100096763

Nortel Secure Router 8000 Series
Configuration Guide - IP Multicast

Release: Document Revision: 5.3 01.02
www.nortel.com
NN46240-509
324563-A Rev02
Nortel Secure Router 8000 Series Release: 5.3 Publication: NN46240-509 Document Revision: 01.02 Document status: Standard Document release date: 14 August 2009 Copyright 2009 Nortel Networks All Rights Reserved. Printed in Canada, India, and the United States of America LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners.
ATTENTION For information about the safety precautions, read "Safety messages" in this guide. For information about the software license, read "Software license" in this guide.
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast
Contents
About this document .......................................................................................................................1 1 Multicast overview ....................................................................................................................1-1
1.1 Introduction .................................................................................................................................................1-2 1.1.1 Background of multicast ...................................................................................................................1-2 1.1.2 Advantages and applications of multicast .........................................................................................1-5 1.2 Classification of the multicast model ..........................................................................................................1-5 1.3 Multicast framework ...................................................................................................................................1-6 1.3.1 Multicast mechanism.........................................................................................................................1-6 1.3.2 Multicast addresses ...........................................................................................................................1-7 1.3.3 Multicast protocols..........................................................................................................................1-10 1.4 Forwarding mechanism of multicast ......................................................................................................... 1-11 1.5 Multi-instance multicast ............................................................................................................................ 1-11 1.5.1 Introduction to multi-instance ......................................................................................................... 1-11 1.5.2 Multi-instance multicast application ...............................................................................................1-12
2 IGMP configuration ..................................................................................................................2-1

2.1 Introduction .................................................................................................................................................2-2 2.1.1 IGMP overview .................................................................................................................................2-2 2.1.2 Working mechanism of IGMPv1.......................................................................................................2-2 2.1.3 New functions of IGMPv2 ................................................................................................................2-4 2.1.4 Improved functions of IGMPv3 ........................................................................................................2-4 2.1.5 SSM mapping....................................................................................................................................2-6 2.1.6 Multi-instance IGMP.........................................................................................................................2-7 2.2 Configuring basic IGMP functions..............................................................................................................2-7 2.2.1 Establishing the configuration task ...................................................................................................2-7 2.2.2 Enabling IP multicast routing ............................................................................................................2-8 2.2.3 Enabling IGMP function ...................................................................................................................2-9 2.2.4 Configuring IGMP version................................................................................................................2-9 2.2.5 Configuring a static IGMP group .................................................................................................... 2-11 2.2.6 Configuring an interface to join the range of multicast group......................................................... 2-11 2.2.7 Checking the configuration .............................................................................................................2-12 2.3 Configuring IGMP message options..........................................................................................................2-12
Issue 5.3 (14 August 2009)
Nortel Networks Inc.
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 2.3.1 Establishing the configuration task .................................................................................................2-12 2.3.2 Configuring IGMP message options ...............................................................................................2-13 2.3.3 Checking the configuration .............................................................................................................2-14 2.4 Configuring IGMP query control ..............................................................................................................2-15 2.4.1 Establishing the configuration task .................................................................................................2-15 2.4.2 Configuring IGMP timers................................................................................................................2-16 2.4.3 Configuring IGMP query and response...........................................................................................2-17 2.4.4 Checking the configuration .............................................................................................................2-20 2.5 Configuring SSM mapping........................................................................................................................2-20 2.5.1 Establishing the configuration task .................................................................................................2-20 2.5.2 Enabling static SSM mapping .........................................................................................................2-21 2.5.3 Configuring static SSM mapping policy .........................................................................................2-21 2.5.4 Checking the configuration .............................................................................................................2-22 2.6 Maintaining IGMP ....................................................................................................................................2-22 2.6.1 Clearing the IGMP group information ............................................................................................2-23 2.6.2 Resetting the IGMP SSM mapping configuration...........................................................................2-23 2.6.3 Debugging IGMP ............................................................................................................................2-24 2.7 Configuration examples.............................................................................................................................2-24 2.7.1 Example of configuring basic IGMP functions ...............................................................................2-24 2.7.2 Example of configuring SSM mapping functions ...........................................................................2-27
3 PIM-DM configuration .............................................................................................................3-1

3.1 Introduction .................................................................................................................................................3-2 3.1.1 PIM-DM overview ............................................................................................................................3-2 3.1.2 Principle of PIM-DM ........................................................................................................................3-2 3.1.3 PIM-DM mechanism.........................................................................................................................3-2 3.1.4 Multi-Instance PIM ...........................................................................................................................3-5 3.2 Configuring basic PIM-DM functions.........................................................................................................3-5 3.2.1 Establishing the configuration task ...................................................................................................3-5 3.2.2 Enabling IP multicast routing ............................................................................................................3-5 3.2.3 Enabling PIM-DM.............................................................................................................................3-6 3.2.4 Checking the configuration ...............................................................................................................3-7 3.3 Controlling the forwarding of multicast source...........................................................................................3-8 3.3.1 Establishing the configuration task ...................................................................................................3-8 3.3.2 Configuring lifetime of sources.........................................................................................................3-9 3.3.3 Configure source address filtering.....................................................................................................3-9 3.3.4 Checking the configuration .............................................................................................................3-10 3.4 Adjusting control parameters of neighbors................................................................................................3-10 3.4.1 Establishing the configuration task .................................................................................................3-10 3.4.2 Configuring control parameters of neighbors.................................................................................. 3-11 3.4.3 Checking the configuration .............................................................................................................3-13 3.5 Adjusting control parameters of forwarding..............................................................................................3-13
ii
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 3.5.1 Establishing the configuration task .................................................................................................3-13 3.5.2 Configuring control parameters used to maintain the forwarding relationship ...............................3-14 3.5.3 Configuring control parameters of prune ........................................................................................3-16 3.5.4 Adjusting specifications of join and prune messages ......................................................................3-17 3.5.5 Check the configuration ..................................................................................................................3-18 3.6 Adjusting control parameters of state-refresh............................................................................................3-18 3.6.1 Establishing the configuration task .................................................................................................3-18 3.6.2 Disabling state-refresh.....................................................................................................................3-19 3.6.3 Configuring control parameters of state-refresh..............................................................................3-20 3.6.4 Checking the configuration .............................................................................................................3-20 3.7 Adjusting control parameters of graft........................................................................................................3-21 3.7.1 Establishing the configuration task .................................................................................................3-21 3.7.2 Configuring control parameters of graft..........................................................................................3-22 3.7.3 Checking the configuration .............................................................................................................3-22 3.8 Adjusting control parameters of assert ......................................................................................................3-23 3.8.1 Establishing the configuration task .................................................................................................3-23 3.8.2 Configuring control parameters of assert ........................................................................................3-24 3.8.3 Checking the configuration .............................................................................................................3-25 3.9 Maintaining PIM .......................................................................................................................................3-26 3.9.1 Debugging PIM ...............................................................................................................................3-26 3.9.2 Clearing statistics of PIM control Packets.......................................................................................3-26 3.10 Configuration example ............................................................................................................................3-27
4 PIM-SM configuration ..............................................................................................................4-1

4.1 Introduction .................................................................................................................................................4-3 4.1.1 PIM-SM overview.............................................................................................................................4-3 4.1.2 PIM-SM principles............................................................................................................................4-3 4.1.3 PIM-SM mechanism .........................................................................................................................4-4 4.1.4 PIM-SM BSR administrative domain ...............................................................................................4-9 4.1.5 Mechanism of PIM-SSM.................................................................................................................4-10 4.1.6 Multi-instance PIM .........................................................................................................................4-12 4.1.7 References .......................................................................................................................................4-13 4.2 Configuring ASM functions ......................................................................................................................4-13 4.2.1 Establishing the configuration task .................................................................................................4-13 4.2.2 Enabling IP multicast routing ..........................................................................................................4-14 4.2.3 Enabling the PIM-SM function .......................................................................................................4-15 4.2.4 Configuring static RP ......................................................................................................................4-16 4.2.5 Configuring C-RP ...........................................................................................................................4-17 4.2.6 Configuring C-BSR.........................................................................................................................4-18 4.2.7 Configuring BSR boundary.............................................................................................................4-19 4.2.8 Checking the configuration .............................................................................................................4-19 4.3 Configuring SSM functions.......................................................................................................................4-20
iii
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 4.3.1 Establishing the configuration task .................................................................................................4-20 4.3.2 Configuring an address range for a PIM-SSM multicast group ......................................................4-21 4.3.3 Checking the configuration .............................................................................................................4-22 4.4 Configuring PIM forwarding source control .............................................................................................4-22 4.4.1 Establishing the configuration task .................................................................................................4-22 4.4.2 Configuring the lifetime of the source.............................................................................................4-23 4.4.3 Configuring source address filtering ...............................................................................................4-24 4.4.4 Checking the configuration .............................................................................................................4-25 4.5 Adjusting control parameters of the C-RP and C-BSR..............................................................................4-25 4.5.1 Establishing the configuration task .................................................................................................4-25 4.5.2 Adjusting C-RP parameters .............................................................................................................4-26 4.5.3 Adjusting C-BSR parameters ..........................................................................................................4-27 4.5.4 Configuring the range of BSR address ............................................................................................4-28 4.5.5 Configuring the address range of the valid C-RP............................................................................4-29 4.5.6 Checking the configuration .............................................................................................................4-30 4.6 Configuring BSR administrative domain ..................................................................................................4-30 4.6.1 Establishing the configuration task .................................................................................................4-30 4.6.2 Enabling a BSR administrative domain...........................................................................................4-31 4.6.3 Configuring the boundary of a BSR administrative domain ...........................................................4-32 4.6.4 Adjusting C-BSR parameters ..........................................................................................................4-32 4.6.5 Checking the configuration .............................................................................................................4-34 4.7 Adjusting the control parameters for establishing neighboring relationships............................................4-34 4.7.1 Establishing the configuration task .................................................................................................4-34 4.7.2 Configuring the control parameters for establishing neighboring relationship ...............................4-35 4.7.3 Configuring the control parameters to elect the DR........................................................................4-36 4.7.4 Checking the configuration .............................................................................................................4-38 4.8 Adjusting the control parameters of source registering .............................................................................4-38 4.8.1 Establishing the configuration task .................................................................................................4-38 4.8.2 Configuring PIM-SM register packet..............................................................................................4-39 4.8.3 Configuring PIM-SM register suppression......................................................................................4-40 4.8.4 Checking the configuration .............................................................................................................4-40 4.9 Adjusting the control parameters of forwarding ........................................................................................4-41 4.9.1 Establishing the configuration task .................................................................................................4-41 4.9.2 Configuring control parameters to keep the forwarding state .........................................................4-42 4.9.3 Configuring control parameters of pruning .....................................................................................4-44 4.9.4 Adjusting the size of join and prune messages ................................................................................4-45 4.9.5 Checking the configuration .............................................................................................................4-46 4.10 Adjusting the control parameters of asserting .........................................................................................4-46 4.10.1 Establishing the configuration task ...............................................................................................4-46 4.10.2 Configuring control parameters of assert ......................................................................................4-47 4.10.3 Checking the configuration ...........................................................................................................4-48 4.11 Configuring SPT switchover ...................................................................................................................4-49
iv
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 4.11.1 Establishing the configuration task................................................................................................4-49 4.11.2 Configuring parameters of SPT switchover...................................................................................4-50 4.11.3 Checking the configuration ...........................................................................................................4-51 4.12 Maintaining PIM .....................................................................................................................................4-51 4.12.1 Debugging PIM .............................................................................................................................4-51 4.12.2 Clearing statistics of the PIM control packet.................................................................................4-52 4.13 Configuration examples...........................................................................................................................4-52 4.13.1 Example of configuring the ASM model in the single BSR domain.............................................4-52 4.13.2 Example of configuring an SSM network .....................................................................................4-58
5 MSDP configuration..................................................................................................................5-1
5.1 Introduction .................................................................................................................................................5-3 5.1.1 MSDP................................................................................................................................................5-3 5.1.2 MSDP peer ........................................................................................................................................5-3 5.1.3 RPF rule of SA message....................................................................................................................5-5 5.1.4 Interdomain multicast implemented by an MSDP peer.....................................................................5-8 5.1.5 Intradomain anycast RP implemented by MSDP peer.......................................................................5-9 5.1.6 MSDP of multi-instance ..................................................................................................................5-10 5.1.7 References .......................................................................................................................................5-10 5.2 Configuring PIM-SM interdomain multicast............................................................................................. 5-11 5.2.1 Establishing the configuration task ................................................................................................. 5-11 5.2.2 Configuring MSDP peers ................................................................................................................5-12 5.2.3 Establishing MSDP peers on BGP and MBGP peers ......................................................................5-13 5.2.4 Configuring static RPF peers ..........................................................................................................5-14 5.2.5 Checking the configuration .............................................................................................................5-15 5.3 Configuring anycast RP in PIM-SM domain.............................................................................................5-15 5.3.1 Establishing the configuration task .................................................................................................5-15 5.3.2 Configuring C-RP ...........................................................................................................................5-18 5.3.3 Configuring a static RP interface.....................................................................................................5-19 5.3.4 Statically configuring RP ................................................................................................................5-20 5.3.5 Advertising RP interface address through a unicast route ...............................................................5-20 5.3.6 Configuring MSDP peers ................................................................................................................5-21 5.3.7 Specifying logical RP address for SA message ...............................................................................5-22 5.3.8 Joining a mesh group.......................................................................................................................5-22 5.3.9 Checking the configuration .............................................................................................................5-23 5.4 Managing MSDP peer connection.............................................................................................................5-24 5.4.1 Establishing the configuration task .................................................................................................5-24 5.4.2 Controlling the session between MSDP peers.................................................................................5-25 5.4.3 Adjusting the interval for retrying setting up MSDP peer connection.............................................5-25 5.4.4 Checking the configuration .............................................................................................................5-26 5.5 Configuring SA cache................................................................................................................................5-27 5.5.1 Establishing the configuration task .................................................................................................5-27
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 5.5.2 Configuring the maximum number of (S, G) in the cache ..............................................................5-28 5.5.3 Disabling SA-cache function...........................................................................................................5-28 5.5.4 Checking the configuration .............................................................................................................5-29 5.6 Configuring SA request .............................................................................................................................5-30 5.6.1 Establishing the configuration task .................................................................................................5-30 5.6.2 Configuring sending SA request message on the local router .........................................................5-31 5.6.3 Configuring the filtering rules for receiving SA request messages .................................................5-32 5.6.4 Check the configuration ..................................................................................................................5-32 5.7 Transmitting burst multicast data within a domain....................................................................................5-34 5.7.1 Establishing the configuration task .................................................................................................5-34 5.7.2 Configuring an SA message to carry a multicast packet .................................................................5-35 5.7.3 Setting the TTL threshold of the multicast packet carried in the SA message.................................5-35 5.7.4 Checking the configuration .............................................................................................................5-36 5.8 Controlling creation and forwarding of the SA message ...........................................................................5-37 5.8.1 Establishing the configuration task .................................................................................................5-37 5.8.2 Controlling the creation of SA Message..........................................................................................5-38 5.8.3 Controlling the receiving of SA message ........................................................................................5-39 5.8.4 Controlling the forwarding of SA message .....................................................................................5-40 5.8.5 Checking the configuration .............................................................................................................5-40 5.9 Maintaining MSDP....................................................................................................................................5-42 5.9.1 Clearing statistics of MSDP peer.....................................................................................................5-42 5.9.2 Clearing (S, G) information in the SA-cache ..................................................................................5-42 5.9.3 Debugging MSDP ...........................................................................................................................5-43 5.10 Configuration examples...........................................................................................................................5-43 5.10.1 Example of configuring PIM-SM interdomain multicast ..............................................................5-44 5.10.2 Example of configuring static RPF peer........................................................................................5-52 5.10.3 Example of configuring anycast RP ..............................................................................................5-56
6 MBGP configuration .................................................................................................................6-1

6.1 Introduction .................................................................................................................................................6-2 6.2 Configuring basic MBGP functions ............................................................................................................6-2 6.2.1 Establishing the configuration task ...................................................................................................6-2 6.2.2 Configuring BGP peer.......................................................................................................................6-3 6.2.3 Configuring MBGP peer ...................................................................................................................6-4 6.2.4 Configuring MBGP route reflector....................................................................................................6-5 6.2.5 Configuring MBGP to import local routes ........................................................................................6-6 6.2.6 Checking the configuration ...............................................................................................................6-8 6.3 Configuring MBGP route advertisement policy ..........................................................................................6-8 6.3.1 Establishing the configuration task ...................................................................................................6-8 6.3.2 Configuring the next hop of the route as local address .....................................................................6-9 6.3.3 Configuring the aggregation of local MBGP routes........................................................................6-10 6.3.4 Configuring the local peer to advertise default route ...................................................................... 6-11
vi
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 6.3.5 Configuring the local peer to advertise community attribute ..........................................................6-12 6.3.6 Configuring update packets not to carry private AS number...........................................................6-13 6.3.7 Checking the configuration .............................................................................................................6-14 6.4 Configuring route exchange policy between MBGP peers........................................................................6-14 6.4.1 Establishing the configuration task .................................................................................................6-14 6.4.2 Filtering policy of MBGP route exchange.......................................................................................6-15 6.4.3 Configuring route filtering policy based on route-policy ................................................................6-16 6.4.4 Configuring route filtering policy based on IP ACL .......................................................................6-17 6.4.5 Configuring route filtering policy based on AS-path list.................................................................6-18 6.4.6 Configuring route filtering policy based on IP prefix......................................................................6-19 6.4.7 Configuring the maximum number of IP prefixes received from peers ..........................................6-20 6.4.8 Checking the configuration .............................................................................................................6-21 6.5 Configuring MBGP route selection policy ................................................................................................6-22 6.5.1 Establishing the configuration task .................................................................................................6-22 6.5.2 Setting preferred value of the route learned from peers ..................................................................6-23 6.5.3 Configuring MBGP route preference ..............................................................................................6-24 6.5.4 Configuring local-pref of MBGP route ...........................................................................................6-25 6.5.5 Configuring MED attribute of MBGP route....................................................................................6-25 6.5.6 Setting dampening parameters of MBGP routes .............................................................................6-27 6.5.7 Checking the configuration .............................................................................................................6-28 6.6 Maintaining MBGP ...................................................................................................................................6-28 6.6.1 Debugging MBGP...........................................................................................................................6-28 6.6.2 Clearing MBGP statistics ................................................................................................................6-29 6.6.3 Resetting the MBGP connection .....................................................................................................6-30 6.7 Example of configuring basic MBGP functions........................................................................................6-30
7 Multicast VPN configuration...................................................................................................7-1

7.1 Introduction .................................................................................................................................................7-2 7.1.1 Overview of multicast VPN ..............................................................................................................7-2 7.1.2 MD VPN over the NORTEL SECURE ROUTER 8000 SERIES .....................................................7-4 7.1.3 Creating Share-MDT.........................................................................................................................7-6 7.1.4 Transmission process of the Share-MDT based multicast protocol packet .......................................7-8 7.1.5 Transmission process of the Share-MDT based multicast data packet............................................7-10 7.1.6 Switch-MDT switchover ................................................................................................................. 7-11 7.1.7 MD VPN across Multi-AS ..............................................................................................................7-12 7.1.8 References .......................................................................................................................................7-14 7.2 Configuring MD VPN ...............................................................................................................................7-14 7.2.1 Establishing the configuration task .................................................................................................7-14 7.2.2 Enabling IP multicast routing ..........................................................................................................7-15 7.2.3 Configuring Share-Group and binding an MTI ...............................................................................7-15 7.2.4 Setting MTI parameters...................................................................................................................7-16 7.2.5 Checking the configuration .............................................................................................................7-17
vii
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 7.3 Configuring the Switch-MDT switchover .................................................................................................7-17 7.3.1 Establishing the configuration task .................................................................................................7-17 7.3.2 Setting switching parameters of Switch-MDT ................................................................................7-18 7.3.3 Enabling the log output of Switch-Group reuse ..............................................................................7-19 7.3.4 Checking the configuration .............................................................................................................7-20 7.4 Maintaining MD VPN ...............................................................................................................................7-21 7.5 Configuration examples.............................................................................................................................7-21 7.5.1 Example of configuring MD VPN in a single AS ...........................................................................7-21 7.5.2 Example of configuring inter-AS MD VPN ....................................................................................7-43
8 Multicast routing and forwarding configuration ................................................................8-1

8.1 Introduction .................................................................................................................................................8-2 8.1.1 Multicast routing and forwarding......................................................................................................8-2 8.1.2 RPF mechanism.................................................................................................................................8-3 8.1.3 Multicast policy.................................................................................................................................8-5 8.2 Configuring static multicast routes..............................................................................................................8-7 8.2.1 Establishing the configuration task ...................................................................................................8-7 8.2.2 Configuring a static multicast route ..................................................................................................8-8 8.2.3 Checking the configuration ...............................................................................................................8-9 8.3 Configuring a multicast routing policy........................................................................................................8-9 8.3.1 Establishing the configuration task ...................................................................................................8-9 8.3.2 Configuring longest match of multicast route .................................................................................8-10 8.3.3 Configuring load balancing of multicast route ................................................................................ 8-11 8.3.4 Checking the configuration .............................................................................................................8-12 8.4 Configuring multicast forwarding scope ...................................................................................................8-13 8.4.1 Establish the configuration task.......................................................................................................8-13 8.4.2 Configuring multicast forwarding boundary ...................................................................................8-14 8.4.3 Configuring TTL threshold of multicast forwarding .......................................................................8-14 8.4.4 Checking the configuration .............................................................................................................8-15 8.5 Setting limitation parameters of multicast forwarding table......................................................................8-15 8.5.1 Establishing the configuration task .................................................................................................8-15 8.5.2 Setting the maximum number of entries in multicast forwarding table...........................................8-17 8.5.3 Setting the maximum number of downstream nodes of multicast forwarding entry.......................8-18 8.5.4 Checking the configuration .............................................................................................................8-19 8.6 Maintaining multicast policy .....................................................................................................................8-19 8.6.1 Clearing multicast routing and forwarding entries ..........................................................................8-20 8.6.2 Debugging multicast routing and forwarding..................................................................................8-20 8.7 Configuration examples.............................................................................................................................8-21 8.7.1 Example of changing RPF routes through static multicast routes ...................................................8-21 8.7.2 Example of connecting RPF routes through static multicast routes ................................................8-25 8.7.3 Example of implementing multicast through static multicast route tunnel .....................................8-29 8.8 Troubleshooting of static multicast routes.................................................................................................8-34
viii
A Glossary .................................................................................................................................... A-1 B Acronyms and abbreviations .................................................................................................B-1 Index ................................................................................................................................................ i-1
ix
Figures
Figure 1-1 Unicast transmission .......................................................................................................................1-2 Figure 1-2 Broadcast transmission ...................................................................................................................1-3 Figure 1-3 Multicast transmission ....................................................................................................................1-4 Figure 1-4 Multicast mechanism composition..................................................................................................1-7 Figure 1-5 Multicast IP address and multicast MAC address...........................................................................1-9 Figure 1-6 Application of multicast-related protocols ....................................................................................1-10 Figure 1-7 VPN networking ...........................................................................................................................1-12 Figure 2-1 Working mechanism of IGMPv1 ....................................................................................................2-3 Figure 2-2 Source and group-specific multicast flow path ...............................................................................2-5 Figure 2-3 SSM mapping networking ..............................................................................................................2-6 Figure 2-4 IGMP networking diagram ...........................................................................................................2-25 Figure 2-5 SSM mapping networking diagram ..............................................................................................2-28 Figure 3-1 SPT establishment in a PIM-DM domain .......................................................................................3-3 Figure 3-2 Assert mechanism diagram .............................................................................................................3-4 Figure 3-3 Networking diagram of PIM-DM .................................................................................................3-27 Figure 4-1 Assert mechanism diagram .............................................................................................................4-4 Figure 4-2 Schematic diagram of DR election .................................................................................................4-5 Figure 4-3 Communication between C-RP and BSR........................................................................................4-6 Figure 4-4 RPT establishment in PIM-SM .......................................................................................................4-7 Figure 4-5 Multicast source registration...........................................................................................................4-8 Figure 4-6 BSR administrative domain (geographical space) ..........................................................................4-9 Figure 4-7 BSR administrative domain (group address range).......................................................................4-10 Figure 4-8 Schematic diagram of SPT establishment in SSM model .............................................................4-12 Figure 4-9 Typical networking diagram of single BSR domain PIM-DM......................................................4-53 Figure 5-1 MSDP peers ....................................................................................................................................5-4 Figure 5-2 MSDP peer connection in mesh group............................................................................................5-6
xi
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast Figure 5-3 Cooperation between MSDP and MBGP........................................................................................5-7 Figure 5-4 Diagram of MSDP peers .................................................................................................................5-8 Figure 5-5 Anycast RP......................................................................................................................................5-9 Figure 5-6 Networking diagram of typical MSDP configuration ...................................................................5-44 Figure 5-7 Networking diagram of static RPF peer........................................................................................5-52 Figure 5-8 Networking diagram of anycast RP configuration ........................................................................5-56 Figure 6-1 MBGP path selection networking diagram ...................................................................................6-31 Figure 7-1 Typical MPLS/BGP VPN application .............................................................................................7-2 Figure 7-2 Multicast VPN based on multi-instance..........................................................................................7-3 Figure 7-3 Diagram of an MD of a VPN instance ............................................................................................7-5 Figure 7-4 Neighbor relationship between CE, PE, and P in MD scheme........................................................7-6 Figure 7-5 Diagram of creating Share-MDT in PIM-SM network ...................................................................7-7 Figure 7-6 Diagram of creating Share-MDT in PIM-DM network ..................................................................7-8 Figure 7-7 Transmission process of multicast packets .....................................................................................7-9 Figure 7-8 Transmission process of multicast data packets............................................................................ 7-11 Figure 7-9 VPN instance-to-VPN instance connection method .....................................................................7-13 Figure 7-10 Multihop EBGP connection method ...........................................................................................7-13 Figure 7-11 Networking diagram of multicast configuration in BGP MPLS VPN.........................................7-22 Figure 7-12 Networking diagram of inter-AS MD VPN ................................................................................7-43 Figure 8-1 Diagram of RPF check process.......................................................................................................8-5 Figure 8-2 Diagram of static multicast route ....................................................................................................8-6 Figure 8-3 Diagram of forwarding multicast packets over a tunnel .................................................................8-7 Figure 8-4 Networking diagram of enabling static multicast route to change RPF route...............................8-22 Figure 8-5 Networking diagram of connecting RPF routes through static multicast routes ...........................8-25 Figure 8-6 Networking diagram of implementing multicast through static multicast route tunnel ................8-30
xii
Tables
Table 1-1 Common multicast routing issues.....................................................................................................1-6 Table 1-2 Class D address range .......................................................................................................................1-8 Table 1-3 Permanent multicast group addresses ...............................................................................................1-8 Table 4-1 D class multicast address range ...................................................................................................... 4-11 Table 5-1 Configuration solutions of PIM-SM inter-domain multicast .......................................................... 5-11 Table 5-2 Configuration solution of anycast RP .............................................................................................5-16 Table 7-1 Configuration information of interfaces .........................................................................................7-22 Table 7-2 Networking requirements of multicast in MD scheme ...................................................................7-24 Table 7-3 Configuration of router interface ....................................................................................................7-43 Table 7-4 Networking requirements of inter-AS MD VPN ............................................................................7-45 Table 8-1 Description of the display multicast forwarding-table command output ......................................8-2
xiii
Contents
About this document .......................................................................................................................1
About this document
About this document

Overview
The document describes the configuration methods of the IP multicast network in terms of basic principles, implementation of protocols, configuration procedures, and configuration examples for the Secure Router 8000 Series.
Related versions
The following table lists the product versions to which this document relates. Product name Nortel Secure Router 8000 Series Version V200R005
Intended audience
The intended audiences of this document are Network operators Network administrators Network maintenance engineers
Organization
The following table identifies the nine chapters in this document. Chapter 1 Multicast overview Description This chapter describes IP multicast fundamentals, classifications, framework, and the packet forwarding mechanism. This chapter describes the Internet Group Management Protocol (IGMP) fundamentals, configuration steps, maintenance for IGMP functions, and typical examples.
IGMP configuration
About this document
Chapter 3 PIM-DM configuration
Description This chapter describes the Protocol Independent Multicast Dense Mode (PIM-DM) fundamentals, configuration steps, maintenance for PIM-DM functions, and typical examples. This chapter describes the Protocol Independent Multicast Sparse Mode (PIM-SM) and Source Specific Mode (SSM) fundamentals, configuration steps, maintenance for PIM-SM functions, and typical examples. This chapter describes the Multicast Source Discovery Protocol (MSDP) fundamentals, configuration steps, maintenance for MSDP functions, and typical examples. This chapter describes the Multicast Border Gateway Protocol (MBGP) fundamentals, configuration steps, maintenance for MBGP functions, and typical examples. This chapter describes the multicast virtual private network (VPN) fundamentals, configuration steps, maintenance for multicast VPN functions, and typical examples. This chapter describes the Reverse Path Forwarding (RPF) fundamentals, configuration steps, maintenance for RPF functions, typical examples, and troubleshooting cases. This appendix defines common terms, acronyms, and abbreviations in this document. This chapter provides important keywords in this manual to help you access the required information quickly.
PIM-SM configuration
MSDP configuration
MBGP configuration
Multicast VPN configuration
8 Multicast routing and forwarding configuration Appendix A Glossary & B Acronyms and Abbreviations Index
Conventions
Symbol conventions
The following table defines the symbols in this document. Symbol Description Indicates a hazard with a high level of risk that, if you do not avoid, results in death or serious injury. Indicates a hazard with a medium or low level of risk which, if you do not avoid, can result in minor or moderate injury. Indicates a potentially hazardous situation that, if you do not avoid, can cause equipment damage, data loss, and performance degradation or unexpected results.
About this document
Symbol
Description Indicates a tip that can help you solve a problem or save time. Provides additional information to emphasize or supplement important points of the main text.
General conventions
Convention Times New Roman Boldface Italic Courier New Description Normal paragraphs use Times New Roman. Names of files, directories, folders, and users use boldface. For example, log in as user root. Book titles use italics. Terminal display uses Courier New.
Command conventions
Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] Description The keywords of a command line use boldface. Command arguments use italics. Items (keywords or arguments) in square brackets [ ] are optional. Alternative items are grouped in braces and separated by vertical bars. Select one of the items. Optional alternative items are grouped in square brackets and separated by vertical bars. Select one or none of the items. Alternative items are grouped in braces and separated by vertical bars. Select a minimum of one or a maximum of all of the items. Optional alternative items are grouped in square brackets and separated by vertical bars. Select many or none of the items. You can repeat the parameter before the ampersand sign (&) 1 to n times. A line that begins with the number sign (#) indicates comments.
{ x | y | ... } *
[ x | y | ... ] * &<1-n>
About this document
GUI conventions
Convention Boldface > Description Buttons, menus, parameters, tabs, windows, and dialog titles use boldface. For example, click OK. Multilevel menus use boldface and a greater-than sign (>) separates the menu choices. For example, choose File > Create > Folder.
Keyboard operation
Format Key Key 1+Key 2 Key 1, Key 2 Description Press the key. For example, press Enter and press Tab. Press the keys concurrently. For example, press Ctrl+Alt+A means you press the three keys at the same time. Press the keys in turn. For example, press Alt, A means you press the two keys one after the other.
Mouse operation
Action Click Double-click Drag Description Press and release the primary mouse button without moving the pointer. Quickly press the primary mouse button twice without moving the pointer. Press and hold the primary mouse button and move the pointer to a specific position.
Update history
Updates between document versions are cumulative. The latest document version contains all updates made to previous versions.
Updates in Issue 1.0 (6 June 2008)

The first commercial release.
Contents
1 Multicast overview ....................................................................................................................1-1
1.1 Introduction ...................................................................................................................................................1-2 1.1.1 Background of multicast ......................................................................................................................1-2 1.1.2 Advantages and applications of multicast ............................................................................................1-5 1.2 Classification of the multicast model ............................................................................................................1-5 1.3 Multicast framework .....................................................................................................................................1-6 1.3.1 Multicast mechanism ...........................................................................................................................1-6 1.3.2 Multicast addresses ..............................................................................................................................1-7 1.3.3 Multicast protocols.............................................................................................................................1-10 1.4 Forwarding mechanism of multicast ........................................................................................................... 1-11 1.5 Multi-instance multicast.............................................................................................................................. 1-11 1.5.1 Introduction to multi-instance ............................................................................................................ 1-11 1.5.2 Multi-instance multicast application ..................................................................................................1-12
Figures
Figure 1-1 Unicast transmission.........................................................................................................................1-2 Figure 1-2 Broadcast transmission .....................................................................................................................1-3 Figure 1-3 Multicast transmission ......................................................................................................................1-4 Figure 1-4 Multicast mechanism composition ...................................................................................................1-7 Figure 1-5 Multicast IP address and multicast MAC address.............................................................................1-9 Figure 1-6 Application of multicast-related protocols......................................................................................1-10 Figure 1-7 VPN networking .............................................................................................................................1-12
iii
Tables
Table 1-1 Common multicast routing issues.......................................................................................................1-6 Table 1-2 Class D address range.........................................................................................................................1-8 Table 1-3 Permanent multicast group addresses .................................................................................................1-8
1 Multicast overview
1
About this chapter
Section 1.1 Introduction 1.2 Classification of the multicast model 1.3 Multicast framework 1.4 Forwarding mechanism of multicast 1.5 Multi-instance multicast
Multicast overview
The following table describes the contents of this chapter. Description This section describes the principles and concepts of multicast routing. This section describes the classification of the multicast model. This section describes the multicast framework. This section describes the forwarding mechanism of multicast. This section describes the multi-instance multicast.
1-1
1.1 Introduction
1.1.1 Background of multicast
With the fast growth of the Internet, all kinds of interactive data, voice, and video information have also grown. New services such as e-commerce, online conferencing and auctions, video on demand, and e-learning exist. These new technological advances require security, bandwidth, and profit. Modern network transmission technology assigns high importance to the following objectives: Source discovery IP Transmission of Point-to-Multi-Point The following are the solutions to realize the two preceding objectives: Unicast Broadcast Multicast If you compare the three solutions, you find that multicast is more suitable for the IP transmission of Point-to-Multi-Point.
Unicast transmission
As shown in Figure 1-1, a source exists and User A and User C require the information on the network. The transmission mode is unicast. Figure 1-1 Unicast transmission
RouterD Receiver
UserA
RouterA Source RouterE

UserB
RouterB RouterF Receiver

UserC
RouterC
packets for UserA packets for UserC
The following list summarizes the unicast transmission process:
1-2
The Source sends separate copy information to each receiver address: packets for User A and packets for User C. The network establishes a separate data transmission path for the each receiver: Source Router B Router E Router D User A; Source Router B Router E Router F User C. In the unicast mode, the relationship between the data that transmits in the network and the users who require the data is in the direct ratio. If many users need the data, many copies of the data flow produce on the network. The bandwidth becomes a key factor to ensure the network transmission quality. The unicast mode is suitable for a network with sparse users but not for the transmission on a large scale.
Broadcast transmission
As shown in Figure 1-2, a source exists and User A and User C require the information. The transmission mode is broadcast. Figure 1-2 Broadcast transmission
RouterD Receiver
UserA

UserB

UserC
RouterC
packets for all the network
The following list summaries the broadcast transmission process: The Source sends only one packet to the broadcast address: packets for all the network The network copies the packet and sends it to all the segments, regardless of whether the routers need it: User B also receives the packet In the broadcast mode, all users on the network receive the packet. When there are few users who require packets, the utilization of the network source is quite low and the bandwidth is wasted. This mode affects users who do not need the packet. The broadcast mode is suitable for a network with many users but it does not ensure information security and payment.
1-3
Multicast transmission
As shown in Figure 1-3, a source exists and User A and User B require information on the network. The transmission mode is multicast. Figure 1-3 Multicast transmission
RouterD Receiver
UserA

UserB

UserC
RouterC
packets for the multicast group
The following list summarizes the multicast transmission process: Multicast group uses an IP multicast address identifier. User A and User C are members of the multicast group and receive the data sent to the group. The Source sends only one packet to the multicast address: packets for the multicast group. In the process of transmission, the same multicast data flow is present at each link only once. Compared with unicast, the increase of users does not result in an obvious load to the network in the multicast mode. According to the distribution of members, a multicast routing protocol uses tree routing to forward a packet to multiple destinations. The protocol copies the packet, distributes it at a branch as far away as possible, and sends it to receivers. Compared with broadcast, multicast routing sends data to receivers who require it, which saves network resources. The router that supports the multicast function on the network is the multicast router. The multicast router not only provides the multicast routing function, but also manages group members at the leaf segment network that connects with users (like Router D and Router F). At the same time, the router is a member of the multicast group. The members of the group are dynamic and a user host can join and leave the group at any time. Group members can be distributed anywhere on the network. The multicast source does not receive the data it sends; it does not belong to its object multicast group. One source can send data to multiple multicast groups at the same time. Multiple sources can send packets to a multicast group at the same time. As an illustration, compare multicast routing to a TV channel: Multicast routing is the convention between a sender and a receiver; it is like a TV channel. The TV station acts as the multicast router and it sends packets to a channel.
1-4
The TV is the receiver host. Audiences turn on the TV and select a program on a channel (hosts join a group). The TV delivers programs of the channel, (hosts receive data sent to the group). Audiences can turn the TV on and off or switch channels randomly, (hosts join or leave a multicast group dynamically).
1.1.2 Advantages and applications of multicast

Advantages of multicast
The following list identifies the advantages of multicast routing: Enhanced efficiency: reduces network traffic and reduces the load of the server and CPU Optimized performance: decreases traffic redundancy, saves bandwidth, and reduces network load Distributed applications: makes multipoint applications possible
Applications of multicast
IP multicast applies high efficient point-to-multipoint data transmission to IP networks. Multicast saves bandwidth and reduces network load. Multicast supports value-added services, including online broadcasts, network TV, remote education, remote medicine, network TV station, and video and audio conferences. The following list identifies major applications of multicast: Multimedia and streaming media such as live broadcasting, Web TV, real time audio, or video conferencing Communications within the training or co-operating sites like Tele-learning Data storage and finance (stock) applications Application of any point-to-multipoint data distribution like a network radio station
1.2 Classification of the multicast model

Based on the different sources and the destinations, IP multicast divides into the following models: Any-Source Multicast (ASM) Source-Filtered Multicast (SFM) Source-Specific Multicast (SSM)
ASM model
In the ASM model, a sender can act as the multicast source and send information to a multicast group address. Receivers receive all the information sent to the host group by joining the group identified by the address. In the ASM model, receivers do not know the location of the multicast source in advance. The receivers can join or leave the group at any time.
1-5
SFM model
The SFM model provides some of the same features as the ASM model. For the sender, the member relationship of the two models is the same. The SFM model extends the ASM model on function: the upper layer software checks the source address of received multicast packets, and permits or denies packets of some multicast sources. The receivers only receive data from partial multicast sources. For the receiver, only partial multicast sources are valid and some multicast sources are filtered.
SSM model
In practice, users can be interested only in the data sent by certain sources and not need to receive the data sent by other sources. The SSM model provides the kind of transmission service where clients can specify the sources they need. The main difference between the SSM model and the ASM model is that the receivers in the SSM model know the location of the multicast source in advance. The two models use different address scopes. The SSM model establishes a special forwarding path between receivers and the source directly.
1.3 Multicast framework

1.3.1 Multicast mechanism
Multicast modes are complex and multiple. Multicast modes transmit data from a source to receivers in the multicast mode and meet the different needs of receivers. The following table shows common issues with multicast routing. Table 1-1 Common multicast routing issues Issue To know whether a receiver exists To obtain the multicast information To know where to send the multicast information To forward multicast data Solution Host registration Multicast source discovery technology Multicast addressing mechanism Multicast routing
IP multicast is an end-to-end service that consists of four parts as shown in the following figure.
1-6
Figure 1-4 Multicast mechanism composition

Multicast application Multicast routing Host registration Addressing mechanism Host registration Addressing mechanism Multicast routing Host registration Addressing mechanism Host registration Addressing mechanism Multicast application
Multicast source (Host)
Multicast router
Multicast router
Receiver (Host)
Addressing mechanism: This function transmits the data from a source to a group of receivers based on the multicast address. Host registration: This function allows the host to dynamically join or leave a group, which helps the host to manage group members. Multicast routing: This function establishes a distribution tree to transmit packets from the source to the receivers. Multicast application: Multicast sources and receivers must support an application, such as video conferencing. The TCP/IP protocol suite must support multicast transmission and reception.
1.3.2 Multicast addresses

Multicast transmission involves questions such as where the source sends a packet and how to select the destination address of a multicast packet. These questions involve multicast addressing. Multicast on the network layer enables communication between a source and the receivers across the Internet. Link layer multicast, or hardware multicast, transmits multicast data in the local physical network. When Ethernet applies to the link layer, the hardware multicast uses media access control (MAC) multicast address. You need certain technology to map the IP multicast address to the MAC address.
IP multicast addresses
Based on the Internet Assigned Numbers Authority (IANA), the IP address divides into five classes, Class A, B, C, D, and E. The D address identifies the multicast group in a field of the destination address in the IP packet. If the source IP address of IP multicast packets is a unicast address, you can use a Class A, B, or C address. Class D addresses can never be a source IP address. Class E addresses are reserved for future use. On the network layer, an IP group address indentifies all receivers of a multicast group. After a user joins the group, the data sent to the group transmits to the user. The following table shows the Class D multicast address range.
1-7
Table 1-2 Class D address range Class D address range 224.0.0.0 to 224.0.0.255 224.0.1.0 to 231.255.255.255 233.0.0.0 to 238.255.255.255 232.0.0.0 to 232.255.255.255 239.0.0.0 to 239.255.255.255 Description Permanent multicast group addresses Temporary multicast group addresses of ASM available in the entire network Temporary multicast group addresses of SSM available in the entire network Temporary multicast group addresses of ASM available in local administration domain. The local administration multicast address is a private address. You can use the same address in different multicast administration domains without conflict.
Permanent multicast group address: IANA reserves this address for route protocols. This address identifies a group of specific network devices (also called reserved multicast group). For more information, see Table 1-3. The address remains fixed. The number of members is random and can be zero. Temporary multicast group address: This address is assigned for the user group temporarily. If no user exists, the address is cancelled. Table 1-3 Permanent multicast group addresses Permanent multicast group address 224.0.0.0 224.0.0.1 224.0.0.2 224.0.0.3 224.0.0.4 224.0.0.5 224.0.0.6 224.0.0.7 224.0.0.8 224.0.0.9 224.0.0.11 224.0.0.12 Description Unassigned Addresses of all hosts and routers in the system Addresses of all multicast routers Unassigned Distance Vector Multicast Routing Protocol routers Open Shortest Path First routers Open Shortest Path First designated routers Internet Stream Protocol (ST) routers ST hosts Routing Information Protocol version 2 routers Mobile agents Dynamic Host Configuration Protocol server or relay agents
1-8
Permanent multicast group address 224.0.0.13 224.0.0.14 224.0.0.15 224.0.0.16 224.0.0.17 224.0.0.18 224.0.0.19 224.0.0.255
Description All Protocol Independent Multicast routers Resource Reservation Protocol encapsulation All core base tree (CBT) routers Designated SBM All SBMS Virtual Router Redundancy Protocol Unassigned
Multicast MAC addresses

The multicast-MAC address identifies receivers of the same multicast group at the link layer. The Ethernet interface board on the network device can identify the multicast-MAC address. When you configure a multicast-MAC address in the driver, the device can receive and forward data of the multicast group on the Ethernet connection. The IANA specifies the high-order 25 bits of a multicast MAC address as 0x01005e and the low-order 23 bits of a MAC address the same as that of a multicast IP address. The following figure shows the mapping relationship between the multicast IP address and the multicast MAC address. Figure 1-5 Multicast IP address and multicast MAC address
5 bits information loss XXXX 32 bits IP address 1110 XXXX X X XXXXXXX 48 bits MAC address 00000001 00000000 01011110 0 XXXXXXX XXXXXXXX 23 bits mapping XXXXXXXX XXXXXXXX
XXXXXXXX
25 bits MAC address prefix
The first four bits of the IP multicast address, 1110, are the multicast identifiers. Out of the last 28 bits, only the low-order 23 bits map to the MAC address, which results in the loss of 5 bits of information. 32 IP multicast addresses map to the same MAC addresses.
This document focuses on IP multicast technology and device operation. Unless it indicates otherwise, all multicast in the document indicates the IP multicast.
1-9
1.3.3 Multicast protocols

Multicast protocols consist of Multicast group management Multicast routing and forwarding The following figure shows the multicast protocol application. Figure 1-6 Application of multicast-related protocols
AS1
AS2
User IGMP PIM MBGP /MSDP IGMP Source User
PIM
Multicast group management protocol

The Internet Group Management Protocol (IGMP) runs between the hosts and multicast routers. IGMP defines the mechanism to create and maintain the multicast membership between the multicast routers and the hosts. IGMP has three versions: IGMPv1, IGMPv2, and IGMPv3. Each new version is compatible with the old version. The three versions apply to the ASM model. IGMPv3 can directly apply to the SSM model, while the IGMPv1 and IGMPv2 need SSM-mapping support.
Multicast routing protocol

The multicast routing protocol runs between routers. The protocol creates and maintains multicast routes, and forwards multicast packets. The multicast route offers a unilateral loop-free transmission path from the source to multiple receivers, a multicast distribution tree. The multicast route in the ASM mode divides into intradomain and interdomain. The intradomain multicast protocols discover multicast sources and establish the multicast distribution tree in the autonomous system (AS) to send data to receivers. PIM is a typical intradomain multicast protocol. The PIM splits into Dense Mode (DM) and Sparse Mode (SM). When receivers are densely distributed in the network, the DM is suitable. When receivers are sparsely distributed in the network, the SM is suitable. The PIM must work with unicast routing protocols.
1-10
The intradomain multicast protocol delivers multicast packets among ASs. Multicast Source Discovery Protocol (MSDP) can transmit multicast source information across ASs. The Multicast Border Gateway Protocol (MBGP) of the MultiProtocol BGP (MPBGP) can deliver multicast routes across ASs. In the SSM model, no division of interdomain and intradomain exists. Because receivers know the location of the multicast source in advance, you can create multicast transmission path directly with partial PIM SM functions.
1.4 Forwarding mechanism of multicast

In the multicast model, the destination address of an IP packet is the multicast address. The multicast source sends messages to the host groups that the destination address specifies. Unlike the unicast model, to send packets to all receiver hosts, a router on the forwarding path needs to send a packet it receives from an inbound interface to many outbound interfaces. The multicast model is more complex than the unicast model. A multicast routing table such as MBGP guides the forwarding of multicast packets. The mechanism of Reverse Path Forwarding (RPF) ensures that the multicast routing uses a shortest path tree. Most multicast protocols create multicast route entries and forward packets based on the RPF mechanism.
For more information about RPF, see Nortel Secure Router 8000 Series Configuration IP Routing (NN46240-505).
1.5 Multi-instance multicast

Multi-instance multicast indicates the multicast that applies in the virtual private network (VPN).
1.5.1 Introduction to multi-instance

The communication between VPNs and between a VPN and a public network must be separate. As shown in the following figure, VPN A and VPN B access the public network using the PE router.
1-11
Figure 1-7 VPN networking
VPN A
CEa2 CEb1(2)
VPN B
PE2
CEb2
VPN B
CEb1(1)
CEa1 PE1
VPN A
Public Network
PE3
VPN A
CEa3
P belongs to the public network. Every CE belongs to a VPN. Each router serves only its network and maintains a set of forwarding mechanisms. PE can access the public network and VPN at the same time. The PE serves multiple networks. The network information must be strictly separate and the router maintains a separate set of forwarding mechanisms for each network. The software and hardware devices that serve the same network on the PE are an instance. Multiple instances exist on a PE. One instance distributes on multiple PEs.
For more information about multi-instance, see Nortel Secure Router 8000 Series Configuration VPN (NN46240-507).
1.5.2 Multi-instance multicast application

