-BW sources to local site
Control sensitive multicast traffic
Simple scoped zone example:
239.255.0.0/16 = (Site) Local Scope
239.192.0.0/14 = Organization-Local Scope
224.1.0.0 - 238.255.255.255 = Global scope (Internet) zone
High-BW sources use Site-Local scope
Low-Med. BW sources use Org.-Local scope
Internet-wide sources use Global scope
Administratively-Scoped Zones
Site A (HQ)
Border A
Site-Local Site-Local
S0
S1
Boundaries Boundaries
Border B Border C
239.255.0.0/16 239.255.0.0/16
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 36
Administratively-Scoped Zones
Site A (HQ)
S1
Boundaries Boundaries
access-list 10 permit any
S0
Border B Border C
Interface Serial0
ip multicast boundary 10
239.255.0.0/16 239.255.0.0/16
Interface Serial1
ip multicast boundary 10
Administratively-Scoped Zones
Auto-RP Example
Site A (HQ)
Border A
S0
S1
Border B Border C
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 37
Administratively-Scoped Zones
Auto-RP Example
Site A (HQ)
Border A
S0
S1
Site B (LA) S0 Site C (ATL)
S0
Border B Border C
Administratively-Scoped Zones
Preventing Auto-RP Info Leakage
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 38
Administratively-Scoped Zones
Preventing Auto-RP Info Leakage
Administratively-Scoped Zones
Preventing Auto-RP Info Leakage
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 39
Administratively-Scoped Zones
Auto-RP Example with filter-autorp boundaries
Site A (HQ)
S1
Boundaries Boundaries
access-list 10 permit any
S0
Border B Border C
Interface Serial0
ip multicast boundary 10 filter -autorp
239.255.0.0/16 239.255.0.0/16
Interface Serial1
ip multicast boundary 10 filter -autorp
Administratively-Scoped Zones
Auto-RP Example with filter-autorp boundaries
Site A (HQ)
interface Loopback0
Configuring Site -Local RPs
Site Local
ip address 192.168.10.2 255.255.255.255 Site Local and Mapping Agents at each
C-RP/MA C-RP/MA
ip pim send-r p- discovery scope 15
site.
ip pim send-r p- announce Loopback0 scope 15 group 20 (Only the LA site shown.)
access-list 20 permit 239.255.0.0 0.0.255.255
interface Loopback0
ip address 192.168.10.1 255.255.255.255
Border A
ip pim send-r p- discovery scope 15
S0 p- announce Loopback0 scope 15 group 20
S1
ip pim send-r
Border B Border C
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 40
Administratively-Scoped Zones
Auto-RP Example with filter-autorp boundaries
Site A (HQ)
Org-Local Org-Local
C-RP C-RP
Org-Local C-RPs
Border A
(non-Site Local Groups)
S0
S1
Site B (LA) S0 Site C (ATL)
S0
Border B Border C
Australia
North
ASIAPAC
China America
East Coast
Canada
India US
Japan
West Coast
US
Core
North EMEA
Region
Eastern
Region
Internet
South Region
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 41
Administratively-Scoped Zones Example
Level1: Site Scope
Australia
RP North
ASIAPAC
America
RPChina
RP
Canada
East Coast
India US
RP RP
Japan
West Coast
RP US
Core RP
RP
North EMEA
Region
Eastern
Region
Internet RP
Site Local Range: 239.255.x.x South Region
RP per Site RP
Reusable range
East Coast
Canada
India US
Japan
West Coast
RP US
Core RP
North EMEA
Region
Eastern
Enterprise Regional Admin Scoped Range: Region
239.[192-254].x.x Internet
South Region
RP per Region
RP
Reusable range
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 42
Administratively-Scoped Zones Example
Level3: Enterprise Global Scope
Australia
North
ASIAPAC
China America
East Coast
Canada
India US
Japan
West Coast
RP US
Core RP
North EMEA
Region
Enterprise Global Administrative Scoped
Range: 239.[0-191].x.x Eastern
Region
Internet
Multiple Admin Scoped RPs (via MSDP full
South Region
mesh)
RP
Private Address Space within the
Enterprise, no Internet connectivity for this
range
East Coast
Canada
India US
Japan
West Coast
RP US
Core RP
North EMEA
Region
Eastern
Region
Internet
RP
224.0.[2-255].x 238.255.255.255
Multiple Global RPs (via MSDP full mesh)
MSDP connectivity to providers RPs
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 43
Advanced Multicast Engineering
Security
High Availability
Using Admin. Scoped Zones
Scaling Multicast Performance
Core Network
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 44
Non-RPF Performance Problem
A B
High-rate Non-RPF Traffic
E0 E0
Non
Non--RPF traffic may be dropped at Process-
Process-Switch level!
Depends on the platform. Occurs on 6500s and 8540s.