The Nortel Secure Router 8000 Series product supports multi-instance multicast. The following list identifies the functions you need to apply multi-instance technology to PEs: Maintain a separate set of multicast forwarding mechanism for each instance: The forwarding mechanism supports various multicast protocols and owns a PIM neighbor list and a multicast routing table. Each instance checks its own forwarding table or routing table when it forwards multicast data. Ensure the mutual separation of various instances. Implement the communication of information and data switch between a public network and a VPN instance. Multi-instance multicast is the basis to transmit multicast data across VPNs. The PRODUCT develops multicast VPN technology. Use the VPN A instance in Figure 1-7 as the example in the following illustration of multicast VPN: S belongs to the VPN A and sends data to G. Only members of VPN A can receive the data that S sends.
1-12
Multicast data transmits in multicast mode in the VPN A and the public network.
For information about multi-instance multicast, see Nortel Secure Router 8000 Series Configuration IP Routing (NN46240-505).
1-13
Contents
2 IGMP configuration ..................................................................................................................2-1
2.1 Introduction ...................................................................................................................................................2-2 2.1.1 IGMP overview....................................................................................................................................2-2 2.1.2 Working mechanism of IGMPv1 .........................................................................................................2-2 2.1.3 New functions of IGMPv2...................................................................................................................2-4 2.1.4 Improved functions of IGMPv3 ...........................................................................................................2-4 2.1.5 SSM mapping ......................................................................................................................................2-6 2.1.6 Multi-instance IGMP ...........................................................................................................................2-7 2.2 Configuring basic IGMP functions ...............................................................................................................2-7 2.2.1 Establishing the configuration task ......................................................................................................2-7 2.2.2 Enabling IP multicast routing...............................................................................................................2-8 2.2.3 Enabling IGMP function ......................................................................................................................2-9 2.2.4 Configuring IGMP version ..................................................................................................................2-9 2.2.5 Configuring a static IGMP group....................................................................................................... 2-11 2.2.6 Configuring an interface to join the range of multicast group ........................................................... 2-11 2.2.7 Checking the configuration................................................................................................................2-12 2.3 Configuring IGMP message options ...........................................................................................................2-12 2.3.1 Establishing the configuration task ....................................................................................................2-12 2.3.2 Configuring IGMP message options ..................................................................................................2-13 2.3.3 Checking the configuration................................................................................................................2-14 2.4 Configuring IGMP query control ................................................................................................................2-15 2.4.1 Establishing the configuration task ....................................................................................................2-15 2.4.2 Configuring IGMP timers ..................................................................................................................2-16 2.4.3 Configuring IGMP query and response..............................................................................................2-17 2.4.4 Checking the configuration................................................................................................................2-20 2.5 Configuring SSM mapping .........................................................................................................................2-20 2.5.1 Establishing the configuration task ....................................................................................................2-20 2.5.2 Enabling static SSM mapping............................................................................................................2-21 2.5.3 Configuring static SSM mapping policy............................................................................................2-21 2.5.4 Checking the configuration................................................................................................................2-22 2.6 Maintaining IGMP ......................................................................................................................................2-22 2.6.1 Clearing the IGMP group information ...............................................................................................2-24
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 2.6.2 Debugging IGMP...............................................................................................................................2-24 2.6.3 Monitoring the Running Status of IGMP ...........................................................................................2-25 2.7 Configuration examples ..............................................................................................................................2-25 2.7.1 Example of configuring basic IGMP functions..................................................................................2-25 2.7.2 Example of configuring SSM mapping functions..............................................................................2-28
ii
Figures
Figure 2-1 Working mechanism of IGMPv1 ......................................................................................................2-3 Figure 2-2 Source and group-specific multicast flow path.................................................................................2-5 Figure 2-3 SSM mapping networking ................................................................................................................2-6 Figure 2-4 IGMP networking diagram .............................................................................................................2-26 Figure 2-5 SSM mapping networking diagram ................................................................................................2-29
iii
2 IGMP configuration
2
About this chapter
Section 2.1 Introduction 2.2 Configuring basic IGMP function 2.3 Configuring IGMP message options 2.4 Configuring IGMP query control 2.5 Configuring SSM mapping
IGMP configuration
The following table describes the contents of this chapter. Description This section describes the principles and concepts of the Internet Group Management Protocol (IGMP). This section describes the application and configuration of IGMP. For a configuration example, see Example of configuring basic IGMP functions. This section describes the configuration of IGMP message options. This section describes how to configure IGMP query control. This section describes the application and configuration methods of Source Specific Multicast (SSM) mapping. For a configuration example, see Example of configuring basic IGMP functions. This section describes how to clear statistics of IGMP and how to debug IGMP. This section provides configuration examples of IGMP.
2.6 Maintaining IGMP 2.7 Configuration examples
2-1
2.1 Introduction
2.1.1 IGMP overview
The IGMP manages IP multicast members in the TCP/IP suite. The IGMP establishes and maintains the relationship between IP hosts and routers that directly connect to the IP hosts. The IP host sends an IGMP message to join a multicast group. The multicast router periodically sends IGMP message to the hosts to obtain information about the member.
Principle of IGMP
IGMP is a signaling mechanism of the host towards the router. IP multicast uses IGMP on the leaf network. IGMP divides into two functional sections: at the host side and at the router side. The following list describes the IGMP mechanism: 1. 2. A receiver host reports its group membership to all the devices on the shared network. An IGMP querier, elected by all the IGMP-enabled multicast routers on the same network, periodically sends membership query message to the hosts on the shared network. The receiver host reports the membership as a response to the query message. The multicast routers update the existing information of group members based on the received reports. If the multicast router does not receive a report within a timeout period, it considers this group as expired. The router stops forwarding data to the group.
3. 4.
All the receiver hosts involved in multicast must support IGMP. Multicast does not restrict member participation or departure. A host can join or leave a multicast group at any time. A multicast router does not need to store the memberships of all the hosts. The router uses IGMP to query the networks that connect with its interfaces to check whether a receiver (group member) of some multicast group exists. The host stores the information of only the multicast groups it joins.
Version information
At present, IGMP provides three versions: IGMPv1 (defined by RFC 1112), IGMPv2 (defined by RFC 2236), and IGMPv3 (defined by RFC 3376). All versions support the any-source multicast (ASM) model. IGMPv3 can directly apply to the SSM model while IGMPv1 and IGMPv2 require the technical support of SSM-mapping.
2.1.2 Working mechanism of IGMPv1

IGMPv1 manages multicast groups based on the query-report mechanism. On the shared network of multi-routers, Layer 3 routing protocol elects the unique multicast information forwarder, the assert winner or designated router (DR). The forwarder acts as the querier of IGMPv1 and queries the member relationships on the network segment.
For more information about the assert winner and DR, see PIM DM configuration and PIM SM (SSM) configuration.
The following figure shows the interactions between IGMPv1 messages.
2-2
Figure 2-1 Working mechanism of IGMPv1
ISP DR RouterA Ethernet RouterB
HostA
query report
HostB
HostC
A host joins a multicast group in the following manner: 1. Router B acts as an IGMP querier and sends a general query message periodically to the shared network in the multicast mode. The destination address of the packet (a multicast address) is 224.0.0.1 that indicates all the hosts and routers on the network segment. All the hosts on the shared network receive the general query message. The host, for example, Host B or Host C, that wants to join the group G1, sends a report message to the shared network in the multicast mode. The destination address of the packet is 224.0.0.1. The report message contains the address of the group G1. All the hosts and routers receive the report message and obtain the multicast information about the group G1. The other hosts that need to join G1 stop sending the same message. If a host intends to join another multicast group G2, the host sends a report message that contains the address of the group G2. After the query-report process, the IGMP router learns receivers exist for the G1 group. The multicast routing protocol generates the forwarding entry (*, G1). The router sends an update packet to the upstream router to maintain the multicast forwarding tree.
For more information about the multicast forwarding tree, see PIM-DM configuration and PIM-SM (SSM) configuration.
2.
3.
4.
5.
Multicast information from the source transmits to the IGMP router through the multicast routing mechanism. If a forwarding entry exists on the IGMP router, the router forwards the data to the shared network segment. Members of G1 receive the data.
IGMPv1 does not define a leave group message. If a host leaves G1, the host does not send the report message to G1. If the group G1 contains no members, the IGMP router cannot receive a report message sent to the group G1. After the timeout, the IGMP router deletes the (*, G) entry. The multicast protocol sends a prune message to the upstream router.
2-3
2.1.3 New functions of IGMPv2

The following sections describe the advantages of IGMPv2 over IGMPv1.
Querier election mechanism

In IGMPv1, when many multicast routers exist on the shared network, the selection of a querier depends on the multicast routing protocol. The IGMPv2 uses the independent querier election mechanism that determines that the multicast router with the smallest IP address is the querier.
Leave group mechanisms

In IGMPv1, hosts leave the multicast group and do not inform any multicast routers. The multicast router knows that no group member exists on the attached network based only on the response timeout for the general query message. In IGMPv2, when a host wants to leave a multicast group, like G1, it sends a leave message to the shared network in the multicast mode. The destination address of the packet is 224.0.0.2, which indicates all routers on the network segment. The packet carries the address of G1. To ensure whether other member hosts of the G1 exist on the network segment, the querier sends group-specific query message to the network for a specific time.
Group-specific query
In IGMPv1, when the querier sends a general query message, all the multicast groups respond. IGMPv2 adds a group-specific query. After the querier receives a leave message with the destination address of G1 from a host, it sends a query message in the network. Only the hosts of G1 respond and send the report message that carries the address of G1. The response message (report message) and query message of the IGMPv1 and IGMPv2 use the same packet structure and both carry their respective group addresses. The group-specific query packet is also called member query packet. The robustness variable determines the time to send the group-specific query message.
Maximum response time

Configure a maximum response time in the IGMPv2 to define the time up to which the querier waits for the host to respond to the query packet.
2.1.4 Improved functions of IGMPv3

IGMPv3 is compatible with IGMPv1 and IGMPv2. IGMPv3 further enhances the control capability of the host. IGMPv3 supports Source-Specific Multicast. This feature allows the receiver to receive packets that specify not only the multicast group G that the host wants to join, but also the source S from which the receiver requires the information. The host requires the packets from specific sources. The Filter-Mode field of the IGMP report message must be set to Include mode. The report message specifies the source and the multicast source address. The report can be expressed as Include Sources (S1, S2). The host requires information from specific sources and not from all the sources. The Filter-Mode field of the IGMP report message must be set to Exclude mode. The report
2-4
message specifies the source and the multicast source address. The report can be expressed as Exclude Sources (S1, S2). For example, two multicast sources, S1 and S2, exist. Both sources send packets to the G. The user wants only the information sent from S1 to G. The following figure shows the networking diagram. Figure 2-2 Source and group-specific multicast flow path
Source
RouterA
RouterC
S1
ISP Source Receiver
S2
RouterB
RouterD
User
packets(S1,G) packets(S2,G)
If you use IGMPv1 or IGMPv2 between the host and the router, the user joins G, but cannot select the multicast source. In this case, information from both S1 and S2 is sent to the user. If you use IGMPv3, the user can join G and can select a particular multicast source. Only the information from S1 transfers to the user.
Query information with source address

IGMPv3 supports the source and group-specific query. An IGMPv3 message carries the address of multicast source and several control fields such as the robustness coefficient of the querier and interval query. For the general query, IGMP messages carry neither the source address nor the group address. For the group-specific query, IGMP messages carry the group and do not carry the source address. For the source and group-specific query, IGMP messages carry the group address and one or more source addresses.
Response with multiple group records

The response messages of IGMPv3 require the destination IP address to be 224.0.0.22 and carry one or more group records. Each group record contains the multicast group address and many source addresses. The group record divides into the following categories: Current-State record: This record reports the current receive status of the interface as Include or Exclude. Include indicates receiving the information of a specific source, and Exclude indicates not receiving the information of a specific source. Filter-Mode-Change record: This record reports that the receiving status on the interface status switched from Include to Exclude or from Exclude to Include.
2-5
Source-List-Change record: This record reports the addition or deletion of source addresses.
2.1.5 SSM mapping

SSM mapping is an extended function of the SSM feature. Configure SSM static mapping information on the router to assign SSM functions for the IGMPv1 or IGMPv2 host. Figure 2-3 SSM mapping networking
ISP RouterA SSM needed Ethernet
Hosts only support IGMP v1/v2 HostA

report
HostB
As shown in the preceding figure, Host A and Host B do not support IGMPv3. The hosts send only IGMPv1 or IGMPv2 report messages to Router A. Two methods by which you can enable the SSM function exist: Upgrade the version of IGMP to IGMPv3 to support SSM. Enable SSM mapping on the querier, Router A. Statically configure the SSM mapping policy of (S, G) to forward packets of (S, G) without upgrading the IGMP version of hosts. If you configure the querier of the IGMPv3, after the querier receives report message of IGMPv1 or IGMPv2 from hosts, it first checks the address of G in the report message, and then operates as follows: If G is out of the SSM group range, the router operates as the original IGMPv1 or IGMPv2. If G is in the SSM group range and the router does not use SSM mapping, the router ignores the report message. If G is in the SSM group range and the router uses SSM mapping, the router transfers the received IGMPv1 and IGMPv2 into one or more Include Source (S, G) items. The router can then operate as receiving the IGMPv3 packets and realize SSM function.
For more information about the SSM group range, see PIM-SM (SSM) configuration.
2-6
2.1.6 Multi-instance IGMP

Multi-instance applies to provider edge (PE) routers in a VPN. PE routers can support the public network instance and the VPN instance at the same time, and run separate multicast services in each instance to segregate the information between instances. If a certain interface of the VPN instance connects to hosts, you must configure the related IGMP functions on the VPN instance and the interface.
A non-PE router operates a type of uniform multicast service that is called the public network instance. The configuration in the VPN instance view is valid only for the interface of the VPN interface. All the interfaces that do not belong to VPN instance are called the public network instance interface.
IGMP collects the group membership based on interfaces. In the VPN-instance application, IGMP receives and sends protocol packets based on the interface-related instance. After the multicast router receives an IGMP message, the router distinguishes the packet according to the instance type and processes it within that instance. The router exchanges information only with other multicast protocols in its own VPN instance, if necessary.
2.2 Configuring basic IGMP functions

2.2.1 Establishing the configuration task
Applicable environment
IGMP applies to the network segment through which routers connect to the users. Routers and user hosts need to run IGMP. This section describes how to configure IGMP on routers. Before you configure IGMP, enable IP multicast routing. IP multicast routing is the precondition to configure all multicast functions. If the IP multicast routing stops, the configurations related to multicast are deleted. You must enable IGMP on the interface that maintains multicast memberships. Because the packet formats of IGMPv1, IGMPv2, and IGMPv3 are different, you must first specify the IGMP version for the router and the host. You can configure an access control list (ACL) rule so that the host joins specified multicast groups and receives packets from these groups. This ACL rule serves as a filter on the associated interface and limits the range of groups on an interface.
Preconfiguration tasks
Configuring the link layer protocol parameters and IP address of the interface to make the link protocol of the interface Up. Configuring a unicast routing protocol to make the entire multicast domain interconnected. Configuring a unicast routing protocol to make IP routes between nodes reachable.
Data preparation
To configure basic IGMP functions, you need the following data.
2-7
No. 1 2 3
Data IGMP version Multicast group address and source address ACL rules to filter the multicast groups
Configuration procedures
No. 1 2 3 4 5 6 Procedure Enabling IP multicast routing Enabling IGMP function Configuring IGMP version Configuring a static IGMP group Configuring an interface to join the range of multicast group Checking the configuration
The configuration in the IGMP view is globally effective, whereas the configuration in the interface view is effective on the specified interface. When you do not use the command in the interface view, the interface uses the global value in the IGMP view. When you use the command in both views, the interface uses the interface value.
2.2.2 Enabling IP multicast routing

Do as follows on the router that connects to hosts: Step 1 Run:
system-view
The system view appears. Step 2 Run:

multicast routing-enable
This command enables IP multicast routing.
VPN instance configurations apply only to PE routers. If the VPN instance interface connects to the host on the PE, you must run the commands in step 3 and step 4.
2-8
Step 3 Run:
ip vpn-instance vpn-instance-name
The VPN instance view appears. This command is optional. Step 4 Run:
This command enables IP multicast routing of the VPN instance. This command is optional. Step 5 Run:
quit
This command quits the VPN instance. ----End
2.2.3 Enabling IGMP function

system-view

interface interface-type interface-number
The interface view appears. Step 3 Run:

igmp enable
This command enables the IGMP. Step 4 Run:

quit
This command quits the interface view. ----End By default, the IGMP is not enabled on the interface.
2.2.4 Configuring IGMP version
2-9
You must configure all routers on the same subnet with the same IGMP version.
The configuration involves the following two cases: Global configuration, which is valid on all interfaces. Configuration on an interface. The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Global configuration
Do as follows on the router that connects to host: Step 1 Run:
system-view

igmp [ vpn-instance vpn-instance-name ]
The IGMP view appears. Step 3 Run:

version { 1 | 2 | 3 }
This command configures the global IGMP version. Step 4 Run:

quit
This command quits the IGMP view. ----End
Configuration on an interface
Step 1 Run:
system-view


version { 1 | 2 | 3 }
2-10
This command configures the IGMP version for the interface. Step 4 Run:
quit
This command quits the interface view. ----End The configuration is optional. The default is the IGMPv2.
2.2.5 Configuring a static IGMP group

system-view


igmp static-group group-address [ source source-address ]
This command configures the interface to statically join a multicast group. After the interface joins a multicast group, the router considers that members exist in the network segment where the interface resides. Step 4 Run:
quit
This command quits the interface view. ----End The configuration is optional. By default, the interface does not statically join any multicast group.
2.2.6 Configuring an interface to join the range of multicast group

Do as follows on the router that connects to host: Step 1 Run:
system-view

2-11

igmp group-policy acl-number [ 1 | 2 | 3 ]
This command configures the interface to join a multicast group. Step 4 Run:
quit
This command quits the interface view. ----End The configuration is optional. By default, the interface can join any multicast group.
2.2.7 Checking the configuration

Use the commands in the following table to check the previous configuration. Action Check the configuration and operation of IGMP on the interface. Check the members of the static IGMP multicast group. Check the members of the IGMP multicast group. Command display igmp [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] group [ group-address | interface interface-type interface-number ] static display igmp [ vpn-instance vpn-instance-name | all-instance ] group [ group-address | interface interface-type interface-number ] [ static | verbose ]
2.3 Configuring IGMP message options

IGMPv2 and IGMPv3 contain the query packets with specified groups. These groups are varied, and the router can not join all of them. With the help of the Router-Alert option, IGMP can send the received packets that have not been grouped to the upper layer protocol for processing. For more information about the Router-Alert option, see RFC 2113.
Before you configure IGMP message options, complete the following tasks: Configure a unicast routing protocol.
2-12
Complete the procedures in Configuring basic IGMP function.
Data preparation
To configure IGMP security options and related timers, you need the following data. No. 1 Data Whether to include Router-Alert in the packet
No. 1 2 Procedure Configuring IGMP message options Checking the configuration
2.3.2 Configuring IGMP message options

Do as follows on the router that connects to hosts:
The configuration involves the following cases: Global configuration, which is valid on all interfaces. Configuration on an interface. The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Step 1 Run:
system-view


require-router-alert
This command discards the IGMP packets without the Router-Alert option. Step 4 Run:
send-router-alert
This command includes the Router-Alert option in IGMP packets sent.
2-13
Step 5 Run:
quit
This command quits the interface view. ----End
Step 1 Run:
system-view


igmp require-router-alert
This command discards the IGMP packets without the Router-Alert option. Step 4 Run:
igmp send-router-alert
This command includes the Router-Alert option in the IGMP packets sent. Step 5 Run:
quit
This command quits the interface view. ----End The above configurations are optional. By default, the IGMP message carries the Router-Alert option but the router does not check the option and the router processes the packet regardless of whether it carries the option. The router processes all the IGMP packets it receives, including the IGMP packets without the Router-Alert option.

Use the commands in the following table to check the previous configuration. Action Check the IGMP multicast group. Check the IGMP configuration and operation information on the interface. Command display igmp [ vpn-instance vpn-instance-name | all-instance ] group [ group-address | interface interface-type interface-number ] [ static | verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] [ ssm-mapping ] interface [ interface-type interface-number ] [ verbose ]
2-14
2.4 Configuring IGMP query control

The querier sends IGMP query packets periodically on the connected shared network. When the group receives a report message from a member, the multicast group refreshes the information of the members. The timeout of the IGMP querier is the time that another router waits to become the querier after the current querier fails to forward query messages. In Asymmetric Digital Subscriber Line (ADSL) dial-up access, the querier only corresponds to one host as one host corresponds to one port. In case the host of the receiver switches among multiple multicast groups, like switchover between TV channels, you can enable the mechanism of prompt-leave on the querier.
Before you configure IGMP query control, complete the following tasks: Configure a unicast routing protocol and enable the connectivity of the entire multicast domain. Complete the procedures in Configuring basic IGMP function.
Data preparation
To configure IGMP query control, you need the following data. No. 1 2 3 Data Interval to send IGMP query messages Timeout the lifetime of the IGMP querier Interval, the number of times, and the maximum response time to send group-specific query packets of the IGMP querier
No. 1 2 3 Procedure Configuring IGMP timers Configuring IGMP query and response Checking the configuration
2-15
Multiple IGMP parameters exist and they are mutually restricted. Ensure that configurations of all IGMP parameters on all IGMP routers in the same network segment are consistent. Otherwise, the network faults.
2.4.2 Configuring IGMP timers
The configuration applies to IGMPv1, IGMPv2, and IGMPv3. If the timeout of the duration that the querier keeps alive is shorter than the query interval, the querier of the network changes repeatedly. Do as follows on the router that connects to hosts:
The configuration involves the following cases: Global configuration, which is valid on all interfaces. Configuration on an interface. The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Step 1 Run:
system-view
The system appears. Step 2 Run:


timer query interval
This command configures the interval to send IGMP general query messages periodically. Step 4 Run:
timer other-querier-present interval
This command configures the timeout of the duration that the IGMP querier is alive. Step 5 Run:
quit
2-16
Step 1 Run:
system-view


igmp timer query interval
This command configures the interval to send IGMP general query messages periodically. Step 4 Run:
igmp timer other-querier-present interval
This command configures the timeout of the duration that the IGMP querier is alive. Step 5 Run:
quit
This command quits the interface view. ----End The above configurations are optional. By default, the IGMP query interval is 60 seconds, and the time during which the query is alive is obtained by the interval of the IGMP query multiplied by the robustness variable. The default time is 120 seconds.
2.4.3 Configuring IGMP query and response
The configuration applies to the IGMPv2 and IGMPv3. In actual configuration, the maximum response time must be shorter than the query interval. Do as follows on the router that connects to hosts:
2-17
The configuration involves the following two cases: Global configuration, which is valid on all interfaces. Configuration on an interface. The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Step 1 Run:
system-view


lastmember-queryinterval interval
This command configures the interval to send the query message. The shorter the interval is, the more flexible the querier. By default, the interval is 1 second. Step 4 Run:
robust-count robust-value
This command configures the robustness variable. The greater the robustness variable is, the more robust the IGMP router but the timeout of the group is longer. By default, the IGMP robustness variable is 2. Step 5 Run:
max-response-time interval
This command configures the maximum IGMP response time to an IGMP query. By default, the maximum IGMP response time is 10 seconds. Step 6 Run:
prompt-leave [ group-policy acl-number ]
This command configures IGMP fast leave. After the router receives the leave message from a host, the router on which you use the command no longer sends the last-member query message, and deletes the group information immediately. By default, the interface must perform the last-member query. Step 7 Run:
quit
2-18
Step 1 Run:
system-view


igmp lastmember-queryinterval interval
This command configures the interval to send the query message. The shorter the interval is, the more flexible the querier. By default, the interval is 1 second. Step 4 Run:
igmp robust-count robust-value
This command configures the robustness variable. The greater the robustness variable is, the more robust the IGMP router but the timeout of the group is longer. By default, the IGMP robustness variable is 2. Step 5 Run:
igmp max-response-time interval
This command configures the maximum IGMP response time to an IGMP query. By default, the maximum IGMP response time is 10 seconds. Step 6 Run:
igmp on-demand
This command configures the (S, G) on the interface to never time out and configures the interface to not send the IGMP query message. By default, the interface joins the election of querier and sends the query message. Step 7 Run:
igmp prompt-leave [ group-policy acl-number ]
This command configures the IGMP fast leave. After the router receives the leave message from a host, the router on which you use the command no longer sends the last-member query message, and deletes the group information immediately. By default, the interface performs the last-member query. Step 8 Run:
quit
2-19
The above configurations are optional. By default, the IGMP query interval is 60 seconds, and the time during which the query is alive is obtained by the interval of the IGMP query multiplied by the robustness variable. The default time is 120 seconds.

Use the commands in the following table to check the previous configuration. Action Check the IGMP configuration and operation information on the interface. Check the IGMP routing table. Command display igmp [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { mask | mask-length } ] | source-address [ mask { mask | mask-length } ] ] * [ static ]
2.5 Configuring SSM mapping

The customer hosts in the network support only IGMPv1 or IGMPv2. After you configure the static SSM mapping on a router, the router provides SSM service for the customer hosts.
To configure SSM mapping, complete the following tasks: Configure a unicast routing protocol. Complete the steps in Enabling IP multicast routing.
Data preparation
To configure SMM mapping, you need the following data. No. 1 2 Data Interfaces on which to enable the SSM mapping Multicast group address, multicast source address, and mask
2-20
No. 1 2 3 Procedure Enabling static SSM mapping Configuring static SSM mapping policy Checking the configuration
2.5.2 Enabling static SSM mapping

Do as follows on the router that connects to the host: Step 1 Run:
system-view


igmp enable
This command enables the IGMP function. Step 4 Run:

igmp version 3
This command configures the IGMPv3. SSM mapping requires that the interface on the router run IGMPv3. Step 5 Run:
igmp ssm-mapping enable
This command enables the SSM mapping. Step 6 Run:

quit
2.5.3 Configuring static SSM mapping policy

2-21
system-view


ssm-mapping group-address { mask | mask-length } source-address
This command configures the mapping from the multicast group to the source. You can run the command many times to configure the mapping from a group to multicast sources. group-address { mask | mask-length }: indicates the group address and the mask. source-address indicates the address of the source that establishes the mapping with the group. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the configuration information of the specific interface. Check the information about a specific source or group address. Check the SSM mapping information about specific source or group addresses. Command display interface interface-type interface-number
display igmp [ vpn-instance vpn-instance-name | all-instance ] group ssm-mapping [ group-address | interface interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] ssm-mapping { group [ group-address ] | interface [ interface-type interface-number ] }
2.6 Maintaining IGMP

This section covers the following topics: Clearing the IGMP group information
2-22
2.6.1 Debugging IGMP
Debugging affects the performance of the system. So, after debugging, run the undo debugging command to disable it immediately. When an IGMP fault occurs, run the following debugging commands in the user view to debug and locate the fault. For the procedure of outputting the debugging information, refer to the Nortel Secure Router 8000 SeriesSecure RouterConfiguration Guide - System Management. Action Debug IGMP. Command debugging igmp [ vpn-instance vpn-instance-name | all-instance ] { all | event | leave [ acl-number ] | report [ acl-number ] | query [ acl-number ] | timer } debugging igmp [ vpn-instance vpn-instance-name | all-instance ] ssm-mapping [ acl-number ]
Debug the SSM mapping.
2.6.2 Monitoring the Running Status of IGMP

During the routine maintenance, you can run the following commands in any view to view the running status of IGMP. Action Debug IGMP to check information about IGMP multicast groups. Command debuggingdisplay igmp [ vpn-instance vpn-instance-name | all-instance ] { all | event | leave [ aclgroup [ group-address | interface interface-type interface-number ] | report [ acl-number ] | query [ acl-number ] | timer }[ static | verbose ] debuggingdisplay igmp [ vpn-instance vpn-instance-name | all-instance ] group ssm-mapping [ aclgroup-address | interface interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] ] * [ static ]
Debug SSM mapping to check information about the multicast groups configured with SSM mapping. Check the IGMP configuration and running information on the interface. Check the IGMP routing table.
2-23
Check the SSM mapping of source/group-specific address.
display igmp [ vpn-instance vpn-instance-name | all-instance ] ssm-mapping { group [ group-address ] | interface [ interface-type interface-number ] }
Error! Reference source not found.
2.6.3 Clearing the IGMP group information
The receiver cannot receive the multicast information after you run the reset iqmp group command. Confirm the action before you use the command. To clear the information of the operating of the IGMP, run the following reset command in the user view. Action Delete the IGMP groups on an interface. Command reset igmp [ vpn-instance vpn-instance-name | all-instance ] group { all | interface interface-type interface-number { all | group-address [ mask { mask | mask-length } ] [ source-address [ mask { mask | mask-length } ] ] } }
2.6.4 Debugging IGMP
Debugging affects the performance of the system. So, after debugging, run the undo debugging command to disable it immediately. When an IGMP fault occurs, run the following debugging commands in the user view to debug and locate the fault. For the procedure of outputting the debugging information, refer to the Nortel Secure Router 8000 SeriesSecure RouterConfiguration Guide - System Management. Action Debug IGMP. Command debugging igmp [ vpn-instance vpn-instance-name | all-instance ] { all | event | leave [ acl-number ] | report [ acl-number ] | query [ acl-number ] | timer }
2-24
Debug the SSM mapping.
debugging igmp [ vpn-instance vpn-instance-name | all-instance ] ssm-mapping [ acl-number ]
2.6.5 Monitoring the Running Status of IGMP

During the routine maintenance, you can run the following commands in any view to view the running status of IGMP. Action Debug IGMP to check information about IGMP multicast groups. Command debuggingdisplay igmp [ vpn-instance vpn-instance-name | all-instance ] { all | event | leave [ aclgroup [ group-address | interface interface-type interface-number ] | report [ acl-number ] | query [ acl-number ] | timer }[ static | verbose ] debuggingdisplay igmp [ vpn-instance vpn-instance-name | all-instance ] group ssm-mapping [ aclgroup-address | interface interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display igmp [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] ] * [ static ] display igmp [ vpn-instance vpn-instance-name | all-instance ] ssm-mapping { group [ group-address ] | interface [ interface-type interface-number ] }
Debug SSM mapping to check information about the multicast groups configured with SSM mapping. Check the IGMP configuration and running information on the interface. Check the IGMP routing table.
Check the SSM mapping of source/group-specific address.
2.7 Configuration examples

This section provides the following examples: Example of configuring basic IGMP functions Example of configuring SSM mapping functions
2.7.1 Example of configuring basic IGMP functions

Networking requirements
In the IPv4 network shown in Figure 2-4, the unicast routing runs normally. You need the multicast function in the network so that users can receive Video On Demand (VOD) information.
2-25
Figure 2-4 IGMP networking diagram

Ethernet
RouterA
POS2/0/0 192.168.1.1/24 N1 GbE1/0/0 10.110.1.1/24
HostA
Receiver
HostB
RouterB
POS2/0/0 192.168.2.1/24
GbE1/0/0 10.110.2.1/24
Leaf network
HostC
PIM network
RouterC
GbE1/0/0 10.110.2.2/24
Receiver
N2 HostD Ethernet
POS2/0/0 192.168.3.1/24
Configuration roadmap
The steps in the configuration roadmap are 1. 2. 3. 4. Enable the multicast function on each router. Enable PIM-DM on all the interfaces on each router. Enable IGMP on the interfaces that connect hosts. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: IGMPv2 running between the router and the host
Configuration procedure
This example provides only the commands that relate to the IGMP configuration.
Step 1 Enable multicast on each router and enable IGMP and PIM-DM on the interfaces that connect the hosts. # Enable the multicast function on Router A. Enable IGMP and PIM-DM functions on the interfaces of GbE 1/0/0. Set the IGMP version as version 2:
[RouterA] multicast routing-enable [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] igmp enable [RouterA-GigabitEthernet1/0/0] igmp version 2 [RouterA-GigabitEthernet1/0/0] pim dm [RouterA-GigabitEthernet1/0/0] quit
2-26
# Enable the multicast function on Router B. Enable IGMP and PIM-DM functions on the interfaces of GbE 1/0/0. Set the IGMP version as version 2. The configurations on Router C are similar:
[RouterB] multicast routing-enable [RouterB] interface gigabitethernet 1/0/0 [RouterB-GigabitEthernet1/0/0] pim dm [RouterB-GigabitEthernet1/0/0] igmp enable [RouterB-GigabitEthernet1/0/0] igmp version 2 [RouterB-GigabitEthernet1/0/0] quit
Step 2 Verify the configuration. # Use the display igmp interface command to view the IGMP configuration and running status on the interfaces of each router. The following output shows the information of IGMP on GbE 1/0/0 of Router B as an example:
<RouterB> display igmp interface gigabitethernet 1/0/0 GigabitEthernet1/0/0(10.110.2.1): IGMP is enabled Current IGMP version is 2 Value of query interval for IGMP(in seconds): 60 Value of other querier timeout for IGMP(in seconds): 0 Value of maximum query response time for IGMP(in seconds): 10 Querier for IGMP: 10.110.2.1 (this router)
----End
Configuration files
Configuration file of Router A
# sysname RouterA # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.1.1 255.255.255.0 pim dm igmp enable # interface Pos2/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 10.110.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 # return
Configuration file of Router B

# sysname RouterB
2-27
# multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.2.1 255.255.255.0 pim dm igmp enable # interface Pos2/0/0 link-protocol ppp ip address 192.168.2.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 10.110.2.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # return
Configuration file of Router C

# sysname RouterC # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.2.2 255.255.255.0 pim dm igmp enable # interface Pos2/0/0 link-protocol ppp ip address 192.168.3.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 10.110.2.0 0.0.0.255 network 192.168.3.0 0.0.0.255 # return
2.7.2 Example of configuring SSM mapping functions

The multicast network shown in Figure 2-5, runs the PIM-SM protocol. Both the ASM mode and the SSM mode exist to provide multicast services. IGMPv3 runs on the interface that connects the host receiver; IGMPv2 runs on the host receiver and it cannot be upgraded to IGMPv3.
2-28
The address range of the SSM group in the network is 232.1.1.0/24. S1, S2, and S3 send the multicast data to the multicast group within this range. The host receiver needs to receive the multicast data only from S1 and S3. Solution: Configure the SSM mapping function on Router D. Figure 2-5 SSM mapping networking diagram
S2
133.133.2.1/24
S3 RouterB
GbE3/0/0 GbE2/0/0 GbE3/0/0 GbE2/0/0
RouterC
133.133.3.1/24
GbE1/0/0
GbE1/0/0
PIM-SM S1
133.133.1.1/24 GbE1/0/0 GbE3/0/0 GbE3/0/0 GbE2/0/0 GbE2/0/0 GbE1/0/0
Receiver
133.133.4.1/24
RouterA
RouterD
Router RouterA
RouterB
Interface GbE1/0/0 GbE2/0/0 GbE3/0/0 GbE1/0/0 GbE2/0/0 GbE3/0/0
IP address 133.133.1.2/24 192.168.1.1/24 192.168.4.2/24 133.133.2.2/24 192.168.1.2/24 192.168.2.1/24
Router RouterC
RouterD
Interface GbE1/0/0 GbE2/0/0 GbE3/0/0 GbE1/0/0 GbE2/0/0 GbE3/0/0
IP address 133.133.3.2/24 192.168.3.1/24 192.168.2.2/24 133.133.4.2/24 192.168.3.2/24 192.168.4.1/24
The steps in the configuration roadmap are 1. 2. Configure the static SSM mapping policy on the router that connects the host. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: The address range of the SSM multicast group is 232.1.1.0/24. The IP addresses of S1 and S3.
This example provides only the commands that relate to the SSM mapping configuration.
Step 1 Enable the SSM mapping function on the interface that connects to the host:
[RouterD] multicast routing-enable [RouterD] interface gigabitethernet 1/0/0 [RouterD-GigabitEthernet1/0/0] igmp ssm-mapping enable
2-29
[RouterD-GigabitEthernet1/0/0] quit
Step 2 Configure the static SSM mapping policy on the router that connects to the host. # Map the multicast group at 232.1.1.0/24 to S1 and S3:
[RouterD] igmp [RouterD-igmp] ssm-mapping 232.1.1.0 24 133.133.1.1 [RouterD-igmp] ssm-mapping 232.1.1.0 24 133.133.3.1
# Check the SSM mapping information of the specified source or group address on the router:
<RouterD> display igmp ssm-mapping group IGMP SSM-Mapping conversion table of VPN-Instance: public net Total 2 entries Total 2 entries matched 00001. (133.133.1.1, 232.1.1.0) 00002. (133.133.3.1, 232.1.1.0)
Step 3 Verify the configuration. # Receiver is added to 232.1.1.1. # Use the display igmp group ssm-mapping command to check the SSM mapping information of the specified source or group address on the router. The SSM mapping information of the specified source or group address on Router D appears as follows:
<RouterD> display igmp group ssm-mapping IGMP SSM mapping interface group report information of VPN-Instance: public net GigabitEthernet1/0/0 (133.133.4.2): Total 1 IGMP SSM-Mapping Group reported Group Address 232.1.1.1 Last Reporter 133.133.4.1 Uptime 00:01:44 Expires 00:00:26
<RouterD> display igmp group ssm-mapping verbose IGMP interface group report information of VPN-Instance: public net GigabitEthernet1/0/0 (133.133.4.2): Total 1 IGMP SSM-Mapping Group reported Group: 232.1.1.1 Uptime: 00:01:52 Expires: 00:00:18 Last reporter: 133.133.4.1 Last-member-query-counter: 0 Last-member-query-timer-expiry: off Group mode: exclude Version1-host-present-timer-expiry: off Version2-host-present-timer-expiry: 00:00:17
# Use the display pim routing-table command to check the PIM-SM routing table on the router. The information on the PIM-SM routing table on Router D appears as follows:
<RouterD> display pim routing-table Vpn-instance: public net Total 2 (S, G) entries (133.133.1.1, 232.1.1.1) Protocol: pim-ssm, Flag: UpTime: 00:11:25 Upstream interface: GigabitEthernet3/0/0 Upstream neighbor: 192.168.4.2, RPF prime neighbor: 192.168.4.2
2-30

Downstream interface list: Total number of downstreams: 1 1: GigabitEthernet1/0/0 Protocol: igmp, UpTime: 00:11:25, Expires:(133.133.3.1, 232.1.1.1) Protocol: pim-ssm, Flag: UpTime: 00:11:25 Upstream interface: GigabitEthernet2/0/0
Upstream neighbor: 192.168.3.1, RPF prime neighbor: 192.168.3.1 Downstream interface list: Total number of downstreams: 1 1: GigabitEthernet1/0/0 Protocol: igmp, UpTime: 00:11:25, Expires:-
----End
Configuration files
# sysname RouterA # multicast routing-enable # acl number 2000 rule 5 permit source 232.1.1.0 0.0.0.255 # interface GigabitEthernet1/0/0 ip address 133.133.1.2 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 192.168.1.1 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 192.168.4.2 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 133.133.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.4.0 0.0.0.255 # pim ssm-policy 2000 # return

# sysname RouterB #
2-31
multicast routing-enable # acl number 2000 rule 5 permit source 232.1.1.0 0.0.0.255 # interface GigabitEthernet1/0/0 ip address 133.133.2.2 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 192.168.1.2 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 192.168.2.1 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 133.133.2.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.2.0 0.0.0.255 # pim ssm-policy 2000 # return

# sysname RouterC # multicast routing-enable # acl number 2000 rule 5 permit source 232.1.1.0 0.0.0.255 # interface GigabitEthernet1/0/0 ip address 133.133.3.2 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 192.168.3.1 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 192.168.2.2 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 133.133.3.0 0.0.0.255 network 192.168.3.0 0.0.0.255 network 192.168.2.0 0.0.0.255 #
2-32

pim ssm-policy 2000 # return
Configuration file of Router D

# multicast routing-enable # interface GigabitEthernet1/0/0 ip address 133.133.4.2 255.255.255.0 pim sm igmp enable igmp version 3 igmp ssm-mapping enable # interface GigabitEthernet2/0/0 ip address 192.168.3.2 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 192.168.4.1 255.255.255.0 pim sm # pim c-bsr GigabitEthernet 3/0/0 c-rp GigabitEthernet 3/0/0 # acl number 2000 rule 5 permit source 232.1.1.0 0.0.0.255 pim ssm-policy 2000 # igmp ssm-mapping 232.1.1.0 255.255.255.0 133.133.1.1 ssm-mapping 232.1.1.0 255.255.255.0 133.133.3.1 # return
2-33
Contents
3 PIM-DM configuration .............................................................................................................3-1
3.1 Introduction ...................................................................................................................................................3-2 3.1.1 PIM-DM overview...............................................................................................................................3-2 3.1.2 Principle of PIM-DM...........................................................................................................................3-2 3.1.3 PIM-DM mechanism ...........................................................................................................................3-2 3.1.4 Multi-Instance PIM..............................................................................................................................3-5 3.2 Configuring basic PIM-DM functions...........................................................................................................3-5 3.2.1 Establishing the configuration task ......................................................................................................3-5 3.2.2 Enabling IP multicast routing...............................................................................................................3-5 3.2.3 Enabling PIM-DM ...............................................................................................................................3-6 3.2.4 Checking the configuration..................................................................................................................3-7 3.3 Controlling the forwarding of multicast source.............................................................................................3-8 3.3.1 Establishing the configuration task ......................................................................................................3-8 3.3.2 Configuring lifetime of sources ...........................................................................................................3-9 3.3.3 Configure source address filtering .......................................................................................................3-9 3.3.4 Checking the configuration................................................................................................................3-10 3.4 Adjusting control parameters of neighbors..................................................................................................3-10 3.4.1 Establishing the configuration task ....................................................................................................3-10 3.4.2 Configuring control parameters of neighbors .................................................................................... 3-11 3.4.3 Checking the configuration................................................................................................................3-13 3.5 Adjusting control parameters of forwarding................................................................................................3-13 3.5.1 Establishing the configuration task ....................................................................................................3-13 3.5.2 Configuring control parameters used to maintain the forwarding relationship..................................3-14 3.5.3 Configuring control parameters of prune ...........................................................................................3-16 3.5.4 Adjusting specifications of join and prune messages.........................................................................3-17 3.5.5 Check the configuration .....................................................................................................................3-18 3.6 Adjusting control parameters of state-refresh..............................................................................................3-18 3.6.1 Establishing the configuration task ....................................................................................................3-18 3.6.2 Disabling state-refresh .......................................................................................................................3-19 3.6.3 Configuring control parameters of state-refresh ................................................................................3-20 3.6.4 Checking the configuration................................................................................................................3-20 3.7 Adjusting control parameters of graft..........................................................................................................3-21
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 3.7.1 Establishing the configuration task ....................................................................................................3-21 3.7.2 Configuring control parameters of graft.............................................................................................3-22 3.7.3 Checking the configuration................................................................................................................3-22 3.8 Adjusting control parameters of assert ........................................................................................................3-23 3.8.1 Establishing the configuration task ....................................................................................................3-23 3.8.2 Configuring control parameters of assert ...........................................................................................3-24 3.8.3 Checking the configuration................................................................................................................3-25 3.9 Maintaining PIM .........................................................................................................................................3-26 3.9.1 Clearing statistics of PIM control Packets .........................................................................................3-26 3.9.2 Debugging PIM..................................................................................................................................3-26 3.9.3 Monitoring the Runnting Status of PIM.............................................................................................3-27 3.10 Configuration example..............................................................................................................................3-27
ii
Figures
Figure 3-1 SPT establishment in a PIM-DM domain .........................................................................................3-3 Figure 3-2 Assert mechanism diagram ...............................................................................................................3-4 Figure 3-3 Networking diagram of PIM-DM ...................................................................................................3-28
iii
3 PIM-DM configuration
3
About this chapter
Title 3.1 Introduction 3.2 Configuring basic PIM-DM functions 3.3 Controlling the forwarding of multicast source 3.4 Adjusting control parameters of neighbors 3.5 Adjusting control parameters of forwarding 3.6 Adjusting control parameters of state-refresh 3.7 Adjusting control parameters of graft 3.8 Adjusting control parameters of assert 3.9 Maintaining PIM
PIM-DM configuration
The following table describes the contents of this chapter. Description This section describes the principles and concepts of Protocol Independent Multicast Dense Mode (PIM-DM). This section describes how to configure PIM-DM.. This section describes how to control the forwarding of multicast data according to multicast sources in the PIM network. This section describes how to configure the control parameters of PIM-DM hello messages. This section describes how to configure control parameters of PIM-DM join and prune messages. This section describes how to configure control parameters of PIM-DM state-refresh messages. This section describes how to configure control parameters of PIM-DM graft messages. This section describes how to configure control parameters of PIM-DM assert messages. This section describes how to debug PIM and clear statistics of PIM control packets.
3-1
3.1 Introduction
3.1.1 PIM-DM overview
PIM is a multicast protocol that is independent of a unicast routing protocol, such as static route, Routing Information Protocol (RIP), Open Shortest Path First (OSPF), Intermediate System-to-Intermediate System (IS-IS), and Border Gateway Protocol (BGP). Based on Reverse Path Forwarding (RPF), PIM transmits multicast data across a network. RPF constructs a multicast forwarding tree by using the existing unicast routing information.
For more information about RPF, see Multicast forwarding and routing.
PIM-DM is a multicast routing protocol of dense node. PIM-DM applies to the small-scale network with densely-distributed members. You can use PIM-DM to establish Any-Source Multicast (ASM) mode.
Protocol Independent Multicast-Sparse Mode (PIM-SM) applies to large-scale networks with sparsely-distributed members. For information about PIM-SM, see PIM-SM configuration.
3.1.2 Principle of PIM-DM

PIM-DM assumes that each subnet has at least one multicast group member in the state of initiation. The multicast data packet floods to all sites, which exhausts related resources, for example, bandwidth and CPU of routers. To reduce the consumption of network resources, the PIM-DM prunes branches that do not forward multicast data, and reserves only the branches with receivers. If a pruned branch needs to forward and receive multicast data again, PIM restores the pruned branch to receive and forward data. To reduce the delay time for the pruned branches to restore the forwarding state, the PIM-DM uses a graft mechanism to resume the forwarding of multicast packets. The periodic flooding and pruning is the main characteristic of the PIM-DM. PIM-DM works for small-scale networks with densely distributed members, such as LANs. PIM-DM is not suitable for WANs. The forwarding path of packets in PIM-DM is a source tree with the multicast source as the root and multicast members as the leaves. Because the source tree uses the shortest path from the multicast source to the receiver, it is also called the Shortest Path Tree (SPT) . The interface that receives multicast data on the router is the upstream interface. The interface that forwards multicast data is the downstream interface.
3.1.3 PIM-DM mechanism

The main task for PIM-DM is to establish an SPT. The key mechanisms of PIM-DM include neighbor discovery, flooding, pruning, graft, and assert.
3-2
Neighbor discovery
In the PIM-DM network, multicast routers send hello messages to discover neighbors and to maintain the neighbor relationship. The PIM-DM establishes and maintains the SPT.
Flooding
PIM-DM assumes that all hosts on the network are ready to receive multicast data. If a multicast source S begins to send data to a multicast group G, the router, after it receives the multicast data, first performs an RPF check, based on the unicast routing table. If the RPF check succeeds, the router creates an (S, G) entry and forwards the data to all downstream PIM-DM nodes in the network. This process is called Flooding. If the RPF check fails, the router discards the packets. Finally, the (S, G) entry is created on each router in the PIM-DM multicast domain.
Prune
If there are no downstream multicast group members, the router sends a prune message to the upstream node to inform it not to forward any more data to downstream. After the upstream nodes receive the prune message, the upstream nodes remove the associated outgoing interface from corresponding (S, G) entry in the multicast routing table. This process builds an SPT, with the source S as its root. The leaf router without receivers triggers this pruning process. The following figure shows the establishment of SPT in a PIM-DM domain. Figure 3-1 SPT establishment in a PIM-DM domain
UserA
Receiver
UserB
Source
Multicast UserC
Server
Receiver
UserD packets SPT Prune
Receiver
UserE
PIM-DM performs flooding and pruning periodically. All pruned nodes use a timeout mechanism. After the pruning uses a timeout, each router restarts the flooding and pruning process.
3-3
The prune application in PIM-SM is similar to that of PIM-DM.
Graft
When a pruned downstream node needs to restore the forwarding, it sends a graft message to the upstream node. For example, in Figure 3-1, to restore receiving multicast data, user A sends the graft message to the multicast source S hop-by-hop. The upstream node responds to the message after it receives it. The previously pruned branch thus restores the forwarding of multicast information.
Assert
In a shared multi-access network like Ethernet, packets transmit redundantly. For example, in the following figure, multicast routers A, B, C, and D on a LAN use their own receiving paths from the multicast source S. Figure 3-2 Assert mechanism diagram
RouterA
RouterB Assert
RouterC
Assert
Ethernet
Assert
Receiver RouterD
SPT SPT SPT Ethernet
When routers A, B, and C receive a multicast packet simultaneously from the upstream multicast source S, they forward the multicast packet to the Ethernet. In this case, multicast Router D at the downstream node receives three copies of the same multicast packet. To avoid these duplicate packets and select a unique forwarder, routers select the best path by sending assert packets. If two or more paths from the multicast source use the same priority and cost, the router with the largest IP address becomes the upstream neighbor of the (S, G) entry. This router forwards the multicast packet. The other routers prune the corresponding interfaces to disable the forwarding.
3-4
The assert application in PIM-SM is similar to that of PIM-DM.
3.1.4 Multi-Instance PIM

In multi-instance applications, a multicast router must maintain the PIM neighbor information table, multicast routing table, and keep the information independent between the instances. The router acts as multiple multicast routers that run PIM independently. When a router receives a data packet, it needs to differentiate which virtual private network (VPN) instance the packet belongs to and forward it based on the multicast routing table of that VPN instance, or create PIM-related multicast routing entries in that VPN instance.
3.2 Configuring basic PIM-DM functions

If most subnets in a small network have receivers of the multicast information, the PIM-DM becomes more effective.
Before you configure basic PIM-DM functions, configure a unicast routing protocol.
Data preparation
To configure basic PIM-DM functions, you need the following data. No. 1 Data Interface type and interface number
No. 1 2 3 Procedure Enabling IP multicast routing Enabling PIM-DM Checking the configuration

Do as follows on the router: Step 1 Run:
3-5
system-view

This command enables IP multicast routing in the public network.
The VPN instance configuration applies only to the provider edge (PE) router. If the interface of the VPN instance connects to the user host, run the commands in step 3 and step 4. Step 3 Run:
The VPN instance view appears. The step is optional. Step 4 Run:
This command enables IP multicast routing of the VPN instance. The step is optional. Step 5 Run:
quit
This command quits the VPN instance view. ----End
3.2.3 Enabling PIM-DM

Do as follows on the router:
Step 1 Run:
system-view


pim dm
3-6
This command enables the PIM-DM. After you enable the PIM-DM on the interface, and the PIM neighbor establishes among routers, the protocol packets from the PIM neighbors can be processed. You can use the undo pim dm command to cancel the PIM-DM configuration on the interface.
You cannot enable PIM-SM and PIM-DM on an interface at the same time. The PIM mode must be the same on all interfaces of the same instance. When you distribute routers in different PIM-DMs, enable the PIM-SM on all nonboundary interfaces.
Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check PIM on interfaces of the public network, VPN instance, or all instances. Check PIM neighbor of the public network, VPN instance, or all instances. Check PIM routing table of the public network, VPN instance, or all instances. Command display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number | neighbor-address ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask-length | group-mask } ] ] [ source-address [ mask { source-mask-length | source-mask } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
Run the display pim interface command to check whether PIM-DM is enabled on the interface.
<Nortel> display pim interface Vpn-instance: public net Interface Eth1/0/4 GE4/0/0 NbrCnt HelloInt 1 1 30 30 1 1 DR-Pri DR-Address 172.2.41.2 202.2.4.2
Run the display pim neighbor command to check whether the PIM neighbor is established.
<Nortel> display pim neighbor Vpn-instance: public net
3-7
Total Number of Neighbors = 2 Neighbor 172.2.41.2 202.2.4.2 Interface Eth1/0/4 GE4/0/0 Uptime
Expires Dr-Priority
00:13:49 00:01:23 1 00:12:37 00:01:38 1
3.3 Controlling the forwarding of multicast source

This configuration applies to all PIM-DM networks. A PIM router checks the passing multicast data. By checking whether the data matches the filtering rule, the router determines whether to forward it. In this case, you can consider the router as the filter of the multicast data. The filter controls the data flow and limits the information that the downstream receivers can obtain.
Before you control the forwarding of multicast source, complete the following tasks: Configure certain unicast routing protocols. Complete the procedures in Configuring basic PIM-DM functions.
Data preparation
To control the forwarding of multicast source, you need the following data. No. 1 2 Data Lifetime of the multicast source Filtering rule of the multicast source address
Configuration tasks
No. 1 2 3 Procedure Configuring lifetime of sources Configure source address filtering Checking the configuration
3-8
3.3.2 Configuring lifetime of sources
Improper configuration causes network faults. If the actual network does not require a specific configuration, use the default value. Do as follows on the first next-hop router that connects to the source: Step 1 Run:
system-view

pim [vpn-instance vpn-instance-name]
The PIM view appears. Step 3 Run:

source-lifetime interval
This command configures the lifetime of the source. If the router does not receive any (S, G) packet in the lifetime of the source, it considers that the source stops sending multicast data to G. As a result, the (S, G) entry becomes invalid. Step 4 Run:
quit
This command quits the PIM view. ----End
3.3.3 Configure source address filtering

Do as follows on the PIM router: Step 1 Run:
system-view

pim [vpn-instance vpn-instance-name]

source-policy acl-number
3-9
This command configures the filter. Only the packets with the source addresses that pass the filtering are forwarded. The nearer the filter is to the source, the more obvious the effect of the filtering. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Check the PIM routing table. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
3.4 Adjusting control parameters of neighbors

PIM routers exchange hello packets to establish neighbor relationships and negotiate various control parameters. Routers work normally with the default parameter values. You can adjust related parameters according to the specific network environment.
Before you adjust control parameters of neighbors, complete the following tasks: Configure a certain unicast routing protocol. Complete the procedures in Configuring basic PIM-DM functions.
3-10
Data preparation
To adjust control parameters of neighbors, you need the following data. No. 1 2 3 Data Timeout value to wait to receive hello message from a neighbor Interval to send a hello message. Maximum delay to trigger a hello message
No. 1 2 Procedure Configuring control parameters of neighbors Checking the configuration
3.4.2 Configuring control parameters of neighbors

Do as follows on the PIM-DM router:
The configuration involves the following two cases: Global configurationm, which is valid on each interface. Configuration on an interface: The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Step 1 Run:
system-view

pim [ vpn-instance vpn-instance-name ]

timer hello interval
This command configures the interval to send a hello message. Step 4 Run:
hello-option holdtime interval
3-11
This command configures the timeout period for keeping the neighbor reachable. If the router does not receive a hello message from a neighbor in the timeout period, the neighbor is considered unreachable. Step 5 Run:
quit
Step 1 Run:
system-view


pim timer hello interval
This command configures the interval to sending a hello message. Step 4 Run:
pim triggered-hello-delay interval
This command configures the maximum delay to trigger a hello message. After you configure the delay, the conflict caused by multiple PIM routers sending hello message at the same time is avoided. Step 5 Run:
pim hello-option holdtime interval
This command configures the timeout period for keeping the neighbor reachable. If the router does not receive a hello message from a neighbor in the timeout period, the neighbor is considered unreachable. Step 6 Run:
quit
3-12

Action Check the current configuration in the PIM view. Check PIM on the interface. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number | neighbor-address ] [ verbose ]
Check the information on PIM neighbors.
3.5 Adjusting control parameters of forwarding

When the last member leaves a group, the router sends a prune message through the upstream interface. After the upstream router receives the prune message, the upstream router performs the prune action and stops sending multicast packet to this network segment. If other downstream routers exist in the network, the routers must send join messages to override the prune action. Routers work normally with the default parameter values. You can adjust related parameters according to the specific network environment.
Before you adjust control parameters of forwarding, complete the following tasks: Configure a certain unicast routing protocol. Complete the procedures in Configuring basic PIM-DM functions.
Data preparation
To adjust control parameters of forwarding, you need the following data. No. 1 2 3 4 Data Delay to transmit a prune message Period for overriding the prune Timeout period of the prune status Size of join and prune messages
3-13
No. 5
Data The number of (S, G) entries in join and prune messages sent each second
No. 1 2 3 4 Procedure Configuring control parameters used to maintain the forwarding relationship Configuring control parameters of prune Adjusting specifications of join and prune message Check the configuration
3.5.2 Configuring control parameters used to maintain the forwarding relationship

The configuration involves the following two cases: Global configuration, which is valid on each interface. Configuration on an interface: The priority of the configuration on an interface is higher than that of the global configuration. If you do not perform the configuration on an interface, the global configuration is used.
Step 1 Run:
system-view


holdtime join-prune interval
This command configures the period during which the downstream interface is in the prune state. After the period expires, the pruned interface restores to forward packets. Before the period expires, the router refreshes the prune status after it receives a state-refresh message. Step 4 Run:
3-14

quit
Step 1 Run:
system-view


pim timer join-prune interval
This command configures the interval to send a join message. This configuration applies to an ASM network. Step 4 Run:
pim holdtime join-prune interval
This command configures the period during which the downstream interface is in the prune state. After the period expires, the pruned interface restores to forward packets. Before the period expires, the router refreshes the prune status after it receives a state-refresh message. Step 5 Run:
pim require-genid
This command configures the generation ID in the hello message. The hello message without a generation ID is rejected by the router. If the generation ID in the hello message sent by the upstream router changes, the status of the upstream neighbor changes. If a router does not want to receive data from the upstream router, it can send a prune message to the upstream router after it receives the data. Step 6 Run:
quit
3-15
3.5.3 Configuring control parameters of prune

Step 1 Run:
system-view


hello-option lan-delay interval
This command configures the delay to transmit messages in the LAN. Hello messages carry lan-delay and override-interval parameters. The value of Prune-Pending Timer (PPT) is the value of the lan-delay plus the value of the override-interval. PPT is the delay between when the router receives prune packets from the downstream interface until the router performs the prune action. If the downstream interface receives a join message in PPT, it cancels the prune. Step 4 Run:
hello-option override-interval interval
This command configures the period to override the prune. If a router receives a pune message through the upstream interface, it indicates that other downstream routers still exist in the LAN. If the router still wants to receive multicast data, it needs to send a join message upstream in the override-interval period. Step 5 Run:
quit
Step 1 Run:
system-view
3-16


pim hello-option lan-delay interval
This command configures the delay to transmit messages in the LAN. Step 4 Run:
pim hello-option override-interval interval
This command configures the period to override prune. Step 5 Run:

quit
3.5.4 Adjusting specifications of join and prune messages

Do as follows on the PIM-DM router: Step 1 Run:
system-view


jp-pkt-size packet-size
This command configures the size of the sent join or prune message. By default, the size of the message is 8100 bytes. Step 4 Run:
jp-queue-size queue-size
This command configures the number of (S, G) entries of the join and prune message sent each second. By default, 1020 (S, G) entries send each second. ----End
3-17
3.5.5 Check the configuration

Action Check the current configuration in the PIM view. Check PIM on the interface. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
Check the number of received and sent PIM control messages.
Check the PIM routing table.
3.6 Adjusting control parameters of state-refresh

In the PIM-DM network, periodic flooding-prune wastes a lot of network resources. To prevent the pruned interface from restoring forwarding, you can enable the state-refresh function. Routers periodically send state-refresh messages to refresh the prune status of the interface and maintain the SPT. Routers work normally with the default parameter values. You can adjust related parameters according to the specific network environment.
If there is no specific requirement, use the default values.
Before you adjust control parameters of state-refresh, complete the following tasks: Configure a certain unicast routing protocol. Complete the procedures in Configuring basic PIM-DM functions.
3-18
Data preparation
To adjust control parameters of state-refresh, you need the following data. No. 1 2 3 Data Interval to send PIM state-refresh messages Period to wait to receive the next state-refresh message. Time-to-live (TTL) value used to forward state-refresh messages
No. 1 2 3 Procedure Disabling state-refresh Configuring control parameters of state-refresh Checking the configuration
3.6.2 Disabling state-refresh

Do as follows on all routers in the PIM-DM domain:
By default, PIM-DM state-refresh is enabled on the interface.
Step 1 Run:
system-view


undo pim state-refresh-capable
This command disables the PIM-DM state-refresh. The interface on which you disable the PIM-DM state-refresh cannot forward any state-refresh message.
You can run the pim state-refresh-capable command to re-enable the PIM-DM state-refresh on the interface.
Step 4 Run:
3-19
quit
3.6.3 Configuring control parameters of state-refresh

Do as follows on all routers in the PIM-DM domain: Step 1 Run:

state-refresh-interval interval
This command configures the interval to send PIM state-refresh messages.
The interval to send PIM state-refresh messages must be shorter than the timeout period for keeping the prune status. You can run holdtime join-prune the command to configure the timeout period for keeping the prune status.
Step 3 Run:
state-refresh-rate-limit interval
This command configures the period to wait to receive the next state-refresh message. Step 4 Run:
state-refresh-ttl ttl-value
This command configures the value of the TTL used to forward state-refresh messages Step 5 Run:
quit

Action Check the current configuration in the PIM view. Check PIM on the interface. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ]
3-20
Action Check the number of the sent and received PIM control messages. Check the PIM routing table.
Command display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
3.7 Adjusting control parameters of graft

In the PIM-DM network, if you do not enable the state-refresh, the pruned interface can restore forwarding after the prune status times out. If you enable the state-refresh, the pruned interface cannot restore forwarding. To enable the new members in the network to quickly receive multicast data, the PIM-DM router sends the graft message through the upstream interface. After the upstream router receives the graft message, the upstream router immediately responds with a graft-ack message and restores the interface that receives the graft message to forward packets. Routers work normally with the default parameter values. You can adjust related parameters according to the specific network environment.
Preconfiguration task
Before you configure control parameters of graft, complete the following tasks: Configure a certain unicast routing protocol. Complete the procedures in Configuring basic PIM-DM functions.
Data preparation
To configure control parameters of graft, you need the following data.
3-21
No. 1
Data The interval to retransmit a graft message
No. 1 2 Procedure Configuring control parameters of graft Checking the configuration
3.7.2 Configuring control parameters of graft

Do as follows on the PIM-DM router: Step 1 Run:
system-view


pim timer graft-retry interval
This command configures the interval to retransmit graft messages. If the local router does not receive any graft-ack messages from the upstream router in the specified time, it sends a graft message again. Step 4 Run:
quit

Action Check PIM on the interface. Command display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ][ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] grafts
Check the unacknowledged PIM-DM graft.
3-22
Action Check the number of the sent and received PIM control packets.
Command display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
3.8 Adjusting control parameters of assert

When the PIM-DM router receives multicast data through the downstream interface, it indicates that other upstream routers still exist in the network segment. The router sends an assert message through the interface to elect the unique upstream router. Routers work normally with the default parameter values. You can adjust related parameters according to the specific network environment.
Before you adjust control parameters of assert, complete the following tasks: Configure a certain unicast routing protocol. Complete the procedures in Configuring basic PIM-DM functions.
Data preparation
To adjust control parameters of assert, you need the following data.
3-23
No. 1
Data Period to keep the assert state
No. 1 2 Procedure Configuring control parameters of assert Checking the configuration
3.8.2 Configuring control parameters of assert

Step 1 Run:
system-view


holdtime assert interval
This command configures the period to hold the assert state. The router that fails in the election prohibits its downstream interface from forwarding multicast data. After the holdtime of the assert state times out, the downstream interface restores forwarding. Step 4 Run:
quit
3-24
Step 1 Run:
system-view


pim holdtime assert interval
This command configures the period to hold the assert state. The router that fails in the election prohibits its downstream interface from forwarding multicast data. After the holdtime of the assert state times out, the downstream interface restores forwarding. Step 4 Run:
quit

Action Check the current configuration in the PIM view. Check PIM on the interface. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
Check the number of sent and received PIM control messages.
3-25
3.9 Maintaining PIM

This section covers the following topics: Error! Reference source not found. Clearing statistics of PIM control Packets
3.9.1 Clearing statistics of PIM control Packets
You cannot restore the statistics of the PIM control packets on the interface after you reset them. Confirm the action before you use the command. To clear the information of the PIM control packets on the interface, run the following reset commands in the user view. Action Clear the information of the PIM control packets on the interface. Command reset pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ]
3.9.2 Debugging PIM
Debugging affects the performance of the system. So, after debugging, run the undo debugging all command to disable it immediately. When a fault occurs in PIM running, run the debugging command in the user view to debug PIM and locate the fault. For the explanation of debugging commands, refer to the Nortel Secure Router 8000 Series Debugging Reference. Action Enable the PIM debugging Command debugging pim [ vpn-instance vpn-instance-name | all-instance ] { all | event [advanced-acl-number ] | routing-table [ advanced-acl-number ] | neighbor [ basic-acl-number ] | assert [ advanced-acl-number ] | rp | join-prune [ advanced-acl-number ] | register [ advanced-acl-number ] | msdp [ advanced-acl-number ] | state-refresh [ advanced-acl-number ] }
3-26
3.9.3 Monitoring the Runnting Status of PIM

During the routine maintenance, you can run the following commands in any view to know the running status of PIM. Action Check the unicast routes used by PIM. Command display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-numberclaimed-route [ source-address ] display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] grafts display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor neighbor-address [ verbose ] Check PIM multicast routing table. display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask-length | group-mask } ] ] [ source-address [ mask { source-mask-length | source-mask } ] ] [ incoming-interface { interface-type interface-number | register } ] [ outgoing-interface { include | exclude | match } { interface-type interface-number | register | none } ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ]
Check the number of sent and received PIM control messages respectively. Check the unacknowledged PIM-DM Graft messages. Check the PIM information on the interface. Check information about PIM neighbors.
3.10 Configuration example

The testing network shown in Figure 3-3 requires the multicast function. In this network, complete IGP is enabled and the unicast routing runs normally. Users must receive Video On Demand (VOD) information in multicast mode by configuring the router.
3-27
Figure 3-3 Networking diagram of PIM-DM

RouterA
GbE2/0/0 Ethernet POS1/0/0 Ethernet
receiver
HostA
Source
GbE4/0/0
PIM-DM
POS3/0/0 POS1/0/0 POS1/0/0
N1 Leaf network
GbE2/0/0
RouterD
POS2/0/0
RouterB
POS1/0/0 GbE2/0/0
N2 receiver
HostB
RouterC
Ethernet
Router Router A Router B Router C
Interface POS1/0/0 GbE2/0/0 POS1/0/0 GbE2/0/0 POS1/0/0 GbE2/0/0
IP address 192.168.1.1/24 10.110.1.1/24 192.168.2.1/24 10.110.2.1/24 192.168.3.1/24 10.110.2.2/24
Router Router D
Interface POS1/0/0 POS2/0/0 POS3/0/0 GbE4/0/0
IP address 192.168.2.2/24 192.168.3.2/24 192.168.1.2/24 10.110.5.1/24
Use the PIM-DM protocol to configure the multicast function on this small-scale testing network. The steps in the configuration roadmap are 1. 2. 3. 4. Enable multicast on each router. Enable PIM-DM on each interface. Enable IGMP on each interface that connects to the host. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: The address of multicast group G is 225.1.1.1/24. The address of multicast source S is 10.110.5.100/24. IGMPv2 runs between the router and the host.
This example provides only the commands related to the PIM-DM configuration.
Step 1 Enable multicast and PIM-DM on each interface. # Enable multicast on Router A and enable PIM-DM on each interface. The configurations on Router B and Router C are similar:
3-28

[RouterA] multicast routing-enable [RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] pim dm [RouterA-GigabitEthernet2/0/0] quit [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] pim dm [RouterA-Pos1/0/0] quit
Step 2 Enable IGMP on the interfaces that connect the host. # On Router A, enable IGMP on the interface that connects to the host. The configurations on Router B and Router C are similar:
[RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] igmp enable [RouterA-GigabitEthernet2/0/0] quit
Step 3 Verify the configuration. # Use the display pim interface command to view the PIM configuration and running status on the interface of each router. The PIM configuration on Router D appears as follows:
<RouterD> display pim interface Vpn-instance: public net Interface GE4/0/0 Pos3/0/0 Pos1/0/0 Pos2/0/0 NbrCnt 0 1 1 1 HelloInt 30 30 30 30 DR-Pri 1 1 1 1 DR-Address 10.110.5.1 192.168.1.2 192.168.2.2 192.168.3.2 (local) (local) (local) (local)
# Use the display pim neighbor command to view the PIM neighbor relationship between routers. The PIM neighbor relationship on Router D appears as follows:
<RouterD> display pim neighbor Vpn-instance: public net Total Number of Neighbors = 3 Neighbor 192.168.1.1 192.168.2.1 192.168.3.1 Interface Pos3/0/0 Pos1/0/0 Pos2/0/0 Uptime 00:02:22 00:00:22 00:00:23 Expires 00:01:27 00:01:29 00:01:31 Dr-Priority 1 1 1
# Use the display pim routing-table command to view the PIM routing table on the router. Suppose Host A needs the information sent by multicast group G at 225.1.1.1/24. After multicast source S at 10.110.5.100/24 sends multicast packets to multicast group G, SPT is established. All PIM routers (Router A and Router D) in SPT use the (S, G) entry. When you add Host A to multicast group G, the (*, G) entry establishes on Router A. The display information on Router B and Router C is similar to that on Router A. The information on Router A appears as follows:
<RouterA> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 1 (S, G) entry (*, 225.1.1.1) Protocol: pim-dm, Flag: WC UpTime: 03:54:19
3-29
Upstream interface: NULL
Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: igmp, UpTime: 01:38:19, Expires: never (10.110.5.100, 225.1.1.1) Protocol: pim-dm, Flag: ACT UpTime: 00:00:44 Upstream interface: Pos1/0/0 Upstream neighbor: 192.168.1.2, RPF prime neighbor: 192.168.1.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: pim-dm, UpTime: 00:00:44, Expires: never <RouterD> display pim routing-table Vpn-instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.110.5.100, 225.1.1.1) Protocol: pim-dm, Flag: LOC ACT UpTime: 01:35:25 Upstream interface: GigabitEthernet4/0/0 Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 3 1: Pos3/0/0 Protocol: pim-dm, UpTime: 00:03:27, Expires: never 2: Pos1/0/0 Protocol: pim-dm, UpTime: 00:03:27, Expires: never 3: Pos2/0/0 Protocol: pim-dm, UpTime: 00:03:27, Expires: never
----End
Configuration files
# sysname RouterA # multicast routing-enable # interface GigabitEthernet2/0/0 ip address 10.110.1.1 255.255.255.0 pim dm igmp enable # interface POS1/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim dm
3-30

# ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 10.110.1.0 0.0.0.255 # return

# sysname RouterB # multicast routing-enable # interface GigabitEthernet2/0/0 ip address 10.110.2.1 255.255.255.0 pim dm igmp enable # interface POS1/0/0 link-protocol ppp ip address 192.168.2.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 192.168.2.0 0.0.0.255 network 10.110.2.0 0.0.0.255 # return
Configuration file on Router C

# sysname RouterC # multicast routing-enable # interface GigabitEthernet2/0/0 ip address 10.110.2.2 255.255.255.0 pim dm igmp enable # interface Pos1/0/0 link-protocol ppp ip address 192.168.3.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 192.168.3.0 0.0.0.255 network 10.110.2.0 0.0.0.255 # return
Configuration file on Router D

#
3-31
sysname RouterD # multicast routing-enable # interface GigabitEthernet4/0/0 ip address 10.110.5.1 255.255.255.0 pim dm # interface Pos1/0/0 link-protocol ppp ip address 192.168.2.2 255.255.255.0 pim dm # interface Pos2/0/0 link-protocol ppp ip address 192.168.3.2 255.255.255.0 pim dm # interface Pos3/0/0 link-protocol ppp ip address 192.168.1.2 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 192.168.2.0 0.0.0.255 network 192.168.3.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 10.110.5.0 0.0.0.255 # returm
3-32
Contents
4 PIM-SM configuration ..............................................................................................................4-1
4.1 Introduction ...................................................................................................................................................4-3 4.1.1 PIM-SM overview ...............................................................................................................................4-3 4.1.2 PIM-SM principles...............................................................................................................................4-3 4.1.3 PIM-SM mechanism ............................................................................................................................4-4 4.1.4 PIM-SM BSR administrative domain ..................................................................................................4-9 4.1.5 Mechanism of PIM-SSM ...................................................................................................................4-10 4.1.6 Multi-instance PIM ............................................................................................................................4-12 4.1.7 References..........................................................................................................................................4-13 4.2 Configuring ASM functions ........................................................................................................................4-13 4.2.1 Establishing the configuration task ....................................................................................................4-13 4.2.2 Enabling IP multicast routing.............................................................................................................4-14 4.2.3 Enabling the PIM-SM function..........................................................................................................4-15 4.2.4 Configuring static RP.........................................................................................................................4-16 4.2.5 Configuring C-RP ..............................................................................................................................4-17 4.2.6 Configuring C-BSR ...........................................................................................................................4-18 4.2.7 Configuring BSR boundary ...............................................................................................................4-19 4.2.8 Checking the configuration................................................................................................................4-19 4.3 Configuring SSM functions ........................................................................................................................4-20 4.3.1 Establishing the configuration task ....................................................................................................4-20 4.3.2 Configuring an address range for a PIM-SSM multicast group .........................................................4-21 4.3.3 Checking the configuration................................................................................................................4-22 4.4 Configuring PIM forwarding source control...............................................................................................4-22 4.4.1 Establishing the configuration task ....................................................................................................4-22 4.4.2 Configuring the lifetime of the source ...............................................................................................4-23 4.4.3 Configuring source address filtering..................................................................................................4-24 4.4.4 Checking the configuration................................................................................................................4-25 4.5 Adjusting control parameters of the C-RP and C-BSR................................................................................4-25 4.5.1 Establishing the configuration task ....................................................................................................4-25 4.5.2 Adjusting C-RP parameters................................................................................................................4-26 4.5.3 Adjusting C-BSR parameters .............................................................................................................4-27 4.5.4 Configuring the range of BSR address...............................................................................................4-28
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 4.5.5 Configuring the address range of the valid C-RP...............................................................................4-29 4.5.6 Checking the configuration................................................................................................................4-30 4.6 Configuring BSR administrative domain ....................................................................................................4-30 4.6.1 Establishing the configuration task ....................................................................................................4-30 4.6.2 Enabling a BSR administrative domain .............................................................................................4-31 4.6.3 Configuring the boundary of a BSR administrative domain ..............................................................4-32 4.6.4 Adjusting C-BSR parameters .............................................................................................................4-32 4.6.5 Checking the configuration................................................................................................................4-34 4.7 Adjusting the control parameters for establishing neighboring relationships..............................................4-34 4.7.1 Establishing the configuration task ....................................................................................................4-34 4.7.2 Configuring the control parameters for establishing neighboring relationship ..................................4-35 4.7.3 Configuring the control parameters to elect the DR...........................................................................4-36 4.7.4 Checking the configuration................................................................................................................4-38 4.8 Adjusting the control parameters of source registering ...............................................................................4-38 4.8.1 Establishing the configuration task ....................................................................................................4-38 4.8.2 Configuring PIM-SM register packet.................................................................................................4-39 4.8.3 Configuring PIM-SM register suppression ........................................................................................4-40 4.8.4 Checking the configuration................................................................................................................4-40 4.9 Adjusting the control parameters of forwarding..........................................................................................4-41 4.9.1 Establishing the configuration task ....................................................................................................4-41 4.9.2 Configuring control parameters to keep the forwarding state ............................................................4-42 4.9.3 Configuring control parameters of pruning........................................................................................4-44 4.9.4 Adjusting the size of join and prune messages...................................................................................4-45 4.9.5 Checking the configuration................................................................................................................4-46 4.10 Adjusting the control parameters of asserting ...........................................................................................4-46 4.10.1 Establishing the configuration task ..................................................................................................4-46 4.10.2 Configuring control parameters of assert .........................................................................................4-47 4.10.3 Checking the configuration..............................................................................................................4-48 4.11 Configuring SPT switchover .....................................................................................................................4-49 4.11.1 Establishing the configuration task ..................................................................................................4-49 4.11.2 Configuring parameters of SPT switchover .....................................................................................4-50 4.11.3 Checking the configuration ..............................................................................................................4-51 4.12 Maintaining PIM .......................................................................................................................................4-51 4.12.1 Clearing statistics of the PIM control packet ...................................................................................4-51 4.12.2 Debugging PIM................................................................................................................................4-52 4.12.3 Monitoring the Running Status of PIM-SM.....................................................................................4-52 4.13 Configuration examples ............................................................................................................................4-53 4.13.1 Example of configuring the ASM model in the single BSR domain................................................4-53 4.13.2 Example of configuring an SSM network........................................................................................4-59
ii
Figures
Figure 4-1 Assert mechanism diagram ...............................................................................................................4-4 Figure 4-2 Schematic diagram of DR election ...................................................................................................4-5 Figure 4-3 Communication between C-RP and BSR .........................................................................................4-6 Figure 4-4 RPT establishment in PIM-SM.........................................................................................................4-7 Figure 4-5 Multicast source registration.............................................................................................................4-8 Figure 4-6 BSR administrative domain (geographical space) ............................................................................4-9 Figure 4-7 BSR administrative domain (group address range) ........................................................................4-10 Figure 4-8 Schematic diagram of SPT establishment in SSM model...............................................................4-12 Figure 4-9 Typical networking diagram of single BSR domain PIM-DM .......................................................4-54
iii
Tables
Table 4-1 D class multicast address range ........................................................................................................ 4-11
4 PIM-SM configuration
4
About this chapter
Section 4.1 Introduction 4.2 Configuring ASM functions
PIM-SM configuration
The following table describes the contents of this chapter. Description This section describes the principles and concepts of Protocol Independent MulticastSparse Mode (PIM-SM) and PIM-Source Specific Mode (PIM-SSM). This section describes how to configure the basic functions of the Any-Source Multicast (ASM) model of PIM-SM. For a configuration example, see Example of configuring the ASM model in the single BSR domain. This section describes how to configure the basic function of the SSM model of PIM-SM. For a configuration example, see Example of configuring an SSM network. This section describes how to control multicast data forwarding based on the multicast source in the PIM network. This section describes how to configure the control parameters and advertisement of the candidate-rendezvous point (C-RP), the canadidate bootstrap router (C-BSR), and the bootstrap message. This section describes the application and the configuration of the PIM-SM administrative domain. This section describes how to adjust the control parameters of the hello message. This section describes how to adjust the control parameters of the register message.
4.3 Configuring SSM functions 4.4 Configuring PIM forwarding source control 4.5 Adjusting control parameters of the C-RP and C-BSR 4.6 Configuring BSR administrative domain 4.7 Adjusting the control parameters for establishing neighboring relationship 4.8 Adjusting the control parameters of source registering
4-1
Section 4.9 Adjusting the control parameters of forwarding 4.10 Adjusting the control parameters of asserting 4.11 Configuring SPT switchover 4.12 Maintaining PIM
Description This section describes how to adjust the control parameters of the join and prune messages. This section describes how to adjust the control parameters of the assert message. This section describes the application and the configuration of PIM-SM shortest path tree (SPT) switchover. This section describes how to clear the statistics of PIM-SM and PIM-SSM and how to debug PIM-SM and PIM-SSM. This section provides configuration examples of PIM-SM and PIM-SSM.
4-2
4.1 Introduction
4.1.1 PIM-SM overview
PIM indicates that a unicast routing protocol, such as the static routing, RIP, OSPF, IS-IS, or BGP can provide the routing information for the IP multicast. The multicast routing is independent of the unicast routing protocol so long as the unicast routing protocol can generate the multicast routing entry. PIM forwards the multicast packet through the Reverse Path Forwarding (RPF) mechanism. The RPF mechanism creates the multicast forwarding tree through the existing unicast routing information. After a multicast packet arrives at the router, the router performs the RPF check. If the RPF check passes, the router creates the multicast routing entry to forward the multicast packet. If the RPF check fails, the router discards the packet.
For more information about RPF, see Multicast forwarding and routing configuration.
Use PIM-SM in the large-scale network with sparsely distributed group members.
The PIM-DM protocol applies to the small-sized network with densely distributed group members. For information about PIM-DM, see PIM-DM configuration.
PIM-SM can construct two types of multicast models: Any-Source Multicast (ASM) model Source-Specific Multicast (SSM) model
For information about the ASM model and the SSM model, see Multicast overview.
4.1.2 PIM-SM principles

PIM-SM assumes that not all hosts need the multicast packets and forwards packets only to the host that requires the packets explicitly. The critical task of the PIM-SM model for multicast forwarding is to establish and maintain a unidirectional shared tree. In PIM-SM, the rendezvous point (RP) forwards the multicast information to all PIM-SM routers that directly connect to the receivers. This process can reduce the network bandwidth that data packets and control packets use, thus reducing the processing overhead of routers. When a receiver wants to receive data from a specified multicast group, the router that connects to the receiver sends a join group message to the associated RP of the multicast group. The transmission paths of the message towards the RP form the branches of the RP-rooted tree (RPT) . When the multicast source intends to send data to the multicast group, the designated router (DR) that connects with the source registers with the RP. The source tree establishes between the multicast source and RP after the register message reaches the RP. After this exchange, the multicast source sends data to the RP along the source tree. After the multicast packet reaches the RP, the RP eplicates the multicast packet and then forwards it along the RPT to receivers.
4-3
Note that packets replicate only at the branches of the distribution tree.
4.1.3 PIM-SM mechanism

The process of PIM-SM includes neighbor discovery, DR election, RP discovery, join, prune, register, and SPT switchover.
Neighbor discovery
In the PIM-SM network, the multicast router uses hello message to discover neighbors, maintain neighbor relationships, and negotiate protocol parameters. By comparing the preference and the IP address in the hello message, routers elect the DR in a network segment with multiple routers. The DR is the Internet Group Management Protocol (IGMP)v1 querier.
Assert
In a shared network like Ethernet, packets transmit redundantly. For example, in the following figure, multicast routers A, B, C, and D use their own receiving paths to the multicast source S. Figure 4-1 Assert mechanism diagram
RouterA
RouterB Assert
RouterC
Assert
Ethernet
Assert
Receiver RouterD
SPT SPT SPT Ethernet
When routers A, B, and C receive a multicast packet from the upstream multicast source S, they forward the multicast packet to the Ethernet. In this case, multicast Router D at the downstream node receives three copies of the same multicast packet. To avoid these duplicate packets and select a unique forwarder, routers send assert packets to select the optimal route. If two or more paths from the multicast source use the same priority and cost, the router with the largest IP address becomes the upstream neighbor of the (S, G) entry. This router forwards the multicast packet. The other routers prune the corresponding interfaces to disable the forwarding.
4-4
The application of assert in PIM-SM is similar to that of PIM-DM.
DR election
The DR is the unique forwarder of multicast information in a shared network. Elect the DR by using hello messages. Every shared network must use a DR regardless of whether the network is at the source side or at the receiver side. The DR at the receiver side sends the join message to the RP and the DR at the source side sends the register message to the RP. The following figure shows the DR election process. Figure 4-2 Schematic diagram of DR election
Ethernet
Ethernet UserA
Source DR
Server
RP
DR
UserB
Hello Join Register Message
Routers on the shared network send hello messages with the DR priority option to each other. The router with the highest DR priority becomes the DR of the network. If routers use the same priority or at least one router does not support hello packets that carry the DR priority, the router with the largest IP address becomes the DR. When the non-DRs on the same shared network have not received the Hello message from the DR in the specified time, the DR is considered to be failed. A new DR election process is triggered among neighboring routers.
RP discovery
The RP is the core router in the PIM-SM network. For a small-scale and simple network, one RP is enough to forward information across the entire network, and you can statically specify the position of the RP. In most cases, the PIM-SM network covers a very wide area and needs to forward heavy multicast traffic through the RP. Different multicast groups must use their own RP. In this situation, you need a bootstrap mechanism to elect the RP dynamically. The bootstrap router (BSR) is the management core of the PIM-SM network. The BSR collects advertisement information from candidate-RPs (C-RP) and chooses appropriate C-RP information to form an RP-set for each multicast group. The RP-set is a database of mapping entries between multicast groups and RPs. The BSR then advertises the RP-set to the entire
4-5
PIM-SM network. In this method, all routers (including the DR) in the network know the location of the RP. Figure 4-3 Communication between C-RP and BSR
BSR
C-RP
C-RP
C-BSR
C-RP
BSR message C-RP advertisement
A network (or an administrative domain) can use only one BSR, but can use multiple candidate-BSRs (C-BSR). After the BSR fails, the bootstrap mechanism elects a new BSR from the C-BSRs to avoid interruption of services. Likewise, you can configure multiple C-RPs in a PIM-SM domain, and the BSR mechanism calculates the RP related with each multicast group.
Join
In Figure 4-4 the receivers are users B, D, and E. When a receiver host wants to join a multicast group G, it uses an IGMP packet to inform the directly connected leaf router. The leaf router learns the receiver of the multicast group G, and then sends a join message to the upstream node toward the RP.
4-6
Figure 4-4 RPT establishment in PIM-SM

UserA
Receiver
UserB
Source
Multicast
RP
UserC
Server
Receiver
UserD RPT join packets
Receiver
UserE
Each of the routers along the path between the leaf router and the RP generates a (*, G) entry in the forwarding table. These routers form branches of the RPT. The (*, G) entry indicates that the packets from any source must send to the multicast group G. After the RP receives the packets for the multicast group G from the source S, the RP sends the packets to the leaf router along the established RPT path towards receiver hosts.
Prune
If no downstream multicast group members exist, the router sends a prune message to the upstream nodes to inform it not to forward any more data downstream. After the upsteam nodes receive the prune message, the upstream nodes remove the associated outgoing interface from corresponding (S, G) entry in the multicast routing table. An SPT, with the source S as its root, is established. The leaf router without receivers triggers this pruning process.
The application of prune in PIM-SM is similar to that of PIM-DM.
Register
When RP receives the first multicast packet the source sends, it encapsulates it into a register message. As shown in Figure 4-5, the DR unicasts the packet to the RP to inform the RP about the existence of the multicast source S.
4-7
Figure 4-5 Multicast source registration

UserA
Receiver
UserB
Source
Multicast
RP
Server
UserC
Receiver
UserD SPT join packets Register
Receiver
UserE
After the RP receives the register message from S, the RP decapsulates the message and forwards it to receivers. The RP sends the (S, G) join message to S. All routers between the RP and the multicast source S generate the (S, G) entry, and the path of the (S, G) forms a source tree. The source tree uses S as the root and RP as the destination address. The multicast data that S sends reaches the RP along the source tree. The RP then forwards the data along the RPT. After the RP receives the data traffic forwarded along the source tree, the RP sends a register-stop message to the source DR in unicast mode. The process of multicast register is complete.
SPT switchover
When the DR nearest to the receiver discovers that the transmission rate of multicast packets is greater than the threshold, the DR sends an (S, G)-based join message to the upstream node towards the source S. The join message passes through the network hop-by-hop to reach the router nearest to the source, the first-hop router. All routers along the path create the (S, G) entries. This process establishes the SPT branches. To avoid (S, G) multicast traffic flows to receivers over two paths, the RPT and the SPT, the leaf router must send the prune message with the RP-bit set hop-by-hop towards the RP. After the RP receives the prune message, the RP updates the forwarding status and stops forwarding (S, G) multicast traffic along the RPT. To delete unneeded (S, G) multicast traffic, the RP sends a prune message to the source S. The multicast transmission switches from the RPT to the SPT. Once the routers establish the SPT, the multicast packets can send directly from the source to the receivers. After switchover, PIM-SM can establish the SPT, which is more effective than the flooding, and the pruning mechanism of the PIM-DM.
4-8
4.1.4 PIM-SM BSR administrative domain

Traditionally, only one BSR exists in the PIM-SM network and it collects and advertises the RP-set information across the whole PIM-SM network. The BSR forwards the information of all the multicast groups within the network it administers. To provide precise management, the PIM-SM network divides into multiple BSR administrative domains and a global domain. This method can balance the load of the single BSR and can provide specialized service for users in the specific domain by using the private group address. Each BSR administrative domain maintains only one BSR and provides services for the multicast group within a specific address range. The global domain maintains one BSR and provides services for the other multicast groups. The relationship between the BSR domain and the global domain is shown in figures in the following sections from the aspects of region, group address range, and multicast function as follows.
Geographical space
Figure 4-6 BSR administrative domain (geographical space)
C-RP BSR
BSR1 domain
BSR
C-RP
Global domain
C-RP
C-RP
BSR
BSR2 domain
As shown in the preceding figure, different BSR administrative domains include different routers. One router cannot belong to multiple BSR administrative domains. Each BSR is independent of and separated from each other geographically. The BSR administrative domain administrates the multicast group within the specific address range. The multicast packet within this range can transmit only in this administrative domain rather than through the border of the BSR administrative domain.
4-9
The global domain includes all the routers in the PIM-SM network. The multicast packet that does not belong to any BSR administrative domain can transmit across the whole PIM network.
Group address range

Figure 4-7 BSR administrative domain (group address range)
BSR 1
G1 address
BSR3
G3 address
Global
G-G1-G2 address
BSR2
G2 address
Each BSR administrative domain provides services for the multicast group within the specific address range. The multicast groups in different BSR administrative domains can overlap. The multicast address is valid only in its BSR administrative domain; the multicast address is the private group address. As shown in Figure 4-7, the group address range of BSR1 and that of the BSR3 overlap. The multicast group that does not belong to any BSR administrative domain belongs to the global domain; the group address range of the global domain is G-G1-G2.
Multicast function
As shown in Figure 4-6, the global domain and each BSR administrative domain use their respective C-RP and BSR devices. These devices are valid only in the specific domain. The BSR mechanism and RP election are independent of each other among administrative domains. Each BSR domain uses its own border. The multicast information, such as a C-RP advertisement message and BSR bootstrap message can transmit only within the domain. The multicast information in the global domain can transmit in the whole global domain and through any BSR administrative domain.
4.1.5 Mechanism of PIM-SSM

To provide multicast services by the SSM model, you must meet the following conditions: The multicast group of the user must be in the range of the SSM group address. The multicast source must be specified when you add users to the multicast group. The PIM-SM protocol runs among routers.
4-10
In the SSM model, users can know in advance the exact position of the multicast source. Therefore, users can specify the source when they join the multicast group. After the DR learns the needs of the user, the DR at the group member side sends the join message directly to the multicast source. The join message transmits upstream hop-by-hop and the SPT builds between the source and the group member. The SSM model adopts only part of the PIM-SM technology. The SSM model does not need to maintain the RP, construct the RPT, or register the multicast source. The SPT can be built directly between the source and the group member. In the SSM model, the DR is valid only on the shared network segment that connects with the group member. The DR sends the join message to the source and creates the (S, G) entry hop-by-hop to establish the SPT.
SSM multicast address

The SSM model uses multicast address ranges, which is different from ASM. The following table shows the ranges of D class multicast addresses and the corresponding implication. Table 4-1 D class multicast address range Class D address range 224.0.0.0 to 224.0.0.255 224.0.1.0 to 231.255.255.255 233.0.0.0 to 238.255.255.255 232.0.0.0 to 232.255.255.255 239.0.0.0 to 239.255.255.255 Implication Reserved multicast address (permanent multicast address), which is used for routing protocols ASM multicast address available for users (temporary multicast address), which is valid on the whole network SSM multicast address available for users Local management multicast address, which is valid in the specific local network
Application of SSM
Usually, a multicast network uses both the ASM model and the SSM model, enables the PIM-SM function, and specifies the SSM group address range. The SSM model applies if the multicast group that users join is in the range of the SSM group address. The ASM model applies if the multicast group that users join is out of the range of the SSM group address.
Neighbor discovery and DR election

The neighbor discovery and DR election process are the same as that in PIM-SM, The routers implement these processes by sending hello messages. This section does not discuss these details.
4-11
SPT establishment
The decision to establish an SPT for the SSM model or RPT for the PIM-SM model depends on whether the group address is within the SSM group address scope, as shown in the following figure. Figure 4-8 Schematic diagram of SPT establishment in SSM model
UserA
Receiver
UserB
Source
Multicast
RP
Server
UserC
Receiver
UserD SPT Subscribe packets
Receiver
UserE
If Users B, D, and E need the information that the multicast source S sends, they send a report message marked (G, include, (S)) to the nearest DR to indicate that they want to join the multicast group G of the source S. If the users need information from other sources, they send a report message marked (G, exclude, (S)). The querier that receives the report message checks the group address in this message. If the address is within the address range of the SSM group, the router establishes a multicast distribution tree according to the SSM model, and then sends a join message to the specified source S hop-by-hop. All routers along the path create the (S, G) entries. This process establishes an SPT with the source S as its root and receivers as its leaves. The SSM model uses this SPT tree as its transmission path. If the querier finds that the group address is out of the SSM group scope, the querier establishes the multicast distribution tree on the basis of PIM-SM. In this case, the querier needs to send an (*, G) join message to the RP, and also requires multicast source registration.
4.1.6 Multi-instance PIM

In multi-instance applications, a multicast router must maintain the PIM neighbor information table, multicast routing table, BSR information, and RP-Set information for different VPN instances and keep the information independent between the instances. The router acts as multiple multicast routers that run PIM independently.
4-12
When a router receives a data packet, it must differentiate which VPN instance the packet belongs to and forward it based on the multicast routing table of that VPN instance, or create PIM-related multicast routing entries in that VPN instance.
4.1.7 References
For more information on PIM principle, see the following documents. Document number RFC 2362 draft-ietf-pim-sm-v2-new-06 draft-ietf-pim-sm-bsr-02 draft-ietf-ssm-arch-01 draft-ietf-ssm-overview-04 Description Protocol Independent Multicast-Sparse Mode(PIM-SM):Protocol Specification Protocol Independent Multicast-Sparse Mode (PIM-SM) Bootstrap Router (BSR) Mechanism for PIM Sparse Mode Source-Specific Multicast for IP Source-Specific Multicast for IP
4.2 Configuring ASM functions

This section describes how to configure the PIM-SM function of the ASM model by using commands. You can manually configure the RP or elect it through the BSR mechanism. For a large-scale PIM network, configuring the static RP is very tedious. The static RP however, can act as the backup for RP selection through the BSR mechanism to enhance the robustness and operation capability of multicast network. In a PIM-SM network (or an administrative domain), you can configure multiple C-BSRs and a BSR is elected among these C-BSRs. Likewise, you can configure multiple C-RPs in this network, and the multicast router can calculate the position of the RP that corresponds to a specific multicast group with the help of the BSR mechanism. The RP is selected based on the longest match, C-RP priority, and hash function. Different multicast groups can use different RPs. This configuration can balance the load of the single RP and improve the robustness of the network.
Before you configure basic PIM-SM functions, configure a unicast routing protocol.
Data preparation
To configure basic PIM-SM functions, you need the following data.
4-13
No. 1 2 3 4 5 6 7 8
Data Static RP address Access control list (ACL) rule that indicates the service scope of static C-RP C-RP priority ACL rule that indicates the service scope of C-RP Interval for the C-RP to send the advertisement message Timeout of the period during which the BSR waits to receive the advertisement message from the C-RP. C-BSR hash mask length C-BSR priority
No. 1 2 3 4 5 6 7 Procedure Enabling IP multicast routing Enabling the PIM-SM function Configuring static RP Configuring C-RP Configuring C-BSR Configuring BSR boundary Checking the configuration

system-view

4-14
This command enables IP multicast routing for the public network instance.
The configuration related to the VPN instance applies only to the provide edge (PE) router. If the interface of the VPN instance connects to the user host, run the commands in step 3 and step 4. Step 3 Run:
The VPN instance view appears. Step 4 Run:

This command enables IP multicast routing of the VPN instance. Step 5 Run:
quit
4.2.3 Enabling the PIM-SM function

system-view


pim sm
This command enables PIM-SM. After you enable the PIM-SM on the interface and the routers establish the PIM neighbor relationship, the packets from the PIM neighbors can be processed.
You cannot enable PIM-SM and PIM-DM at the same time on an interface. The PIM mode on all interfaces that belong to the same instance must be consistent. When you distribute the router in the PIM-SM domain, enable the PIM-SM function on all nonboundary interfaces.
4-15
Step 4 Run:
quit
4.2.4 Configuring static RP
When you configure the static RP and the BSR-RP in the PIM-SM at the same time, faults can occur in the network. Confirm the action before you run the command. If you want to use only the BSR-RP in the PIM-SM network, skip this configuration. Do as follows on all routers in the PIM-SM area:
The router that you do not configure with the static RP cannot forward multicast information in the PIM-SM area.
Step 1 Run:
system-view


static-rp rp-address [basic-acl-number ] [ preferred ]
This command specifies the static RP.
You must configure all routers in the PIM-SM area with the same static-rip command.
rp-address: indicates the static RP address. basic-acl-number: indicates the number of the basic ACL. The ACL defines the range of the multicast group served by the static RP. preferred: indicates the preference of the static RP. If you do not configure the C-RP in the network at the same time, the router prefers the RP statically specified after the preferred configuration is used. Otherwise, C-RP is preferred. Step 4 Run:
quit
This command quits the PIM view.
4-16
----End
4.2.5 Configuring C-RP
This configuration applies only to the BSR-RP. If you want to use the static RP in the network, skip this configuration. Do as follows on the router that may become the C-RP in the PIM-SM area: Step 1 Run:
system-view


c-rp interface-type interface-number [ group-policy basic-acl-number | priority priority | holdtime hold-interval | advertisement-interval adv-interval ] *
This command configures the C-RP. interface-type interface-number: indicates the interface where the C-RP resides. You must configure the interface with PIM-SM. group-policy basic-acl-number: specifies the multicast group that the ACL permits and the C-RP serves. basic-acl-number indicates the number of the basic ACL. By default, C-RP serves all multicast groups. priority priority-value: indicates the priority to elect the C-RP. The greater the value, the lower the priority. By default, the value is 1.
In the RP election, the C-RP with the higher priority is preferred. In case of the same priority, the C-RP with the largest IP address wins.
holdtime hold-interval: indicates the interval during which the BSR waits for the advertisement message from the C-RP. By default, the interval is 150 seconds. advertisement-interval adv-interval: indicates the interval during which the C-RP sends the advertisement message. By default, the interval is 60 seconds. Step 4 Run:
quit
4-17
4.2.6 Configuring C-BSR
This configuration applies only to the BSR-RP. If you want to use only the RP in the network, skip this configuration. Do as follows on the router that may become the BSR in the PIM-SM: Step 1 Run:
system-view


c-bsr interface-type interface-number [ hash-length [ priority ] ]
This command configures the C-BSR. interface-type interface-number indicates the interface where the C-BSR resides. You must configure the interface with the PIM-SM. hash-length: indicates the length of the hash. priority: indicates the priority used by routers to join the BSR election.
In the BSR election, the C-BSR with the longest mask wins. In case of the same mask, the C-BSR with the highest priority wins. In case of the same priority and the same mask length, the C-RP with the greatest hash value wins. In case of the same hash, the IP address is compared.
Step 4 Run:
auto-rp listening-enable
This command enables the auto-RP listening. The command in this step is optional. Step 5 Run:
quit
4-18
4.2.7 Configuring BSR boundary
This configuration applies only to the BSR-RP. If you want to use only the static RP, skip this configuration. Do as follows on the router that may become BSR boundary: Step 1 Run:
system-view


pim bsr-boundary
This command configures the BSR boundary. The BSR message cannot pass the BSR boundary. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the BSR in PIM-SM domain. Check PIM on the interface. Command display pim [ vpn-instance vpn-instance-name | all-instance ] bsr-info display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number | neighbor-address ] [ verbose ]
Check the PIM neighbor.
4-19
Action Check the PIM routing table.
Command display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] * display pim [ vpn-instance vpn-instance-name | all-instance ] rp-info [ group-address ]
Check the RP in PIM-SM domain.
4.3 Configuring SSM functions

This section describes how to configure the PIM-SM function of the SSM model by using commands. Implement the SSM model by using a subset of PIM-SM. The implementation of the SSM model does not need the support of RP. The following list provides two ways to establish an SSM network: To establish a pure SSM network, you must enable the PIM-SM function on all routers in the network and configure the scope of the SSM group address. The router learns that the user wants to join the multicast group G through IGMP.
If the G is in the range of the SSM group address and the user specifies the S when the user joins group G through IGMPv3, the router sends the join message to the S hop-by-hop. This process establishes the SPT and forms the SSM model. If the G is in the range of the SSM group address and the (S, G) SSM mapping rule exists statically on the router, the router sends the join message to the S when the user joins group G. This process establishes the SPT and forms the SSM model. Otherwise, you cannot implement multicast.
To establish the network in which both SSM and ASM work, configure the PIM-SM function including the RP, and configure the scope of SSM group address. The router learns that the user wants to join the multicast group G through IGMP.
If the G is in the range of the SSM group address and the user specifies the S when the user joins group G through IGMPv3, the router sends the join message to the S hop-by-hop. This process establishes the SPT and forms the SSM model. If the G is in the range of the SSM group address and the (S, G) SSM mapping rule is statically configured on the router, the router sends the join message to the S hop-by-hop. This process establishes the SPT and forms the SSM model.
4-20

If G is not in the range of SSM group address, the ASM model is implemented according to the PIM-SM process. Otherwise, you cannot implement multicast.
The section uses the second method as an example to describe the configuration of a multicast network in which both SSM and ASM can work.
Before you configure SSM functions, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions.
Ensure that you enable the IGMPv3 on the interface of the router that directly connects to the receiver. For the configuration information, see IGMP configuration.
Data preparation
To configure basic PIM-SSM functions, you need the following data. No. 1 Data Address scope of PIM-SSM multicast group
No. 1 2 Procedure Configuring an address range for a PIM-SSM multicast group Checking the configuration
4.3.2 Configuring an address range for a PIM-SSM multicast group
Ensure that the address scope of SSM groups that you configure on each router in the entire network is consistent. Otherwise, multicast information cannot transfer based on the SSM model. Do as follows on all routers in the SSM domain: Step 1 Run:
4-21
system-view


ssm-policy basic-acl-number
This command configures the address range of the SSM group. Step 4 Run:
quit
This command quits the PIM view. ----End The configuration is optional. By default, the address range of the SSM group is 232.0.0.0/8.