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 45
6500/8540 Stub Network Solution
Core Network
A B
E0 E0
10.1.1.0/24
Interface
Interface E0E0
ip
ip access
access-group
-group 100
100 in
in
access-list
access-list 100
100 permit
permit ipip 10.1.1.0
10.1.1.0 0.0.0.255
0.0.0.255 any
any
access-list
access-list 100
100 permit
permit ipip 224.0.0.0
224.0.0.0 0.0.0.255
0.0.0.255 any
any
access-list
access-list 100
100 permit
permit ipip 224.0.1.0
224.0.1.0 0.0.0.255
0.0.0.255 any
any
access-list
access-list 100
100 deny
deny ip
ip any
any 224.0.0.0
224.0.0.0 15.255.255.255
15.255.255.255
access-list 100 permit ip any any
access-list 100 permit ip any any
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 46
Core Network Solution
Use p2p VLANs to avoid non-RPF problem.
Core Network
Separate VLANs
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 47
Multicast Packet Replication
Receiver
Receiver
Source
100 Packet Replications 100 Remote Sites
w/Receivers
Receiver
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 95
Copy
Multicast Multicast Multicast
Packet Packet Packet
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 48
Software-based Packet Replication
Multicast Multicast
Packet Fragment 2
Reduced CPU load. Improved Performance.
Multicast
Fragment 3
Arriving
Packet
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 49
Hardware-based Packet Replication
Cat 4000
Uses Special Replication Hardware
7600/Cat6500
Uses Special Replication Hardware
GSR
Method varies by line card type
ESR (10K)
Uses Pipeline processor
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 50
Multicast State Maintenance
PIM Signaling
Signaling Loads
Register sending/receiving
During source start-up
Periodic Registers every 2 minutes
Periodic Joins/Prunes
Sent once per second
Topology changes
Can trigger large numbers of Join/Prune messages
Batch Join/Prune signaling added in IOS 12.?(?)
Significantly improves convergence time in networks
with large amounts of mroute state.
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 51
PIM Protocol Extensions
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 52
Source Specific Multicast (SSM)
SSM Overview
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 53
SSM Example
A B C D
Out-of-band
PIM (S, G) Join source directory,
example: web server
Receiver 1
SSM Example
A B C D
Out-of-band
source directory,
example: web server
E F
Receiver 1
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 54
SSM Configuration
Global command
ip pim ssm {default | <acl>}
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 55
SSM Summary
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 56
Multicast Application Categories
One-to-Many Applications
Video, TV, Radio, Concerts, Stock Ticker, etc.
Few-to-Few Applications
Small (<10 member) Video/Audio Conferences
Few-to-Many Applications
TIBCO RV Servers (Publishing)
Many-to-Many Applications
Stock Trading Floors, Gaming
Many-to-Few Applications
TIBCO RV Clients (Subscriptions)
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 113
One-to-Many Applications
Single (S,G) entry
Few-to-Few Applications
Few (<10 typical) (S,G) entries
Few-to-Many Applications
Few (<10 typical) (S,G) entries
Many-to-Many Applications
Unlimited (S,G) entries
Many-to-Few Applications
Unlimited (S,G) entries
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 114
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 57
Multicast State Maintenance
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 58
Bidirectional (Bidir) PIM
Idea:
Use the same tree for traffic from sources
towards RP and from RP to receivers
Benefits:
Less state in routers
Only (*, G) state is used
Source traffic follows the Shared Tree
Flows up the Shared Tree to reach the RP.
Flows down the Shared Tree to reach all other
receivers.
Bidirectional Shared-Trees
Violates current (*,G) RPF rules
Traffic often accepted on outgoing interfaces.
Care must be taken to avoid multicast loops
Requires a Designated Forwarder (DF)
Responsible for forwarding traffic up Shared
Tree
DFs will accept data on the interfaces in their OIL.
Then send it out all other interfaces. (Including the IIF.)
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 59
Bidirectional (Bidir) PIM
RP Sender/
Receiver Receiver
Shared Tree
Receiver
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 60
Bidirectional PIM Example
RP Sender/
Receiver Receiver
Shared Tree
Source Traffic
Receiver
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 61
Bidir PIM Phantom RP
RP
E0 (DF)
E0 E0
E F
E1 (DF) E1 (DF)
E0 E0 E0 E0
A B C D
E1 (DF) E1 (DF) E1 (DF) E1 (DF)
E0 (DF)
E0 E0
E F
E1 (DF) E1 (DF)
E0 E0 E0 E0
A B C D
E1 (DF) E1 (DF) E1 (DF) E1 (DF)
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 62
Bidir PIM Phantom RP
E0 (DF)
E0 E0
E F
E1 (DF) E1 (DF)
E0 E0 E0 E0
A B C D
E1 (DF) E1 (DF) E1 (DF) E1 (DF)
Router F forwards traffic on down the Shared Tree ala normal PIM-SM.
RP doesnt even have to physically exist.
RST-2051-rev1 2003, Cisco Systems, Inc. All rights reserved. 125
P S
RP: 1.1.1.1
ip multicast-routing ip multicast-routing
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 63
Phantom RP on Point-to-Point Core
Netmask Method
P S
RP: 1.1.1.2
Bidir PIMSummary
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 64
Recommended Reading
Developing IP Multicast
Networks, Volume I
ISBN: 1578700779
Session RST-2051
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 65
Session Number
Presentation_ID 2003, Cisco Systems, Inc. All rights reserved. 131
Copyright 1998, Cisco Systems, Inc. All rights reserved. Printed in USA.
0863_04F9_c2.scr 66