Use the commands in the following table to check the previous configuration. Action Check the current configuration on the router in the PIM view. Check the PIM routing table. Command display current-configuration configuration pim
display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
4.4 Configuring PIM forwarding source control

All the configurations in this section apply to ASM and SSM.
4-22
Routers check the multicast data that passes by. By checking whether the data complies with the filtering rule, routers determine the forwarding of the data. The routers in the PIM domain act as a filter. The filter controls the data flow and limits the information that the downstream receiver can receive. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
Nortel recommends that you use the default value if there is no special requirement.
Before you configure PIM forwarding source control, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions or Configuring SSM functions.
Data preparation
To configure PIM forwarding source control, you need the following data. No. 1 2 Data Lifetime of the multicast source Filtering rule of the multicast source address
Configuring procedures
No. 1 2 3 Procedure Configuring the lifetime of the source Configuring source address filtering Checking the configuration
4.4.2 Configuring the lifetime of the source

Do as follows on the router:
Improper configuration can cause network faults. If you do not require special configuration of the actual networking, use the default value. Step 1 Run:
4-23
system-view


source-lifetime interval
This command configures the lifetime of the source. If the lifetime times out, the (S, G) entry becomes invalid. Step 4 Run:
quit
4.4.3 Configuring source address filtering

system-view


source-policy acl-number
This command configures the filter. Only the multicast packets with source addresses that pass the filter are forwarded. The closer the filter is to the multicast source, the more obvious the effect is. Step 4 Run:
quit
4-24

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Check the PIM information on the interface. Check the PIM routing table. Command display current-configuration configuration pim
display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
4.5 Adjusting control parameters of the C-RP and C-BSR

This section describes how to adjust the control parameters of the C-RP and the C-BSR through commands in the ASM model.
The configuration applies only to the BSR-RP. If you want to use only the static RP in the network, skip the configuration.
The router can work with the default configuration. The VRP allows you to adjust the parameters as required.
Before you adjust control parameters of C-RP and C-BSR, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions.
4-25
Data preparation
To adjust various control parameters of RP and BSR, you need the following data. No. 1 2 3 4 5 6 7 8 Data Priority to elect for RP Interval to send the advertisement message by the C-RP Timeout of the period during which BSR waits to receive the advertisement message from the C-RP. Hash mask length to elect for BSR Priority to elect for BSR Interval to send the Bootstrap message by BSR Time of holding the Bootstrap message from BSR ACL with legal BSR address scope
No. 1 2 3 4 5 Procedure Adjusting C-RP parameters Adjusting C-BSR parameters Configuring the range of BSR address Configuring the address range of the valid C-RP Checking the configuration
4.5.2 Adjusting C-RP parameters

Do as follows on the router you configure with C-RP:
You can configure various parameters of C-RP. This configuration is optional. If no specific requirements exist, use the default values of parameters.
Step 1 Run:
system-view

The PIM view appears.
4-26
Step 3 Run:
c-rp priority priority
This command configures the preference of the C-RP. Step 4 Run:

c-rp advertisement-interval interval
This command configures the interval during which the C-RP sends the advertisement message. Step 5 Run:
c-rp holdtime interval
This command configures the time to keep the advertisement message from the C-RP. C-RP periodically sends the advertisement message to the BSR. After the BSR receives the message, the BSR obtains the holdtime of the message. During the holdtime period, the advertisement is valid. When the holdtime timer expires, the advertisement ages. Step 6 Run:
quit
4.5.3 Adjusting C-BSR parameters

Do as follows on the router you configure with C-BSR:
You can configure various parameters of C-BSR. This configuration is optional. If no specific requirement exists, use the default values of parameters.
Step 1 Run:
system-view


c-bsr hash-length hash-length
This command configures the hash mask length of the C-BSR. Step 4 Run:
c-bsr priority priority
This command configures the priority of the C-BSR.
4-27
Step 5 Run:
c-bsr interval interval
This command configures the interval during which the C-BSR sends Bootstrap messages. Step 6 Run:
c-bsr holdtime interval
This command configures the time to hold Bootstrap message from the BSR. The BSR periodically sends the Bootstrap message to the network. After the C-BSR receives the Bootstrap message, the C-BSR keeps the message for a certain time. During the period, the BSR election stops temporarily. If the holdtime timer expires, a new round of BSR election triggers among C-BSRs.
Ensure that the value of c-bsr holdtime is greater than the value of c-bsr interval. Otherwise, the winner of BSR election may fail in a short period and other C-BSRs are elected as the BSR.
Step 7 Run:
quit
4.5.4 Configuring the range of BSR address
The configuration applies only to the BSR-RP. If you want to use only the static RP in the network, skip the configuration. Step 1 Run:
system-view


bsr-policy basic-acl-number
This command configures the legal range of the BSR address. After the router receives a BSR packet, the router checks the source address of the packet. If the source address is not in the range of the legal address, the router discards the packet. This process prevents the BSR spoofing.
4-28
basic-acl-number is the number of the basic ACL. The ACL defines the filtering policy for the source address range of the BSR packets. Step 4 Run:
quit
This command quits the PIM view. ----End The configuration is optional. By default, the source address of BSR packets is not checked.
4.5.5 Configuring the address range of the valid C-RP

Do as follows on all the C-BSRs in the PIM-SM domain. This configuration is optional. By default, the router skips the check on the C-RP address and the group address in the advertisement message and adds them into the RP-Set. Step 1 Run:
system-view


crp-policy advanced-acl-number
This command specifies the address range of the valid C-RP and the address range of the multicast group the router serves. When the router receives the advertisement message, the router checks the C-RP address and the address of the group that the C-RP serves in the message. The C-RP address and the address of the group that the C-RP serves are added to the RP-Set only if both are in the valid address range. This process prevents the C-RP spoofing. advanced-acl-number indicates the advanced ACL number. The ACL defines the filtering policy for the C-RP address range and the address range of the group that the C-RP serves. Step 4 Run:
quit
4-29

Use the commands in the following table to check the previous configuration. Action Check the BSR in PIM-SM domain. Check the RP in PIM-SM domain. Command display pim [ vpn-instance vpn-instance-name | all-instance ] bsr-info display pim [ vpn-instance vpn-instance-name | all-instance ] rp-info [ group-address ]
4.6 Configuring BSR administrative domain

This section describes how to configure the BSR administrative domain in the ASM model through commands. In the traditional mode, a PIM-SM network maintains only one BSR and all multicast groups in the network are in the administrative range of BSR. For better management of domains, a PIM-SM network further divides into multiple BSR administrative domains. Each BSR administrative domain maintains only one BSR that serves the specified multicast group. BSR administrative domains are geographically isolated. Multicast packets of BSR administrative domains cannot pass the border of the domain. The address of a multicast group that a BSR administrative domain serves is valid only in its BSR administrative domain. Addresses of multicast groups that different BSR administrative domains serve can be identical and these addresses are equal to private multicast group address. The global domain serves the multicast group that does not belong to a BSR administrative domain. The global domain maintains only one BSR that serves the remaining multicast groups. Dividing a PIM-SM network into multiple BSR administrative domains and a global domain effectively reduces the load of the single BSR, and provides the special service for the specific multicast group. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
4-30
Before you configure the BSR administrative domain, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions.
Data preparation
To configure the BSR administrative domain, you need the following data. No. 1 2 Data Priority and hash mask length to elect the BSR in a BSR domain Priority and hash mask length for election of the global domain BSR
No. 1 2 3 4 Procedure Enabling a BSR administrative domain Configuring the boundary of a BSR administrative domain Adjusting C-BSR parameters Checking the configuration
4.6.2 Enabling a BSR administrative domain

Do as follows on all routers in the PIM-SM network: Step 1 Run:
system-view


c-bsr admin-scope
This command enables the division of the BSR administrative domain in the PIM-SM. Step 4 Run:
quit
This command quits the PIM view.
4-31
----End
4.6.3 Configuring the boundary of a BSR administrative domain

Do as follows on all routers at the boundary of the BSR administrative domain:
Routers outside the BSR administrative domain cannot forward the multicast packets of the BSR administrative domain.
Step 1 Run:
system-view


multicast boundary group-address { mask | mask-length }
This command configures the multicast forwarding boundary. Step 4 Run:

quit
This command quits the interface view. ----End By default, no boundary is configured on the interface.
4.6.4 Adjusting C-BSR parameters

Do as follows on all C-BSRs:
The C-BSR involves three types of configurations Global configuration. For global configuration, see 4.5 Adjusting control parameters of the C-RP and C-BSR. This configuration is valid in the global domain and each BSR administrative domain. Configuration in the BSR administrative domain. As the preference of the value of the BSR administrative domain is higher than that of global value, the global value is used when the value of the BSR administrative domain is not configured. Configuration in the global domain. As the preference of the value of the global domain is higher than the global value, the global value is used when the value of the global domain is not configured.
Configuration in the BSR administrative domain

Step 1 Run:
system-view
4-32


c-bsr group group-address { mask | mask-length } [ hash-length hash-length | priority priority ] *
This command configures the C-BSR parameters. group-address { mask | mask-length } indicates the range of the multicast group the C-BSR serves. hash-length hash-length indicates the length of the hash mask of the C-BSR. priority priority indicates the priority of the C-BSR. Step 4 Run:
quit
Configuration in the global domain

Step 1 Run:
system-view


c-bsr global [ hash-length hash-length | priority priority ] *
This command configures the C-BSR parameters. hash-length hash-length indicates the length of the hash mask of the C-BSR. priority priority indicates the priority of the C-BSR. Step 4 Run:
quit
4-33

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Check the PIM information in the public instance, VPN instance, and all instances. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ]
4.7 Adjusting the control parameters for establishing neighboring relationships

The configuration in this section applies to both the ASM model and the SSM model. The PIM routers send hello messages to each other to establish the neighboring relationship, negotiate the control parameters, and elect a DR. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
Before you configure the control parameters for establishing neighboring relationship, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions or Configuring SSM functions.
Data preparation
To adjust the control parameters of neighbors, you need the following data. No. 1 2 3 Data Priority of the DR to elect Timeout period to wait for hello messages from neighbors Interval to send hello messages
4-34
No. 4
Data Maximum delay to trigger hello messages
No. 1 2 3 Procedure Configuring the control parameters for establishing neighboring relationship Configuring the control parameters to elect the DR Checking the configuration
4.7.2 Configuring the control parameters for establishing neighboring relationship

Do as follows on the PIM-SM router.
The configuration of the control parameters to establish a neighboring relationship involves the following cases: Global configuration: This configuration is valid on all the interfaces. Configuration on an interface: The priority of the configuration on an interface is higher than that of the global configuration. If the interface is not configured, the global configuration is used.
Step 1 Run:
system-view


timer hello interval
This command configures the interval to send the hello message. Step 4 Run:
This command configures the timeout period to hold the reachable state of the neighbor. If the router does not receive the hello message after the interval, the neighbor is considered to be unreachable. Step 5 Run:
4-35
quit
Step 1 Run:
system-view


pim timer hello interval
This command configures the interval to send hello messages. Step 4 Run:
pim triggered-hello-delay interval
This command configures the maximum delay to trigger hello messages. This configuration can prevent the conflict of hello messages sent by multiple PIM routers at the same time. Step 5 Run:
This command configures the timeout period to hold the reachable state of the neighbor. If the router does not receive the hello message after the interval, the neighbor is considered to be unreachable. Step 6 Run:
quit
4.7.3 Configuring the control parameters to elect the DR

Do as follows on the PIM-SM router:
The configuration of the control parameters to elect the DR involves the following cases: Global configuration: This configuration is valid on all the interfaces. Configuration on the interface: The priority of the configuration on an interface is higher than that of the global configuration. If the interface is not configured, the global configuration is used.
4-36
Step 1 Run:
system-view


hello-option dr-priority priority
This command configures the priority to elect as the DR. On the shared network segment that connects with the source or receivers, the router with the highest priority acts as the DR. If the priorities of the routers are the same, the interface of the router with the highest IP address acts as the DR. Step 4 Run:
quit
Step 1 Run:
system-view


hello-option dr-priority priority
This command configures the priority to elect as the DR. On the shared network segment that connects with the source or receivers, the router with the highest priority acts as the DR. If the priorities of the routers are the same, the interface of the router with the highest IP address acts as the DR. Step 4 Run:
quit
4-37

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Check the PIM information on the interface. Check the information about the PIM neighbor. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number | neighbor-address ] [ verbose ]
4.8 Adjusting the control parameters of source registering

This section describes how to configure the control parameters of source registering by using commands. In a PIM-SM network, the DR that directly connects to the source S encapsulates the multicast data it receives in the register message and sends it to the RP in unicast mode. The RP decapsulates the message, and then forwards it along the RPT. After the SPT switchover on RP is complete, the multicast data reaches the RP along the source tress in the multicast mode. The RP sends a register-stop message to the DR at the source side. The DR stops sending register messages and enters the suppressed state. In the duration of the register suppression, the DR periodically sends null packets to inform the RP that the source is still in the active state. After the timeout of the register suppression, the DR starts to send register messages again. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
Nortel recommends you adopt the default value if there is no special requirement.
Before you configure PIM-SM source registering, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions.
4-38
Data preparation
To configure PIM-SM source register, you need the following data. No. 1 2 3 4 Data ACL rule used by RP to filter register packets Whether the checksum is calculated based only on the register packet header Timeout to keep the suppressed state of the register Interval to send null register message to the RP
No. 1 2 3 Procedure Configuring PIM-SM register packet Configuring PIM-SM register suppression Checking the configuration
4.8.2 Configuring PIM-SM register packet

Do as follows on all routers that may become RP: Step 1 Run:
system-view


register-policy advanced-acl-number
This command configures the policy to filter register packets. The RP filters the register packets it receives and denies them according to the policy. Step 4 Run:
register-header-checksum
This command calculates the checksum based only on the register message header. By default, the checksum is calculated based on the entire packet. Step 5 Run:
4-39
quit
4.8.3 Configuring PIM-SM register suppression

Do as follows on all routers that may become the DR at the multicast source side: Step 1 Run:
system-view


register-suppression-timeout interval
This command configures the timeout to keep the suppressed state of the register. Step 4 Run:
probe-interval interval
This command configures the interval to send null register messages. Step 5 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the current configuration on the router in the PIM view. Display PIM on the interface. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ]
4-40
4.9 Adjusting the control parameters of forwarding

The configuration in this section applies to both the ASM model and the SSM model. When the first group member appears on the router, the router sends the join message from the upstream interface to require the upstream router to forward packets to this network segment. When the last group member leaves the router, the router sends the prune message from the upstream interface to request the prune action of the upstream router to stop forwarding packets to this network segment. If other downstream routers exist in this network segment, they must send the join message to override the prune action. In the ASM model, the router periodically sends the join messages to the RP in case the RPT branch is deleted because of timeout. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
Nortel recommends you use the default value if there is no special requirement.
Before you adjust the control parameters of forwarding, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions or Configuring SSM functions.
Data preparation
To adjust the control parameters of forwarding, you need the following data. No. 1 2 3 4 5 6 Data Delay to transmit the prune message Time to override the prune action Timeout period of the prune state Interval to send the join message Size of the sent join or prune packet Number of the (S, G) entries in the join and prune message sent each second
4-41
No. 1 2 3 4 Procedure Configuring control parameters to keep the forwarding state Configuring control parameters of pruning Adjusting the size of join and prune message Checking the configuration
4.9.2 Configuring control parameters to keep the forwarding state

The configuration of the control parameters to hold the forwarding state involves the following cases: Global configuration: This configuration is valid on all the interfaces. Configuration on the interface: The priority of the configuration on an interface is higher than that of the global configuration. If the interface is not configured, the global configuration is used.
Step 1 Run:
system-view


timer join-prune interval
This command configures the interval to send the join and prune message. The router periodically sends the join messages to the RP in case the RPT branch is deleted because of timeout. Step 4 Run:
holdtime join-prune interval
This command configures the interval to hold the forwarding state of the downstream interface. After the timeout, the interface in the forwarding state is pruned. If the packet is forwarded or the join message is received before the timeout, the interval is timed again. Step 5 Run:
hello-option neighbor-tracking
4-42
This command enables the function to track the downstream neighbor. The receiving requirements of each downstream router are precisely tracked.
You can implement the precise track only if you enable it on all the PIM routers in the shared network segment.
Step 6 Run:
quit
Step 1 Run:
system-view


timer join-prune interval
This command configures the interval to send the join or prune message. This command applies to ASM. Step 4 Run:
pim holdtime join-prune interval
This command configures the interval to hold the forwarding state of the downstream interface. Step 5 Run:
pim require-genid
This command configures the generation ID option to contain in the hello message. A hello message without the generation option is refused. By default, the router handles the Hello message without the Generation option. The change of the generation ID in the hello message from the upstream neighbor indicates that the upstream neighbor is lost or the status of the upstream neighbor changed. The router immediately sends the join message to the upstream to refresh the status. Step 6 Run:
hello-option neighbor-tracking
This command enables the function to track the downstream neighbor. The receiving requirements of each downstream router are precisely tracked.
4-43
You can implement the precise track only if you enable it on all the PIM routers in the shared network segment.
Step 7 Run:
quit
4.9.3 Configuring control parameters of pruning

The configuration of the control parameters of pruning involves the following cases: Global Configuration: This configuration is valid on all the interfaces. Configuration on the interface: The priority of the configuration on an interface is higher than that of the global configuration. If the interface is not configured, the global configuration is used.
Step 1 Run:
system-view


hello-option lan-delay interval
This command configures the delay to transmit the message in the LAN. The hello message carries the lan-delay parameter and the override-interval parameter. lan-delay + override-interval = Prune-Pending Timer (PPT). PPT indicates the interval between when the router receives the prune message from the downstream interface and when the router performs the prune action to suppress the forwarding by the downstream interface. If the downstream interface receives the join message within the PPT, the router cancels the prune action. Step 4 Run:
hello-option override-interval interval
This command configures the interval to override the prune action. If a router receives the prune message from the upstream interface, this indicates that other downstream routers exist in this LAN. If the router still needs to receive multicast data, the router must send the join message to the upstream within the override-interval. Step 5 Run:
4-44

quit
Step 1 Run:
system-view


pim hello-option lan-delay interval
This command configures the delay to transmit the message in the LAN. Step 4 Run:
pim hello-option override-interval interval
This command configures the interval to override the prune action. Step 5 Run:
quit
4.9.4 Adjusting the size of join and prune messages

Do as follows on the PIM-SM router: Step 1 Run:
system-view


jp-pkt-size packet-size
This command configures the size of the sent join or prune packet. By default, the size of the join or prune packet is 8100 bytes.
4-45
Step 4 Run:
jp-queue-size queue-size
This command configures the number of (S, G) entries contained in the join or prune message sent each second. By default, 1020 (S, G) entries send each second. Step 5 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Check the PIM information on the interface. Check the number of sent and received PIM control packets. Check the PIM routing table. Command display current-configuration configuration pim
display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
4.10 Adjusting the control parameters of asserting

The configuration in this section applies to both the ASM model and the SSM model.
4-46
If the PIM-SM router receives the multicast data from the downstream interface, this indicates that other upstream routers exist in this network segment. The router sends the assert message to elect to the unique upstream router. The router can work with a default configuration. The VRP allows you to adjust the parameters as required.
Before you adjust the control parameters of asserting, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions or Configuring SSM functions.
Data preparation
To adjust the assert control parameters, you need the following data. No. 1 Data Interval to hold the assert state
No. 1 2 Procedure Configuring control parameters of assert Checking the configuration
4.10.2 Configuring control parameters of assert

Do as follows on all the routers in the PIM-SM domain:
The configuration of assert control parameters involves the following cases: Global configuration: This configuration is valid on all the interfaces. Configuration on the interface: The priority of the configuration on an interface is higher than that of the global configuration. If the interface is not configured, the global configuration is used.
Step 1 Run:
system-view
4-47

holdtime assert interval
This command configures the interval to hold the assert state. The router that is not elected prohibits the downstream interface from forwarding the multicast packet within the interval. After the interval, the forwarding is restored. Step 4 Run:
quit
Configuration on the interface

Step 1 Run:
system-view


pim holdtime assert interval
This command configures the interval to hold the assert state. The router that is not elected inhibits the downstream interface to forward the multicast packet within this interval. After the interval, the forwarding is restored. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the current configuration in the PIM view. Command display current-configuration configuration pim
4-48
Action Check the PIM information on the interface. Check the number of sent and received PIM control packets. Check the PIM routing table.
Command display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ [ group-address [ mask { group-mask | group-mask-length } ] ] [ source-address [ mask { source-mask | source-mask-length } ] ] [ incoming-interface interface-type interface-number | register ] [ outgoing-interface { include | exclude | match } interface-type interface-number | register | none ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] *
4.11 Configuring SPT switchover

This section describes how to configure the control parameters of the SPT switchover through commands. In a PIM-SM network, each multicast group corresponds to a RPT. All multicast sources encapsulate data in the register message, and send the message to the RP in the unicast mode. The RP decapsulates the message and forwards it along the PRT. Forwarding multicast data by means of RPT has the following disadvantages: Routers in the unicast path need to encapsulate and decapsulate packets. The forwarding path may not be the shortest path from the source to receivers. Large data flow increases the load on the RP and can cause a fault. The solution to the preceding disadvantages is that the RP and the DR at the receiver side check the forwarding rate of the multicast data respectively. When the rate exceeds the threshold value, the SPT switchover is triggered. SPT switchover triggered by RP: The RP sends a join message to the source and establishes the multicast route along the shortest path from the source to the RP. The subsequent packets are forwarded along the path. SPT switchover triggered by receiver DR: The DR sends a join message to the source and establishes the multicast route along the shortest path from the source to the DR. The subsequent packets are forwarded along the path. The router can work with a default configuratiohn. The VRP allows you to adjust the parameters as required.
4-49
Before you configure PIM-SM SPT switchover, complete the following tasks: Configure a unicast routing protocol. Complete the procedures in Configuring ASM functions.
Data preparation
To configure PIM-SM SPT switchover, you need the following data. No. 1 2 3 Data Rate threshold that the PIM leaf router switches packets from RPT to SPT Group filtering policy and sequence policy for switchover from RPT to SPT Interval to check the rate threshold of multicast data before RPT-to-SPT switchover
No. 1 2 Procedure Configuring parameters of SPT switchover Checking the configuration
4.11.2 Configuring parameters of SPT switchover

Do as follows on all the routers that may become RP or receiver DR: Step 1 Run:
system-view


timer spt-switch interval
This command configures the interval to check the forwarding rate of multicast data. Step 4 Run:
4-50
spt-switch-threshold { traffic-rate | infinity } [ group-policy basic-acl-number [ order order-value] ]
This command configures the SPT switchover condition. traffic-rate: indicates the rate threshold of SPT switchover. Infinity: indicates that the SPT switchover is never triggered. group-policy basic-acl-number [ order order-value]: configures the range of the multicast group that uses the threshold. By default, the threshold applies to all multicast groups. Step 5 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the current configuration on the router in the PIM view. Check PIM on the interface of the public instance, VPN instance, or all instances. Command display current-configuration configuration pim display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ]
4.12 Maintaining PIM

This section covers the following topics: Error! Reference source not found. Clearing statistics of the PIM control packet
4.12.1 Clearing statistics of the PIM control packet
You cannot restore the statistics of PIM control packets on the interface after you clear them. Confirm the action before you use the command. To clear the statistics of PIM control packets on the interface, run the following commands in the user view.
4-51
Action Clear the statistics of PIM control packets on the interface.
Command reset pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ]
4.12.2 Debugging PIM
Debugging affects the performance of the system. So, after debugging, execute the undo debugging all command to disable it immediately. When a fault occurs in PIM running, run the debugging command in the user view to debug PIM and locate the fault. For explanation of debugging commands, refer to the VRP Debugging Reference. Action Debug PIM. Command debugging pim [ vpn-instance vpn-instance-name | all-instance ] { all | event [advanced-acl-number ] | routing-table [ advanced-acl-number ] | neighbor [ basic-acl-number ] | assert [ advanced-acl-number ] | rp | join-prune [ advanced-acl-number ] | register [ advanced-acl-number ] | msdp [ advanced-acl-number ] | state-refresh [ advanced-acl-number ] }
4.12.3 Monitoring the Running Status of PIM-SM

During the routine maintenance, you can run the following commands in any view to know the running status of PIM-SM. Action Check the unicast routes used by PIM. Check information about the PIM BFD session. Check information about the BSR in the PIM-SM domain. Command resetdisplay pim [ vpn-instance vpn-instance-name | all-instance ] claimed-route [ source-address ] display pim [ vpn-instance vpn-instance-name | all-instance ] bfd session [ interface interface-type interface-number | neighbor neighbor-address ]* display pim [ vpn-instance vpn-instance-name | all-instance ] bsr-info
4-52
Action Check the number of sent and received PIM control messages. Check PIM information on the interface. Check information about PIM neighbors.
Command display pim [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ interface interface-type interface-number ] [ message-type message-type ] display pim [ vpn-instance vpn-instance-name | all-instance ] interface [ interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor [ interface interface-type interface-number ] [ verbose ] display pim [ vpn-instance vpn-instance-name | all-instance ] neighbor neighbor-address [ verbose ]
Check the PIM multicast routing table.
display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask-length | group-mask } ] ] [ source-address [ mask { source-mask-length | source-mask } ] ] [ incoming-interface { interface-type interface-number | register } ] [ outgoing-interface { include | exclude | match } { interface-type interface-number | register | none } ] [ mode { dm | sm | ssm } ] [ flags flag-value] [ fsm ] display pim [ vpn-instance vpn-instance-name | all-instance ] rp-info [ group-address ]
Check information about the RP to which the multicast group corresponds.

This section provides the following configuration examples: Example of configuring the ASM model in the single BSR domain Example of configuring an SSM network
4.13.1 Example of configuring the ASM model in the single BSR domain
Receivers receive Video On Demand (VOD) information in the multicast mode. Receiver groups from different organizations form leaf networks and each leaf network uses many hosts. The entire PIM network adopts the mode of SM with single BSR administrative domain. As shown in the following figure, you must configure the router to enable Host A and Host B of different leaf networks to receive multicast information from the Source.
4-53
Figure 4-9 Typical networking diagram of single BSR domain PIM-DM

RouterA
POS3/0/0 Ethernet GbE2/0/0 POS1/0/0 POS2/0/0 Ethernet
N1 receiver
HostA
Source
GbE3/0/0
POS1/0/0
PIM-SM RouterE POS3/0/0

POS2/0/0 POS1/0/0 GbE2/0/0
Leaf networks
RouterD
POS4/0/0 POS1/0/0
receiver RouterB
HostB
RouterC
POS2/0/0
N2
GbE1/0/0 Ethernet
Router Router A
Router B Router C
Interface POS1/0/0 POS3/0/0 GbE2/0/0 POS1/0/0 GbE2/0/0 POS2/0/0 GbE1/0/0
IP address 192.168.9.1/24 192.168.1.1/24 10.110.1.1/24 192.168.2.1/24 10.110.2.1/24 192.168.3.1/24 10.110.2.2/24
Router Router D
Router E
Interface POS1/0/0 POS2/0/0 GbE3/0/0 POS1/0/0 POS2/0/0 POS3/0/0 POS4/0/0
IP address 192.168.4.2/24 192.168.1.2/24 10.110.5.1/24 192.168.3.2/24 192.168.2.2/24 192.168.9.2/24 192.168.4.1/24
The steps in the configuration roadmap are 1. 2. 3. 4. Assign IP addresses of interfaces and unicast routing protocols for each router. Enable multicast on each router, PIM-SM on each interface, and IGMP on each interface that connects with the host. Configure POS 3/0/0 of Router E as the C-BSR and C-RP. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: The address of multicast group G is 225.1.1.1. Multicast source address is 10.110.5.100/24. The version number of IGMP that runs between Router A and the leaf network N1 is 3. The version number of IGMP that runs between Router B, Router C, and the leaf network N2 is 2.
This configuration example, only mentions the commands related to the PIM-SM single BSR domain.
Step 1 Configure IP addresses and a unicast routing protocol on each router.
4-54
# Configure IP addresses for the interfaces of each router and the OSPF routing protocol to ensure internetworking of Router A, Router B, Router C, Router D, and Router E, and to implement dynamic routing refreshment using a unicast routing protocol. Assign IP addresses and masks to each interface as shown in Figure 4-9. Step 2 Enable multicast and PIM-SM on each interface, and enable the IGMP function on the interface that connects to hosts. # Enable multicast on all routers, PIM-SM on each interface, and the IGMP function on the interfaces that connect with the leaf network on Router A, Router B, and Router C. The configuration procedures on Router B, Router C, Router D, and Router E are similar to that on Router A:
[RouterA] multicast routing-enable [RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] igmp enable [RouterA-GigabitEthernet2/0/0] igmp version 3 [RouterA-GigabitEthernet2/0/0] pim sm [RouterA-GigabitEthernet2/0/0] quit [RouterA] interface pos 3/0/0 [RouterA-Pos3/0/0] pim sm [RouterA-Pos3/0/0] quit [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] pim sm [RouterA-Pos1/0/0] quit
Step 3 Configure C-BSR and C-RP. # Configure the service scope of RP advertisement on Router E and positions of C-BSR and C-RP:
[RouterE] acl number 2005 [RouterE-acl-basic-2005] rule permit source 225.1.1.0 0.0.0.255 [RouterE-acl-basic-2005] quit [RouterE] pim [RouterE-pim] c-bsr pos 3/0/0 [RouterE-pim] c-rp pos 3/0/0 group-policy 2005
Step 4 Verify the configuration. # Use the display pim interface command to view the configuration and operation of PIM on the interface of routers. Use the PIM display information on Router A as an example:
[RouterA] display pim interface Vpn-instance: public net Interface Eth2/0/0 Pos2/0/0 Pos1/0/0 NbrCnt HelloInt 0 1 1 30 30 30 DR-Pri 1 1 1 DR-Address 10.110.1.1 192.168.1.1 192.168.9.2 (local)
# Use the display pim bsr-info command to view the information about BSR election on the router. Use the BSR information on Router A and Router E as examples (C-BSR information is also displayed on Router E):
<RouterA> display pim bsr-info Vpn-instance: public net Elected BSR Address: 192.168.9.2 Priority: 0
4-55
Hash mask length: 30 State: Accept Preferred Scope: Not scoped Uptime: 01:40:40 Expires: 00:01:42 <RouterE> display pim bsr-info Vpn-instance: public net Elected BSR Address: 192.168.9.2 Priority: 0 Mask length: 30 State: Elected Scope: Not scoped Uptime: 00:00:18 Next BSR message scheduled at :00:01:42 Candidate BSR Address is: 192.168.9.2 Priority: 0 Hash mask length: 30 State:Elected Scope: Not scoped
# Use the display pim rp-info command to view the obtained RP information on the router. Use the RP information on Router A as an example:
<RouterA> display pim rp-info Vpn-instance: public net PIM-SM BSR RP information: Group/MaskLen: 225.1.1.0/24 RP: 192.168.9.2 Priority: 0 Uptime: 00:51:45 Expires: 00:02:22
# Use the display pim routing-table command to view the PIM routing table. Host A needs the information sent by group G (225.1.1.1/24) and a RPT exists between Router A and Router E. Multicast source S (10.110.5.100/24) sends multicast packets to multicast group G and a source tree establishes between Router D and Router E. After Router A receives multicast packets, Router A performs the switchover from RPT to SPT immediately. The (*, G) entries generate on the routers, for example, Router A and Router E, along the RPT path. The (S, G) entries generate on the routers, for example, Router A and Router D, along the SPT path. The PIM multicast routing information appears as follows:
<RouterA> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 1 (S, G) entry (*, 225.1.1.1), RP: 192.168.9.2 Protocol: pim-sm, Flag: WC UpTime: 00:13:46 Upstream interface: Pos1/0/0, Upstream neighbor: 192.168.9.2, RPF neighbor: 192.168.9.2 Downstream interface list: Total number of downstreams: 1
4-56

1: GigabitEthernet2/0/0, Protocol: igmp, UpTime: 00:13:46, Expires:(10.110.5.100, 225.1.1.1), RP: 192.168.9.2 Protocol: pim-sm, Flag: SPT ACT UpTime: 00:00:42 Upstream interface: Pos3/0/0
Upstream neighbor: 192.168.1.2, RPF neighbor: 192.168.1.2 Downstream interface list: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: pim-sm, UpTime: 00:00:42, Expires:<RouterD> display pim routing-table Vpn-instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.110.5.100, 225.1.1.1), RP: 192.168.9.2 Protocol: pim-sm, Flag: SPT ACT UpTime: 00:00:42 Upstream interface: GigabitEthernet3/0/0 Upstream neighbor: 10.110.5.100, RPF neighbor: 10.110.5.100 Downstream interface list: Total number of downstreams: 1 1: Pos2/0/0 Protocol: pim-sm, UpTime: 00:00:42, Expires:<RouterE> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 0 (S, G) entry (*, 225.1.1.1), RP: 192.168.9.2 (local) Protocol: pim-sm, Flag: WC UpTime: 00:13:16 Upstream interface: Register Upstream neighbor: 192.168.4.2, RPF neighbor: 192.168.4.2 Downstream interface list: Total number of downstreams: 1 1: Pos3/0/0 Protocol: pim-sm, UpTime: 00:13:16, Expires: 00:03:22
----End
Configuration files
# sysname RouterA # multicast routing-enable # interface GigabitEthernet2/0/0 ip address 10.110.1.1 255.255.255.0 igmp enable igmp version 3
4-57
pim sm # interface Pos3/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim sm # interface Pos1/0/0 link-protocol ppp ip address 192.168.9.1 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 10.110.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.9.0 0.0.0.255 # return
The configuration files of Router B, Router C, and Router D are similar to that of Router A. Configuration file of Router E
# sysname RouterE # multicast routing-enable # acl number 2005 rule 5 permit source 225.1.1.0 0.0.0.255 # interface Pos1/0/0 link-protocol ppp ip address 192.168.3.2 255.255.255.0 pim sm # interface Pos2/0/0 link-protocol ppp ip address 192.168.2.2 255.255.255.0 pim sm # interface Pos3/0/0 link-protocol ppp ip address 192.168.9.2 255.255.255.0 pim sm # interface Pos4/0/0 link-protocol ppp ip address 192.168.4.1 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 192.168.3.0 0.0.0.255 network 192.168.2.0 0.0.0.255 network 192.168.9.0 0.0.0.255
4-58

network 192.168.4.0 0.0.0.255 # pim c-bsr Pos3/0/0 c-rp Pos3/0/0 group-policy 2005 # return
4.13.2 Example of configuring an SSM network

Receivers receive VOD information in multicast mode. Receiver groups from different organizations form leaf networks, and each leaf network uses many hosts. SSM mode and ASM mode work in the entire PIM network. As shown in Figure 4-9, you must configure the router to enable Host A and Host B of different leaf networks to receive multicast information from the multicast source.
The steps in the configuration roadmap are 1. 2. 3. 4. 5. Assign IP addresses to interfaces and configure a unicast routing protocol. Enable multicast on each router and PIM-SSM on each interface. IGMPv3 runs between the router and its connected leaf network. Configure C-RP and C-BSR. Configure the PIM-SSM multicast group address range. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: The address of the multicast source is 10.110.5.100/24. The multicast group address is 232.1.1.1/24. The version number of IGMP running between Router A, Router B, Router C, and ending network N1, N2 must be 3. The range of SSM is 232.1.1.0/24.
This configuration example only provides commands related to PIM-SSM.
Step 1 Configure IP addresses and a unicast routing protocol on each router. # Assign IP addresses to the interfaces of each router and configure the OSPF routing protocol, to ensure internetworking of Router A, Router B, Router C, Router D, and Router E and implement dynamic routing refreshment using a unicast routing protocol. Configure IP addresses and masks for each interface as shown in Figure 4-9. Step 2 Enable multicast on each router, PIM-SSM on each interface, and IGMP on the interface that connects to hosts.
4-59
# Enable multicast on each router, PIM-SSM on each interface, and enable IGMP on interfaces of Router A, Router B, and Router C that connect with the leaf network. The configuration procedures on Router B, Router C, Router D, and Router E are similar to that on Router A:
[RouterA] multicast routing-enable [RouterA] interface gigabitethernet 2/0/0 [RouterA-GigabitEthernet2/0/0] igmp enable [RouterA-GigabitEthernet2/0/0] igmp version 3 [RouterA-GigabitEthernet2/0/0] pim sm [RouterA-GigabitEthernet2/0/0] quit [RouterA] interface pos 3/0/0 [RouterA-Pos3/0/0] pim sm [RouterA-Pos3/0/0] quit [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] pim sm [RouterA-Pos1/0/0] quit
Step 3 Configure C-RP and C-BSR. # Configure C-BSR and C-RP on Router E:
[RouterE] pim [RouterE-pim] c-bsr pos 3/0/0 [RouterE-pim] c-rp pos 3/0/0
Step 4 Configure the address scope of the PIM-SSM multicast group. # Configure the address scope of the PIM-SSM multicast group on Router A as 232.1.1.0/24. The configuration procedures on Router B, Router C, Router D, and Router E are similar to that on Router A:
[RouterA] acl number 2000 [RouterA-acl-basic-2000] rule permit source 232.1.1.0 0.0.0.255 [RouterA-acl-basic-2000] quit [RouterA] pim [RouterA-pim] ssm-policy 2000
Step 5 Verify the configuration. # Use the display pim interface command to view the PIM configuration and running state on the interface. For example, PIM on Router A appears as follows:
<RouterA> display pim interface Vpn-instance: public net Interface GE2/0/0 Pos3/0/0 Pos1/0/0 NbrCnt 0 1 1 HelloInt 30 30 30 DR-Pri 1 1 1 DR-Address 10.110.1.1 192.168.1.2 192.168.9.2 (local)
# Use the display pim routing-table command to view the PIM multicast routing table: If Host A needs the information that the specified multicast source S (10.110.5.100/24) sends to multicast group G (232.1.1.1), Router A establishes SPT towards the source. The routers such as Router A and Router D in the SPT path generate (S, G) entries whereas Router E outside the SPT path has no multicast route entries.
4-60

<RouterA> display pim routing-table Vpn-instance: public net Total 1 (S, G) entry (10.110.5.100, 232.1.1.1) Protocol: pim-ssm, Flag: UpTime: 00:13:25 Upstream interface: Pos3/0/0
Upstream neighbor: 192.168.1.2, RPF neighbor: 192.168.1.2 Downstream interface list: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: igmp, UpTime: 00:13:25, Expires:<RouterD> display pim routing-table Vpn-instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.110.5.100, 232.1.1.1) Protocol: pim-ssm, Flag: UpTime: 00:12:05 Upstream interface: GigabitEthernet3/0/0 Upstream neighbor: NULL, RPF neighbor: NULL Downstream interface list: Total number of downstreams: 1 1: Pos2/0/0 Protocol: pim-ssm, UpTime: 00:12:05, Expires: 00:03:25
----End
Configuration files
# sysname RouterA # multicast routing-enable # acl number 2000 rule 5 permit source 232.1.1.0 0.0.0.255 # interface GigabitEthernet2/0/0 ip address 10.110.1.1 255.255.255.0 igmp enable igmp version 3 pim sm # interface Pos3/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim sm # interface Pos1/0/0 link-protocol ppp
4-61
ip address 192.168.9.1 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 10.110.1.0 0.0.0.255 network 192.168.1.0 0.0.0.255 network 192.168.9.0 0.0.0.255 # pim ssm-policy 2000 # return
The configuration files of Router B, Router C, and Router D are similar to that of Router A.
4-62
Contents
5 MSDP configuration..................................................................................................................5-1
5.1 Introduction ...................................................................................................................................................5-3 5.1.1 MSDP...................................................................................................................................................5-3 5.1.2 MSDP peer...........................................................................................................................................5-3 5.1.3 RPF rule of SA message.......................................................................................................................5-5 5.1.4 Interdomain multicast implemented by an MSDP peer........................................................................5-8 5.1.5 Intradomain anycast RP implemented by MSDP peer .........................................................................5-9 5.1.6 MSDP of multi-instance.....................................................................................................................5-10 5.1.7 References..........................................................................................................................................5-10 5.2 Configuring PIM-SM interdomain multicast .............................................................................................. 5-11 5.2.1 Establishing the configuration task .................................................................................................... 5-11 5.2.2 Configuring MSDP peers ...................................................................................................................5-12 5.2.3 Establishing MSDP peers on BGP and MBGP peers .........................................................................5-13 5.2.4 Configuring static RPF peers .............................................................................................................5-14 5.2.5 Checking the configuration................................................................................................................5-15 5.3 Configuring anycast RP in PIM-SM domain...............................................................................................5-15 5.3.1 Establishing the configuration task ....................................................................................................5-15 5.3.2 Configuring C-RP ..............................................................................................................................5-18 5.3.3 Configuring a static RP interface .......................................................................................................5-19 5.3.4 Statically configuring RP ...................................................................................................................5-20 5.3.5 Advertising RP interface address through a unicast route..................................................................5-20 5.3.6 Configuring MSDP peers ...................................................................................................................5-21 5.3.7 Specifying logical RP address for SA message..................................................................................5-22 5.3.8 Joining a mesh group .........................................................................................................................5-22 5.3.9 Checking the configuration................................................................................................................5-23 5.4 Managing MSDP peer connection...............................................................................................................5-24 5.4.1 Establishing the configuration task ....................................................................................................5-24 5.4.2 Controlling the session between MSDP peers ...................................................................................5-25 5.4.3 Adjusting the interval for retrying setting up MSDP peer connection ...............................................5-25 5.4.4 Checking the configuration................................................................................................................5-26 5.5 Configuring SA cache .................................................................................................................................5-27 5.5.1 Establishing the configuration task ....................................................................................................5-27
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 5.5.2 Configuring the maximum number of (S, G) in the cache .................................................................5-28 5.5.3 Disabling SA-cache function .............................................................................................................5-28 5.5.4 Checking the configuration................................................................................................................5-29 5.6 Configuring SA request...............................................................................................................................5-30 5.6.1 Establishing the configuration task ....................................................................................................5-30 5.6.2 Configuring sending SA request message on the local router............................................................5-31 5.6.3 Configuring the filtering rules for receiving SA request messages ....................................................5-32 5.6.4 Check the configuration .....................................................................................................................5-32 5.7 Transmitting burst multicast data within a domain .....................................................................................5-34 5.7.1 Establishing the configuration task ....................................................................................................5-34 5.7.2 Configuring an SA message to carry a multicast packet ....................................................................5-35 5.7.3 Setting the TTL threshold of the multicast packet carried in the SA message ...................................5-35 5.7.4 Checking the configuration................................................................................................................5-36 5.8 Controlling creation and forwarding of the SA message.............................................................................5-37 5.8.1 Establishing the configuration task ....................................................................................................5-37 5.8.2 Controlling the creation of SA Message ............................................................................................5-38 5.8.3 Controlling the receiving of SA message...........................................................................................5-39 5.8.4 Controlling the forwarding of SA message ........................................................................................5-40 5.8.5 Checking the configuration................................................................................................................5-40 5.9 Maintaining MSDP .....................................................................................................................................5-42 5.9.1 Clearing statistics of MSDP peer .......................................................................................................5-42 5.9.2 Clearing (S, G) information in the SA-cache.....................................................................................5-42 5.9.3 Debugging MSDP..............................................................................................................................5-43 5.10 Configuration examples ............................................................................................................................5-43 5.10.1 Example of configuring PIM-SM interdomain multicast.................................................................5-44 5.10.2 Example of configuring static RPF peer ..........................................................................................5-52 5.10.3 Example of configuring anycast RP.................................................................................................5-56
ii
Figures
Figure 5-1 MSDP peers ......................................................................................................................................5-4 Figure 5-2 MSDP peer connection in mesh group..............................................................................................5-6 Figure 5-3 Cooperation between MSDP and MBGP..........................................................................................5-7 Figure 5-4 Diagram of MSDP peers...................................................................................................................5-8 Figure 5-5 Anycast RP .......................................................................................................................................5-9 Figure 5-6 Networking diagram of typical MSDP configuration .....................................................................5-44 Figure 5-7 Networking diagram of static RPF peer..........................................................................................5-52 Figure 5-8 Networking diagram of anycast RP configuration..........................................................................5-56
iii
Tables
Table 5-1 Configuration solutions of PIM-SM inter-domain multicast ............................................................ 5-11 Table 5-2 Configuration solution of anycast RP...............................................................................................5-16
5 MSDP configuration
5
About this chapter
Section 5.1 Introduction 5.2 Configuring PIM-SM interdomain multicast
MSDP configuration
The following table describes the contents of this chapter. Description This section describes the principles and the concepts of the Multicast Source Discovery Protocol (MSDP). This section describes how to configure an MSDP peer to implement PIM-SM inter-domain multicast. For configuration examples, see Example of configuring PIM-SM interdomain multicast and Example of configuring static RPF peer. This section describes how to configure an MSDP peer to implement Anycast rendezvous point (RP). For a configuration example, see Example of configuring anycast RP. This section describes how to configure an MSDP peer and how to control the session between MSDP peers. This section describes how to configure the source active (SA) cache and how to adjust the number of cache entries. This section describes how to configure SA requests and how to control the reply to SA requests. This section describes how to configure SA encapsulation data and how to control the transmission scope of SA messages encapsulated with multicast data. This section describes methods to control SA messages that transmit between MSDP peers, how to control the creation of SA messages, and how to control the receiving and sending of SA message.
5.3 Configuring anycast RP in PIM-SM domain
5.4 Managing MSDP peer connection 5.5 Configuring SA cache 5.6 Configuring SA request 5.7 Transmitting burst multicast data within a domain 5.8 Controlling creation and forwarding of the SA message
5-1
Section 5.9 Maintaining MSDP
Description This section describes how to clear the statistics of MSDP, how to reset the connection between MSDP peers, and how to debug MSDP. This section provides configuration examples of MSDP.
5-2
5.1 Introduction
5.1.1 MSDP
The MSDP is an interarea multicast solution based on multiple mutually-connected Protocol Independent Multicast Sparse Mode (PIM-SM) domains.
MSDP applies only to PIM-SM domains and is only useful for Any-Source Multicast (ASM) mode.
In general PIM-SM mode, the multicast source registers only with the local RP. The information on the intradomain multicast source is isolated. The RP knows only the source in its domain, establishes the multicast distribution tree in its domain, and distributes the data sent by its multicast source to the local users. The network needs a mechanism to enable the local RP to share the information on the multicast source of other domains. The local RP can send join message to the multicast source of other domains and establish multicast distribution tree. Thus, multicast packets can transmit across domains. MSDP achieves this objective by establishing the MSDP peer relationship between RPs of different domains. MSDP peers share the information on the multicast source by sending SA messages.
5.1.2 MSDP peer

To make multiple RPs share the information on the multicast source, apply MSDP. The following list identifies the method to apply MSDP: Configure a pair of MSDP peers or multiple pairs of MSDP peers. Connect these peers to form a connected graph. The SA message the RP sends transmits to the other RPs by using the connectivity between the MSDP peers. As shown in the following figure, multiple MSDP peers exist in the network. The peers connect. The RPs of various domains connect.
5-3
Figure 5-1 MSDP peers
Receiver
PIM-SM 2 RP2
Source RP1 RP3
PIM-SM 1
PIM-SM 3
Router1
MSDP peers
Router3
You can create an MSDP peer on any PIM-SM router. The function of the MSDP peer you create on different routers is different. If multiple RPs that serve different multicast groups exist in the PIM-SM domain, Nortel recommends that you establish MSDP peer relationships between all RPs. If a RP is dynamically elected from multiple candidate RPs (C-RP) in the PIM-SM domain, establish MSDP peer relationships between all C-RPs to ensure that the C-RP that wins in the election is always in the connected graph. The C-RPs that fail in the election act as common router in the MSDP connected graph.
MSDP peer created on the RP

An MSDP peer that connects to the multicast source is the source MSDP peer, like RP1. Function: RP1 creates an SA message and sends it to remote peers to notify them about the source information registered on the local RP.
You must configure the source MSDP peer on the RP. Otherwise, the multicast source information cannot advertise to the outside, and other members in the domain cannot receive the multicast data sent by the multicast source in the domain. MSDP peer connects to the receivers, like RP2 Function: RP2 receives the SA message sent by the peer and then joins the shortest path tree (SPT) of the multicast S according to the (S, G) information in the SA message. After the (S, G) message arrives, RP2 forwards it along the RP tree (RPT) to the local receivers.
5-4
MSDP peer with multiple remote peers, like RP3 Function: RP3 forwards the SA message received from a remote peer to other remote peers. RP3 acts as the intermediate forwarder of the multicast source information.
MSDP peer configured on common routers

Like Router 1 and Router 3, their function is to forward the received SA messages.
5.1.3 RPF rule of SA message

MSDP performs a Reverse Path Forwarding (RPF) check on the received SA messages to prevent SA messages from being circularly forwarded between MSDP peers. MSDP strictly controls the receiving of the SA message. For an SA message that does not comply with RPF rules, the MSDP directly discards it. The following list identifies six RPF rules of MSDP: Rule 1: If the peer that sends the SA message is the source RP, the SA message is received and forwarded to other peers. Rule 2: The SA message sent by the static RPF peer is received. A router can establish MSDP peer relationships with multiple routers. You can select one or multiple peers from these remote peers and configure it as the RPF peer. Rule 3: If a router uses only one remote MSDP peer, the remote peer automatically becomes the RPF peer. The router receives the SA messages from the remote peer. If the PIM-SM domain uses only one remote MSDP peer outside, the domain is a stub domain. Rule 4: If the peer that sends the SA message and the local router belong to the same mesh group, the local router receives the SA message. The SA messages from the mesh group do not forward to members of the mesh group but forward to all peers that do not belong to the mesh group. Rule 5: If the peer that sends the SA message is the next hop of the route to the source RP, the next-hop router receives SA messages and forwards them to other peers. The route includes Multicast Border Gateway Protocol (MBGP) routes, BGP routes, static multicast routes, and Interior Gateway Protocol (IGP) routes. Rule 6: If the route that reaches the source RP spans multiple autonomous systems (AS), the SA message sent by the peer of the next-hop AS is received. If the next-hop AS uses multiple remote MSDP peers, the SA message sent by the remote peer with the largest IP address is received.
Application of mesh group

If multiple MSDP peers exist in the network, an SA message easily floods between peers. If many MSDP peers exist in the same PIM-SM domain, RPF rules cannot filter out many unnecessary SA packets. The MSDP peer performs the RPF check on all received SA messages, which causes a heavy load to the system. Configure multiple MSDP peers to join a mesh group to reduce the number of SA messages that transmit between these MSDP peers. The members of the mesh group can either belong to the same PIM-SM domain or belong to multiple PIM-SM domains. The members of the mesh group can be either in one AS or in multiple ASs. In a mesh group, each member uses MSDP peer connections to all other members. As shown in Figure 5-2, Router 1, Router 2, Router 3, and Router 4 join the same mesh group, and the MSDP peers must establish between the four routers.
5-5
Figure 5-2 MSDP peer connection in mesh group

Router1 Router2
Router4
Router3
MSDP peers
After a member receives an SA message, a member of the mesh group checks the source of the message first: If the SA message is from a certain MSDP peer outside the mesh group, the member performs the RPF check on the message. If the message passes the check, the member forwards it to other members of the mesh group. If the SA message is from another member of the mesh group, the member does not perform the RPF check and directly receives the message. The member does not forward the message to other members of the mesh group.
Cooperation between MSDP and MBGP

MSDP often works with MBGP. The MBGP connection and the MSDP connection belong to the TCP connection. When the MBGP peer relationship establishes between MSDP peers, SA messages can pass the RPF check. The MBGP peer and MSDP peer are usually configured on the same interface. Configuring MBGP in a network does not change the unicast topology of the network.
For more information about MBGP, see MBGP configuration.
5-6
Figure 5-3 Cooperation between MSDP and MBGP
AS 100 Source1 Receiver2
PIM-SM1 RP1
PIM-SM2 RP2
ASBR1
ASBR2
ASBR3 PIM-SM3 RP3
ASBR4
RP4
AS 200
Source3
Receiver3
MSDP peers
As shown in the preceding figure, RPs of each PIM-SM do not directly connect; RP and ASBR are not on the same router. After MSDP peers establish between RPs, Nortel recommends that you establish MBGP peers between these RPs. As a result, SA message can pass the RPF check. Interior BGP (IBGP): IBGP peers establish between RPs of the same AS, such as, RP1 and RP2, RP3, and RP4. Exterior BGP (EBGP): EBGP peers establish between RPs of different ASs, such as, RP1 and RP3, RP2 and RP4.
5-7
5.1.4 Interdomain multicast implemented by an MSDP peer

As shown in Figure 5-4, in the PIM-SM1 domain, an active Source exists. RP1 learns the existence of the Source through the process of multicast register. If the PIM-SM2 domain and the PIM-SM3 domain must known the location of the Source, the MSDP peer relationship needs to be established between RP1, RP2, and RP3. After the MSDP peer relationship is set up, Receiver can receive the data sent by Source. Figure 5-4 Diagram of MSDP peers
MSDP peers multicast packet Register SA message Join
Receiver PIM-SM 3
DR3
RP3
Source
DR1
PIM-SM 4 PIM-SM 1 RP2 RP1 PIM-SM 2
The working process of interdomain multicast by using MSDP peer is as follows: 1. 2. The Source sends the first multicast data to G. DR1 encapsulates the multicast data in the register message and delivers it to RP1. RP1 learns information of the active Source. As a source RP, RP1 creates an SA message, and sends it to other peers periodically. SA message carries IP address of the Source, the address of G and the address of the source RP (RP1) that creates the SA message. To avoid the loop of transmitting the SA message, the MSDP peer performs forwarding policies and the RPF check for the received SA messages; MSDP receives and forwards correct SA messages. The SA message forwards among MSDP peers. Finally, the information of the Source is spread to all PIM-SM domains that establish an MSDP peer relationship. After RP3 of PIM-SM3 receives the SA message, RP3 checks whether receivers of G exist in its domain. If a receiver exists, the RPT of G is maintained between RP3 and receivers. RP3 creates an (S, G) entry, and sends an (S, G) join message to Source hop-by-hop. RP3 crosses various PIM-SM domains and directly joins the SPT with Source as root. Multicast data delivers to RP3 along SPT, and then forwards to receivers along RPT. After DR3 receives the multicast data from Source, DR3 at the receiver side can decide whether to initiate SPT switchover by itself.
3.
4. 5. 6.
5-8
7.
If no receiver exists, RP3 neither creates an (S, G) entry, nor joins the SPT with Source as root.
5.1.5 Intradomain anycast RP implemented by MSDP peer

RPs set up with MSDP peer relationships can exchange SA messages to share the information about the locally registered source. In this manner, you can implement anycast RP by enabling MSDP in a PIM-SM domain. Anycast RP indicates multiple RPs with the same address set in the same PIM-SM domain. The MSDP peer relationship establishes between these RPs. The RP path is optimal, and the load balancing is realized. As shown in Figure 5-5, Source1 sends multicast data to G, and user is a member of G. Configure C-RP on RP1 and RP2 separately. Enable the same IP address (usually the Loopback interface). Establish the MSDP peer relationship between RP1 and RP2. Figure 5-5 Anycast RP
Source2 Source1
RP1
user
RP2
user
user
PIM-SM
user user SA message
The working process of anycast RP is as follows: 1. Receiver sends a join message to the nearest RP to establish an RPT. For example, users on the left join the RPT with RP1 as root; users on the right join the RPT with RP2 as root. 2. The multicast source registers with the nearest RP. For example, Source1 registers on RP1 on Router A, and multicast data sent by Source1 is encapsulated in the register message. After the register message arrives at RP1, Router A decapsulates the packet. 3. RPs share register source information through SA messages. For example: RP1 creates an SA message and sends it to RP2. Multicast data sent by Source is encapsulated in the SA message. After the SA message arrives at Router B, Router B decapsulates the SA message. 4. After the RP receives SA messages, the RP checks whether a multicast receiver exists. If a receiver exists, RP directly sends a join message to the source to establish SPT. For example: the RP2 joins the SPT with Source1 as root. The multicast reaches RP2 from Source1 along SPT.
5-9
5.
Receivers receive multicast data along the RPT. For example: RP2 forwards multicast data downwards along RPT. When user receives multicast data sent by Source1, user independently decides whether to join the SPT with Source1 as root.
Functions of anycast RP: RP optimal path Receivers send a join message to the nearest RP. The RPT with the optimal path establishes. The multicast source registers with the nearest RP. The source tree with optimal path establishes. RP load balancing Each RP maintains only partial source or group information of the PIM-SM domain and forwards partial multicast data. RP redundant backup After an RP fails, the multicast source that registered with it and receivers that joined it select a near RP to which to register and join.
5.1.6 MSDP of multi-instance

MSDP peers can establish between interfaces on multicast routers that belong to the same instance (including a public instance and VPN instance). MSDP peers exchange SA messages with each other. This process achieves interdomain VPN multicast. Multicast routers on which you apply the multi-instance maintain a set of MSDP mechanism for each instance including SA cache, peer connection, timer, sending cache, and the cache area of PIM interaction. The multicast routers guarantee the information separation among different instances, so only the information of MSDP and PIM-SM that belong to the same instance exchanges. By applying MSDP of multi-instance, the Nortel Secure Router 8000 Series implements interdomain VPN multicast.
For more information about VPN multicast across domains, see Multicast VPN configuration.
5.1.7 References
For more information about MSDP principle, see the following documents. Document number RFC 3618 RFC 3446 Description Multicast Source Discovery Protocol (MSDP) Anycast Rendezvous Point (RP) mechanism using Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP)
5-10
5.2 Configuring PIM-SM interdomain multicast

The multicast information among PIM-SM domains is isolated. Users in the domain cannot receive the multicast data sent by multicast sources of other domains. Establish MSDP peer relationship between RPs of each PIM-SM to interconnect these RPs. To ensure that the SA message sent by the remote peer can pass the RPF check, you must pay attention to the network environment when you configure MSDP peers. Table 5-1 Configuration solutions of PIM-SM inter-domain multicast Current network environment For the two RPs, one RP is the next hop of the route to the source RP for the other. The route includes BGP route, MBGP route, static multicast route, and unicast route. For the two RPs, one RP cannot be the next hop of the route to the source RP for the other. No. 1 Configuration solution Establish the MSDP peer relationship between the RPs
Establish MBGP peer relationship between the RPs and import MBGP routes and unicast routes into each other Establish MSDP peer relationship between BGP peers or MBGP peers
Establish MSDP peer relationship between RPs Joining the same mesh group
Establish MSDP peer relationship between RPs Establish static RPF peer relationship between RPs
Establish MSDP peer relationship between RPs Configure static multicast route of the specified source RP
Confirm the action before you use the fourth and fifth configuration solution in the preceding table. If you do not correctly configure static RPF peers, a routing loop can occur. If you do not correctly configure static multicast route, SA messages may not pass the RPF check.
Before you configure PIM-SM interdomain multicast, complete the following tasks:
5-11
Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast.
Data preparation
To configure PIM-SM inter-domain multicast, you need the following data. No. 1 2 3 4 Data Address of remote MSDP peer Interface type and interface number of the local router Description of MSDP peer Name of mesh group
No. 1 2 3 4 Procedure Configuring MSDP peers Establishing MSDP peers on BGP and MBGP peers Configuring static RPF peers Checking the configuration
5.2.2 Configuring MSDP peers

Do as follows on the two RPs on which you establish the MSDP peer relationship: Step 1 Run:
system-view
The system appears. Step 2 Run:

msdp [ vpn-instance vpn-instance-name ]
This command enables the MSDP of the public network instance or VPN instance and the MSDP view appears. Step 3 Run:
peer peer-address connect-interface interface-type interface-number
This command configures the MSDP peer connection. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer
5-12
interface-type interface-number: specifies the local interface Step 4 Run:

peer peer-address description text
This command adds the description of the remote MSDP peer. This command is optional. This configuration is useful to differentiate the MSDP remote peers and manage the connection with the remote MSDP peers. The following list explains the parameters of the command: peer-address indicates the address of the remote MSDP peer Text: indicates the description text that is a string of 80 characters Step 5 Run:
quit
This command quits the MSDP view. ----End
5.2.3 Establishing MSDP peers on BGP and MBGP peers

The second configuration solution in Table 5-1 applies to this configuration. For more information about how to establish BGP peers between ASs, see Nortel Secure Router 8000 Series Configuration IP Routing (NN46240-505). For more information about how to establish MBGP peers between ASs, see MBGP configuration.
Do as follows on the two routers that establish BGP or MBGP peers: Step 1 Run:
system-view

This command enables the MSDP function of the public network instance or VPN instance, and the MSDP view appears. Step 3 Run:
This command configures the MSDP peer connection. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. The address is the same as that of the remote BGP or MBGP address. interface-type interface-number: specifies the local interface that is the same as the local BGP or MBGP interface.
5-13
Step 4 Run:
This command adds the description of the MSDP peer. This command is optional. The configuration is useful to differentiate the remote MSDP peers and to manage connection with the remote MSDP peers. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. text: indicates the description text. The text is a string of 80 characters. Step 5 Run:
quit
5.2.4 Configuring static RPF peers

The fourth configuration solution in Table 5-1 applies to this configuration.
Do as follows on the router on which you create the MSDP peer: Step 1 Run:
system-view

This command enables the MSDP of the public network instance or VPN instance, and the MSDP view appears. Step 3 Run:
static-rpf-peer peer-address
This command statically specifies the remote MSDP peer as the RPF peer. The peer-address indicates the address of the remote MSDP peer. Step 4 Run:
quit
5-14

Use the commands in the following table to check the previous configuration. Action Check the brief information on the MSDP peer status. Check the detailed information on the MSDP peer status. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] brief display msdp [ vpn-instance vpn-instance-name | all-instance ] peer-status [ peer-address ]
Run the display msdp [ vpn-instance vpn-instance-name | all-instance ] brief command. If you can view the brief information about the status of all remote peers that establish MSDP peer with the local host, it means that the configuration succeeds. For example:
<Nortel> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 2 Peers Address 192.168.2.1 192.168.4.2 Up 2 State UP UP Listen 0 Up/Down time 01:07:08 00:06:39 Connect 0 AS 200 100 Shutdown 0 SA Count 8 13 Down 0 Reset Count 0 0
Run the display msdp [ vpn-instance vpn-instance-name | all-instance ] peer-status [ peer-address ] command. If you can view the detailed information about the state of the specified remote peers that establish MSDP peer with the local host, it means that the configuration succeeds.
5.3 Configuring anycast RP in PIM-SM domain

In the traditional PIM-SM domain, each multicast group can map to only one RP. When the network overloads or the traffic is too concentrated, many network problems occur. For example, the pressure of RP is too heavy, the route converges slowly after RP fails, or the multicast forwarding path is not optimal. Apply anycast RP in the PIM-SM domain to implement the register of the multicast source and the join of the receiver easily. The load of a single RP is abated, the RP backup is implemented, and the forwarding path is optimized. Table 5-2 shows typical network environments and their configuration solutions.
5-15
Table 5-2 Configuration solution of anycast RP Current network environment Unicast in the current network works normally, and the PIM-SM is not configured. The PIM-SM domain is to be configured, and the BSR-RP is used. No. 1 Configuration solution or procedure Enable IP multicast Configure PIM-SM domain without C-RP Configuring C-RP Advertising RP interface address through a unicast route Configuring MSDP peer Specifying logical RP address for SA message Joining a mesh group Unicast in the current network works normally, and the PIM-SM is not configured. The PIM-SM domain is to be configured, and the static RP is used. 2 Enable IP multicast Configure PIM-SM domain without static RP Configuring a static RP interface Statically configuring RP Advertising RP interface address through a unicast route Configuring MSDP peer Specifying logical RP address for SA message Joining a mesh group The integrate PIM-SM domain is configured in the current network. C-BSR and C-RP are configured on the same interface. 3 Cancell the previous C-RP configuration Configuring C-RP Advertising RP interface address through a unicast route Configuring MSDP peer Specifying logical RP address for SA message Joining a mesh group The integrated PIM-SM domain is configured in the current network. C-RP and C-BSR are configured on different interfaces or devices. 4 Choose one or multiple non-RP routers in the domain and Configuring C-RP on the router Advertising RP interface address through a unicast route Configuring MSDP peer Specifying logical RP address for SA message Joining a mesh group
5-16
Current network environment The integrate PIM-SM domain is configured in the current network. The static RP is used in the domain.
No. 5
Configuration solution or procedure Choose one or multiple nonstatic-RP routers in the domain Configuring a static RP interface on the router Configuring C-RP Advertising RP interface address through a unicast route Configuring MSDP peer Specifying logical RP address for SA message Joining a mesh group
Before you configure anycast RP, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain without RP.
Data preparation
To configure anycast RP, you need the following data. No. 1 2 3 4 5 Data RP address Interface and address of the local MSDP peer Interface and address of the remote MSDP peer Description of MSDP peer Name of the mesh group
No. 1 2 3 4 5 Procedure Configuring C-RP Configuring a static RP interface Statically configuring RP Advertising RP interface address through a unicast route Configuring MSDP peers
5-17
No. 6 7 8
Procedure Specifying logical RP address for SA message Joining a mesh group Checking the configuration
5.3.2 Configuring C-RP

If the PIM-SM network uses the static RP, this configuration is not necessary. If the PIM-SM network uses the BSR-RP, this configuration is required. Before you configure C-RP, configure BSR and BSP boundary.
Do as follows on multiple routers on which you require anycast-RP: Step 1 Run:

system-view

interface loopback interface-number
The Loopback interface view appears. Multiple RPs use the same IP address in the network. RP is configured on the Loopback interface.
You must configure the RP and BSR on different interfaces or devices. If the RP address and the BSR address are the same, the BSR packet that reaches other RPs cannot pass the RPF check. Step 3 Run:
ip address ip-address 32
This command configures the address of the Loopback interface. The following list explains the parameters of the command: ip-address: indicates the address of RP. The RP configured on multiple devices uses the same IP address. 32: indicates the address mask of the Loopback interface. Step 4 Run;
pim sm
5-18
This command enables PIM-SM for RP interface. Step 5 Run:

quit
This command quits the interface view. Step 6 Run:


c-rp loopback interface-number
This command specifies an interface as RP. Step 8 Run:

quit
5.3.3 Configuring a static RP interface

When the PIM-SM network uses BSR-RP, this configuration is not necessary. When the PIM-SM network uses static RP, this configuration is required.
Do as follows on multiple routers on which you configure anycast-RP in the PIM-SM: Step 1 Run:
system-view

interface loopback interface-number
The Loopback interface view appears. Multiple RPs use the same IP address in the network. RP is configured on the Loopback interface. Step 3 Run:
ip address ip-address 32
This command configures the address of the Loopback interface. The following list explains the parameters of the command: ip-address: indicates the address of RP. The RP configured on multiple devices uses the same IP address. 32: indicates the address mask of the Loopback interface.
5-19
Step 4 Run:
pim sm
This command enables PIM-SM for RP interface. Step 5 Run:

quit
5.3.4 Statically configuring RP

When the PIM-SM network uses BSR-RP, this configuration is not necessary. When the PIM-SM network uses static RP, this configuration is required.
Do as follows on all routers in the PIM-SM domain: Step 1 Run;

system-view


static-rp rp-address
This command configures the RP address. The rp-address indicates the IP address of the static RP. Step 4 Run:
quit
5.3.5 Advertising RP interface address through a unicast route

Use the unicast routing protocol in the current network to advertise the RP interface address. This configuration ensures that each router in the network uses an accessible route to RP. The configuration procedure varies with the specific unicast routing protocol. For the details of advertising RP interface address through a unicast route, refer to Configuration Guide IP Routing.
5-20
5.3.6 Configuring MSDP peers

Do as follows on multiple routers on which you create anycast RP:
If the number of routers that are configured with RP with the same IP address exceeds two, ensure the interconnection of the MSDP peers used among routers.
Step 1 Run:
system-view

This command enables the MSDP function of the public network instance or the VPN instance, and the MSDP view appears. Step 3 Run:
This command creates the MSDP peer connection. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. The address cannot be the same as that of C-RP. interface-type interface-number: specifies the local interface. The interface type and the interface number cannot be the same as that of the C-RP interface. Step 4 Run:
This command adds the description of the MSDP peer. The command is optional. This configuration is useful to differentiate the remote MSDP peers and to manage the connection with the remote MSDP peers. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. text: indicates the description text. The text is a string of 80 characters. Step 5 Run:
quit
5-21
5.3.7 Specifying logical RP address for SA message

Do as follows on the routers on which you create anycast RP: Step 1 Run:
system-view

The MSDP view appears. Step 3 Run:

originating-rp interface-type interface-number
This command configures the logical RP interface. The logical RP interface cannot be the same as the actual RP interface. Nortel recommends that you configure the logical interface as the MSDP peer interface. After the peer receives an SA message, the MSDP peer performs the RPF check on the message. If the remote RP address carried in the SA message is the same as the local RP address, the peer discards the SA message. After you use the originating-rp command, the logical RP address carried in the SA message sent by the router replaces the actual RP address, and the SA message can pass the RPF check after it reaches the remote router. Step 4 Run:
quit
5.3.8 Joining a mesh group

Do as follows on multiple routers on which you configure anycast-RP: Step 1 Run:
system-view


peer peer-address mesh-group name
This command configures the remote MSDP peer to join the mesh group. The remote MSDP peer is acknowledged as the member of the mesh group.
5-22
The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. name: indicates the name of the mesh group. The members of the same mesh group must use the same mesh group name. Note the following requirements when you run the command: Each member in the mesh group must have its MSDP peer connections to all other members. Each member in the mesh group must acknowledge its peer as a member of the mesh group. An MSDP peer belongs to only one mesh group. If you configure an MSDP peer to join multiple mesh groups, the latest configuration replaces the old configuration. Step 4 Run:
quit
The MSDP view appears. ----End

Use the commands in the following table to check the previous configuration. Action Check the brief information of the MSDP peer state. Check the RP information that corresponds to the PIM routing table. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] brief display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table
Run the display msdp [ vpn-instance vpn-instance-name | all-instance ] brief command. If you see brief information of the remote MSDP peer state, it means that the configuration succeeds. For example:
<Nortel> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Peer's Address 2.2.2.2 Up 1 State Up Listen 0 Up/Down time 00:10:17 Connect 0 AS ? Shutdown 0 SA Count 0 Down 0 Reset Count 0
Run the display pim [ vpn-instance vpn-instance-name | all-instance ] routing-table command. If you see the RP information that corresponds to the routing table, it means that the configuration succeeds. For example:
<Nortel> display pim routing-table Vpn-instance: public net
5-23
Total 0 (*, G) entry; 1 (S, G) entry (10.11.1.2, 225.1.1.1), RP: 7.7.7.7 (local) Protocol: pim-sm, Flag: SPT ACT UpTime: 00:01:57 Upstream interface: GigabitEthernet2/0/0
Upstream neighbor: 10.3.1.2, RPF prime neighbor: 10.3.1.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet3/0/0 Protocol: pim-sm, UpTime: - , Expires: -
5.4 Managing MSDP peer connection

MSDP peers connect by TCP connection (port number 639). You can close or re-establish TCP connection, and flexibly control the session between MSDP peers. After you create a new MSDP peer relationship, or after an MSDP peer connection that is cut off is restarted, or after the faulty MSDP peer attempts to restore its normal status, the TCP connection must be immediately set up between MSDP peers. You can flexibly adjust the interval to try to re-establish the MSDP peer connection.
Before you manage MSDP peer connection, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast. Complete the procedures in Configuring PIM-SM interdomain multicast or Configuring anycast RP in PIM-SM domain.
Data preparation
To manage MSDP peer connection, you need the following data. No. 1 2 Data Address of the remote MSDP peer Interface type and interface number of the local router
No. 1 Procedure Controlling the session between MSDP peers
5-24
No. 2 3
Procedure Adjusting the interval for retrying setting up MSDP peer connection Checking the configuration
5.4.2 Controlling the session between MSDP peers

system-view


shutdown peer-address
This command closes the session with the remote MSDP peer. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. After the session with the remote MSDP peer is closed, the TCP connection stops, the SA no longer transfers between peers, and peers do not try to re-establish the connection. The configuration information is saved. You can run the undo shutdown command to enable the session with the remote MSDP peer, and recreate the TCP connection. Step 4 Run:
quit
5.4.3 Adjusting the interval for retrying setting up MSDP peer connection
system-view
5-25

timer retry seconds
This command configures the retrying period during which the router sends a TCP connection request to the remote MSDP peer. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the brief information of the MSDP peer state. Check the detailed information of the MSDP peer state. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] brief display msdp [ vpn-instance vpn-instance-name | all-instance ] peer-status [ peer-address ]
Run the display msdp [ vpn-instance vpn-instance-name | all-instance ] brief command. If you see the brief information about the state of the connection with the remote MSDP peer, it means that the configuration succeeds. For example:
<Nortel> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 2 Peer's Address 192.168.2.1 192.168.4.2 Up 2 State UP UP Listen 0 Up/Down time 01:07:08 00:06:39 Connect 0 AS 200 100 Shutdown 0 SA Count 8 13 Down 0 Reset Count 0 0
Run the display msdp [ vpn-instance vpn-instance-name | all-instance ] peer-status [ peer-address ] command. If you see the detailed information about the state of the specified remote MSDP peers that establish MSDP peers with the local host, it means that the configuration succeeds.
5-26
5.5 Configuring SA cache

By default, the SA-Cache is enabled on the routers on which you configure MSDP peers. The routers can locally store the (S, G) information in the SA message. When the routers need to receive (S, G) information, the routers can obtain the (S, G) information from the SA-Cache. Configure the maximum number of (S, G) entries to prevent Denial of Service (DoS) attacks. Yous can disable the SA-Cache of a router. After you disable the SA-Cache of a router, the router does not locally store the (S, G) information in the SA message. When a router needs to receive the (S, G) data, it must wait for the SA message to be sent by its MSDP peer in the next period. This process delays receivers from obtaining multicast data.
Before you configure the SA-Cache, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast. Complete the procedures in Configuring PIM-SM interdomain multicast or Configuring anycast RP in PIM-SM domain.
Data preparation
To configure the SA-Cache, you need the following data. No. 1 Data Maximum number of (S, G) entries in the SA Cache
No. 1 2 3 Procedure Configuring the maximum number of (S, G) in the cache Disabling SA-cache Checking the configuration
5-27
5.5.2 Configuring the maximum number of (S, G) in the cache

Do as follows on the router on which you configure the MSDP peer:
If you do not perform this configuration, the router uses the default value.
Step 1 Run:
system-view


peer peer-address sa-cache-maximum sa-limit
This command limits the maximum number of (S, G) entries. The SA-Cache collects the (S, G) entries it learns from various remote MSDP peers. By default, the system assigns 2048 entries to each peer. You can run the command to manually adjust the number of entries assigned to the specified peer. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. sa-limit: indicates the maximum number of (S, G) entries cached. The redundant entries are discarded. The value that is smaller than the value defined by the cache is valid. Step 4 Run:
quit
5.5.3 Disabling SA-cache function

Do as follows on the router on which you configure the MSDP peer: Step 1 Run:
system-view

5-28

undo cache-sa-enable
This command disables the SA-cache.
You can run the cache-sa-enable command in the MSDP view to re-enable the SA-cache function.
Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the detailed information on the status of the MSDP peer. Check (S, G) entries in the SA-cache of the public network instance, VPN instance, or all instances. Check the number of (S, G) entries in the SA-cache of the public network instance, VPN instance, or all instances. Command display msdp peer-status [ peer-address ] display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address | source-address | as-number ] * display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-count [ as-number ]
Run the display msdp sa-cache command to check the information of (S, G) entries in the SA-cache. If you specify the group-address, the (S, G) entry that corresponds to the specified group appears. If you specify the source-address, the (S, G) entry that corresponds to the specified source appears. If you specify the as-number, the (S, G) of the specified AS that the S belongs to appears. If you do not specify the preceding parameters, all (S, G) entries in the SA-Cache appear.
<Nortel> display msdp sa-cache MSDP Source-Active Cache Information of VPN-Instance: public net MSDP Total Source-Active Cache - 5 entries MSDP matched 5 entries (Source, Group) (10.10.1.2, 225.1.1.1) (10.10.1.3, 225.1.1.1) (10.10.1.2, 225.1.1.2) (10.10.2.1, 225.1.1.2) (10.10.1.2, 225.1.2.2) Origin RP 10.10.10.10 10.10.10.10 10.10.10.10 10.10.10.10 10.10.10.10 Pro BGP BGP BGP BGP BGP AS 100 100 100 100 100 Uptime 00:00:10 00:00:11 00:00:11 00:00:11 00:00:11 Expires 00:05:50 00:05:49 00:05:49 00:05:49 00:05:49
5-29
Run the display msdp sa-count command to check the number of (S, G) entries in the SA-cache.
<Nortel> display msdp sa-count MSDP Source-Active Cache Information of VPN-Instance: public net Number of cached Source-Active entries, counted by Peer Peer's Address 10.10.10.10 AS ? Number of SA 5 Number of group 3
Number of source and group, counted by AS Number of source 3
Total 5 Source-Active entry matched
5.6 Configuring SA request

You cannot enable some routers with the SA-cache or the capacity of SA-cache on these routers is too small. When these routers need to receive (S, G) data, they cannot immediately obtain the valid (S, G) data and must wait for the SA message to be sent by their MSDP peers in the next period. If you enable the SA-cache on the remote MSDP peer and the capacity of the SA-Cache is large, configure the sending SA request message on the local router to shorten the period during which receivers obtain multicast source information. If the local router must receive (S, G) information, it sends an SA request message to the specified remote MSDP peer. After the peer receives the SA request message, the MSDP peer responds to the SA request message with the required (S, G) information. If you configure the filtering rule of SA request message on the remote MSDP peer, the peer checks the SA request messages received from the specified peers and determines whether to respond according to the results.
Before you configure SA request, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast. Complete the procedures in Configuring PIM-SM interdomain multicast or Configuring anycast RP in PIM-SM domain.
Data preparation
To configure SA request, you need the following data.
5-30
No. 1 2
Data Address of the remote MSDP peer Filtering list of SA Request message
No. 1 2 3 Procedure Configuring sending SA request message on the local router Configuring the filtering rules for receiving SA request messages Check the configuration
5.6.2 Configuring sending SA request message on the local router

Do as follows on the local router: Step 1 Run:
system-view


peer peer-address request-sa-enable
This command configures the sending SA request message. The peer-address indicates the address of the remote MSDP peer. After the local router receives a new join message from a group, it sends the SA request message only to the peer-address. Step 4 Run:
quit
5-31
5.6.3 Configuring the filtering rules for receiving SA request messages

Do as follows on the router of the remote MSDP peer specified by using the peer peer-address request-sa-enable command:
If you do not perform the configuration, after an SA message arrives, the router immediately responds with an SA message with (S, G) information that meets the requirements.
Step 1 Run:
system-view


peer peer-address sa-request-policy [ acl basic-acl-number ]
This command configures the filtering rule for receiving SA request message. The following list explains the parameters of the command: peer-address: indicates the address of the MSDP peer that sends the SA message. acl basic-acl-number: indicates the filtering policy. If you do not specify the ACL, all SA messages sent by the peer are ignored. If you do specify the ACL, only the SA message that meets requirements is received and other SA messages are discarded. Step 4 Run:
quit
5.6.4 Check the configuration

Use the command in the following table to check the previous configuration. Action Check the SA-cache of the public network instance, VPN instance, or all instances. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address | source-address | as-number ] *
Run the display msdp peer-status [ peer-address ] command to check the Information about SA-Requests field, in bold in the following example, to see whether the configuration is valid:
<Nortel> display msdp peer-status
5-32

MSDP Peer Information of VPN-Instance: public net MSDP Peer 172.40.41.1, AS ? Description: Information about connection status: State: Up Up/down time: 00:26:41 Resets: 0 Connection interface: Ethernet2/0/14 (172.40.41.2) Number of sent/received messages: 27/28 Number of discarded output messages: 0
Elapsed time since last connection or counters clear: 00:26:56 Information about (Source, Group)-based SA filtering policy: Import policy: none Export policy: none Information about SA-Requests: Policy to accept SA-Request messages: 2000 Sending SA-Requests status: enable Minimum TTL to forward SA with encapsulated data: 0 SAs learned from this peer: 0, SA-cache maximum for the peer: none Input queue size: 0, Output queue size: 0 Counters for MSDP message: Count of RPF check failure: 0 Incoming/outgoing SA messages: 16/0 Incoming/outgoing SA requests: 0/0 Incoming/outgoing SA responses: 0/0 Incoming/outgoing data packets: 0/0
Run the display msdp sa-cache command to check the information of (S, G) entries in the SA-cache. If you specify the group-address, the (S, G) entry that corresponds to the specified group appears. If you specify the source-address, the (S, G) entry that corresponds to the specified source appears. If you specify the as-number, the (S, G) of the specified AS that the S belongs to appears. If you do not specify one of the preceding parameters, all (S, G) entries in the SA-Cache appear.
5-33
5.7 Transmitting burst multicast data within a domain

The time during which some multicast sources send multicast data is too long, and is greater than the value of the timeout of the (S, G) entry. In this case, the source DR encapsulates the multicast data in register messages one-by-one, and sends the message to the source RP. The source RP uses SA messages to forward the (S, G) entry to the remote RP. The remote RP sends a join message to the source DR. This process establishes the SPT. Because of the timeout of the (S, G), remote users cannot receive the multicast data by S. To solve the problem, enable the Encapsulating a multicast packet in SA message on the source RP. The source RP encapsulates the multicast data in the SA message and sends it. After the remote RP receives the SA message, the remote RP decapsulates the message and forwards the multicast data to users in the domain along the RPT. Configure a time-to-live (TTL) threshold to limit the transmission scope of the multicast packet contained in an SA message. After the MSDP peer receives the SA message that contains a multicast packet, the MSDP peer checks the TTL value in the IP header of the multicast packet. If the TTL value is smaller than the threshold, the MSDP peer does not forward the SA message to the specific remote peers. If the TTL value is greater than the threshold, the MSDP peer reduces the TTL value in the IP header of the multicast packet by 1, and then encapsulates the multicast packet in the SA message and sends it.
Before you transmit burst multicast data by using SA message, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast. Complete the procedures in Configuring PIM-SM interdomain multicast or Configuring anycast RP in PIM-SM domain.
Data preparation
To transmit burst multicast data by using SA message, you need the following data. No. 1 2 Data TTL threshold to forward the SA message that contains a multicast packet Address of the remote MSDP peer
No. 1 Procedure Configuring an SA message to carry a multicast packet
5-34
No. 2 3
Procedure Setting the TTL threshold of the multicast packet carried in the SA message Checking the configuration
5.7.2 Configuring an SA message to carry a multicast packet

Do as follows on the source RP you configure with MSDP peer: Step 1 Run:
system-view


encap-data-enable
This command encapsulates a multicast packet in an SA message. By default, the SA message contains only (S, G) information, and does not contain a multicast packet. Step 4 Run:
quit
5.7.3 Setting the TTL threshold of the multicast packet carried in the SA message
Do as follows on the router you configure with MSDP peer:
If you do not perform the configuration, the router uses the default value.
Step 1 Run:
system-view

The MSDP view appears.
5-35
Step 3 Run:
peer peer-address minimum-ttl ttl
This command configures the TTL threshold of a multicast packet. Only when the TTL value of the multicast packet contained in the SA message received by MSDP peer is greater than the threshold, does the MSDP peer forward it to the specified remote MSDP peers. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. ttl: indicates the value of the TTL threshold. By default, the value is 0. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the SA-cache of the public network instance, VPN instance, or all instances. Check the detailed information on the status of the MSDP peer. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address | source-address | as-number ] * display msdp peer-status [ peer-address ]
Run the display msdp peer-status [ peer-address ] command to check the Minimum TTL to forward SA with encapsulated data field, in bold in the following example, to see whether the configuration is valid:
<Nortel> display msdp peer-status MSDP Peer Information of VPN-Instance: public net MSDP Peer 172.40.41.1, AS ? Description: Information about connection status: State: Up Up/down time: 00:26:41 Resets: 0 Connection interface: Ethernet2/0/14 (172.40.41.2) Number of sent/received messages: 27/28 Number of discarded output messages: 0 Elapsed time since last connection or counters clear: 00:26:56 Information about (Source, Group)-based SA filtering policy: Import policy: none Export policy: none Information about SA-Requests:
5-36

Policy to accept SA-Request messages: 2000 Sending SA-Requests status: enable Minimum TTL to forward SA with encapsulated data: 10
SAs learned from this peer: 0, SA-cache maximum for the peer: none Input queue size: 0, Output queue size: 0 Counters for MSDP message: Count of RPF check failure: 0 Incoming/outgoing SA messages: 16/0 Incoming/outgoing SA requests: 0/0 Incoming/outgoing SA responses: 0/0 Incoming/outgoing data packets: 0/0
Run the display msdp sa-cache command to check the information of (S, G) entries in the SA-cache. If you specify the group-address, the (S, G) entry that corresponds to the specified group appears. If you specify the source-address, the (S, G) entry that corresponds to the specified source appears. If you specify the as-number, the (S, G) of the specified AS that the S belongs to appears. If you do not specify one of the preceding parameters, all (S, G) entries in the SA-Cache appear.
5.8 Controlling creation and forwarding of the SA message

By default, MSDP routers receive all SA messages that pass the RPF check and forward them to all MSDP peers. To control the transmission of SA messages among MSDP peers, you can configure various filtering rules by using the following methods: Configure the rule to filter the multicast source of an SA message on the source RP. Source RP filters act on multicast sources that register on the local router, and decide which (S, G) entries to send based on the rule. After the SA message sent by the remote MSDP peer reaches a router, the router decides whether to receive the message based on the rule. Configure the rule to filter the SA message forwarded to the remote MSDP peer. Before the router forwards the SA message to the remote MSDP peer, the router decides whether to forward it based on the rule.
5-37
Before you control the creation and forwarding of the SA message, complete the following tasks: Configure a unicast routing protocol to implement interconnection at the network layer. Enable IP multicast. Configure PIM-SM domain to implement intradomain multicast. Complete the procedures in Configuring PIM-SM interdomain multicast or Configuring anycast RP in PIM-SM domain.
Data preparation
To control the creation and forwarding of SA message, you need the following data. No. 1 2 3 4 Data Filtering list of creating SA messages Filtering list of receiving SA messages Filtering list of forwarding SA messages Address of the remote MSDP peer
No. 1 2 3 4 Procedure Controlling the creation of SA Message Controlling the receiving of SA message Controlling the forwarding of SA message Checking the configuration
5.8.2 Controlling the creation of SA Message

Do as follows on the source RP you configure with MSDP peer:
If you do not perform the configuration, the SA message created by the source RP contains the information of all local active sources
Step 1 Run:
system-view

5-38

import-source [ acl acl-number ]
This command configures the rule to filter the multicast source of the SA message. The following list explains the parameters of the command: acl acl-number: indicates the multicast source filtering list. The SA message that MSDP creates contains the local source information that complies with the filtering rule.MSDP can control the local (S, G) information. If you use the import-source command with the acl, the SA message does not advertise any information about the local active source. Step 4 Run:
quit
5.8.3 Controlling the receiving of SA message

Do as follow on the router you configure with MSDP:
If you do not perform the configuration, the router receives all SA messages that pass the RPF check.
Step 1 Run:
system-view


peer peer-address sa-policy import [ acl advanced-acl-number ]
This command configures the rule to filter the SA message received from the remote MSDP peer. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. acl advanced-acl-number: indicates the advanced filtering list. Only the (S, G) information that passes the filtering of the ACL is received. The (S, G) information is in the SA message received from the peer-address. If you use the peer peer-address sa-policy import command without acl, the router does not receive any (S, G) information from peer-address. Step 4 Run:
5-39
quit
5.8.4 Controlling the forwarding of SA message

Do as follow on the router you configure with MSDP:
If you do not perform the configuration, the router forwards all SA messages that pass the RPF check.
Step 1 Run:
system-view


peer peer-address sa-policy export [ acl acl-number ]
This command configures the rule to filter the SA message that forwards to the remote MSDP peer. The following list explains the parameters of the command: peer-address: indicates the address of the remote MSDP peer. acl acl-number: indicates the advanced filtering list. Only the (S, G) information that passes the ACL rule forwards to peer-address. If you use the peer peer-address sa-policy export command without acl, the router does not forward any (S, G) information to peer-address. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the SA-cache of the public network instance, VPN instance, or all instances. Command display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address | source-address | as-number ] *
5-40
Action Check the detailed information on the status of the MSDP peer.
Command display msdp peer-status [ peer-address ]
Run the display msdp peer-status [ peer-address ] command to check the Information about (Source, Group)-based SA filtering policy field, in bold in the following example, to see whether the configuration is valid:
<Nortel> display msdp peer-status MSDP Peer Information of VPN-Instance: public net MSDP Peer 172.40.41.1, AS ? Description: Information about connection status: State: Up Up/down time: 00:26:41 Resets: 0 Connection interface: Ethernet2/0/14 (172.40.41.2) Number of sent/received messages: 27/28 Number of discarded output messages: 0 Elapsed time since last connection or counters clear: 00:26:56 Information about (Source, Group)-based SA filtering policy: Import policy: 3000 Export policy: 3002 Information about SA-Requests: Policy to accept SA-Request messages: 2000 Sending SA-Requests status: enable Minimum TTL to forward SA with encapsulated data: 10 SAs learned from this peer: 0, SA-cache maximum for the peer: none Input queue size: 0, Output queue size: 0 Counters for MSDP message: Count of RPF check failure: 0 Incoming/outgoing SA messages: 16/0 Incoming/outgoing SA requests: 0/0 Incoming/outgoing SA responses: 0/0 Incoming/outgoing data packets: 0/0
Run the display msdp sa-cache command to check the information of (S, G) entries in the SA-cache. If you specify the group-address, the (S, G) entry that corresponds to the specified group appears. If you specify the source-address, the (S, G) entry that corresponds to the specified source appears. If you specify the as-number, the (S, G) of the specified AS that the S belongs to appears. If you do not specify one of the preceding parameters, all (S, G) entries in the SA-cache appear.
<Nortel> display msdp sa-cache MSDP Source-Active Cache Information of VPN-Instance: public net MSDP Total Source-Active Cache - 5 entries MSDP matched 5 entries (Source, Group) Origin RP Pro AS Uptime Expires
5-41
(10.10.1.2, 225.1.1.1) (10.10.1.3, 225.1.1.1) (10.10.1.2, 225.1.1.2) (10.10.2.1, 225.1.1.2) (10.10.1.2, 225.1.2.2) 10.10.10.10 10.10.10.10 10.10.10.10 10.10.10.10 10.10.10.10 BGP BGP BGP BGP BGP

100 100 100 100 100 00:00:10 00:00:11 00:00:11 00:00:11 00:00:11 00:05:50 00:05:49 00:05:49 00:05:49 00:05:49
5.9 Maintaining MSDP

This section covers the following topics: Clearing statistics of MSDP peer Clearing (S, G) information in the SA-cache Debugging MSDP
5.9.1 Clearing statistics of MSDP peer
You cannot restore the statistics of MSDP peer after you clear them. Confirm the action before you use the command. To clear the statistics of MSDP peer, run the following commands in the user view. Action Clear the TCP connection with the specified MSDP peer of the public network instance, VPN instance, or all instances, and clear the statistics of the specified MSDP peers. In the case of not resetting the MSDP peer, clear the statistics of an MSDP peer or multiple MSDP peers of the public network instance, VPN instance, or all instances. Command reset msdp [ vpn-instance vpn-instance-name | all-instance ] peer [ peer-address ] reset msdp [ vpn-instance vpn-instance-name | all-instance ] statistics [ peer-address ]
5.9.2 Clearing (S, G) information in the SA-cache
You cannot restore the (S, G) information in the SA-cache after you clear it. Confirm the action before you use the command. To clear the (S, G) information in the SA-cache, run the following commands in the user view.
5-42
Action Clear the entries of MSDP SA-Cache of the public network instance, VPN instance, or all instances.
Command reset msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address ]
5.9.3 Debugging MSDP
Debugging affects system performance. After you debug the system, execute the undo debugging all command to disable it immediately. After a fault occurs, run the following debugging command in the user view to debug MSDP and locate the fault. For more information about the output of the debugging command, see Nortel Secure Router 8000 Series Configuration System Management (NN46240-601). For information about the debugging command, see Nortel Secure Router 8000 Series Commands Reference (NN46240-500). Action Debug MSDP. Debug the retrying of TCP connection of MSDP peer. Debug MSDP event. Debug MSDP packets. Debug active sources of MSDP. Command debugging msdp [ vpn-instance vpn-instance-name | all-instance ] all debugging msdp [ vpn-instance vpn-instance-name | all-instance ] connect debugging msdp [ vpn-instance vpn-instance-name | all-instance ] event debugging msdp [ vpn-instance vpn-instance-name | all-instance ] packet debugging msdp [ vpn-instance vpn-instance-name | all-instance ] source-active

This section provides the following examples: Example of configuring PIM-SM interdomain multicast Example of configuring static RPF peer Example of configuring anycast RP
5-43
5.10.1 Example of configuring PIM-SM interdomain multicast

As shown in Figure 5-6, two ASs exist in the network. Each AS contains one or more PIM-SM domains. The receivers in PIM-SM2 must receive the multicast data sent by S3 in PIM-SM3 domain and multicast data sent by S1 in PIM-SM1 domain. Figure 5-6 Networking diagram of typical MSDP configuration
AS100
Loopback0 2.2.2.2/32
AS200 Receiver PIM-SM2
RouterA
POS2/0/0 POS2/0/0 GbE1/0/0 POS1/0/0 POS1/0/0 POS3/0/0
RouterC
GbE1/0/0 POS2/0/0
POS2/0/0
RouterB
RouterD
PIM-SM1 S1
POS3/0/0 POS2/0/0 POS2/0/0
RouterF
RouterE
GbE1/0/0
PIM-SM3 S3
MSDP peer
Scheme: Configure MSDP peer among RPs of each PIM-SM domain. The configuration steps are as follows: 1. 2. 3. 4. 5. Configure the IP address of interfaces on each router and configure OSPF in the AS to ensure the smooth communication of unicast routes within the domain. Configure EBGP and import BGP and OSPF into each other to ensure the unicast route is accessible. Enable multicast and PIM-SM on each interface, configure a boundary domain, and enable the IGMP function on the interface that connects to the host. Configure C-BSR and C-RP. Configure RP of PIM-SM1 and PIM-SM2 on ASBR. Establish MSDP peer between RPs of each domain. MSDP peers between ASs and EBGP peer use the same interface address. According to RPF rules, routers receive SA messages from the next hop to the source RP.
5-44
6.
Verify the configuration.
Data preparation
To complete this configuration, you need the following data: Address of the multicast group G: 225.1.1.1/24. The AS number of Router A and Router B is 100. Router ID of Router B is 1.1.1.1. The AS number of Router C and Router D is 200. Router ID of Router C is 2.2.2.2. The AS number of Router E and Router F is 200.
This example includes only the commands related to MSDP configuration.
Step 1 Configure IP addresses and unicast routing protocols on each router. # Configure IP addresses and masks on each interface according to Figure 5-6. Configure the OSPF routing protocol in AS. Ensure the communication between routers on the network layer. Ensure the dynamic routing update between routers with the help of a unicast routing protocol. Step 2 Configure BGP between ASs and import BGP and OSPF into each other. # Configure EBGP on Router B and import OSPF routes:
[RouterB] bgp 100 [RouterB-bgp] router-id 1.1.1.1 [RouterB-bgp] peer 192.168.2.2 as-number 200 [RouterB-bgp] import-route ospf 1 [RouterB-bgp] quit
# Configure EBGP on Router C, and then import OSPF routes:

[RouterC] bgp 200 [RouterC-bgp] router-id 2.2.2.2 [RouterC-bgp] peer 192.168.2.1 as-number 100 [RouterC-bgp] import-route ospf 1 [RouterC-bgp] quit
# Import BGP routes to OSPF on Router B. The configuration of Router C is similar to that of Router B:
[RouterB] ospf 1 [RouterB-ospf-1] import-route bgp [RouterB-ospf-1] quit
Step 3 Enable multicast and enable PIM-SM on each interface, configure the boundary of the domain, and enable IGMP function on the interface that connects to the host. # Enable multicast on Router B, and enable PIM-SM on each interface. The configurations of other routers are similar to that of Router B:
[RouterB] multicast routing-enable [RouterB] interface pos 2/0/0 [RouterB-Pos2/0/0] pim sm [RouterB-Pos2/0/0] quit
5-45
[RouterB] interface pos 1/0/0 [RouterB-Pos1/0/0] pim sm
# Configure BSR boundary on POS1/0/0 of Router B:

[RouterB-Pos1/0/0] pim bsr-boundary [RouterB-Pos1/0/0] quit
Configure BSR on POS1/0/0 and POS3/0/0 of Router C and BSR on POS3/0/0 of Router E. The configurations of Router C and Router E are similar to that of Router B. # Enable the IGMP function on an interface through which Router D connects to the leaf network:
[RouterD] interface gigabitethernet 1/0/0 [RouterD-GigabitEthernet1/0/0] igmp enable
Step 4 Configure the C-BSR and C-RP. # Configure the Loopback0 interfaces and the C-BSR and C-RP on Router B, Router C, and Router E. The configurations of Router C and Router E are similar to those of Router B:
[RouterB] interface loopback 0 [RouterB-LoopBack0] ip address 1.1.1.1 255.255.255.255 [RouterB-LoopBack0] pim sm [RouterB-LoopBack0] quit [RouterB] pim [RouterB-pim] c-bsr loopback 0 [RouterB-pim] c-rp loopback 0 [RouterB-pim] quit
Step 5 Configure MSDP peers. # Configure MSDP peers on Router B:

[RouterB] msdp [RouterB-msdp] peer 192.168.2.2 connect-interface pos1/0/0 [RouterB-msdp] quit
# Configure MSDP peers on Router C:

[RouterC] msdp [RouterC-msdp] peer 192.168.2.1 connect-interface pos1/0/0 [RouterC-msdp] peer 192.168.4.2 connect-interface pos3/0/0 [RouterC-msdp] quit
# Configure MSDP peers on Router E:

[RouterE] msdp [RouterE-msdp] peer 192.168.4.1 connect-interface pos3/0/0 [RouterE-msdp] quit
Step 6 Verify the configuration. # Using the display bgp peer command, you can view BGP peer relationship between routers. For example, the following displays the BGP peer relationship on Router B and Router C:
<RouterB> display bgp peer BGP local router ID : 1.1.1.1 Local AS number : 100
5-46

Total number of peers : 1 Peer 192.168.2.2 V 4 AS 200 MsgRcvd 24 MsgSent 21
Peers in established state : 1 OutQ 0 Up/Down 00:13:09 State Established PrefRcv 6
<RouterC> display bgp peer BGP local router ID : 2.2.2.2 Local AS number : 200 Total number of peers : 1 Peer 192.168.2.1 V 4 AS 100 MsgRcvd 18 MsgSent 16 Peers in established state : 1 OutQ 0 Up/Down 00:12:04 State Established PrefRcv 1
# Using the display bgp routing-table command, you can view BGP routing table on a router. For example, the following displays the BGP routing table on Router C:
<RouterC> display bgp routing-table Total Number of Routes: 5 BGP Local router ID is 2.2.2.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network *> *>i *> *> *> 1.1.1.1/32 2.2.2.2/32 192.168.2.0 192.168.2.1/32 192.168.2.2/32 NextHop 192.168.2.1 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 MED 0 0 0 0 0 LocPrf PrefVal 0 0 0 0 0 Path/Ogn 100? ? ? ? ?
# Using the display msdp brief command, you can view the MSDP peers between routers. The following displays the brief information of establishing MSDP peers on Router B, Router C, and Router E:
<RouterB> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Peer's Address 192.168.2.2 Up 1 State Up Listen 0 Up/Down time 00:12:27 Connect 0 AS 200 Shutdown 0 A Count 13 Down 0 Reset Count 0
<RouterC> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 2 Peer's Address 192.168.2.1 192.168.4.2 2 State UP UP Up 0 Up/Down time 01:07:08 00:06:39 Listen 0 AS 100 200 Connect 0 SA Count 8 13 Shutdown 0 Reset Count 0 0 Down
<RouterE> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Up 1 Listen 0 Connect 0 Shutdown 0 Down 0
5-47
Peer's Address 192.168.4.1
State Up
Up/Down time 00:15:32
AS 200
SA Count 8
Reset Count 0
# Using the display msdp peer-status command, you can view the detailed information about the msdp peers. The following displays the information of MSDP peers on Router B in detail:
<RouterB> display msdp peer-status MSDP Peer Information of VPN-Instance: public net MSDP Peer 192.168.2.2, AS 200 Description: Information about connection status: State: Up Up/down time: 00:15:47 Resets: 0 Connection interface: Pos1/0/0 (192.168.2.1) Number of sent/received messages: 16/16 Number of discarded output messages: 0 Elapsed time since last connection or counters clear: 00:17:51 Information about (Source, Group)-based SA filtering policy: Import policy: none Export policy: none Information about SA-Requests: Policy to accept SA-Request messages: none Sending SA-Requests status: disable Minimum TTL to forward SA with encapsulated data: 0 SAs learned from this peer: 0, SA-cache maximum for the peer: none Input queue size: 0, Output queue size: 0 Counters for MSDP message: Count of RPF check failure: 0 Incoming/outgoing SA messages: 0/0 Incoming/outgoing SA requests: 0/0 Incoming/outgoing SA responses: 0/0 Incoming/outgoing data packets: 0/0
# Using the display pim routing-table command, you can view the PIM routing table on routers. When S1 (10.110.1.2/24) in PIM-SM1 and S3 (10.110.3.2/24) in PIM-SM3 send multicast data to G (225.1.1.1/24), Receiver (10.110.2.2/24) in PIM-SM2 can receive the multicast data. The information of the PIM routing table on Router B and Router C is as follows:
<RouterB> display pim routing-table Vpn-instance: public net Total 0 (*, G) entry; 1 (S, G) entry (10.110.1.2, 225.1.1.1), RP: 1.1.1.1(local) Protocol: pim-sm, Flag: SPT EXT ACT UpTime: 00:00:42 Upstream interface: Pos2/0/0 Upstream neighbor: 192.168.1.1, RPF neighbor: 192.168.1.1 Downstream interface list: Total number of downstreams: 1 1: Pos1/0/0 Protocol: pim-sm, UpTime: 00:00:42, Expires:<RouterC> display pim routing-table
5-48

Vpn-instance: public net Total 1 (*, G) entry; 2 (S, G) entries (*, 225.1.1.1), RP: 2.2.2.2(local) Protocol: pim-sm, Flag: WC RPT UpTime: 00:13:46 Upstream interface: NULL, Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface list: Total number of downstreams: 1 1: Pos2/0/0, Protocol: pim-sm, UpTime: 00:13:46, Expires:(10.110.1.2, 225.1.1.1), RP: 2.2.2.2 Protocol: pim-sm, Flag: SPT MSDP ACT UpTime: 00:00:42 Upstream interface: Pos1/0/0
Upstream neighbor: 192.168.2.1, RPF neighbor: 192.168.2.1 Downstream interface list: Total number of downstreams: 1 1: Pos2/0/0 Protocol: pim-sm, UpTime: 00:00:42, Expires:(10.110.3.2, 225.1.1.1), RP: 2.2.2.2 Protocol: pim-sm, Flag: SPT MSDP ACT UpTime: 00:00:42 Upstream interface: Pos3/0/0 Upstream neighbor: 192.168.4.2, RPF neighbor: 192.168.4.2 Downstream interface list: Total number of downstreams: 1 1: Pos2/0/0 Protocol: pim-sm, UpTime: 00:00:42, Expires:-
----End
Configuration files
# sysname RouterB # multicast routing-enable # interface Pos2/0/0 link-protocol ppp ip address 192.168.1.2 255.255.255.0 pim sm # interface Pos1/0/0 link-protocol ppp ip address 192.168.2.1 255.255.255.0 pim sm pim bsr-boundary # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 pim sm
5-49
# bgp 100 router-id 1.1.1.1 peer 192.168.2.2 as-number 200 import-route ospf 1 # ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 1.1.1.1 0.0.0.0 import-route bgp # pim c-bsr LoopBack0 c-rp LoopBack0 # msdp peer 192.168.2.2 connect-interface Pos1/0/0 # return

# sysname RouterC # multicast routing-enable # interface Pos1/0/0 link-protocol ppp ip address 192.168.2.2 255.255.255.0 pim sm pim bsr-boundary # interface Pos2/0/0 link-protocol ppp ip address 192.168.3.1 255.255.255.0 pim sm # interface Pos3/0/0 link-protocol ppp ip address 192.168.4.1 255.255.255.0 pim sm pim bsr-boundary # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 pim sm # bgp 200 router-id 2.2.2.2 peer 192.168.2.1 as-number 100 peer 192.168.4.2 as-number 200 import-route ospf 1 # ospf 1 area 0.0.0.0
5-50

network 192.168.3.0 0.0.0.255 network 192.168.4.0 0.0.0.255 network 2.2.2.2 0.0.0.0 import-route bgp # pim c-bsr LoopBack0 c-rp LoopBack0 # msdp peer 192.168.2.1 connect-interface Pos1/0/0 peer 192.168.4.2 connect-interface Pos3/0/0 # return
Configuration file of Router E

# sysname RouterE # multicast routing-enable # interface Pos2/0/0 link-protocol ppp ip address 192.168.5.1 255.255.255.0 pim sm # interface Pos3/0/0 link-protocol ppp ip address 192.168.4.2 255.255.255.0 pim sm pim bsr-boundary # interface LoopBack0 ip address 3.3.3.3 255.255.255.255 pim sm # bgp 200 router-id 3.3.3.3 peer 192.168.4.1 as-number 200 import-route ospf 1 # ospf 1 area 0.0.0.0 network 192.168.4.0 0.0.0.255 network 192.168.5.0 0.0.0.255 network 3.3.3.3 0.0.0.0 import-route bgp # pim c-bsr LoopBack0 c-rp LoopBack0 # msdp peer 192.168.4.1 connect-interface Pos3/0/0 # return
5-51
5.10.2 Example of configuring static RPF peer

As shown in Figure 5-7, two ASs exist in the network. Each AS contains one or more PIM-SM domains and each PIM-SM has one or no multicast source or receiver. Establish MSDP peers among PIM-SM domains to share the information of the multicast source. Figure 5-7 Networking diagram of static RPF peer
AS100
AS200
Loopback0
RouterE
POS1/0/0 Loopback0 POS2/0/0
RouterD RouterC
POS1/0/0 POS2/0/0 POS2/0/0
PIM-SM2 Receiver
PIM-SM1
100
RouterB
Loopback0
Receiver RouterG
S1
POS1/0/0
POS1/0/0
RouterF PIM-SM3
RouterA
S2
BGP peers
Scheme: Establish an MSDP peer on the RP in each PIM-SM domain. Configure static RPF peer among MSDP peers. The transmission of source information across sources is implemented without changing unicast topology. The steps are as follows: Configure IP addresses for the router interface, configure OSPF in the AS, configure EBGP between ASs, and import BGP and OSPF into each other. Enable multicast and PIM-SM on each interface, enable the IGMP function on the interface that connects to the host, and configure Loopback0 interfaces and the C-BSR and C-RP. The Loopback 0 interface on Router C, Router D, and Router F acts as C-BSR and C-RP of their PIM-SM domain. Establish MSDP peers among RPs in each domain, MSDP peer between Router C and Router D and MSDP peer between Router C and Router F.
5-52
Specify static RPF peer for MSDP peer. The static RPF peers of Router C are Router D and Router F. Router D and Router F use only one static RPF peer, Router C. According to RPF rules, routers receive SA messages from the static RPF peer. Verify the configuration.
Data preparation
To complete this configuration, you need the following data: The AS number of Router A, Router B, and Router C is 100. The router id is 1.1.1.3, 1.1.1.2 and 1.1.1.1. The AS number of Router D and Router E is 200. The router id is 2.2.2.2 and 2.2.2.1. The AS number of Router F and Router G is 200. The router id of Router F is 3.3.3.3. The name of policy adopted by Router C in filtering the SA message from Router D and Router F is list-df. The name of policy adopted by Router D and Router F in filtering the SA message from Router C is list-c.
This example includes only the commands related to static RPF peer configuration.
Step 1 Configure IP address of interfaces of the router and the unicast routing protocol. # As shown in Figure 5-7, configure IP addresses and masks for interfaces. Configure OSPF in the AS. Configure EBGP between Router A and Router F, Router B, and Router E. Import BGP and OSPF into each other. Ensure that there is communication between routers on the network layer. Ensure the dynamic routing update between routers with the help of unicast routing protocol. Step 2 Enable multicast and PIM-SM on each interface. # Enable multicast on all the routers and enable PIM-SM on each interface. The configurations of the other routers are similar to that of Router C:
[RouterC] multicast routing-enable [RouterC] interface pos 1/0/0 [RouterC-Pos1/0/0] pim sm [RouterC-Pos1/0/0] quit [RouterC] interface pos 2/0/0 [RouterC-Pos2/0/0] pim sm [RouterC-Pos2/0/0] quit
# Configure the BSR boundary on POS1/0/0 of Router A, on POS2/0/0 of Router B, on POS2/0/0 of Router E, and on POS1/0/0 of Router F. The configurations of Router B, Router E and Router F are similar to that of Router A:
[RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] pim bsr-boundary [RouterA-Pos1/0/0] quit
Step 3 Configure the interface of Loopback0 and the C-BSR and C-RP. # Configure the interface of Loopback0 and positions of C-BSR and C-RP on Router C, Router D and Router F. The configurations of Router D and Router F are similar to that of
5-53
Router C:
[RouterC] router id 1.1.1.1 [RouterC] interface loopback 0 [RouterC-LoopBack0] ip address 1.1.1.1 255.255.255.255 [RouterC-LoopBack0] pim sm [RouterC-LoopBack0] quit [RouterC] pim [RouterC-pim] c-bsr loopback 0 [RouterC-pim] c-rp loopback 0 [RouterC-pim] quit
Step 4 Configure static RPF peers. # Configure Router D and Router F as static RPF peers of Router C:
[RouterC] ip ip-prefix list-df permit 192.168.0.0 16 greater-equal 16 less-equal 32 [RouterC] msdp [RouterC-msdp] peer 192.168.3.2 connect-interface pos 1/0/0 [RouterC-msdp] peer 192.168.5.1 connect-interface pos 2/0/0 [RouterC-msdp] static-rpf-peer 192.168.3.2 rp-policy list-df [RouterC-msdp] static-rpf-peer 192.168.5.1 rp-policy list-df [RouterC-msdp] quit
# Configure Router C as the static RPF peer of Router D and Router F. The configurations of Router F are similar to that of Router D:
[RouterD] ip ip-prefix list-c permit 192.168.0.0 16 greater-equal 16 less-equal 32 [RouterD] msdp [RouterD-msdp] peer 192.168.1.1 connect-interface pos 1/0/0 [RouterD-msdp] static-rpf-peer 192.168.1.1 rp-policy list-c
Step 5 Verify the configuration. # Using the display bgp peer command, you can view the state of BGP peer between routers. No output information on Router C entails that there is no BGP peer between Router C and Router D or between Router C and Router F. # Using the display msdp brief command, you can view the state of MSDP peer between routers. When S1 in the PIM-SM1 sends the multicast packet, the receivers in the PIM-SM2 and PIM-SM3 domains can receive it. For example, the displayed information of MSDP peers on Router C, Router D, and Router F is as follows:
<RouterC> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 2 Peer's Address 192.168.3.2 192.168.5.1 Up 2 State UP UP Listen 0 Up/Down time 01:07:08 00:16:39 Connect 0 AS ? ? Shutdown 0 SA Count 8 13 Down 0 Reset Count 0 0
<RouterD> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Peer's Address Up 1 State Listen 0 Up/Down time Connect 0 AS Shutdown 0 SA Count Down 0 Reset Count
5-54

192.168.1.1 UP 01:07:09 ? 8
0
<RouterF> display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Peer's Address 192.168.4.1 Up 1 State UP Listen 0 Up/Down time 00:16:40 Connect 0 AS ? Shutdown 0 SA Count 13 Down 0 Reset Count 0
----End
Configuration files
Configuration file of Router C is as follows:
# sysname RouterC # multicast routing-enable # interface Pos1/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim sm # interface Pos2/0/0 link-protocol ppp ip address 192.168.4.1 255.255.255.0 pim sm # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 192.168.1.0 0.0.0.255 network 192.168.4.0 0.0.0.255 network 1.1.1.1 0.0.0.0 # pim c-bsr LoopBack0 c-rp LoopBack0 # ip ip-prefix list-df permit 192.168.0.0 16 greater-equal 16 less-equal 32 # msdp peer 192.168.3.2 connect-interface pos 1/0/0 peer 192.168.5.1 connect-interface pos 2/0/0 static-rpf-peer 192.168.3.2 rp-policy list-df static-rpf-peer 192.168.5.1 rp-policy list-df # return
5-55
Those of Router D and Router F are similar to the preceding file and are not mentioned here.
5.10.3 Example of configuring anycast RP

As shown in Figure 5-8, the PIM-SM domain uses multiple multicast sources and receivers. Establish MSDP peer in the PIM-SM domain to implement RP load balancing. Figure 5-8 Networking diagram of anycast RP configuration
Receiver
user2 GbE2/0/0 Loopback10 GbE1/0/0 GbE3/0/0 Loopback1 GbE1/0/0 GbE2/0/0
RouterB
PIM-SM Source
S1
RouterD
POS1/0/0
Source
S2
RouterA
GbE2/0/0 GbE2/0/0 Loopback1
Loopback0 Loopback0 POS1/0/0 POS1/0/0
RouterC
GbE3/0/0
POS2/0/0
RouterE Receiver
user1
Loopback10
MSDP peers
Scheme: Configure anycast RP. Receiver sends a join message to the RP that is the closest to the topology. Multicast source sends a register message to the RP that is the closest to the topology. The steps are as follows: 1. 2. 3. 4. 5. Configure IP addresses of interfaces and configure OSPF in the PIM-SM area. Enable multicast and PIM-SM on each interface and enable the IGMP function on the interface that connects to the host. Configure the same loopback interface address for Router C and Router D. Configure C-BSR on Loopback1 interfaces and C-RP on Loopback10 interfaces. Configure MSDP peer on Loopback 0 interfaces of Router C and Router D. According to RPF rules, routers receive SA messages from the source RP. Verify the configuration.
5-56
Data preparation
To complete this configuration, you need the following data: The address of the group G is 225.1.1.1. The router ID of Router C is 1.1.1.1. The router ID of Router D is 2.2.2.2.
Configuration Procedure
This example includes only the commands related to anycast RP configuration.
Step 1 Configure IP addresses and unicast routing protocol on each router. #Configure IP addresses and masks to each interface according to Figure 5-8. Configure OSPF. Ensure the communication between routers on the network layer. Ensure the dynamic routing update between routers with the help of unicast routing protocol. Step 2 Enable multicast and configure PIM-SM. # Enable multicast on all routers, and enable PIM-SM on each interface. Enable the IGMP function at the host side. The configurations of other routers are similar to that of Router C:
[RouterC] multicast routing-enable [RouterC] interface gigabitethernet 3/0/0 [RouterC-GigabitEthernet3/0/0] igmp enable [RouterC-GigabitEthernet3/0/0] pim sm [RouterC-GigabitEthernet3/0/0] quit [RouterC] interface gigabitethernet 2/0/0 [RouterC-GigabitEthernet2/0/0] pim sm [RouterC-GigabitEthernet2/0/0] quit [RouterC] interface pos 1/0/0 [RouterC-Pos1/0/0] pim sm [RouterC-Pos1/0/0] quit
Step 3 Configure the Loopback1 and Loopback10 interfaces, and the C-BSR and C-RP. # Configure the address of Loopback1 interface and the address of Loopback10 interface on Router C and Router D respectively. Configure C-BSP on Loopback1 and C-RP on Loopback 10. The configurations of Router D are similar to that of Router C:
[RouterC] interface loopback 1 [RouterC-LoopBack1] ip address 3.3.3.3 255.255.255.255 [RouterC-LoopBack1] pim sm [RouterC-LoopBack1] quit [RouterC] interface loopback 10 [RouterC-LoopBack10] ip address 10.1.1.1 255.255.255.255 [RouterC-LoopBack10] pim sm [RouterC-LoopBack10] quit [RouterC] pim [RouterC-pim] c-bsr loopback 1 [RouterC-pim] c-rp loopback 10 [RouterC-pim] quit
Step 4 Configure Loopback 0 interfaces and MSDP peers. # Configure the MSDP peer on the Loopback0 interfaces of Router C:
5-57
[RouterC] interface loopback 0
[RouterC-LoopBack0] ip address 1.1.1.1 255.255.255.255 [RouterC-LoopBack0] pim sm [RouterC-LoopBack0] quit [RouterC] msdp [RouterC-msdp] originating-rp loopback0 [RouterC-msdp] peer 2.2.2.2 connect-interface loopback0 [RouterC-msdp] quit
# Configure the MSDP peer on the Loopback0 interfaces of Router D:

[RouterD] interface loopback 0 [RouterD-LoopBack0] ip address 2.2.2.2 255.255.255.255 [RouterD-LoopBack0] pim sm [RouterD-LoopBack0] quit [RouterD] msdp [RouterD-msdp] originating-rp loopback0 [RouterD-msdp] peer 1.1.1.1 connect-interface loopback0 [RouterD-msdp] quit
Step 5 Verify the configuration. # Using the display msdp brief command, you can view the establishment of MSDP peer among routers. The displayed information of MSDP peer on Router C and Router D is as follows:
[RouterC] display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 1 Up 0 State Listen 0 Up/Down time ? Connect 0 AS 0 Shutdown 0 SA Count 0 Reset Count Down
Peer's Address
2.2.2.2 Up 00:10:17 [RouterD] display msdp brief Configured 1 1.1.1.1 1 Up Up 0 State Listen 0 Up/Down time 00:10:18
MSDP Peer Brief Information of VPN-Instance: public net Connect 0 AS ? 0 Shutdown 0 SA Count 0 Reset Count Down
Peer's Address
# Using the display pim routing-table command, you can view the PIM route on the router. In PIM-SM domain, S1 (10.110.5.100/24) sends multicast information to G (225.1.1.1). User 1 that joins G receives the multicast data sent to G. Compare to the display of PIM route on Router C and Router D, you can find that the valid RP is Router C. S1 registers with Router C, and User 1 sends a join message to Router C.
<RouterC> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 1 (S, G) entry (*, 225.1.1.1), RP: 10.1.1.1 (local) Protocol: pim-sm, Flag: WC RPT UpTime: 00:07:46 Upstream interface: NULL, Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface list: Total number of downstreams: 1
5-58

1: GigabitEthernet3/0/0, Protocol: pim-sm, UpTime: 00:07:46, Expires:(10.110.5.100, 225.1.1.1), RP: 10.1.1.1 (local) Protocol: pim-sm, Flag: SPT 2MSDP ACT UpTime: 00:10:20 Upstream interface: GigabitEthernet2/0/0
Upstream neighbor: 10.110.1.2, RPF prime neighbor: 10.110.1.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet3/0/0 Protocol: pim-sm, UpTime: 00:10:22, Expires: <RouterD> display pim routing-table
No display exists. # User 1 exits G, and S1 stops sending multicast data to G. You can run the reset multicast routing-table all command to clear the multicast routing entries and multicast forwarding entries on Router C. # User 2 joins G, and S2 (10.110.6.100/24) sends multicast data to G. Comparing with the display of PIM route on Router C and Router D, you can find that the valid RP is Router D. S2 registers with Router D, and User 2 sends a join message to Router D.
<RouterC> display pim routing-table
No display exists.
<RouterD> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 1 (S, G) entry (*, 225.1.1.1), RP: 10.1.1.1 (local) Protocol: pim-sm, Flag: WC RPT UpTime: 00:07:23 Upstream interface: NULL, Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface list: Total number of downstreams: 1 1: GigabitEthernet3/0/0, Protocol: pim-sm, UpTime: 00:07:23, Expires:(10.110.6.100, 225.1.1.1), RP: 10.1.1.1 (local) Protocol: pim-sm, Flag: SPT 2MSDP ACT UpTime: 00:10:20 Upstream interface: GigabitEthernet2/0/0 Upstream neighbor: 10.110.2.2, RPF prime neighbor: 10.110.2.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet3/0/0 Protocol: pim-sm, UpTime: 00:10:22, Expires: -
----End
Configuration files
Configuration file of Router C is as follows.
5-59
# sysname RouterC # multicast routing-enable # interface GigabitEthernet3/0/0 ip address 10.110.4.1 255.255.255.0 igmp enable pim sm # interface GigabitEthernet2/0/0 ip address 10.110.1.1 255.255.255.0 pim sm # interface Pos1/0/0 link-protocol ppp ip address 192.168.1.1 255.255.255.0 pim sm # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 pim sm # interface LoopBack1 ip address 3.3.3.3 255.255.255.255 pim sm # interface LoopBack10 ip address 10.1.1.1 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.110.1.0 0.0.0.255 network 10.110.4.0 0.0.0.255 network 1.1.1.1 0.0.0.0 network 3.3.3.3 0.0.0.0 network 10.1.1.1 0.0.0.0 network 192.168.1.0 0.0.0.255 # pim c-bsr LoopBack1 c-rp LoopBack10 # msdp originating-rp LoopBack0 peer 2.2.2.2 connect-interface LoopBack0 # return
The configuration of Router D is similar to that of Router C and is not mentioned here.
5-60
Contents
6 MBGP configuration .................................................................................................................6-1
6.1 Introduction ...................................................................................................................................................6-2 6.1.1 MBGP Features Supported by the VRP ...............................................................................................6-2 6.2 Configuring basic MBGP functions ..............................................................................................................6-2 6.2.1 Establishing the configuration task ......................................................................................................6-2 6.2.2 Configuring BGP peer..........................................................................................................................6-3 6.2.3 Configuring MBGP peer ......................................................................................................................6-4 6.2.4 Configuring MBGP route reflector ......................................................................................................6-5 6.2.5 Configuring MBGP to import local routes...........................................................................................6-6 6.2.6 Checking the configuration..................................................................................................................6-8 6.3 Configuring MBGP route advertisement policy............................................................................................6-8 6.3.1 Establishing the configuration task ......................................................................................................6-8 6.3.2 Configuring the next hop of the route as local address ........................................................................6-9 6.3.3 Configuring the aggregation of local MBGP routes...........................................................................6-10 6.3.4 Configuring the local peer to advertise default route ......................................................................... 6-11 6.3.5 Configuring the local peer to advertise community attribute.............................................................6-12 6.3.6 Configuring update packets not to carry private AS number .............................................................6-13 6.3.7 Checking the configuration................................................................................................................6-14 6.4 Configuring route exchange policy between MBGP peers .........................................................................6-15 6.4.1 Establishing the configuration task ....................................................................................................6-15 6.4.2 Filtering policy of MBGP route exchange .........................................................................................6-16 6.4.3 Configuring route filtering policy based on route-policy...................................................................6-17 6.4.4 Configuring route filtering policy based on IP ACL ..........................................................................6-18 6.4.5 Configuring route filtering policy based on AS-path list ...................................................................6-19 6.4.6 Configuring route filtering policy based on IP prefix ........................................................................6-19 6.4.7 Configuring the maximum number of IP prefixes received from peers .............................................6-20 6.4.8 Checking the configuration................................................................................................................6-21 6.5 Configuring MBGP route selection policy ..................................................................................................6-22 6.5.1 Establishing the configuration task ....................................................................................................6-22 6.5.2 Setting preferred value of the route learned from peers .....................................................................6-23 6.5.3 Configuring MBGP route preference .................................................................................................6-24 6.5.4 Configuring local-pref of MBGP route ..............................................................................................6-25
Nortel Secure Router 8000 Series Configuration Guide - IP Multicast 6.5.5 Configuring MED attribute of MBGP route ......................................................................................6-26 6.5.6 Setting dampening parameters of MBGP routes ................................................................................6-27 6.5.7 Checking the configuration................................................................................................................6-28 6.6 Maintaining MBGP .....................................................................................................................................6-28 6.6.1 Debugging MBGP .............................................................................................................................6-28 6.6.2 Clearing MBGP statistics...................................................................................................................6-29 6.6.3 Resetting the MBGP connection ........................................................................................................6-30 6.7 Example of configuring basic MBGP functions..........................................................................................6-30
ii
Figures
Figure 6-1 MBGP path selection networking diagram .....................................................................................6-31
iii
6 MBGP configuration
6
About this chapter
Section 6.1 Introduction 6.2 Configuring basic MBGP functions 6.3 Configuring MBGP route advertisement policy 6.4 Configuring route exchange policy between MBGP peers 6.5 Configuring MBGP route selection policy 6.6 Maintaining MBGP 6.7 Example of configuring basic MBGP functions
MBGP configuration
The following table describes the contents of this chapter. Description This section describes the principles and the concepts of Multicast Border Gateway Protocol (MBGP). This section describes the application and basic configuration of MBGP. For a configuration example, see Example of configuring basic MBGP functions. This section describes how to configure MBGP route advertisement policy. This section describes how to configure the policy to filter the routes between MBGP peers. This section describes how to configure the MBGP route selection policy. This section describes how to clear MBGP statistics and how to debug MBGP. This section provides a configuration example of MBGP.
6-1
6.1 Introduction
When you distribute a multicast source and its receivers in different autonomous systems (AS), a forwarding tree must establish across ASs. The Multiprotocol Border Gateway (MP-BGP) transfers routes between ASs for multicast. MP-BGP is the multiprotocol extension of the Border Gateway Protocol (BGP). At present, the BGP4 protocol applies only to unicast. The MP-BGP enables BGP4 to support multiple routing protocols, including multicast. When you apply MP-BGP to multicast, it is called Multicast BGP (MBGP). MP-BGP maintains routes for unicast and multicast at the same time, stores them in different routing tables, and keeps routing information of unicast and multicast separate from each other. MP-BGP builds different network topologies for unicast and multicast at the same time. The unicast routing policy and configuration methods supported by BGP4 can be applied to multicast mode. MP-BGP maintains different routes for unicast and multicast according to the routing policy.
This chapter describes configuration of MP-BGP applied to multicast, MBGP configuration. For information about MP-BGP, see Nortel Secure Router 8000 Series Configuration IP Routing (NN46240-505).
6.1.1 MBGP Features Supported by the Nortel Secure Router 8000 Series
For details, see the chapter "BGP Configuration" in the Nortel Secure Router 8000 SeriesSecure RouterConfiguration Guide IP Routing.
6.2 Configuring basic MBGP functions

Perform a Reverse Path Forwarding (RPF) check on multicast packets according to the following factors: Static multicast route Unicast route MBGP route Configure MBGP connections in the multicast address family view to provide routing information for the RPF check.
6-2
Before you configuring basic MBGP functions, you need to configure basic multicast functions.
Data preparation
To configure MBGP functions, you need the following data. No. 1 2 3 4 Data Local AS number Address of the remote peer and name of the peer group Cluster ID Routing information to advertise
No. 1 2 3 4 5 Procedure Configuring BGP peer Configuring MBGP peer Configuring MBGP route reflector Configuring MBGP to import local route Checking the configuration
6.2.2 Configuring BGP peer
If the two routers that you plan to establish as MBGP peers use a BGP connection, skip this section. Do as follows on the two routers between which you need to establish the MBGP peer relationship. Step 1 Run:
system-view
6-3
bgp as-number
This command enables BGP, configures the local AS number, and the BGP view appears. Step 3 Run:
router-id ip-address
This command configures the BGP router ID. This command is optional. Step 4 Run:
peer ip-address as-number as-number
This command specifies the IP address and AS number of the remote peer. Step 5 Run:
peer { ip-address | group-name } connect-interface interface-type interface-number
This command specifies the local interface used by the BGP connection. This command is optional. If you establish the BGP connection through the Loopback interface, you need to use this command. Step 6 Run:
peer { ip-address | group-name } ebgp-max-hop [ number ]
This command configures the maximum number of hops of the EBGP connection. The command is optional and is valid only for EBGP peer. The two routers that establish the EBGP peer connection must use the direct physical link. If you establish the BGP connection through a Loopback interface, you need to use this command. Step 7 Run:
quit
This command quits the BGP view. ----End
For more information about BGP peers, see Nortel Secure Router 8000 Series Configuration IP Routing (NN46240-505).
6.2.3 Configuring MBGP peer

Do as follows on the router configured with BGP peer: Step 1 Run:
system-view
The system view appears.
6-4
Step 2 Run:
bgp as-number
The BGP view appears. Step 3 Run:

ipv4-family multicast
This command enables the BGP-IPv4 multicast address family and the corresponding view appears. Step 4 Run:
peer { peer-address | group-name } enable
This command enables the MBGP function, and the original BGP peer becomes MBGP peer. The following list explains the parameters of the command: group-name: indicates the original BGP peer group. peer-address: indicates the IP address of the original remote BGP peer. Step 5 Run:
quit
This command quits the BGP-IPv4 multicast address family view. Step 6 Run:
quit
6.2.4 Configuring MBGP route reflector
The route reflector is valid only for IBGP peers. Before you perform the configuration, you must establish IBGP peer relationship between the MBGP route reflector and clients. Do as follows on the router that is to become MBGP route reflector:
The configuration is optional. By default, the route reflector is not configured.
Step 1 Run:
system-view
6-5
bgp as-number

The BGP-IPv4 multicast address family view appears. Step 4 Run:

peer { group-name | peer-address } reflect-client
This command configures the local host as the route reflector, and specifies the peer (group) as the client of the route reflector. The following list explains the parameters of the command: group-name: indicates MBGP peer groups. peer-address: indicates the IP address of the remote MBGP peer. Step 5 Run:
reflector cluster-id { decimal-value | ipv4-address }
This command configures the cluster ID of the route reflector. The configuration is optional. By default, the route reflector uses its router ID as the cluster ID. Step 6 Run:
quit
quit
6.2.5 Configuring MBGP to import local routes
MBGP routes can be imported from: Direct routes statically imported by using the network command. IGP route imported by using the import-route command. You can import at least one local route according to the specific networking. Do as follows on the router configured with MBGP peer:
6-6
Step 1 Run:
system-view

bgp as-number


network network-address [ mask-length | mask ] [ route-policy route-policy-name ]
This command advertises the route of the direct network segment. The following list explains the parameters of the command: network-address [ mask-length | mask ]: indicates the route to advertise route-policy route-policy-name: indicates the routing policy that controls the route to advertise Step 5 Run:
import-route protocol [ process-id ] [ med med-value | route-policy route-policy-name ] *
This command imports the IGP route to MBGP. The following list explains the parameters of the command: protocol [ process-id ]: indicates the routing protocol to import and its number. The routing protocol can be direct, static, rip, isis, or ospf. When the routing protocol imported is isis, ospf, or rip, you must specify the process number. med med-value: indicates the multiple exit discriminator (MED) value assigned to the imported route. route-policy route-policy-name: indicates the route filtering policy. Only the route that passes the filtering of the policy is imported. Step 6 Run:
default-route imported
This command imports default routes to the MBGP routing table. The command is optional and is used when the network has special requirements. By default, the default route is not imported to MBGP routing table. Step 7 The default-route imported command needs to work with the import-route command to import default routes. You cannot import the default routes by using only the import-route command. The default-route imported command is used to import the default routes that exist in the local routing table. Run:
quit
6-7
quit

Use the commands in the following table to check the previous configuration. Action Check the information about the MBGP peer. Check the information about the MBGP peer group. Check the routing information advertised by MBGP. Check the MBGP routing table. Command display bgp multicast peer [ [ peer-address ] verbose ] display bgp multicast group [ group-name ] display bgp multicast network display bgp multicast routing-table [ network-address [ mask-length [ longer-prefixes ] | mask [ longer-prefixes ] ] ]
6.3 Configuring MBGP route advertisement policy

The router you configure with the MBGP peer advertises the local routing information to the remote peer. Based on the actual networking, you can adopt the related policies to decide the following: Whether MBGP changes the next hop when advertising the route to IBGP peers Whether MBGP advertises all local routes or only the local routes that are aggregated Whether MBGP advertise default routes Whether MBGP advertises community attributes or extended community attributes. Whether BGP update packet sent by the MBGP peer carries the private AS number
Before you configure the MBGP route, complete the task of Configuring basic MBGP functions.
6-8
Data peparation
To configure MBGP route, you need the following data. No. 1 2 3 4 Data AS number Address of the remote peer or the name of the peer group Name of routing policy Address and mask of the local routes to aggregate
No. 1 2 3 4 5 6 Procedure Configuring the next hop of the route as local address Configuring the aggregation of local MBGP routes Configuring the local peer to advertise default route Configuring the local peer to advertise community attribute Configuring update packets not to carry private AS number Checking the configuration
6.3.2 Configuring the next hop of the route as local address

Do as follows on the router configured with MBGP peer.
The configuration is optional, and is valid only for the IBGP peer or peer group.
Step 1 Run:
system-view

bgp as-number

6-9
summary automatic
This command configures the automatic aggregation of the subnet routes. Step 5 Run:
peer { group-name | peer-address } next-hop-local
This command configures the local address as the next hop of the route, when MBGP advertises routes to the MBGP peer or peer group. The following list explains the parameters of the command: group-name: indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. Step 6 Run:
quit
quit
6.3.3 Configuring the aggregation of local MBGP routes

Do as follows on the router configured with MBGP peer:
The configuration is optional. By default, MBGP does not aggregate the local route.
Step 1 Run:
system-view

bgp as-number


summary automatic
This command configures the automatic aggregation of the subnet routes. Step 5 Run:
6-10
aggregate ip-address { mask | mask-length } [ as-set | attribute-policy route-policy-name1 | detail-suppressed | origin-policy route-policy-name2 | suppress-policy route-policy-name3 ] *aggregate ip-address mask [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] *
ip-address: indicates the IP address of the aggregated route. The address is in dotted decimal notation. mask: indicates the network mask of the aggregated route. The network mask is in dotted decimal notation. mask-length: indicates the mask length of the IPv4 address. The value is an integer that ranges from 0 to 32. as-set: generates a route with AS_SET. attribute-policy: indicates the attributes of the aggregated routes. detail-suppressed: indicates only the aggregated route is advertised. origin-policy: filters the specific route of the aggregated routes. suppress-policy: suppress the advertisement of the specific route. route-policy-name: specifies the name of the route-policy. The name is a string of 1 to 40 characters. MBGP supports the following two methods of local route aggregation: Automatic aggregation: aggregates the IGP subnet route imported by MBGP Manual aggregation: aggregates the local MBGP route Step 6 Run:
quit
quit
6.3.4 Configuring the local peer to advertise default route

Do as follows on the router configured with the MBGP peer:
The configuration is optional. By default, the default route is not advertised.
Step 1 Run:
system-view
6-11
bgp as-number


peer { group-name | peer-address } default-route-advertise [ route-policy route-policy-name ]
This command advertises the default route to the MBGP peer group or the remote MBGP peer. The following list explains the parameters of the command: group-name: indicates the MBGP peer group peer-address: indicates the IP address of the remote MBGP peer route-policy route-policy-name: indicates the routing policy that controls all routes advertised. Step 5 Run:
quit
quit
6.3.5 Configuring the local peer to advertise community attribute

Do as follows on the router configured with MBGP peer: Step 1 Run:
system-view

bgp as-number

6-12
peer { group-name | peer-address } default-route-advertise [ route-policy route-policy-name ]
This command advertises the default route to the MBGP peer group or the remote MBGP peer. The following list explains the parameters of the command: group-name: indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. route-policy route-policy-name: indicates the routing policy that controls the advertised routes. Step 5 Run:
quit
quit
6.3.6 Configuring update packets not to carry private AS number

The configuration is applicable only to EBGP peer. By default, the update packet carries private AS number.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } public-as-only
This command configures the BGP update packet sent to the MBGP peer group or the remote MBGP peer to not carry the private AS number. You can use the public AS number directly on the Internet. The private AS number cannot be advertised to the Internet, and is used only in the internal routing domain.
6-13
The following list explains the parameters of the command: group-name: indicates the MBGP peer group peer-address: indicates the IP address of the remote MBGP peer Step 5 Run:
quit
quit

Use the commands in the following table to check the previous configuration. Action Check the routing information of the specified MBGP community. Command display bgp multicast routing-table community [ aa:nn ] & <0-13> [ internet | no-advertise | no-export | no-export-subconfed | whole-match ] * display bgp multicast routing-table community-filter community-filter-number [ whole-match ] display bgp multicast network display bgp multicast routing-table [ network-address [ mask-length [ longer-prefixes ] | mask [ longer-prefixes ] ] ] display bgp multicast routing-table cidr display bgp multicast routing-table statistics
Check the routes that match the specified MBGP community list. Check the routing information advertised by MBGP. Check the MBGP routing table.
Check Classless Inter-Domain Routing (CIDR) routes. Check the statistics of MBGP routing table.
6-14
6.4 Configuring route exchange policy between MBGP peers

Based on the actual network, you can configure the related route exchange polices to control the routing information transmitted between MBGP peers. For a router you configure with MBGP, the route exchange between peers is divided into two types: Import: filters the route sent by the specified peer or peer group. Only the route that passes the filtering is received. Export: filters the route sent to specified peer or peer group. Only the route that passes the filtering is sent.
Preconfiguration task
Before you configure the route filtering policy of MBGP peer, complete the task of Configuring basic MBGP functions.
Data preparation
To configure route filtering policy of the MBGP peer, you need the following data. No. 1 2 3 4 5 6 7 Data Number of the AS where the peer resides Address of the peer or name of the peer group Route-policy IP ACL as-path-filter IP-prefix Route-limit
No. 1 2 3 Procedure Filtering policy of MBGP route exchange Configuring route filtering policy based on route-policy Configuring route filtering policy based on IP ACL
6-15
4 5 6 7
Configuring route filtering policy based on AS-path list Configuring route filtering policy based on IP prefix Configuring the maximum number of IP prefixes received from peers Checking the configuration
6.4.2 Filtering policy of MBGP route exchange

The configuration is optional and applies to the route exchange with any peer.
Step 1 Run:
system-view

bgp as-number


filter-policy { acl-number | ip-prefix ip-prefix-name } { import | export [ protocol [ process-id ] ] }
This command configures the MBGP routing policy to control the route exchange with any MBGP peer. The following list explains the parameters of the command: acl-number: indicates the address filtering table ip-prefix-name: indicates the address prefix list import: filters the route sent by any MBGP peer. Only the route that passes the filtering is received. export [ protocol [ process-id ] ]: filters the route sent to any MBGP peer. In fact, the filtering is performed when the local route is imported to the MBGP routing table. Use this command to import the local route that passes the filtering to the MBGP routing table, and then advertise the routing information in the MBGP routing table. Step 5 Run:
quit
This command quits the BGP-IPv4 multicast address family view.
6-16
Step 6 Run:
quit
6.4.3 Configuring route filtering policy based on route-policy

The configuration is optional. By default, the route filtering policy based on route-policy is not configured.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } route-policy route-policy-name { import | export }
This command configures the MBGP routing policy based on route-policy to control the route exchange with the specified remote MBGP peer. The following list explains the parameters of the command: group-name indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. route-policy-name: indicates the routing policy. Import: filters the route sent by the specified remote MBGP peer or peer group. Only the route that passes the filtering is received. Export: filters the route sent to the specified remote MBGP peer or peer group. Only the route that passes the filtering is sent. Step 5 Run:
quit
quit
6-17
6.4.4 Configuring route filtering policy based on IP ACL

The configuration is optional. By default, the route filtering policy based on IP ACL is not configured.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } filter-policy acl-number { import | export }
This command configures the MBGP routing policy based on IP ACL to control the route exchange with the specified remote MBGP peer. The following list explains the parameters of the command: group-name indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. acl-number: indicates the access control list. Import: filters the route sent by the specified remote MBGP peer or peer group. Only the route that passes the filtering is received. Export: filters the route sent to the specified remote MBGP peer or peer group. Only the route that passes the filtering is sent. Step 5 Run:
quit
quit
6-18
6.4.5 Configuring route filtering policy based on AS-path list

The configuration is optional. By default, the route filtering policy based on AS-Path list is not configured.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } as-path-filter filter-number { import | export }
This command configures the MBGP routing policy based on AS-path list to control the route exchange with the specified remote MBGP route. The following list explains the parameters of the command: group-name indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. filter-number: indicates the routing policy. Import: filters the route sent by the specified remote MBGP peer or peer group. Only the route that passes the filtering is received. Export: filters the route sent to the specified remote MBGP peer or peer group. Only the route that passes the filtering is sent. Step 5 Run:
quit
quit
6.4.6 Configuring route filtering policy based on IP prefix

6-19
The configuration is optional. By default, the route filtering policy based on IP prefix list is not configured.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } ip-prefix prefix-name { import | export }
Step 5 This command configures the MBGP routing policy based on IP prefix to control the route exchange with the specified remote MBGP peer. The following list explains the parameters of the command: group-name indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. prefix-name: indicates the name of the prefix. Import: filters the route sent by the specified remote MBGP peer or peer group. Only the route that passes the filtering is received. Export: filters the route sent to the specified remote MBGP peer or peer group. Only the route that passes the filtering is sent. Step 6 Run:
quit
quit
6.4.7 Configuring the maximum number of IP prefixes received from peers

6-20
The configuration is optional. By default, the configuration is not done.
Step 1 Run:
system-view

bgp as-number


peer { group-name | peer-address } route-limit maximum-limit [ threshold ] [ alert-only | idle-forever | idle-timeout value ]
This command limits the number of IP prefixes of routes learned from the MBGP peer groups or the remote MBGP peers. If the number of IP prefixes exceeds the maximum-limit, the router terminates the peer relationship. The following list explains the parameters of the command: group-name indicates the MBGP peer group. peer-address: indicates the IP address of the remote MBGP peer. maximum-limit: indicates maximum number of IP prefixes. alert-only: indicates the timer that is set automatically after the maximum number of the IP prefixes exceeds the limit. The value indicates the value of the timer. idle-forever: indicates the route does not reset the TCP connection after the maximum number of the IP prefixes exceeds the limit, unless the reset bgp command is used. idle-timeout value: indicates the timer that is set automatically after the maximum number of the IP prefixes exceeds the limit. The value indicates the timeout value of the timer. Step 5 Run:
quit

Use the commands in the following table to check the previous configuration.
6-21
Action Check the routes that differ from the original AS. Check the routing information that matches the AS regular expression. Check the information on the AS paths. Check the routing information that matches the filtering list. Check the routes that match the MBGP community list. Check the routing information sent to the specified MBGP peer. Check the routing information advertised by MBGP.
Command display bgp multicast routing-table different-origin-as display bgp multicast routing-table regular-expression [ as-regular-expression ] display bgp multicast paths [ as-regular-expression ] display bgp multicast routing-table as-path-filter as-path-filter-number display bgp multicast routing-table community-filter community-filter-number [ whole-match ] display bgp multicast routing-table peer peer-address { advertised-routes | received-routes } [ statistics ] display bgp multicast network
6.5 Configuring MBGP route selection policy

To select the optimal route, MBGP needs the following information: Preferred value of the MBGP route Preference of the MBGP route Local preference of the MBGP route MED attribute of the MBGP route MBGP route dampening Based on actual networking, you can use related policies to affect the election of optimal route election.
Before you configure the MBGP route election, complete the task of Configuring basic MBGP functions.
Data preparation
To configure MBGP routes, you need the following data.
6-22
No. 1 2 3 4 5 6 7
Data AS number MBGP peer group or remote MBGP peer Preferred value External, internal and local preference, and route-policy Default local-preference value of the host MED attribute of MBGP routers Values of route dampening parameters
No. 1 2 3 4 5 6 Procedure Setting preferred value of the route learned from peers Configuring MBGP route preference Configuring local-pref of MBGP route Configuring MED attribute of MBGP route Setting dampening parameters of MBGP routes Checking the configuration
6.5.2 Setting preferred value of the route learned from peers

The configuration is optional. By default, the preferred value is 0.
Step 1 Run:
system-view

bgp as-number

The BGP-IPv4 multicast address family view appears.
6-23
Step 4 Run:
peer { group-name | peer-address } preferred-value preference- value
This command configures the preferred value for the route learned from the MBGP peer group and the remote MBGP peer. The route with the greatest preferred value is selected as the route to the specified network. The following list explains the parameters of the command: group-name: indicates the name of the MBGP peer group peer-address: indicates the IP address of the remote MBGP peer Step 5 Run:
quit
quit
6.5.3 Configuring MBGP route preference

The configuration is optional. By default, the default preferences of EBGP, IBGP, and local route are 255.
Step 1 Run:
system-view

bgp as-number


preference { external-preference internal-preference local-preference | route-policy route-policy-name }
This command configures the preference of internal, external, and local routes. The smaller the value is, the higher the preference is.
6-24
The following list explains the parameters of the command: external-preference: indicates the preference of the route learned from EBGP peers. internal-preference: indicates the preference of the route learned from IBGP peers. local-preference: indicates the preference of the local originated route. route-policy route-policy-name: indicates the routing policy. The configuration applies to the specific routes that meet certain matching conditions. Step 5 Run:
quit
quit
6.5.4 Configuring local-pref of MBGP route

The configuration is optional. The default value is 100.
Step 1 Run:
system-view

bgp as-number


default local-preference preference
This command configures the local-pref of the local host. When the BGP router obtains multiple routes with the same destination but different next hops through different IBGP peers, the route with the greater Local_pref value is preferred. Step 5 Run:
quit
This command quits the BGP-IPv4 multicast address family view.
6-25
Step 6 Run:
quit
6.5.5 Configuring MED attribute of MBGP route

The configuration is optional. When the BGP router obtains multiple routes with the same destination but different next hops through different EBGP peers, the route with the smaller MED value is preferred if the other conditions of these routes are the same.
Step 1 Run:
system-view

bgp as-number


default med med
This command configures the default MED value of the local host. Step 5 Run:
compare-different-as-med
This command compares MED values of routes from different ASs. By default, the BGP router compares only the MED values of the routes from the same AS. Step 6 Run:
bestroute med-none-as-maximum
When the MED value of a route is lost, the router is configured with the maximum MED value. By default, the MED value of the route is 0. Step 7 Run:
bestroute med-confederation
This command compares MED values of routes in the same confederation.
6-26
By default, BGP compares MED values of routes in the same AS. Step 8 Run:
quit
quit
6.5.6 Setting dampening parameters of MBGP routes

The configuration is valid only for EBGP routes. By default, the default values of dampening parameters are used.
Step 1 Run:
system-view

bgp as-number


dampening [ half-life-time-reachable half-life-time-unreachable route-reuse-value route-suppress-value max-ceiling-value | route-policy route-policy-name ] *
This command configures the dampening parameters of MBGP routes. The following list explains the parameters of the command: half-life-time-reachable: indicates the half-life of the accessible routes. half-life-time-unreachable: indicates the half-life of the inaccessible routes. route-reuse-value: indicates the threshold to release routes from being suppressed. When the penalty is smaller than the threshold, the suppressed routes are reused. route-suppress-value: indicates the threshold to suppress routes. The value must be greater than the value of route-reuse-value. When the penalty is smaller than the threshold, the routes are suppressed. max-ceiling-value: indicates the ceiling value of the threshold. The value must be greater than the value of route-suppress-value.
6-27
route-policy route-policy-name: indicates the routing policy. The configuration applies to the routes that meet certain matching conditions. Step 5 Run:
quit
quit

Use the commands in the following table to check the previous configuration. Action Check the routing information that matches the filtering list. Check the dampened routes of MBGP. Check the dampening parameters of MBGP. Check the statistics of MBGP route flapping. Command display bgp multicast routing-table as-path-filter as-path-filter-number display bgp multicast routing-table dampened display bgp routing-table dampening parameter display bgp multicast routing-table flap-info [ network-address [ mask [ longer-match ] | mask-length [ longer-match ] ] | as-path-filter as-path-filter-number | regular-expression as-regular-expression ] display bgp multicast routing-table statistics
Check the statistics of the MBGP routing table.
6.6 Maintaining MBGP

This section covers the following topics: Debugging MBGP Clearing MBGP statistics Resetting the MBGP connection
6.6.1 Debugging MBGP
6-28
Debugging affects system performance. After you debug the system, run the undo debugging all command to disable it immediately. After an MBGP fault occurs, run the following debugging commands in the user view to debug MBGP and locate the fault. For information about the output of the debugging command, see Nortel Secure Router 8000 Series Configuration System Management (NN46240-601). Action Debug BGP. Debug BGP events. Debug BGP packets. Debug MBGP update packets. Command debugging bgp all debugging bgp event debugging bgp { keepalive | open | packet | route-refresh } [ receive | send ] [ verbose ] debugging bgp update multicast [ peer peer-address | ip-prefix ip-prefix-name ] [ receive | send ] [ verbose ]
MBGP uses the same debugging information as that used by BGP. For more information about the preceding debugging command, see the chapter "IP Routing" in the Nortel Secure Router 8000 Series Command Reference.
6.6.2 Clearing MBGP statistics
You cannot restore the MBGP statistics after you clear them. Confirm the action before you use the command. To delete MBGP statistics, run the following commands in the user view. Action Clear the routing information of MBGP external routes. Clear the routing information of MBGP internal routes. Clear the routing information of MBGP dampened routes. Command reset bgp multicast external reset bgp multicast internal reset bgp multicast dampening [ network-address [ mask | mask-length ] ]
6-29
Clear the flapping information of MBGP routes.
reset bgp multicast flap-info [ network-address [ mask-length | mask ] | as-path-filter as-path-list-number | regrexp regrexp ]
6.6.3 Resetting the MBGP connection
The MBGP peer relationship is cut off after you reset MBGP connections with the refresh bgp multicast command. Confirm the action before you use the command. After you modify the MBGP routing policy or protocol, you need to reset MBGP connections to enable the modification. To reset the MBGP connection, run the following commands in the user view. Action Reset the MBGP connection between specified peers. Reset all MBGP connections. Reset the MBGP connections between all peers in the same peer group. Reset the connection between EBGP peers. Reset the connection between IBGP peers. Command refresh bgp multicast peer-address { import | export } refresh bgp multicast all { import | export } refresh bgp multicast group group-name { import | export } refresh bgp multicast external { import | export } refresh bgp multicast internal { import | export }
6.7 Example of configuring basic MBGP functions

As shown in Figure 6-1, the Receiver receives information in multicast mode. The Receiver and Source reside in different ASs. The MBGP peer establishes between ASs to transmit multicast routing information.
6-30
Figure 6-1 MBGP path selection networking diagram

AS100 AS200 RouterD
Loopback0 POS2/0/0 POS1/0/0
Source
RouterA
RouterB
POS2/0/0
Eth2/0/0
POS1/0/0
POS1/0/0 Loopback0
POS3/0/0
Loopback0
POS3/0/0
POS1/0/0 Loopback0
RouterC
Eth2/0/0
Receiver
MBGP peers
Router RouterA
RouterB
Interface POS1/0/0 Ethernet2/0/0 Loopback0 POS1/0/0 POS2/0/0 POS3/0/0 Loopback0
IP address 192.1.1.1/24 10.10.10.1/24 1.1.1.1/32 192.1.1.2/24 194.1.1.2/24 193.1.1.2/24 2.2.2.2/32
Router RouterC
RouterD
Interface POS1/0/0 Ethernet 2/0/0 POS3/0/0 Loopback0 POS1/0/0 POS2/0/0 Loopback0
IP address 195.1.1.1/24 22.22.22.1/24 193.1.1.1/24 3.3.3.3/32 195.1.1.2/24 194.1.1.1/24 4.4.4.4/32
The configuration roadmap is as follows: 1. 2. 3. 4. 5. 6. 7. 8. Configure the interface IP address on each router to ensure internetworking within the AS in unicast mode. Configure MBGP peer and configure an inter-AS multicast route. Configure the MBGP routes to advertise. Enable multicast on each router. Configure basic PIM-SM functions in each AS, and enable IGMP function on the interface at the host side. Configure the BSR boundary on inter-AS connected interfaces. Configure the MSDP peer to transfer interdomain multicast source information. Verify the configuration.
6-31
Data preparation
To complete the configuration, you need the following data: The AS number of Router A is 100. Router B, Router C, and Router D belong to AS200. The multicast group address is 225.1.1.1 and source address is 10.10.10.10/24.
This configuration example includes only the commands related to MBGP configuration.
Step 1 Configure the IP address of interfaces on each router and the OSPF protocol in the AS. # Configure the IP address and mask of interfaces on each router and the OSPF protocol in the AS as shown in Figure 6-1. Enable interworking on the network layer among Router B, Router C, Router D, and Receiver in AS200. Ensure that the routers can learn routing to the loopback interfaces. Ensure the dynamic routing update between routers, by using a unicast routing protocol. The process 1 of OSPF is adopted in the configuration and the detailed process is not mentioned here. Step 2 Configure BGP, enable MBGP protocol, and configure the MBGP peer. # Configure BGP on Router A and the MBGP peer:
[RouterA] bgp 100 [RouterA-bgp] peer 192.1.1.2 as-number 200 [RouterA-bgp] ipv4-family multicast [RouterA-bgp-af-multicast] peer 192.1.1.2 enable [RouterA-bgp-af-multicast] quit [RouterA-bgp] quit
# Configure BGP on Router B and the MBGP peer:

[RouterB] bgp 200 [RouterB-bgp] peer 192.1.1.1 as-number 100 [RouterB-bgp] peer 193.1.1.1 as-number 200 [RouterB-bgp] peer 194.1.1.1 as-number 200 [RouterB-bgp] ipv4-family multicast [RouterB-bgp-af-multicast] peer 192.1.1.1 enable [RouterB-bgp-af-multicast] peer 193.1.1.1 enable [RouterB-bgp-af-multicast] peer 194.1.1.1 enable [RouterB-bgp-af-multicast] quit [RouterB-bgp] quit
# Configure BGP on Router C and the MBGP peer:

[RouterC] bgp 200 [RouterC-bgp] peer 193.1.1.2 as-number 200 [RouterC-bgp] peer 195.1.1.2 as-number 200 [RouterC-bgp] ipv4-family multicast [RouterC-bgp-af-multicast] peer 193.1.1.2 enable [RouterC-bgp-af-multicast] peer 195.1.1.2 enable [RouterC-bgp-af-multicast] quit [RouterC-bgp] quit
# Configure BGP on Router D and the MBGP peer:
6-32

[RouterD] bgp 200 [RouterD-bgp] peer 194.1.1.2 as-number 200 [RouterD-bgp] peer 195.1.1.1 as-number 200 [RouterD-bgp] ipv4-family multicast [RouterD-bgp-af-multicast] peer 194.1.1.2 enable [RouterD-bgp-af-multicast] peer 195.1.1.1 enable [RouterD-bgp-af-multicast] quit [RouterD-bgp] quit
Step 3 Configure the routes to advertise. # Configure the routes to advertise on Router A:
[RouterA] bgp 100 [RouterA-bgp] import-route direct [RouterA-bgp] ipv4-family multicast [RouterA-bgp-af-multicast] import-route direct [RouterA-bgp-af-multicast] quit [RouterA-bgp] quit
# Configure the routes to advertise on Router B:

[RouterB] bgp 200 [RouterB-bgp] import-route direct [RouterB-bgp] import-route ospf 1 [RouterB-bgp] ipv4-family multicast [RouterB-bgp-af-multicast] import-route direct [RouterB-bgp-af-multicast] import-route ospf 1 [RouterB-bgp-af-multicast] quit [RouterB-bgp] quit
# Configure the routes to advertise on Router C:

[RouterC] bgp 200 [RouterC-bgp] import-route direct [RouterC-bgp] import-route ospf 1 [RouterC-bgp] ipv4-family multicast [RouterC-bgp-af-multicast] import-route direct [RouterC-bgp-af-multicast] import-route ospf 1 [RouterC-bgp-af-multicast] quit [RouterC-bgp] quit
# Configure the routes to advertise on Router D:

[RouterD] bgp 200 [RouterD-bgp] import-route ospf 1 [RouterD-bgp] ipv4-family multicast [RouterD-bgp-af-multicast] import-route ospf 1 [RouterD-bgp-af-multicast] quit [ R o u t e r D - b g p ] quit
Step 4 Enable multicast on each router and connected interfaces. # Configuration on Router A is as follows:
[RouterA] multicast routing-enable [RouterA] interface Pos1/0/0 [RouterA-Pos1/0/0] pim sm [RouterA-Pos1/0/0] quit
6-33
[RouterA] interface Ethernet2/0/0 [RouterA-Ethernet2/0/0] pim sm [RouterA-Ethernet2/0/0] quit
# Configuration on Router B is as follows:

[RouterB] multicast routing-enable [RouterB] interface Pos1/0/0 [RouterB-Pos1/0/0] pim sm [RouterB-Pos1/0/0] quit [RouterB] interface Pos2/0/0 [RouterB-Pos2/0/0] pim sm [RouterB-Pos2/0/0] quit [RouterB] interface Pos3/0/0 [RouterB-Pos3/0/0] pim sm [RouterB-Pos3/0/0] quit
# Configuration on Router C is as follows:

[RouterC] multicast routing-enable [RouterC] interface Pos1/0/0 [RouterC-Pos1/0/0] pim sm [RouterC-Pos1/0/0] quit [RouterC] interface Ethernet2/0/0 [RouterC-Ethernet2/0/0] pim sm [RouterC-Ethernet2/0/0] igmp enable [RouterC-Ethernet2/0/0] quit [RouterC] interface Pos3/0/0 [RouterC-Pos3/0/0] pim sm [RouterC-Pos3/0/0] quit
# Configuration on Router D is as follows:

[RouterD] multicast routing-enable [RouterD] interface Pos1/0/0 [RouterD-Pos1/0/0] pim sm [RouterD-Pos1/0/0] quit [RouterD] interface Pos2/0/0 [RouterD-Pos2/0/0] pim sm [RouterD-Pos2/0/0] quit
Step 5 Configure BSR and RP within the AS .# Configuration on Router A is as follows:

[RouterA] interface loopback 0 [RouterA-LoopBack0] pim sm [RouterA-LoopBack0] quit [RouterA] pim [RouterA-pim] c-bsr loopback 0 [RouterA-pim] c-rp loopback 0 [RouterA-pim] quit

[RouterB] interface loopback 0 [RouterB-LoopBack0] pim sm [RouterB-LoopBack0] quit [RouterB] pim
6-34

[RouterB-pim] c-bsr loopback 0 [RouterB-pim] c-rp loopback 0 [RouterB] quit
Step 6 Configure BSR service boundary on inter-AS interfaces. # Configuration on Router A is as follows:
[RouterA] interface Pos1/0/0 [RouterA-Pos1/0/0] pim bsr-boundary [RouterA-Pos1/0/0] quit

[RouterB] interface Pos1/0/0 [RouterB-Pos1/0/0] pim bsr-boundary [RouterB-Pos1/0/0] quit
Step 7 Configure the MSDP peer. # Configuration on Router A is as follows:

[RouterA] msdp [RouterA-msdp] peer 192.1.1.2 connect-interface Pos 1/0/0 [RouterA-msdp] quit
# Configuration on Router A is as follows:

[RouterB] msdp [RouterB-msdp] peer 192.1.1.1 connect-interface Pos 1/0/0 [RouterB-msdp] quit
Step 8 Verify the configuration. # Use the display bgp multicast peer command to check the MBGP peer relationship between routers. For example, the MBGP peer relationship on Router A appears as follows:
[RouterA] display bgp multicast peer BGP local router ID : 1.1.1.1 Local AS number : 100 Total number of peers : 1 Peer 192.1.1.2 V 4 AS 200 82 75 0 Peers in established state : 1 State PrefRcv 17 00:30:29 Established MsgRcvd MsgSent OutQ Up/Down
# Use the display msdp brief command to check the MSDP peer relationship between routers. For example, the brief information of MSDP peer relationship on Router B appears as follows:
[RouterB] display msdp brief MSDP Peer Brief Information of VPN-Instance: public net Configured 1 Peer's Address 192.1.1.1 Up 1 State Up Listen 0 Connect 0 Up/Down time 00:07:17 AS 100 Shutdown 0 SA Count 1 Down 0 Reset Count 0
# Receiver can receive the multicast packets sent from the multicast source. ----End
6-35
Configuration files
# sysname RouterA # multicast routing-enable # interface Pos1/0/0 link-protocol ppp ip address 192.1.1.1 255.255.255.0 pim bsr-boundary pim sm # interface Ethernet2/0/0 ip address 10.10.10.1 255.255.255.0 pim sm # interface loopback0 ip address 1.1.1.1 255.255.255.255 pim sm # pim c-bsr loopback0 c-rp loopback0 # bgp 100 peer 192.1.1.2 as-number 200 # ipv4-family unicast undo synchronization import-route direct peer 192.1.1.2 enable # ipv4-family multicast undo synchronization import-route direct peer 192.1.1.2 enable # msdp peer 192.1.1.2 connect-interface Pos1/0/0 # return

# sysname RouterB # multicast routing-enable # interface pos1/0/0 link-protocol ppp ip address 192.1.1.2 255.255.255.0 pim bsr-boundary pim sm #
6-36

interface pos2/0/0 link-protocol ppp ip address 194.1.1.2 255.255.255.0 pim sm # interface pos3/0/0 link-protocol ppp ip address 193.1.1.2 255.255.255.0 pim sm # interface loopback0 ip address 2.2.2.2 255.255.255.255 pim sm # pim c-bsr loopback0 c-rp loopback0 # ospf 1 area 0.0.0.0 network 193.1.1.0 0.0.0.255 network 194.1.1.0 0.0.0.255 network 2.2.2.2 0.0.0.0 # bgp 200 peer 192.1.1.1 as-number 100 peer 193.1.1.1 as-number 200 peer 194.1.1.1 as-number 200 # ipv4-family unicast undo synchronization import-route direct import-route ospf 1 peer 192.1.1.1 enable peer 193.1.1.1 enable peer 194.1.1.1 enable # ipv4-family multicast undo synchronization import-route direct import-route ospf 1 peer 192.1.1.1 enable peer 193.1.1.1 enable peer 194.1.1.1 enable # msdp peer 192.1.1.1 connect-interface Pos1/0/0 # return

# sysname RouterC # multicast routing-enable #
6-37
interface Pos1/0/0 link-protocol ppp ip address 195.1.1.1 255.255.255.0 pim sm # interface Ethernet2/0/0 ip address 22.22.22.1 255.255.255.0 igmp enable pim sm # interface pos3/0/0 link-protocol ppp ip address 193.1.1.1 255.255.255.0 pim sm # interface loopback0 ip address 3.3.3.3 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 193.1.1.0 0.0.0.255 network 195.1.1.0 0.0.0.255 network 22.22.22.0 0.0.0.255 network 3.3.3.3 0.0.0.0 # bgp 200 peer 193.1.1.2 as-number 200 peer 195.1.1.2 as-number 200 # ipv4-family unicast undo synchronization import-route direct import-route ospf 1 peer 193.1.1.2 enable peer 195.1.1.2 enable # ipv4-family multicast undo synchronization import-route direct import-route ospf 1 peer 193.1.1.2 enable peer 195.1.1.2 enable # return
Configuration file of Router D

# sysname RouterD # multicast routing-enable # interface Pos1/0/0 link-protocol ppp ip address 195.1.1.2 255.255.255.0 pim sm
6-38

# interface Pos2/0/0 link-protocol ppp ip address 194.1.1.1 255.255.255.0 pim sm # interface loopback 0 ip address 4.4.4.4 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 194.1.1.0 0.0.0.255 network 195.1.1.0 0.0.0.255 network 4.4.4.4 0.0.0.0 # bgp 200 peer 194.1.1.2 as-number 200 peer 195.1.1.1 as-number 200 # ipv4-family unicast undo synchronization import-route ospf 1 peer 194.1.1.2 enable peer 195.1.1.1 enable # ipv4-family multicast undo synchronization import-route ospf 1 peer 194.1.1.2 enable peer 195.1.1.1 enable # return
6-39
Contents
7 Multicast VPN configuration...................................................................................................7-1
7.1 Introduction ...................................................................................................................................................7-2 7.1.1 Overview of multicast VPN .................................................................................................................7-2 7.1.2 MD VPN over the NORTEL SECURE ROUTER 8000 SERIES........................................................7-4 7.1.3 Creating Share-MDT ...........................................................................................................................7-6 7.1.4 Transmission process of the Share-MDT based multicast protocol packet..........................................7-8 7.1.5 Transmission process of the Share-MDT based multicast data packet...............................................7-10 7.1.6 Switch-MDT switchover.................................................................................................................... 7-11 7.1.7 MD VPN across Multi-AS .................................................................................................................7-12 7.1.8 References..........................................................................................................................................7-14 7.2 Configuring MD VPN.................................................................................................................................7-14 7.2.1 Establishing the configuration task ....................................................................................................7-14 7.2.2 Enabling IP multicast routing.............................................................................................................7-15 7.2.3 Configuring Share-Group and binding an MTI..................................................................................7-15 7.2.4 Setting MTI parameters .....................................................................................................................7-16 7.2.5 Checking the configuration................................................................................................................7-17 7.3 Configuring the Switch-MDT switchover...................................................................................................7-17 7.3.1 Establishing the configuration task ....................................................................................................7-17 7.3.2 Setting switching parameters of Switch-MDT...................................................................................7-18 7.3.3 Enabling the log output of Switch-Group reuse.................................................................................7-19 7.3.4 Checking the configuration................................................................................................................7-20 7.4 Maintaining MD VPN.................................................................................................................................7-21 7.5 Configuration examples ..............................................................................................................................7-21 7.5.1 Example of configuring MD VPN in a single AS ..............................................................................7-21 7.5.2 Example of configuring inter-AS MD VPN.......................................................................................7-43
Figures
Figure 7-1 Typical MPLS/BGP VPN application...............................................................................................7-2 Figure 7-2 Multicast VPN based on multi-instance............................................................................................7-3 Figure 7-3 Diagram of an MD of a VPN instance..............................................................................................7-5 Figure 7-4 Neighbor relationship between CE, PE, and P in MD scheme .........................................................7-6 Figure 7-5 Diagram of creating Share-MDT in PIM-SM network.....................................................................7-7 Figure 7-6 Diagram of creating Share-MDT in PIM-DM network ....................................................................7-8 Figure 7-7 Transmission process of multicast packets .......................................................................................7-9 Figure 7-8 Transmission process of multicast data packets..............................................................................7-11 Figure 7-9 VPN instance-to-VPN instance connection method .......................................................................7-13 Figure 7-10 Multihop EBGP connection method .............................................................................................7-13 Figure 7-11 Networking diagram of multicast configuration in BGP MPLS VPN ..........................................7-22 Figure 7-12 Networking diagram of inter-AS MD VPN ..................................................................................7-43
iii
Tables
Table 7-1 Configuration information of interfaces ...........................................................................................7-22 Table 7-2 Networking requirements of multicast in MD scheme .....................................................................7-24 Table 7-3 Configuration of router interface ......................................................................................................7-43 Table 7-4 Networking requirements of inter-AS MD VPN ..............................................................................7-45
7 Multicast VPN configuration
7
About this chapter
Section 7.1 Introduction
Multicast VPN configuration
The following table describes the contents of this chapter. Description This section describes the principles and the concepts of the multicast domain (MD) virtual private networks (VPN). This section describes the application and the configuration of MD VPN. For configuration examples, see Example of configuring MD VPN in a single AS and Example of configuring inter-AS MD VPN. This section describes the application and the configuration of Switch-MDT Switchover. This section describes how to clear the statistics of MD VPN and how to debug MD VPN. This section provides configuration examples of MD VPN.
7.2 Configuring MD VPN
7.3 Configuring the Switch-MDT switchover 7.4 Maintaining MD VPN 7.5 Configuration examples
7-1
7.1 Introduction
7.1.1 Overview of multicast VPN
The Nortel Secure Router 8000 Series (NORTEL SECURE ROUTER 8000 SERIES) implements multicast transmission based on Multiprotocol Label Switching (MPLS)/Border Gateway Protocol (BGP) VPN.
MPLS/BGP VPN
MPLS/BGP VPN is a type of VPN, implemented based on the BGP and MPLS expansion. The MPLS or BGP VPN consists of the carrier backbone network and every site of customers. The sites are isolated from each other and they interconnect only through the backbone network. A VPN is the division of sites based on policies. These policies control the connection among sites. As shown in the following figure, Site 1, Site 2, and Site 3 constitute VPN A, and Site 4, Site 5, and Site6 constitute VPN B. Figure 7-1 Typical MPLS/BGP VPN application
VPNA site1 CE4 PE1 CE1
VPN B site4 P1 Core Layer
VPN B site5 CE5 Edge Layer CPE layer CE2
P2
PE3
VPN A site3
CE3
P3 CE6
PE2 VPN A site2
VPN B site6
The function of the various devices is as follows: P: Provider router. The P router forwards MPLS. PE: Provider edge router. The PE router processes VPN routes and implements MPLS Layer 3 VPN. CE: Custom edge router. The CE router advertises user network routes.
7-2
For more information about MPLS/BGP VPN, see Nortel Secure Router 8000 Series Configuration VPN (NN46240-507).
Multicast VPN
As shown in Figure 7-2, when the multicast VPN is deployed in the network, the network carries three separate multicast services at the same time, VPN A instance, VPN B instance and a public instance. The PE, which is a multicast router, at the edge of the public network supports multi-instance. The PE acts as multiple multicast routers that run separately. Each instance can be regarded as a plane. The three planes are isolated. Figure 7-2 Multicast VPN based on multi-instance
site4
PE2 site6
MD B
site5 PE1
VPN instance B
P PE1 PE2
PIM
PE3
Public instance
site2 site1 PE1
MD A
PE2 site3 PE3
VPN instance A
Use the VPN A instance as an example. Multicast VPN refers to: S1 belongs to VPN A. S1 sends multicast data to G, a multicast group. Among all possible data receivers, only members of VPN A (Site 1, Site 2, and Site 3) can receive multicast data from S1. Multicast data transmits among sites in multicast mode and in the public network. To implement multicast VPN, the following network conditions are required: Each site supports the multicast based on VPN instance. The public network supports the multicast based on public instance. PE devices support multi-instance multicast:
Connect sites through VPN instance, and support multicast based on VPN instance
7-3

Connect public network through public instance, and support multicast based on public instance Support information communication and data switching between public network instance and VPN instance
7.1.2 MD VPN over the NORTEL SECURE ROUTER 8000 SERIES

MD VPN is one of the solutions to implement the multicast VPN by the VRP.. An advantage of MD is that only the PE is required to support multi-instance. MD neither needs to upgrade CE and P, nor modify the previous Protocol Independent Multicast (PIM) configuration on them. The MD scheme is transparent to CE and P.
Introduction to MD VPN over the NORTEL SECURE ROUTER 8000 SERIES

The MD VPN implementation mechanism is as follows: The public network set up by the carrier supports the multicast function, which saves bandwidth. The PE supports the public instance and multiple VPN instances at the same time. The public instance and VPN multicast instances run separate PIM. The PE and CE exchange VPN multicast packets through VPN instances. The PE and P exchange public network multicast packets through the public instance. Logically, MD indicates the transmission range of VPN multicast data in a public network. Objectively, MD identifies all PEs that support VPN instances in the network. Different VPN instances correspond to different MDs. As shown in Figure 7-2, the central ellipse area of each VPN instance plane indicates an MD that serves a certain VPN. All VPN multicast data transmitted in the VPN is transmitted in the MD. In the MD, VPN data transmits by multicast tunnel (MT). The transmission process of MT is: the local PE encapsulates a VPN data packet into a public network data packet, and forwards it in the public network. After the remote PE receives the packet, the remote PE decapsulates it and reverts it to the VPN data packet. The Multicast tunnel interface (MTI) is the outgoing interface or incoming interface of the MT. The MTI is equal to the outgoing interface or incoming interface of MD. The local PE sends the VPN data from MTI. The remote PE receives the VPN data from MTI.
7-4
Figure 7-3 Diagram of an MD of a VPN instance
PE1
PIM
P
PE2
Public instance MTI MTI CE2
MD
CE1 MT PE1" VPN instance PE2"
Figure 7-3 shows the relationship between the MD of the public network instance and the MD of the VPN instance. You can compare MD to a transmission pool of VPN data. The pool copies the VPN data and sends it to all outbound interfaces (MTI) of the MD. Any remote PE that needs the VPN data can obtain the data from the outgoing interfaces (MTI). A VPN instance uniquely specifies the address of a Share-Group. The VPN data is transparent to the public network. The PE does not distinguish to which multicast group a VPN packet belongs or whether it is a protocol packet or a data packet. The PE uniformly encapsulates the VPN packet into a general public network multicast packet with Share-Group as its group. The PE then sends the packet to the public network. One Share-Group uniquely maps to an MD. In addition, one Share-Group uniquely sets up a Share-Multicast Distribution Tree (Share-MDT) to guide routers to forward packets. All VPN packets are forwarded along the Share-MDT regardless of the PE from which they enter the public network. One Share-Group uniquely confirms a Switch-group-pool for the switchover of the Switch-Multicast Distribution Tree (Switch-MDT). When the Switch-MDT is performed, an idle address is chosen from the Switch-group-pool. All VPN multicast packets that enter the public network from a PE are encapsulated with this Switch-group address. All PEs in the network monitor the forwarding rate of the Share-MDT. When the forwarding rate of the data that enters the public network through a PE exceeds the threshold, the PE, as the source PE, sends a switchover notification to downstream PEs along the Share-MDT. A new Switch-MDT is built up between the PE and remote PEs that need the data with the Switch-group. The Switch-MDT is then performed. All VPN multicast data that enters the public network from the PE is no longer encapsulated with the Share-group address. The VPN data is encapsulated into a public network packet of Switch-group. Thus it is switched from the previous Share-MDT to the newly configured Share-MDT.
7-5
A VPN uniquely confirms an MD. An MD uniquely services a VPN server. This relationship is called corresponding relationship. VPN, MD, MTI, Share-Group, and Switch-group-pool correspond to each other.
PIM neighbor relationship between CE, PE, and P

A PIM neighbor relationship is established between two or more direct routers that belong to the same network segment. As shown in Figure 7-4, three types of PIM neighbor relationships exist in MD VPN. Figure 7-4 Neighbor relationship between CE, PE, and P in MD scheme
CE3 PE-PE neighbour PE-P neighbour PE-CE neighbour PE3
CE1 P
CE2
PE1
MD
PE2
PE-CE neighbor relationship: The PIM neighbor relationship that establishes between the interface on which the PE binds the VPN instance and the interface of CE in the opposite side of the link. PE-P neighbor relationship: The PIM neighbor relationship that establishes between the interface of the public instance on PE and the interface on the opposite P. PE-PE neighbor relationship: The VPN instance on the PE receives hello packets from the VPN instance on the remote PE through MTI. The relationship is established.
To establish the PIM neighbor, ensure that interfaces on both end of the link enable the PIM protocols of the same type.
7.1.3 Creating Share-MDT

For the VPN instance, data transmission in the public network is transparent. The VPN data seamlessly connects at MTI on PE. The VPN instance sends the VPN data through MTI on the local PE, and the remote PE can receive the data through MTI. The data follows the complex public network transmission process, that is, MDT transmission. The MDT that uses the address of the Share-group as the group address is called Share-MDT. A VPN uses Share-Group to uniquely identify a Share-MDT. The public network multicast can run in PIM-Spare Mode (SM) network or PIM-Dense Mode (DM) network. In the two modes, the process to establish a Share-MDT is different.
7-6
Creating Share-MDT in PIM-SM network

As shown in the following figure, the public network is in the PIM-SM mode. Figure 7-5 Diagram of creating Share-MDT in PIM-SM network
PE3 IBGP:11.1.3.1/24
RP
MD
PE1 IBGP:11.1.1.1/24 Public instance IBGP Peer Share-Group: 239.1.1.1 RPT*239.1.1.1 PE2 IBGP:11.1.2.1/24 SPT11.1.1.1239.1.1.1 SPT11.1.2.1239.1.1.1 SPT11.1.3.1239.1.1.1
The process to establish the Share-MDT is as follows: 1. The public network instance of PE1 sends a join message with the Share-Group address as the multicast group address to the rendezvous point (RP) in the public network. Routers that receive the join message create the (*, 239.1.1.1) entry. At the same time, PE2 and PE3 send a join message to the RP in the public network. An RPT is formed in MD with the RP as root and PE1, PE2, and PE3 as leaves. The public network instance of PE1 sends a register message with an Interior BGP (IBGP) interface address as the multicast address to the RP in the public network. Routers that receive the join message create the (11.11.1.1, 239.1.1.1) entry. At the same time, PE2 and PE3 send a register message to the RP. Three independent RP-Source trees that connect PE with RP are formed in MD.
2.
In PIM-SM network, an RPT (*, 239.1.1.1) and three independent RP-Source trees form a Share-MDT.
Creating Share-MDT in PIM-DM network

As shown in the following figure the public network is in the PIM-DM mode.
7-7
Figure 7-6 Diagram of creating Share-MDT in PIM-DM network

PE3 IBGP:11.1.3.1/24
MD
PE1 IBGP:11.1.1.1/24 PE2 IBGP:11.1.2.1/24 SPT11.1.1.1239.1.1.1 SPT11.1.2.1239.1.1.1 SPT11.1.3.1239.1.1.1
Public instance IBGP Peer Share-Group: 239.1.1.1
The process to establish a Share-MDT is as follows: The flooding-pruning process starts in the entire public network: Public network instance on PE1 as the multicast source Share-Group address as group address Other PEs that support VPN A as group members The (11.11.1.1, 239.1.1.1) entry establishes on routers along the path. An SPT is established with PE1 as the root and PE2 and PE3 as leaves. At the same time, PE2 and PE3 start the similar flooding-pruning process. Two other SPTs are established. In the PIM-DM network, three independent SPTs form a Share-MDT.
Characteristics of Share-MDT
Regardless of PIM-SM mode or PIM-DM mode, the Share-MDT has the following characteristics: All PEs (such as PE1, PE2, and PE3) that support VPN instance A join the Share-MDT. All VPN multicast packets that belong to VPN A send to each PE along the Share-MDT in the public network, regardless of whether a receiver exists in the site that connects the PE.
7.1.4 Transmission process of the Share-MDT based multicast protocol packet

When you distribute VPN multicast receivers and sources in many sites, multicast protocol packets must transmit across the public network. The local PE encapsulates protocol packets into general public network multicast data packets and sends them along the Share-MDT. The remote PE decapsulates the packets. The packets continue the normal protocol process. Finally a distribution tree across the public network is set up.
7-8
All interfaces that belong to the same VPN, including the interface on which the PE binds the VPN instance and MTI, must uniformly run the PIM mode.
When the VPN runs PIM-DM, a flooding-pruning message needs to be sent across the public network to establish an SPT. When the VPN runs PIM-SM: If receivers and the VPN RP belong to different sites, receivers need to send a join message across the public network to establish a share tree. If the multicast source and the VPN RP belong to different sites, the register process must be performed across the public network to establish a share tree.
In the following example, the VPN runs PIM-SM. VPN receivers start the join process across the public network. The following example shows the transmission process of multicast protocol packets.
As shown in Figure 7-7, VPN A runs PIM-SM. Receiver belongs to Site 2 and connects with CE2. CE1 is the RP of G in the private network. CE1 belongs to Site 1. Figure 7-7 Transmission process of multicast packets
PE3 IBGP:11.1.3.1/24 S: 192.1.1.1/24 G: 255.1.1.1 Share-Group: 239.1.1.1
RP
Source
CE1
PE1 IBGP:11.1.1.1/24
PE2 IBGP:11.1.2.1/24
CE2
Receiver
VPN instance Join (*255.1.1.1) Public instance Join11.1.2.1239.1.1.1 Public instance IBGP Peer
The interaction process of multicast protocol packets is as follows: 1. Receiver informs CE2 to receive and forward data of G through the IGMP protocol. CE2 creates (*, 225.1.1.1) entry, and sends join messages that aim at the VPN RP (CE1) at the same time. The VPN instance on PE2 receives the join message sent by CE2, creates (*, 255.1.1.1) entry and specifies MTI as the upstream interface. The instance then forwards the join message to routers for further processing. The VPN instance on PE2 then considers that the join message is sent out from MTI. PE2 encapsulates the join message with Generic Routing Encapsulation (GRE). The message is converted to a multicast data packet (11.11.1.2, 239.1.1.1) of the public network with PE2 as the multicast source and Share-Group as the multicast group. PE2 forwards the packet to the public network instance on PE2. The instance sends the packet to the public network.
2.
3.
7-9
4.
The multicast data packet (11.11.1.2, 239.1.1.1) transmits to the public network instance on every PE along the Share-MDT. Each PE decapsulates the packet and reverts it to the join message. Each PE then checks the join message. If the VPN RP (CE1) is in its direct site, the PE sends the message to the instance on the VPN RP for further processing. Otherwise, the join message is discarded. After receiving the join message, the VPN instance on PE1 considers that the message is received from MTI. The instance creates (*, 225.1.1.1) entry, and specifies MTI as the downstream interface as MTI and the interface towards to CE1 as the upstream interface. At the same time, the instance sends the join message to the VPN RP. After receiving the join message from the instance on PE1, CE1 updates or creates (*, 225.1.1.1) entry. The multicast share tree across VPNs is set up.
5.
6.
7.1.5 Transmission process of the Share-MDT based multicast data packet

After the multicast distribution tree is set up, the VPN multicast data is sent to receivers of each site along the tree. The local PE encapsulates the VPN multicast data into general multicast data of the public network, and forwards the packet along the Share-MDT. The data is decapsulated on the remote PE. The data then goes on with normal transmission process. When the VPN runs PIM-DM, VPN multicast data is transmitted along SPT across the public network. When the VPN runs PIM-SM: If receivers and the VPN RP belong to different sites, the VPN multicast data is transmitted along RPT across the public network. If the multicast source and the VPN RP belong to different sites, the VPN multicast data is transmitted along the source tree across public network.
In the following example, the VPN runs PIM-SM. VPN multicast data packets are transmitted along SPT across the public network VPN. The example describes the transmission process of multicast protocol packets of Share-MDT.
As shown in Figure 7-8, VPN A runs PIM-DM. Source sends multicast data to G (225.1.1.1). Receiver belongs to site2, and connects with CE2.
7-10
Figure 7-8 Transmission process of multicast data packets

PE3 S: 192.1.1.1/24 G: 255.1.1.1 Share-Group: 239.1.1.1
RP
Source
CE1
PE1 BGP:10.10.1.1/24
PE2 BGP:10.10.1.2/24
CE2
Receiver
BGP VPN instance packets (192.1.1.1, 225.1.1.1) Public instance packets (10.10.1.1, 239.1.1.1)
The transmission process of VPN multicast data across the public network is as follows: 1. 2. Source sends VPN multicast data (192.1.1.1, 225.1.1.1) to CE1. CE1 forwards the VPN multicast data to PE1. The VPN instance on PE1 searches the forwarding entries. If the outbound interface of the forwarding entry contains MTI, the instance forwards the VPN multicast data to the related router for further processing. The VPN instance on PE1 then considers that join message is sent out from MTI. PE1 encapsulates the VPN multicast data with GRE into a public network multicast data packet (11.11.1.1, 239.1.1.1) with PE1 as the multicast source and Share-Group as the multicast group, then forwards the packet to the public network instance on PE1. The instance sends the packet to the public network. The multicast data packet (11.11.1.1, 239.1.1.1) is sent along Share-MDT to the public network instance on each PE. The PE decapsulates and reverts the packet to VPN multicast data, and then forwards it to the related VPN instance for further processing. If an SPF downstream interface exists on the PE, the data is forwarded along SPF. Otherwise, the data is discarded. The VPN instance on PE2 searches the forwarding entries, and sends the VPN multicast data to Receiver. The transmission of VPN multicast data across the public network is completed.
3.
4.
5.
7.1.6 Switch-MDT switchover

Switchover from Share-MDT to Switch-MDT
When multicast data forwards through Share-MDT in the public network, the multicast packet is forwarded to all PEs that support the same VPN instance, regardless of whether a receiver exists in the site that connects with the PE. When the rate of VPN multicast data is high, it can lead to data flooding, which wastes the network bandwidth and adds load to the PE. The NORTEL SECURE ROUTER 8000 SERIES optimizes the MD. Private Switch-MDT is set up between the PE that connects with VPN receivers and the PE that connects with VPN multicast source. The multicast data flow is then switched from Share-MDT to Switch-MDT. Multicast data can transmit on demand.
7-11
The switchover process of Switch-MDT is as follows: 1. Source PE checks the forwarding rate of VPN multicast data periodically. To start the Switch-MDT switchover, the following two conditions must be met:

The ACL filtering results of VPN multicast data must be permit. Otherwise, the data is forwarded along Share-MDT. The forwarding rate of VPN multicast data exceeds the switch threshold, and is kept for certain time. Otherwise, the data is forwarded along Share-MDT.
2.
PE1 obtains an idle Switch-Group address from Switch-group pool. PE1 sends switchover messages to all downstream PEs along Share-MDT. The message contains the VPN multicast source, VPN multicast group and Switch-Group address. After receiving the switchover message, other PEs check receivers of the VPN multicast data. If a PE connects receivers, it joins the SPT with PE1 as the root. If a PE does not connect receivers, it caches the message and waits to join Switch-MDT when it connects with a VPN receiver. After sending an MDT switchover message for a period of time, PE1 encapsulates VPN multicast data with the Switch-Group address instead of the Share-Group address, and forwards the multicast data to downstream routers along Switch-MDT. After the Share-MDT is switched to Switch-MDT, PE1 sends switchover messages periodically for subsequent PEs to join Switch-MDT. If no receiver exists on downstream PEs, the PEs can leave Switch-MDT.
Both Switch-MDT and Share-MDT are forwarding tunnels of the same MD. Share-MDT is uniquely identified by the Share-Group address. Each Share-Group associates with a Switch-Group.
3.
4.
5.
Reverse switchover from Switch-MDT to Share-MDT

When the conditions change after the transmission of VPN multicast data has been switched to Switch-MDT, the switchover conditions can become unmatched. In this case, PE1 switches VPN multicast data from Switch-MDT to Share-MDT. The reverse switchover conditions consist of The forwarding rate of VPN multicast data becomes lower than the specified threshold for a certain time. After the Switch-Group-pool changes, the Switch-Group address used for the VPN multicast data encapsulation is from the Switch-Group-pool. Advanced ACL rules are configured to control the switchover of VPN multicast data transmission. After these rules change, the transmission is not permitted by the new ACL rules.
7.1.7 MD VPN across Multi-AS

When a VPN covers multiple ASs, you must connect VPN nodes among different ASs. The following section identifies two ways for MD VPN to realize inter-AS multicast.
7-12
VPN instance-to-VPN instance connection method

Figure 7-9 VPN instance-to-VPN instance connection method
AS1 ASBR1
PE1 Public instance MTI1 MTI1 PE3" PE4" VPN instance2 MTI2 MTI2 P1 PE3 PE4 ASBR2
AS2
P2 PE2
CE1 PE1"
MD1
MT1
MD2
MT2 PE2" CE2
VPN instance1
VPN instance-VPN instance
As shown in the preceding figure, the VPN covers AS1 and AS2. PE3 and PE4 are AS boundary routers (ASBR) of AS1 and AS2. The ASBRs connect by their respective VPN instance, regarding each other as a CE. The MD based on the VPN instance-to-VPN instance connection must establish an MD in each AS respectively. VPN multicast data transmits across ASs between two MDs.
VPN multicast data forwards between two ASBRs. The public network PIM protocol type of two ASs can be different. All interfaces that belong to the same VPN must run the same PIM. These interfaces contain the interface on which ASBR binds the VPN instance and MTI.
Multihop EBGP connection method

Figure 7-10 Multihop EBGP connection method
AS1 ASBR
PE1 Public instance MTI P1 PE4 P2 MTI PE3 ASBR AS2 PE2
CE1 PE1"
MD
CE2 MT
VPN instance
PE2"
As shown in the preceding figure, the VPN covers AS1 and AS2. PE3 and PE4 are ASBRs of AS1 and AS2. The ASBRs connect by their respective public network instance, regarding each other as a P.
7-13
The MD based on the multihop EBGP connection must establish only an MD in the two ASs. The multicast data of the public network is transmitted across ASs in the MD.
7.1.8 References
For more information on Multicast VPN principle, see the following document. Document number draft-rosen-vpn-mcast-07 Description Multicast in MPLS/BGP VPNs
7.2 Configuring MD VPN

To make a PE receive the information from multiple VPNs, the PE must support the public network instance and multiple VPN instances at the same time. The public network instance communicates with P and VPN instances communicate with respective CEs. Configure multicast VPN by using the MD scheme. Establish the Share-MDT to forward multicast packets. When the multicast forwarding rate exceeds the threshold, Share-MDT is switched to Switch-MDT.
Before you configure MD VPN, complete the following tasks: Configure a unicast routing protocol. Configure MPLS/BGP VPN. Enable multicast and configure PIM functions.
Data preparation
To configure MD VPN, you need the following data. No. 1 2 3 4 Data VPN instance name and Route Distinguisher (RD) Share-Group address Address and maximum transmission unit (MTU) of MTI switch group pool, mask, threshold and the delay time of Switch-MDT
7-14
No. 1 2 3 4 Procedure Enabling IP multicast routing Configuring Share-Group and binding an MTI Setting MTI parameters Checking the configuration

Do as follows on PE router: Step 1 Run:
system-view

This command enables IP multicast routing of the public network instance. Step 3 Run:

This command enables IP multicast routing of the VPN instance. Step 5 Run:
quit
7.2.3 Configuring Share-Group and binding an MTI

Do as follows on the PE router: Step 1 Run:
system-view
The system view appears. Step 2 Run;
7-15

The VPN instance view appears. Step 3 Run;

multicast-domain share-group group-address binding mtunnel number
The system automatically creates an MTI, binds Share-Group to MTI, and binds MTI to VPN instance. In a VPN instance, configure the same Share-Group address and bind the same MTI. Step 4 Run:
quit
7.2.4 Setting MTI parameters

Do as follows on the PE router: Step 1 Run:
system-view

interface mtunnel mti-number
The MTI interface view appears. Step 3 Run:

pim sm
or run:
pim dm
This command enables the PIM function on MTI. PIM mode is the same as PIM mode of the VPN to which the MTI belongs. Step 4 Run:
ip address ip-address { mask | mask-length }
This command configures the address of the MTI.
The MTI address must be the same as the IP address that is used to set up the public network IBGP peer on the PE. Otherwise, the VPN multicast packets received on the MTI cannot pass the RPF check.
Step 5 Run:
mtu mti-mtu
7-16
This command configures the MTU value of the MTI. By default, the MTU value of the MTI is 1500 bytes. After the multicast packets transmit between the VPN instance and public network instance, these packets are encapsulated and decapsulated in the GRE mode. If the size of the VPN multicast packet is equal or close to the MTU of the outgoing interface of the public network instance, the size of the new multicast packet after GRE encapsulation exceeds the MTU of that outgoing interface. In this case, the multicast packet must fragment when it is sent out from the outgoing interface of the public network instance. This fragmentation can cause problems in reforming the fragments to the remote receiving interface. Therefore, you can configure a smaller MTU for the MTI to make the fragmentation of multicast packet ahead of GRE encapsulation. This method prevents reforming on the remote receiving interface, and improves the efficiency greatly. Step 6 Run:
quit

Run the following commands to check the previous configuration. Action Check the information about the Share-Group in the MD of the specified VPN instance. Check the information on the MTI interface Command display multicast-domain vpn-instance vpn-instance-name share-group [ local | remote ] display pim vpn-instance vpn-instance-name interface [ verbose ]
7.3 Configuring the Switch-MDT switchover

When multicast data forwards through Share-MDT in the public network, the multicast packet forwards to all PEs that support the same VPN instance, regardless of whether a receiver exists in the site that connects the PE. When the rate of VPN multicast data is high, it can lead to data flooding, which wastes the network bandwidth and adds load to PE. The NORTEL SECURE ROUTER 8000 SERIES allows you to decide on the Switch-MDT switchover. If you do not configure the Switch-MDT switchover, MD always uses Share-MDT to transmit VPN multicast data.
7-17
When the forwarding rate of VPN multicast data flowing into the public network exceeds the threshold, the VPN multicast data flow is switched from Share-MDT to Switch-MDT. Thus, multicast data can transmit on demand. When the conditions change after the transmission of VPN multicast data is switched to Switch-MDT, the switchover conditions can become unmatched. In this case, VPN multicast data can be switched from Switch-MDT to Share-MDT.
Before you configure the Switch-MDT switchover, you should complete Configuring MD VPN.
Data preparation
To configure the Switch-MDT switchover, you need the following data. No. 1 2 3 4 5 Data VPN instance name Switch group pool and mask of Switch-MDT Switch threshold The delay time of switching Share-MDT to Switch-MDT The delay time of switching Switch-MDT to Share-MDT
No. 1 2 3 Procedure Setting switching parameters of Switch-MDT Enabling the log output of Switch-Group reuse Checking the configuration
7.3.2 Setting switching parameters of Switch-MDT

Do as follows on the PE router. The configuration is optional. If you do not perform the configuration, the Switch-MDT switchover does not occur. The Share-MDT is always used to transmit VPN multicast data. Step 1 Run:
system-view

7-18
The VPN instance view appears. Step 3 Run: multicast-domain switch-group-pool switch-group-pool { network-mask | network-mask-length } [ threshold threshold-value | acl acl-number ] * This command configures the switch-group-pool of Switch-MDT and the switch conditions. The following explain the parameters of the command: switch-group-pool: You must configure the same VPN instance on different PEs with the same switch-group-pool. On a PE, the Switch-Group address ranges that correspond to different VPNs cannot overlap each other. threshold-value: The Switch-MDT switchover is performed when the threshold-value is exceeded after Layer 2 overheads of Layer 2 traffic are removed. At the same time, 1% deviation exists between the traffic volume when the switchover occurs and the configured threshold-value. The default value of threshold-value is 0 Kb/s. For example, when you use Ethernet at Layer 2 and if the tester sends 24 Mb/s data flow that uses a fixed length of 100 bytes, the 20-byte frame gap and the 4-byte CRC check are excluded from the statistics of multicast traffic, if threshold-value is 20 000 Kb/s. At this time, traffic volume is 24*1000*1000*(100/124), which equals 19 354 Kb/s and is smaller than 20 000 Kb/s. As a result, the Switch-MDT switchover is not performed. acl-number: indicates the advanced ACL filtering rule. By default, packets are not filtered. Step 4 Run:
multicast-domain switch-delay switch-delay
This command configures the delay for switching to Switch-MDT. By default, the delay is 5 seconds. This step is optional. Step 5 Run:
multicast-domain holddown-time interval
This command configures the duration to keep the rate of VPN multicast data lower than the threshold before reversing switching from Switch-MDT to Share-MDT. By default, the delay for switching from Switch-MDT to Switch-MDT is 60 seconds. Step 6 Run:
quit
7.3.3 Enabling the log output of Switch-Group reuse

In a VPN instance on source PE, if the number of VPN multicast data flows to be switched exceeds the number of addresses in switch-group-poll of the Switch-MDT, you can use the group addresses in the switch-group-poll repeatedly.
7-19
Do as follows on the PE router. The configuration is optional. By default, the log information of the reused Switch-Group address is not recorded. Step 1 Run:
system-view


multicast-domain log switch-group-reuse
This command records the log information of the reused Switch-Group address. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the information about the Switch-Group received by the MD of the specified VPN instance. Command display multicast-domain vpn-instance vpn-instance-name switch-group receive brief display multicast-domain vpn-instance vpn-instance-name switch-group receive [ active | group group-address | sender source-address | vpn-source-address [ mask { mask-length | mask } ] | vpn-group-address [ mask { mask-length | mask } ] ]* display multicast-domain vpn-instance vpn-instance-name switch-group send [ group group-address | reuse interval | vpn-source-address [ mask { mask-length | mask } ] | vpn-group-address [ mask { mask-length | mask } ] ]*
Check the information about the Switch-Group sent by the MD of the specified VPN instance.
7-20
7.4 Maintaining MD VPN
Debugging affects system performance. After you debug the system, execute the undo debugging all command to disable it immediately. After a fault occurs during the running of MD VPN, run the debugging command in the user view to debug MD VPN and locate the fault. For information about the output of the debugging command, refer to the Nortel Secure Router 8000 Series Configuration System Management (NN46240-601). Action Enable the multicast debugging in the MD scheme. Command debugging md [ vpn-instance vpn-instance-name | all-instance ] { all | event [ acl-number ] | packet }

This section provides the following configuration examples: Example of configuring MD VPN in a single AS Example of configuring inter-AS MD VPN
7.5.1 Example of configuring MD VPN in a single AS

As shown in Figure 7-11, the MD schema is deployed to transmit multicast services in a single AS MPLS/BGP VPN network.
7-21
Figure 7-11 Networking diagram of multicast configuration in BGP MPLS VPN

PC2
VPN RED Source2 GbE1
CE-Rb
GbE2 GbE1 VPN BLUE Loopback1 GbE2 GbE3 GbE3 Loopback1 GbE3 Loopback1 GbE2 GbE1 PC3
CE-Bb GbE2 PE-B GbE1

GbE2 Source1 GbE1 VPN RED PC1 Loopback1 GbE1
VPN RED
Public P
CE-Rc
Loopback2
PE-C
GbE3 GbE1 GbE3
GbE2
CE-Ra
GbE2
PE-A
GbE3 GbE2 GbE1 Loopback1
GbE2
CE-Bc
GbE1
VPN BLUE PC4
In Figure 7-11, GbE1 is Gigabit Ethernet 1/0/0, GbE2 is Gigabit Ethernet 2/0/0, and GbE3 is Gigabit Ethernet 3/0/0. The IP address of each interface is as follows.
Table 7-1 Configuration information of interfaces Device P IP Address of Interface GbE1: 192.168.6.2/24 GbE2: 192.168.7.2/24 GbE3: 192.168.8.2/24 Loopback1: 2.2.2.2/32 PE-A GbE1: 192.168.6.1/24 GbE2: 10.110.1.1/24 GbE3: 10.110.2.1/24 Loopback1: 1.1.1.1/32 PE-B GbE1: 192.168.7.1/24 GbE2: 10.110.3.1/24 GbE3: 10.110.4.1/24 Loopback1: 1.1.1.2/32 PE-C GbE1: 192.168.8.1/24 Remarks Acts as the public network C-RP Public network instance VPN-RED instance VPN-RED instance Public network instance Public network instance VPN-BLUE instance VPN-RED instance Public network instance Public network instance
7-22
Device
IP Address of Interface GbE2: 10.110.5.1/24 GbE3: 10.110.6.1/24 Loopback1: 1.1.1.3/32 Loopback2: 33.33.33.33/32
Remarks VPN-RED instance VPN-BLUE instance Public network instance VPN-BLUE instance Acts as the VPN-BLUE C-RP VPN-RED instance Acts as VPN-RED C-RP Multicast source in the VPN-RED Multicast source in the VPN-BLUE Multicast receiver in the VPN-RED Multicast receiver in the VPN-RED Multicast receiver in the VPN-RED Multicast receiver in the VPN-BLUE
CE-Ra
GbE1: 10.110.7.1/24 GbE2: 10.110.2.2/24
CE-Bb
GbE1: 10.110.8.1/24 GbE2: 10.110.3.2/24
CE-Rb
GbE1: 10.110.9.1/24 GbE2: 10.110.4.2/24 GbE3: 10.110.12.1/24 Loopback1: 22.22.22.22/32
CE-Rc
GbE1: 10.110.10.1/24 GbE2: 10.110.5.2/24 GbE3: 10.110.12.2/24
CE-Bc
GbE1: 10.110.11.1/24 GbE2: 10.110.6.2/24
Source1 Source2 PC1 PC2 PC3 PC4
10.110.7.2/24 10.110.8.2/24 10.110.1.2/32 10.110.9.2/32 10.110.10.2/32 10.110.11.2/32
7-23
Table 7-2 Networking requirements of multicast in MD scheme Item Multicast source or receiver Networking requirements Multicast source of VPN RED is Source1. The receivers include PC1, PC2, and PC3. Multicast source of VPN BLUE is Source2. The receiver is PC4. In VPN RED, the Share-Group address is 239.1.1.1 and the Switch-Group address pool ranges from 225.2.2.1 to 225.2.2.16. In VPN BLUE, the Share-Group address is 239.2.2.2 and the Switch-Group address pool ranges from 225.4.4.1 to 225.4.4.16. VPN instance to which the interfaces on PEs belong On PE-A, GE2 and GE3 belong to VPN-RED instance and GE1 and Loopback1 belong to the public network instance. On PE-B, GE2 belongs to VPN-BLUE instance, GE3 belongs to VPN-RED instance, and GE1 and Loopback1 belong to the public network instance. On PE-C, GE2 belongs to VPN-RED instance, GE3 and Loopback2 belong to VPN-BLUE instance, and GE1 and Loopback1 belong to the public network instance. Configure the OSPF unicast routing protocol on the public network. Enable RIP between PE and CE routers. Establish BGP peer connections and transmit all VPN routes between Loopback1 interfaces on PE-A, PE-B, and PE-C. Enable MPLS forwarding on the public network. Multicast function Enable multicast on P. Enable multicast on the public network instance on PE-A, PE-B, and PE-C. Enable multicast on VPN-RED instance on PE-A, PE-B, and PE-C. Enable multicast on VPN-BLUE instance on PE-B and PE-C. Enable multicast on CE-Ra, CE-Rc, CE-Bb, and CE-Bc. IGMP function PIM-SM function Enable IGMP on GE2 of PE-A. Enable IGMP on GE1 of CE-Rb, GE1 of CE-Rc, and GE1 of CE-Bc. Enable PIM-SM on all the VPN-RED instance interfaces of PEs. Enable PIM-SM on all the VPN-BLUE instance interfaces of PEs. Enable PIM-SM on all the interfaces of P and CEs, as well as public network instance interfaces of PEs. Configure Loopback1 of P as C-BSR and C-RP of public network (serving all multicast groups). Configure Loopback1 of CE-Rb as C-BSR and C-RP of VPN-RED (serving all multicast groups). Configure Loopback2 of PE-C as C-BSR and C-RP of VPN-BLUE (serving all multicast groups).
Routing protocol and MPLS
7-24
The steps in the configuration roadmap are 1. 2. 3. 4. Configure MPLS/BGP VPN to ensure that the VPN network works normally and the unicast route is available. Enable the multicast function and PIM function in the entire network, and set up a VPN instance multicast between PE and CE. Configure the same Share-group address, the same MTI, and the same switch-group-pool for a VPN instance on PE. Configure the MTI address as IBGP peer interface address of the public network, and enable the PIM protocol on MTI.
Data preparation
See Table 7-2.
This configuration example includes only the commands related to MD VPN in a single AS.
Step 1 Configure PE-A. # Configure an ID for PE-A, enable the public network IP multicast routing, configure an ID for MPLS Label Switching Router (LSR), and enable Label Distribution Protocol (LDP).
[PE-A] router id 1.1.1.1 [PE-A] multicast routing-enable [PE-A] mpls lsr-id 1.1.1.1 [PE-A] mpls [PE-A-mpls] quit [PE-A] mpls ldp [PE-A-mpls-ldp] quit
# Create a VPN RED instance and enter the VPN instance view. Configure the VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure the Share-Group. Specify the MTI bound to the VPN instance and the range of switch address pool:
[PE-A] ip vpn-instance RED [PE-A-vpn-instance-RED] route-distinguisher 100:1 [PE-A-vpn-instance-RED] vpn-target 100:1 export-extcommunity [PE-A-vpn-instance-RED] vpn-target 100:1 import-extcommunity [PE-A-vpn-instance-RED] multicast routing-enable [PE-A-vpn-instance-RED] multicast-domain share-group 239.1.1.1 binding mtunnel 0 [PE-A-vpn-instance-RED] multicast-domain switch-group-pool 225.2.2.1 28 [PE-A-vpn-instance-RED] quit
# Enable LDP and PIM-SM on the public network interface GigabitEthernet 1/0/0:
[PE-A] interface gigabitethernet 1/0/0 [PE-A-GigabitEthernet1/0/0] ip address 192.168.6.1 24 [PE-A-GigabitEthernet1/0/0] pim sm [PE-A-GigabitEthernet1/0/0] mpls [PE-A-GigabitEthernet1/0/0] mpls ldp
7-25
# Bind Gigabit Ethernet 2/0/0 to VPN RED instance and enable IGMP and PIM-SM:
[PE-A] interface gigabitethernet 2/0/0 [PE-A-GigabitEthernet2/0/0] ip binding vpn-instance RED [PE-A-GigabitEthernet2/0/0] ip address 10.110.1.1 24 [PE-A-GigabitEthernet2/0/0] pim sm [PE-A-GigabitEthernet2/0/0] igmp enable
# Bind Gigabit Ethernet 3/0/0 to VPN RED instance and enable PIM-SM:
[PE-A] interface gigabitethernet 3/0/0 [PE-A-GigabitEthernet3/0/0] ip binding vpn-instance RED [PE-A-GigabitEthernet3/0/0] ip address 10.110.2.1 24 [PE-A-GigabitEthernet3/0/0] pim sm
# Assign IP address for the Loopback1 interface and enable PIM-SM:

[PE-A] interface loopback 1 [PE-A-LoopBack1] ip address 1.1.1.1 32 [PE-A-LoopBack1] pim sm [PE-A-LoopBack1] quit
# Assign the same IP address for the MTI0 interface, and the system automatically binds MTI0 to VPN RED instance. Enable PIM-SM on the interface:
[PE-A] interface MTunnel 0 [PE-A-MTunnel0] ip address 1.1.1.1 32 [PE-A-MTunnel0] pim sm [PE-A-MTunnel0] quit
# Configure unicast routing information of BGP, OSPF, and RIP:

[PE-A] bgp 100 [PE-A-bgp] group VPN-G internal [PE-A-bgp] peer VPN-G connect-interface LoopBack1 [PE-A-bgp] peer 1.1.1.2 group VPN-G [PE-A-bgp] peer 1.1.1.3 group VPN-G [PE-Abgp] ipv4-family vpn-instance RED [PE-A-bgp-RED] import-route rip 2 [PE-A-bgp-RED] import-route direct [PE-A-bgp-RED] quit [PE-Abgp] ipv4-family vpnv4 [PE-Abgp-af-vpnv4] peer VPN-G enable [PE-A-bgp-af-vpnv4] peer 1.1.1.2 group VPN-G [PE-Abgp-af-vpnv4] peer 1.1.1.3 group VPN-G [PE-Abgp-af-vpnv4] quit [PE-Abgp] quit [PE-A] ospf 1 [PE-A-ospf-1] area 0.0.0.0 [PE-A-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE-A-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.255.255 [PE-A-ospf-1-area-0.0.0.0] quit [PE-A-ospf-1] quit [PE-A] rip 2 vpn-instance RED [PE-A-rip] network 10.0.0.0 [PE-A-rip] import-route bgp cost 3
Step 2 Configure PE-B.
7-26
# Configure ID for PE-B, enable the public network IP multicast routing, configure ID for MPLS LSR, and enable LDP:
[PE-B] router id 1.1.1.2 [PE-B] multicast routing-enable [PE-B] mpls lsr-id 1.1.1.2 [PE-B] mpls [PE-B-mpls] quit [PE-B] mpls ldp [PE-B-mpls-ldp] quit
# Create a VPN BLUE instance and enter VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-B] ip vpn-instance BLUE [PE-B-vpn-instance-BLUE] route-distinguisher 200:1 [PE-B-vpn-instance-BLUE] vpn-target 200:1 export-extcommunity [PE-B-vpn-instance-BLUE] vpn-target 200:1 import-extcommunity [PE-B-vpn-instance-BLUE] multicast routing-enable [PE-B-vpn-instance-BLUE] multicast-domain share-group 239.2.2.2 binding mtunnel 1 [PE-B-vpn-instance-BLUE] multicast-domain switch-group-pool 225.4.4.1 28
# Create VPN RED instance and enter VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-B] ip vpn-instance RED [PE-B-vpn-instance-RED] route-distinguisher 100:1 [PE-B-vpn-instance-RED] vpn-target 100:1 export-extcommunity [PE-B-vpn-instance-RED] vpn-target 100:1 import-extcommunity [PE-B-vpn-instance-RED] multicast routing-enable [PE-B-vpn-instance-RED] multicast-domain share-group 239.1.1.1 binding mtunnel 0 [PE-B-vpn-instance-RED] multicast-domain switch-group-pool 225.2.2.1 28
# Enable LDP and PIM-SM on the public network interface Gigabit Ethernet 1/0/0:
[PE-B] interface gigabitethernet 1/0/0 [PE-B-GigabitEthernet1/0/0] ip address 192.168.7.1 24 [PE-B-GigabitEthernet1/0/0] pim sm [PE-B-GigabitEthernet1/0/0] mpls [PE-B-GigabitEthernet1/0/0] mpls ldp
# Bind Gigabit Ethernet 2/0/0 to the VPN BLUE instance, and enable PIM-SM:
[PE-B] interface gigabitethernet 2/0/0 [PE-B-GigabitEthernet2/0/0] ip binding vpn-instance BLUE [PE-B-GigabitEthernet2/0/0] ip address 10.110.3.1 24 [PE-B-GigabitEthernet2/0/0] pim sm
# Bind Gigabit Ethernet 3/0/0 to the VPN RED instance, and enable PIM-SM:
[PE-B] interface gigabitethernet 3/0/0 [PE-B-GigabitEthernet3/0/0] ip binding vpn-instance RED [PE-B-GigabitEthernet3/0/0] ip address 10.110.4.1 24 [PE-B-GigabitEthernet3/0/0] pim sm
# Assign an IP address for the Loopback1 interface, and enable PIM-SM:

[PE-B] interface loopback 1
7-27

[PE-B-LoopBack1] ip address 1.1.1.2 32 [PE-B-LoopBack1] pim sm [PE-B-LoopBack1] quit
# Assign the same IP address for the MTI0 interface. Enable PIM-SM on the interface:
[PE-B] interface MTunnel 0 [PE-B-MTunnel0] ip address 1.1.1.2 32 [PE-B-MTunnel0] pim sm
[PE-B] interface MTunnel 1 [PE-B-MTunnel1] ip address 1.1.1.2 32 [PE-B-MTunnel1] pim sm

[PE-B] bgp 100 [PE-B-bgp] group VPN-G internal [PE-B-bgp] peer VPN-G connect-interface LoopBack1 [PE-B-bgp] peer 1.1.1.1 group VPN-G [PE-B-bgp] peer 1.1.1.3 group VPN-G [PE-Bbgp] ipv4-family vpn-instance RED [PE-B-bgp-RED] import-route rip 2 [PE-B-bgp-RED] import-route direct [PE-B-bgp-RED] quit [PE-Bbgp] ipv4-family vpn-instance BLUE [PE-B-bgp-BLUE] import-route rip 3 [PE-B-bgp-BLUE] import-route direct [PE-B-bgp-BLUE] quit [PE-Bbgp] ipv4-family vpnv4 [PE-Bbgp-af-vpnv4] peer VPN-G enable [PE-B-bgp-af-vpnv4] peer 1.1.1.1 group VPN-G [PE-Bbgp-af-vpnv4] peer 1.1.1.3 group VPN-G [PE-Bbgp-af-vpnv4] quit [PE-Bbgp] quit [PE-B] ospf 1 [PE-B-ospf-1] area 0.0.0.0 [PE-B-ospf-1-area-0.0.0.0] network 1.1.1.2 0.0.0.0 [PE-B-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.255.255 [PE-B-ospf-1-area-0.0.0.0] quit [PE-B-ospf-1] quit [PE-B] rip 2 vpn-instance RED [PE-B-rip] network 10.0.0.0 [PE-B-rip] import-route bgp cost 3 [PE-B-rip] quit [PE-B] rip 3 vpn-instance BLUE [PE-B-rip] network 10.0.0.0 [PE-B-rip] import-route bgp cost 3
Step 3 Configure PE-C. # Configure ID for PE-C, enable the public network IP multicast routing, configure the ID for MPLS LSR, and enable LDP:
[PE-C] router id 1.1.1.3 [PE-C] multicast routing-enable
7-28

[PE-C] mpls lsr-id 1.1.1.3 [PE-C] mpls [PE-C-mpls] quit [PE-C] mpls ldp [PE-C-mpls-ldp] quit
# Create VPN RED instance and enter VPN instance view. Configure the VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-C] ip vpn-instance RED [PE-C-vpn-instance-RED] route-distinguisher 100:1 [PE-C-vpn-instance-RED] vpn-target 100:1 export-extcommunity [PE-C-vpn-instance-RED] vpn-target 100:1 import-extcommunity [PE-C-vpn-instance-RED] multicast routing-enable [PE-C-vpn-instance-RED] multicast-domain share-group 239.1.1.1 binding mtunnel 0 [PE-C-vpn-instance-RED] multicast-domain switch-group-pool 225.2.2.1 28
# Create VPN BLUE instance and enter VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-C] ip vpn-instance BLUE [PE-C-vpn-instance-BLUE] route-distinguisher 200:1 [PE-C-vpn-instance-BLUE] vpn-target 200:1 export-extcommunity [PE-C-vpn-instance-BLUE] vpn-target 200:1 import-extcommunity [PE-C-vpn-instance-BLUE] multicast routing-enable [PE-C-vpn-instance-BLUE] multicast-domain share-group 239.2.2.2 binding mtunnel 1 [PE-C-vpn-instance-BLUE] multicast-domain switch-group-pool 225.4.4.1 28
[PE-C] interface gigabitethernet 1/0/0 [PE-C-GigabitEthernet1/0/0] ip address 192.168.8.1 24 [PE-C-GigabitEthernet1/0/0] pim sm [PE-C-GigabitEthernet1/0/0] mpls [PE-C-GigabitEthernet1/0/0] mpls ldp
# Bind Gigabit Ethernet 2/0/0 to VPN RED instance, and enable PIM-SM:
[PE-C] interface gigabitethernet 2/0/0 [PE-C-GigabitEthernet2/0/0] ip binding vpn-instance RED [PE-C-GigabitEthernet2/0/0] ip address 10.110.5.1 24 [PE-C-GigabitEthernet2/0/0] pim sm
# Bind Gigabit Ethernet 3/0/0 to VPN BLUE instance, and enable PIM-SM:
[PE-C] interface gigabitethernet 3/0/0 [PE-C-GigabitEthernet3/0/0] ip binding vpn-instance BLUE [PE-C-GigabitEthernet3/0/0] ip address 10.110.6.1 24 [PE-C-GigabitEthernet3/0/0] pim sm
# Assign IP address for the Loopback1 interface, and enable PIM-SM:

[PE-C] interface loopback 1 [PE-C-LoopBack1] ip address 1.1.1.3 32 [PE-C-LoopBack1] pim sm [PE-C-LoopBack1] quit
7-29
[PE-C] interface MTunnel 0 [PE-C-MTunnel0] ip address 1.1.1.3 32 [PE-C-MTunnel0] pim sm
[PE-C] interface MTunnel 1 [PE-C-MTunnel1] ip address 1.1.1.3 32 [PE-C-MTunnel1] pim sm
# Bind Loopback2 to the VPN BLUE instance, and enable PIM-SM:

[PE-C] interface loopback 2 [PE-C-LoopBack2] ip binding vpn-instance BLUE [PE-C-LoopBack2] ip address 33.33.33.33 32 [PE-C-LoopBack2] pim sm [PE-C-LoopBack2] quit
# Configure Loopback2 as the C-BSR and C-RP of VPN-BLUE:

[PE-C] pim vpn-instance BLUE [PE-C-pim-blue] c-bsr Loopback2 [PE-C-pim-blue] c-rp Loopback2 [PE-C-pim-blue] quit

[PE-C] bgp 100 [PE-C-bgp] undo synchronizationq [PE-C-bgp] group VPN-G internal [PE-C-bgp] peer VPN-G connect-interface LoopBack1 [PE-C-bgp] peer 1.1.1.1 group VPN-G [PE-C-bgp] peer 1.1.1.2 group VPN-G [PE-Cbgp] ipv4-family vpn-instance RED [PE-C-bgp-RED] import-route rip 2 [PE-C-bgp-RED] import-route direct [PE-C-bgp-RED] quit [PE-Cbgp] ipv4-family vpn-instance BLUE [PE-C-bgp-BLUE] import-route rip 3 [PE-C-bgp-BLUE] import-route direct [PE-C-bgp-BLUE] quit [PE-Cbgp] ipv4-family vpnv4 [PE-Cbgp-af-vpnv4] peer VPN-G enable [PE-C-bgp-af-vpnv4] peer 1.1.1.1 group VPN-G [PE-Cbgp-af-vpnv4] peer 1.1.1.2 group VPN-G [PE-Cbgp-af-vpnv4] quit [PE-Cbgp] quit [PE-C] ospf 1 [PE-C-ospf-1] area 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] network 1.1.1.3 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] network 33.33.33.33 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.255.255 [PE-C-ospf-1-area-0.0.0.0] quit [PE-C-ospf-1] quit [PE-C] rip 2 vpn-instance RED [PE-C-rip] network 10.0.0.0
7-30

[PE-C-rip] import-route bgp cost 3 [PE-C-rip] quit [PE-C] rip 3 vpn-instance BLUE [PE-C-rip] network 10.0.0.0 [PE-C-rip] import-route bgp cost 3
Step 4 Configure P. # Enable the public network IP multicast routing, configure ID for MPLS LSR, and enable LDP:
[P] multicast routing-enable [P] mpls lsr-id 2.2.2.2 [P] mpls [P-mpls] quit [P] mpls ldp [P-mpls-ldp] quit
[P] interface gigabitethernet 1/0/0 [P-GigabitEthernet1/0/0] ip address 192.168.6.2 24 [P-GigabitEthernet1/0/0] pim sm [P-GigabitEthernet1/0/0] mpls [P-GigabitEthernet1/0/0] mpls ldp
# Assign an IP address for the Loopback1 interface and enable PIM-SM:

[P] interface loopback 1 [P-LoopBack1] ip address 2.2.2.2 32 [P-LoopBack1] pim sm [P-LoopBack1] quit
# Configure Loopback1 as BSR and RP of the public network instance:

[P] pim [P-pim] c-bsr Loopback1 [P-pim] c-rp Loopback1
# Configure OSPF unicast routing information:

[P] ospf 1 [P-ospf-1] area 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0
7-31
[P-ospf-1-area-0.0.0.0] network 192.168.0.0 0.0.255.255 [P-ospf-1-area-0.0.0.0] quit
Step 5 Configure CE-Ra. # Enable IP multicast routing:

[CE-Ra] multicast routing-enable
# Enable PIM-SM on the VPN interface Gigabit Ethernet 1/0/0:

[CE-Ra] interface gigabitethernet 1/0/0 [CE-Ra-GigabitEthernet1/0/0] ip address 10.110.7.1 24 [CE-Ra-GigabitEthernet1/0/0] pim sm

[CE-Ra] interface gigabitethernet 2/0/0 [CE-Ra-GigabitEthernet2/0/0] ip address 10.110.2.2 24 [CE-Ra-GigabitEthernet2/0/0] pim sm
# Configure RIP unicast routing information:

[CE-Ra] rip 2 [CE-Ra-rip] network 10.0.0.0
Step 6 Configure CE-Bb. # Enable IP multicast routing:

[CE-Bb] multicast routing-enable
# Enable PIM-SM on Gigabit Ethernet 1/0/0:

[CE-Bb] interface gigabitethernet 1/0/0 [CE-Bb-GigabitEthernet1/0/0] ip address 10.110.8.1 24 [CE-Bb-GigabitEthernet1/0/0] pim sm

[CE-Bb] interface gigabitethernet 2/0/0 [CE-Bb-GigabitEthernet2/0/0] ip address 10.110.3.2 24 [CE-Bb-GigabitEthernet2/0/0] pim sm

[CE-Bb] rip 3 [CE-Bb-rip] network 10.0.0.0
Step 7 Configure CE-Rb. # Enable IP multicast routing:

[CE-Rb] multicast routing-enable
# Enable PIM-SM and IGMP on Gigabit Ethernet 1/0/0:

[CE-Rb] interface gigabitethernet 1/0/0 [CE-Rb-GigabitEthernet1/0/0] ip address 10.110.9.1 24 [CE-Rb-GigabitEthernet1/0/0] pim sm [CE-Rb-GigabitEthernet1/0/0] igmp enable
7-32

[CE-Rb] interface gigabitethernet 2/0/0 [CE-Rb-GigabitEthernet2/0/0] ip address 10.110.4.2 24 [CE-Rb-GigabitEthernet2/0/0] pim sm

[CE-Rb] interface gigabitethernet 3/0/0 [CE-Rb-GigabitEthernet3/0/0] ip address 10.110.12.1 24 [CE-Rb-GigabitEthernet3/0/0] pim sm
# Assign IP address for the Loopback1 interface and enable PIM-SM:

[CE-Rb] interface loopback 1 [CE-Rb-LoopBack1] ip address 22.22.22.22 32 [CE-Rb-LoopBack1] pim sm [CE-Rb-LoopBack1] quit
# Configure Loopback1 as the BSR and RP of VPN-RED:

[CE-Rb] pim [CE-Rb-pim] c-bsr Loopback1 [CE-Rb-pim] c-rp Loopback1 [CE-Rb-pim] quit

[CE-Rb] rip 2 [CE-Rb-rip] network 10.0.0.0 [CE-Rb-rip] network 22.0.0.0
Step 8 Configure CE-Rc. # Enable IP multicast routing:

[CE-Rc] multicast routing-enable
# Enable PIM-SM and IGMP on the VPN interface Gigabit Ethernet 1/0/0:
[CE-Rc] interface gigabitethernet 1/0/0 [CE-Rc-GigabitEthernet1/0/0] ip address 10.110.10.1 24 [CE-Rc-GigabitEthernet1/0/0] pim sm [CE-Rc-GigabitEthernet1/0/0] igmp enable

[CE-Rc] interface gigabitethernet 2/0/0 [CE-Rc-GigabitEthernet2/0/0] ip address 10.110.5.2 24 [CE-Rc-GigabitEthernet2/0/0] pim sm

[CE-Rc] interface gigabitethernet 3/0/0 [CE-Rc-GigabitEthernet3/0/0] ip address 10.110.12.2 24 [CE-Rc-GigabitEthernet3/0/0] pim sm

[CE-Rc] rip 2 [CE-Rc-rip] network 10.0.0.0
Step 9 Configure CE-Bc.
7-33
# Enable IP multicast routing:

[CE-Bc] multicast routing-enable
# Enable PIM-SM and IGMP on the VPN interface Gigabit Ethernet 1/0/0:
[CE-Bc] interface gigabit ethernet 1/0/0 [CE-Bc-GigabitEthernet1/0/0] ip address 10.110.11.1 24 [CE-Bc-GigabitEthernet1/0/0] pim sm [CE-Bc-GigabitEthernet1/0/0] igmp enable

[CE-Bc] interface gigabitethernet 2/0/0 [CE-Bc-GigabitEthernet2/0/0] ip address 10.110.6.2 24 [CE-Bc-GigabitEthernet2/0/0] pim sm

[CE-Bc] rip 3 [CE-Bc-rip] network 10.0.0.0
----End
Configuration files
Configuration file of PE-A
# sysname PE-A # router id 1.1.1.1 # multicast routing-enable # mpls lsr-id 1.1.1.1 mpls # mpls ldp # ip vpn-instance RED route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.1.1.1 binding MTunnel 0 multicast-domain switch-group-pool 225.2.2.0 255.255.255.240 # interface GigabitEthernet1/0/0 ip address 192.168.6.1 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip binding vpn-instance RED ip address 10.110.1.1 255.255.255.0 pim sm
7-34

igmp enable # interface GigabitEthernet3/0/0 ip binding vpn-instance RED ip address 10.110.2.1 255.255.255.0 pim sm # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 pim sm # interface MTunnel0 ip binding vpn-instance RED ip address 1.1.1.1 255.255.255.255 pim sm # bgp 100 group VPN-G internal peer VPN-G connect-interface LoopBack1 peer 1.1.1.2 as-number 100 peer 1.1.1.2 group VPN-G peer 1.1.1.3 as-number 100 peer 1.1.1.3 group VPN-G # ipv4-family unicast undo synchronization peer VPN-G enable peer 1.1.1.2 enable peer 1.1.1.2 group VPN-G peer 1.1.1.3 enable peer 1.1.1.3 group VPN-G # ipv4-family vpnv4 policy vpn-target peer VPN-G enable peer 1.1.1.2 enable peer 1.1.1.2 group VPN-G peer 1.1.1.3 enable peer 1.1.1.3 group VPN-G # ipv4-family vpn-instance RED import-route rip 2 import-route direct # ospf 1 area 0.0.0.0 network 1.1.1.1 0.0.0.0 network 192.168.0.0 0.0.255.255 # rip 2 vpn-instance RED network 10.0.0.0 import-route bgp cost 3 # return
Configuration file of PE-B
7-35

# sysname PE-B # router id 1.1.1.2 # multicast routing-enable # mpls lsr-id 1.1.1.2 mpls # mpls ldp # ip vpn-instance BLUE route-distinguisher 200:1 vpn-target 200:1 export-extcommunity vpn-target 200:1 import-extcommunity multicast routing-enable
multicast-domain share-group 239.2.2.2 binding MTunnel 1 multicast-domain switch-group-pool 225.4.4.0 255.255.255.240 # ip vpn-instance RED route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.1.1.1 binding MTunnel 0 multicast-domain switch-group-pool 225.2.2.0 255.255.255.240 # interface GigabitEthernet1/0/0 ip address 192.168.7.1 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip binding vpn-instance BLUE ip address 10.110.3.1 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip binding vpn-instance RED ip address 10.110.4.1 255.255.255.0 pim sm # interface LoopBack1 ip address 1.1.1.2 255.255.255.255 pim sm # interface MTunnel0 ip binding vpn-instance RED ip address 1.1.1.2 255.255.255.255 pim sm # interface MTunnel1 ip binding vpn-instance BLUE
7-36

ip address 1.1.1.2 255.255.255.255 pim sm # bgp 100 group VPN-G internal peer VPN-G connect-interface LoopBack1 peer 1.1.1.1 as-number 100 peer 1.1.1.1 group VPN-G peer 1.1.1.3 as-number 100 peer 1.1.1.3 group VPN-G # ipv4-family unicast undo synchronization peer VPN-G enable peer 1.1.1.1 enable peer 1.1.1.1 group VPN-G peer 1.1.1.3 enable peer 1.1.1.3 group VPN-G # ipv4-family vpnv4 policy vpn-target peer VPN-G enable peer 1.1.1.1 enable peer 1.1.1.1 group VPN-G peer 1.1.1.3 enable peer 1.1.1.3 group VPN-G # ipv4-family vpn-instance RED import-route rip 2 import-route direct # ipv4-family vpn-instance BLUE import-route rip 3 import-route direct # ospf 1 area 0.0.0.0 network 1.1.1.2 0.0.0.0 network 192.168.0.0 0.0.255.255 # rip 2 vpn-instance RED network 10.0.0.0 import-route bgp cost 3 # rip 3 vpn-instance blue network 10.0.0.0 import-route bgp cost 3 # return
Configuration file of PE-C

# sysname PE-C # router id 1.1.1.3 #
7-37

multicast routing-enable # mpls lsr-id 1.1.1.3 mpls # mpls ldp # ip vpn-instance RED route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity multicast routing-enable
multicast-domain share-group 239.1.1.1 binding MTunnel 0 multicast-domain switch-group-pool 225.2.2.0 255.255.255.240 # ip vpn-instance BLUE route-distinguisher 200:1 vpn-target 200:1 export-extcommunity vpn-target 200:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.2.2.2 binding MTunnel 1 multicast-domain switch-group-pool 225.4.4.0 255.255.255.240 # interface GigabitEthernet1/0/0 ip address 192.168.8.1 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip binding vpn-instance RED ip address 10.110.5.1 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip binding vpn-instance BLUE ip address 10.110.6.1 255.255.255.0 pim sm # interface LoopBack1 ip address 1.1.1.3 255.255.255.255 pim sm # interface LoopBack2 ip binding vpn-instance BLUE ip address 33.33.33.33 255.255.255.255 pim sm # pim vpn-instance BLUE c-bsr LoopBack2 c-rp LoopBack2 # interface MTunnel0 ip binding vpn-instance RED ip address 1.1.1.3 255.255.255.255
7-38

pim sm # interface MTunnel1 ip binding vpn-instance BLUE ip address 1.1.1.3 255.255.255.255 pim sm # bgp 100 group VPN-G internal peer VPN-G connect-interface LoopBack1 peer 1.1.1.1 as-number 100 peer 1.1.1.1 group VPN-G peer 1.1.1.2 as-number 100 peer 1.1.1.2 group VPN-G # ipv4-family unicast undo synchronization peer VPN-G enable peer 1.1.1.1 enable peer 1.1.1.1 group VPN-G peer 1.1.1.2 enable peer 1.1.1.2 group VPN-G # ipv4-family vpnv4 policy vpn-target peer VPN-G enable peer 1.1.1.1 enable peer 1.1.1.1 group VPN-G peer 1.1.1.2 enable peer 1.1.1.2 group VPN-G # ipv4-family vpn-instance RED import-route rip 2 import-route direct # ipv4-family vpn-instance BLUE import-route rip 3 import-route direct # ospf 1 area 0.0.0.0 network 1.1.1.3 0.0.0.0 network 33.33.33.33 0.0.0.0 network 192.168.0.0 0.0.255.255 # rip 2 vpn-instance RED network 10.0.0.0 import-route bgp cost 3 # rip 3 vpn-instance BLUE network 10.0.0.0 import-route bgp cost 3 # return
Configuration file of P
7-39

# sysname P # multicast routing-enable # mpls lsr-id 2.2.2.2 mpls # mpls ldp # interface GigabitEthernet1/0/0 ip address 192.168.6.2 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip address 192.168.7.2 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet3/0/0 ip address 192.168.8.2 255.255.255.0 pim sm mpls mpls ldp # interface LoopBack1 ip address 2.2.2.2 255.255.255.255 pim sm # pim c-bsr Loopback1 c-rp Loopback1 # ospf 1 area 0.0.0.0 network 2.2.2.2 0.0.0.0 network 192.168.0.0 0.0.255.255 # return
Configuration file of CE-Ra

# sysname CE-Ra # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.7.1 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 10.110.2.2 255.255.255.0 pim sm
7-40

# rip 2 network 10.0.0.0 # return
Configuration file of CE-Bb

# sysname CE-Bb # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.8.1 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 10.110.3.2 255.255.255.0 pim sm # rip 3 network 10.0.0.0 # return
Configuration file of CE-Rb

# sysname CE-Rb # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.9.1 255.255.255.0 pim sm igmp enable # interface GigabitEthernet2/0/0 ip address 10.110.4.2 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 10.110.12.1 255.255.255.0 pim sm # interface loopback 1 ip address 22.22.22.22 32 pim sm # pim c-bsr Loopback1 c-rp Loopback1 # rip 2 network 10.0.0.0 network 22.0.0.0 #
7-41

return
Configuration file of CE-Rc

# sysname CE-Rc # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.10.1 255.255.255.0 pim sm igmp enable # interface GigabitEthernet2/0/0 ip address 10.110.5.2 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip address 10.110.12.2 255.255.255.0 pim sm # rip 2 network 10.0.0.0 # return
Configuration file of CE-Bc

# sysname CE-Bc # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.110.11.1 255.255.255.0 pim sm igmp enable # interface GigabitEthernet2/0/0 ip address 10.110.6.2 255.255.255.0 pim sm # rip 3 network 10.0.0.0 # return
7-42
7.5.2 Example of configuring inter-AS MD VPN

As shown in the following figure, both AS100 and AS200 connect with VPN RED and VPN BLUE. Figure 7-12 Networking diagram of inter-AS MD VPN
Source2 VPN BLUE GbE1 Loopback0 Loopback1 Loopback0 Loopback1 GbE2 AS 100 GbE1 GbE1 GbE2 GbE2 GbE2 AS 200 GbE1 GbE1 VPN RED GbE1 PC1
CE-B GbE2
GbE3 Loopback1
CE-C
GbE2 Loopback1 GbE3
PE-A
PE-B
Loopback2
PE-C
Loopback2
PE-D
GbE2
CE-A
GbE2
CE-D
GbE1 VPN RED Source1 VPN BLUE
GbE1 PC2
GbE1 is Gigabit Ethernet 1/0/0, GbE2 is Gigabit Ethernet 2/0/0 and GbE3 is Gigabit Ethernet 3/0/0. The IP address of each interface is listed as follows:
Table 7-3 Configuration of router interface Device PE-A IP address of interface GbE1: 10.10.1.1/24 GbE2: 10.111.1.1/24 GbE3: 10.111.2.1/24 Loopback1: 1.1.1.1/32 Remarks Public instance VPN-RED VPN-BLUE Public instance Used to set up BGP peers
7-43
Device PE-B
IP address of interface GbE1: 10.10.1.2/24 GbE2: 192.168.1.1/24 Loopback1: 1.1.1.2/32 Loopback2: 11.11.11.11/32
Remarks Public instance Public instance Public instance Used to set up BGP peers and MSDP peers Public instance Acts as C-BSR and C-RP of the PIM domain in AS100
PE-C
GbE1: 10.10.2.1/24 GbE2: 192.168.1.2/24 Loopback1: 1.1.1.3/32 Loopback2: 22.22.22.22/32
Public instance Public instance Public instance Used to set up BGP peers and MSDP peers Public instance Acts as C-BSR and C-RP of the PIM domain in AS200
PE-D
GbE1: 10.10.2.2/24 GbE2: 10.111.3.1/24 GbE3: 10.111.4.1/24 Loopback1: 1.1.1.4/32
Public instance VPN-RED VPN-BLUE Public instance Used to set up BGP peers Acts as C-BSR and C-RP of the PIM domain in VPN-BLUE Acts as C-BSR and C-RP of the PIM domain in VPN-RED Multicast source in VPN-RED Multicast source in VPN-BLUE Multicast receiver in VPN-RED
CE-A CE-B
GbE1: 10.111.5.1/24 GbE2: 10.111.1.2/24 GbE1: 10.111.6.1/24 GbE2: 10.111.2.2/24 Loopback0: 2.2.2.2/32
CE-C
GbE1: 10.111.7.1/24 GbE2: 10.111.3.2/24 Loopback0: 3.3.3.3/24
CE-D Source1 Source2 PC1
GbE1: 10.111.8.1/24 GbE2: 10.111.4.2/24 10.111.5.2./24 10.111.6.2/24 10.111.7.2/24
7-44
Device PC2
IP address of interface 10.111.8.2/24
Remarks Multicast receiver in VPN-BLUE
Table 7-4 Networking requirements of inter-AS MD VPN Item Multicast source and multicast receiver Networking requirements Multicast source of VPN RED is Source1 and the multicast receiver is PC1. Multicast source of VPN BLUE is Source2 and the multicast receiver is PC2. In VPN RED, the Share-Group address is 239.1.1.1 and the Switch-Group address pool ranges from 225.1.1.1 to 225.1.1.16. In VPN BLUE, the Share-Group address is 239.4.4.4 and the Switch-Group address pool ranges from 225.4.4.1 to 225.4.4.16. VPN instance to which the interfaces on PEs belong On PE-A, GE1 and Loopback1 belong to the public network instance; GE2 belongs to VPN-RED; GE3 belongs to VPN-BLUE. On PE-B, GE1, GE2, Loopback1, and Loopback2 belong to the public network instance. On PE-C, GE1, GE2, Loopback1, and Loopback2 belong to the public network instance. On PE-D, GE1 and Loopback1 belong to the public network instance; GE2 belongs to VPN-RED; GE3 belongs to VPN-BLUE. Routing protocol and MPLS Configure the OSPF routing protocol in AS100 and AS200. Enable OSPF between PE and CE routers. Configure BGP peers and transmit all VPN routes between the interfaces Loopback1 among PE-A, PE-B, PE-C, and PE-D. Enable MPLS in AS100 and AS200. Multicast functions Enable multicast on the public network instance on PE-A, PE-B, PE-C, and PE-D. Enable multicast on VPN-RED and VPN-BLUE on PE-A and PE-D. Enable multicast on CE-A, CE-B, CE-C, and CE-D. IGMP functions Enable IGMP at the GE1 interface on CE-C. Enable IGMP at the GE1 interface on CE-D.
7-45
Item PIM functions
Networking requirements Enable PIM-SM on all the public network instance interfaces on PE-A, PE-B, PE-C, and PE-D. Enable PIM-SM on the interfaces of VPN instances on PE-A and PE-D. Set Loopback2 of PE-B and PE-C as the C-BSR and C-RP of the public network instance in the AS to which they belong (serving all multicast groups). Set Loopback0 of CE-B as the C-BSR and C-RP of VPN-BLUE (serving all multicast groups). Set Loopback0 of CE-C as the C-BSR and C-RP of VPN-RED (serving all multicast groups).
MSDP functions
Establish MSDP peers on Loopback1 interfaces of PE-B and PE-C.
The steps in the configuration roadmap are 1. 2. Configure MPLS/BGP VPN to ensure that the VPN network works normally and the unicast route is accessible. Enable the multicast function and the PIM function in the entire network, set up the multicast instance of the public network between PE and P, and set up the VPN instance multicast between PE and CE. Configure an MSDP peer on EBGP peers of PE-B and PE-C. Configure the same Share-Group address, the same MTI, and the same Switch-MDT switch for a VPN instance on PE. Configure the MTI address as the IBGP Peer interface address of the public network, and enable PIM protocol on MTI.
3. 4. 5.
Data preparation
See Table 7-4 for details on data preparation.
This configuration example includes only the commands related to configuring inter-AS MD VPN.
Step 1 Configuring PE-A # Configure an ID for PE-A, enable the public network IP multicast routing, configure ID for MPLS LSR, and enable LDP:
[PE-A] router id 1.1.1.1 [PE-A] multicast routing-enable [PE-A] mpls lsr-id 1.1.1.1 [PE-A] mpls [PE-A-mpls] quit [PE-A] mpls ldp
7-46

[PE-A-mpls-ldp] quit
# Create the VPN RED instance and enter the VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure the Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-A] ip vpn-instance RED [PE-A-vpn-instance-RED] route-distinguisher 100:1 [PE-A-vpn-instance-RED] vpn-target 100:1 export-extcommunity [PE-A-vpn-instance-RED] vpn-target 100:1 import-extcommunity [PE-A-vpn-instance-RED] multicast routing-enable [PE-A-vpn-instance-RED] multicast-domain share-group 239.1.1.1 binding mtunnel 0 [PE-A-vpn-instance-RED] multicast-domain switch-group-pool 225.1.1.1 28 [PE-A-vpn-instance-RED] quit
# Create the VPN BLUE instance and enter the VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure the Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-A] ip vpn-instance BLUE [PE-A-vpn-instance-BLUE] route-distinguisher 200:1 [PE-A-vpn-instance-BLUE] vpn-target 200:1 export-extcommunity [PE-A-vpn-instance-BLUE] vpn-target 200:1 import-extcommunity [PE-A-vpn-instance-BLUE] multicast routing-enable [PE-A-vpn-instance-BLUE] multicast-domain share-group 239.4.4.4 binding mtunnel 1 [PE-A-vpn-instance-BLUE] multicast-domain switch-group-pool 225.4.4.1 28 [PE-A-vpn-instance-BLUE] quit
# Enable LDP and PIM-SM on the public network instance interface Gigabit Ethernet 1/0/0:
[PE-A] interface gigabitethernet 1/0/0 [PE-A-GigabitEthernet1/0/0] ip address 10.10.1.1 24 [PE-A-GigabitEthernet1/0/0] pim sm [PE-A-GigabitEthernet1/0/0] mpls [PE-A-GigabitEthernet1/0/0] mpls ldp
# Bind Gigabit Ethernet 2/0/0 to VPN RED and enable PIM-SM:

[PE-A] interface gigabitethernet 2/0/0 [PE-A-GigabitEthernet2/0/0] ip binding vpn-instance RED [PE-A-GigabitEthernet2/0/0] ip address 10.111.1.1 24 [PE-A-GigabitEthernet2/0/0] pim sm
# Bind Gigabit Ethernet 3/0/0 to VPN BLUE and enable PIM-SM:

[PE-A] interface gigabitethernet 3/0/0 [PE-A-GigabitEthernet3/0/0] ip binding vpn-instance BLUE [PE-A-GigabitEthernet3/0/0] ip address 10.111.2.1 24 [PE-A-GigabitEthernet3/0/0] pim sm
# Set an IP address for Loopback1 and enable PIM-SM:

[PE-A] interface loopback 1 [PE-A-LoopBack1] ip address 1.1.1.1 32 [PE-A-LoopBack1] pim sm [PE-A-LoopBack1] quit
# Set the same IP address for MTI0 and enable PIM-SM:
7-47

[PE-A] interface MTunnel 0 [PE-A-MTunnel0] ip address 1.1.1.1 32 [PE-A-MTunnel0] pim sm

[PE-A] interface MTunnel 1 [PE-A-MTunnel1] ip address 1.1.1.1 32 [PE-A-MTunnel1] pim sm
# Configure unicast routing information of BGP and OSPF:

[PE-A] bgp 100 [PE-A-bgp] group pea-peb internal [PE-A-bgp] peer pea-peb label-route-capability [PE-A-bgp] peer pea-peb connect-interface LoopBack1 [PE-A-bgp] peer 1.1.1.2 group pea-peb [PE-A-bgp] group pea-ped external [PE-A-bgp] peer pea-ped as-number 200 [PE-A-bgp] peer pea-ped ebgp-max-hop 255 [PE-A-bgp] peer 1.1.1.4 group pea-ped [PE-A-bgp] peer 1.1.1.4 connect-interface Loopback1 [PE-Abgp] ipv4-family vpn-instance RED [PE-A-bgp-RED] import-route ospf 2 [PE-A-bgp-RED] import-route direct [PE-A-bgp-RED] quit [PE-Abgp] ipv4-family vpn-instance BLUE [PE-A-bgp-BLUE] import-route ospf 3 [PE-A-bgp-BLUE] import-route direct [PE-A-bgp-BLUE] quit [PE-Abgp] ipv4-family vpnv4 [PE-Abgp-af-vpnv4] peer 1.1.1.4 enable [PE-Abgp-af-vpnv4] quit [PE-A] ospf 1 [PE-A-ospf-1] area 0.0.0.0 [PE-A-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [PE-A-ospf-1-area-0.0.0.0] network 10.10.0.0 0.0.255.255 [PE-A-ospf-1-area-0.0.0.0] quit [PE-A-ospf-1] quit [PE-A] ospf 2 vpn-instance RED [PE-A-ospf-2] import-route bgp [PE-A-ospf-2] area 0.0.0.0 [PE-A-ospf-2-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [PE-A-ospf-2-area-0.0.0.0] quit [PE-A] ospf 3 vpn-instance BLUE [PE-A-ospf-3] import-route bgp [PE-A-ospf-3] area 0.0.0.0 [PE-A-ospf-3-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [PE-A-ospf-3-area-0.0.0.0] quit
Step 2 Configuring PE-B
7-48
# Configure an ID for PE-B, enable the public network IP multicast routing, configure ID for MPLS LSR, and enable LDP:
[PE-B] router id 1.1.1.2 [PE-B] multicast routing-enable [PE-B] mpls lsr-id 1.1.1.2 [PE-B] mpls [PE-B-mpls] quit [PE-B] mpls ldp [PE-B-mpls-ldp] quit
[PE-B] interface gigabitethernet 1/0/0 [PE-B-GigabitEthernet1/0/0] ip address 10.10.1.2 24 [PE-B-GigabitEthernet1/0/0] pim sm [PE-B-GigabitEthernet1/0/0] mpls [PE-B-GigabitEthernet1/0/0] mpls ldp [PE-B-GigabitEthernet1/0/0] quit
# Enable PIM-SM on public network interface Gigabit Ethernet 2/0/0 and enable MPLS:
[PE-B] interface gigabitethernet 2/0/0 [PE-B-GigabitEthernet2/0/0] ip address 192.168.1.1 24 [PE-B-GigabitEthernet2/0/0] pim sm [PE-B-GigabitEthernet2/0/0] mpls [PE-B-GigabitEthernet2/0/0] quit

[PE-B] interface loopback 1 [PE-B-LoopBack1] ip address 1.1.1.2 32 [PE-B-LoopBack1] pim sm [PE-B-LoopBack1] quit

[PE-B] interface loopback 2 [PE-B-LoopBack2] ip address 11.11.11.11 32 [PE-B-LoopBack2] pim sm [PE-B-LoopBack2] quit
# Configure static routes, BGP, and OSPF unicast routing information:

[PE-B] ip route-static 1.1.1.3 32 gigabitethernet 2/0/0 192.168.1.2 [PE-B] bgp 100 [PE-B-bgp] import-route ospf 1 [PE-B-bgp] group peb-pea internal [PE-B-bgp] peer peb-pea route-policy map2 export [PE-B-bgp] peer peb-pea label-route-capability [PE-B-bgp] peer peb-pea connect-interface LoopBack1 [PE-B-bgp] peer 1.1.1.1 group peb-pea [PE-B-bgp] group peb-pec external [PE-B-bgp] peer peb-pec as-number 200 [PE-B-bgp] peer peb-pec ebgp-max-hop 255 [PE-B-bgp] peer peb-pec route-policy map1 export [PE-B-bgp] peer peb-pec label-route-capability [PE-B-bgp] peer peb-pec connect-interface Loopback1 [PE-B-bgp] peer 1.1.1.3 group peb-pec
7-49

[PE-B] ospf 1 [PE-B-ospf-1] area 0.0.0.0 [PE-B-ospf-1-area-0.0.0.0] network 1.1.1.2 0.0.0.0
[PE-B-ospf-1-area-0.0.0.0] network 10.10.0.0 0.0.255.255 [PE-B-ospf-1-area-0.0.0.0] network 11.11.11.11 0.0.0.0 [PE-B-ospf-1-area-0.0.0.0] quit [PE-B-ospf-1] quit
# Set routing policies:

[PE-B] route-policy map1 permit node 10 [PE-B-route-policy] apply mpls-label [PE-B-route-policy] quit [PE-B] route-policy map2 permit node 10 [PE-B-route-policy] if-match mpls-label [PE-B-route-policy] apply mpls-label
# Configure the C-BSR and C-RP:

[PE-B] pim [PE-B-pim] c-bsr loopback 2 [PE-B-pim] c-rp loopback 2 [PE-B-pim] quit
# Configure the BSR boundary:

[PE-B] interface gigabitethernet 2/0/0 [PE-B-GigabitEthernet2/0/0] pim bsr-boundary [PE-B-GigabitEthernet2/0/0] quit
# Set up the MSP peer:

[PE-B] msdp [PE-B-msdp] encap-data-enable [PE-B-msdp] peer 1.1.1.3 connect-interface Loopback1
Step 3 Configure PE-C. # Configure ID for PE-C, enable the public network IP multicast routing, configure ID for MPLS LSR, and enable LDP:
[PE-C] router id 1.1.1.3 [PE-C] multicast routing-enable [PE-C] mpls lsr-id 1.1.1.3 [PE-C] mpls [PE-C-mpls] quit [PE-C] mpls ldp [PE-C-mpls-ldp] quit
# Enable MPLS LDP and PIM-SM on Gigabit Ethernet 1/0/0 of the public network:
[PE-C] interface gigabitethernet 1/0/0 [PE-C-GigabitEthernet1/0/0] ip address 10.10.2.1 24 [PE-C-GigabitEthernet1/0/0] pim sm [PE-C-GigabitEthernet1/0/0] mpls [PE-C-GigabitEthernet1/0/0] mpls ldp [PE-C-GigabitEthernet1/0/0] quit
# Enable PIM-SM on the public network interface Gigabit Ethernet 2/0/0 and enable MPLS:
7-50

[PE-C] interface gigabitethernet 2/0/0 [PE-C-GigabitEthernet2/0/0] ip address 192.168.1.2 24 [PE-C-GigabitEthernet2/0/0] pim sm [PE-C-GigabitEthernet2/0/0] mpls [PE-C-GigabitEthernet2/0/0] quit


# Configure static routes, BGP, and OSPF unicast routing information:

[PE-C] ip route-static 1.1.1.2 32 gigabitethernet 2/0/0 192.168.1.1 [PE-C] bgp 200 [PE-C-bgp] import-route ospf 1 [PE-C-bgp] group pec-ped internal [PE-C-bgp] peer pec-ped route-policy map2 export [PE-C-bgp] peer pec-ped label-route-capability [PE-C-bgp] peer pec-ped connect-interface LoopBack1 [PE-C-bgp] peer 1.1.1.4 group pec-ped [PE-C-bgp] group pec-peb external [PE-C-bgp] peer pec-peb as-number 100 [PE-C-bgp] peer pec-peb ebgp-max-hop 255 [PE-C-bgp] peer pec-peb route-policy map1 export [PE-C-bgp] peer pec-peb label-route-capability [PE-C-bgp] peer pec-peb connect-interface Loopback1 [PE-C-bgp] peer 1.1.1.2 group pec-peb [PE-C] ospf 1 [PE-C-ospf-1] area 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] network 1.1.1.3 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] network 10.10.0.0 0.0.255.255 [PE-C-ospf-1-area-0.0.0.0] network 22.22.22.22 0.0.0.0 [PE-C-ospf-1-area-0.0.0.0] quit [PE-C-ospf-1] quit
# Configure a routing policy:

[PE-C] route-policy map1 permit node 10 [PE-C-route-policy] apply mpls-label [PE-C-route-policy] quit [PE-C] route-policy map2 permit node 10 [PE-C-route-policy] if-match mpls-label [PE-C-route-policy] apply mpls-label
# Configure the C-BSR and C-RP:

[PE-C] pim [PE-C-pim] c-bsr loopback 2
7-51

[PE-C-pim] c-rp loopback 2 [PE-C-pim] quit
# Configure the PIM BSR boundary:

[PE-C] interface gigabitethernet 2/0/0 [PE-C-GigabitEthernet2/0/0] pim bsr-boundary [PE-C-GigabitEthernet2/0/0] quit
# Set up the MSP peer:

[PE-C] msdp [PE-C-msdp] encap-data-enable [PE-C-msdp] peer 1.1.1.2 connect-interface Loopback1 [PE-C-msdp] quit
Step 4 Configure PE-D. # Configure ID for PE-D, enable the public network IP multicast routing, configure an ID for MPLS LSR, and enable LDP:
[PE-D] router id 1.1.1.4 [PE-D] multicast routing-enable [PE-D] mpls lsr-id 1.1.1.4 [PE-D] mpls [PE-D-mpls] quit [PE-D] mpls ldp [PE-D-mpls-ldp] quit
# Create the VPN RED instance and enter the VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure the Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-D] ip vpn-instance RED [PE-D-vpn-instance-RED] route-distinguisher 100:1 [PE-D-vpn-instance-RED] vpn-target 100:1 export-extcommunity [PE-D-vpn-instance-RED] vpn-target 100:1 import-extcommunity [PE-D-vpn-instance-RED] multicast routing-enable [PE-D-vpn-instance-RED] multicast-domain share-group 239.1.1.1 binding mtunnel 0 [PE-D-vpn-instance-RED] multicast-domain switch-group-pool 225.1.1.1 28 [PE-D-vpn-instance-RED] quit
# Create the VPN BLUE instance and enter the VPN instance view. Configure VPN IPv4 prefix and create egress and ingress routes for the instance. Enable IP multicast routing and configure the Share-Group. Specify MTI bound to the VPN instance and the range of switch address pool:
[PE-D] ip vpn-instance BLUE [PE-D-vpn-instance-BLUE] route-distinguisher 200:1 [PE-D-vpn-instance-BLUE] vpn-target 200:1 export-extcommunity [PE-D-vpn-instance-BLUE] vpn-target 200:1 import-extcommunity [PE-D-vpn-instance-BLUE] multicast routing-enable [PE-D-vpn-instance-BLUE] multicast-domain share-group 239.4.4.4 binding mtunnel 1 [PE-D-vpn-instance-BLUE] multicast-domain switch-group-pool 225.4.4.1 28 [PE-D-vpn-instance-BLUE] quit
[PE-D] interface gigabitethernet 1/0/0
7-52

[PE-D-GigabitEthernet1/0/0] ip address 10.10.2.2 24 [PE-D-GigabitEthernet1/0/0] pim sm [PE-D-GigabitEthernet1/0/0] mpls [PE-D-GigabitEthernet1/0/0] mpls ldp
# Bind Gigabit Ethernet 2/0/0 to VPN RED and enable PIM-SM:

[PE-D] interface gigabitethernet 2/0/0 [PE-D-GigabitEthernet2/0/0] ip binding vpn-instance RED [PE-D-GigabitEthernet2/0/0] ip address 10.111.3.1 24 [PE-D-GigabitEthernet2/0/0] pim sm
# Bind Gigabit Ethernet 3/0/0 to VPN BLUE and enable PIM-SM:

[PE-D] interface gigabitethernet 3/0/0 [PE-D-GigabitEthernet3/0/0] ip binding vpn-instance BLUE [PE-D-GigabitEthernet3/0/0] ip address 10.111.4.1 24 [PE-D-GigabitEthernet3/0/0] pim sm
# Assign an IP address for Loopback1 and enable PIM-SM:

[PE-D] interface loopback 1 [PE-D-LoopBack1] ip address 1.1.1.4 32 [PE-D-LoopBack1] pim sm [PE-D-LoopBack1] quit
# Assign the same IP address for MTI0 and enable PIM-SM:

[PE-D] interface MTunnel 0 [PE-D-MTunnel1] ip address 1.1.1.4 32 [PE-D-MTunnel1] pim sm

[PE-D] interface MTunnel 1 [PE-D-MTunnel1] ip address 1.1.1.4 32 [PE-D-MTunnel1] pim sm
# Configure BGP and OSPF unicast routing information:

[PE-D] bgp 200 [PE-D-bgp] group ped-pec internal [PE-D-bgp] peer ped-pec label-route-capability [PE-D-bgp] peer ped-pec connect-interface LoopBack1 [PE-D-bgp] peer 1.1.1.3 group ped-pec [PE-D-bgp] group ped-pea external [PE-D-bgp] peer ped-pea as-number 100 [PE-D-bgp] peer ped-pea ebgp-max-hop 255 [PE-D-bgp] peer 1.1.1.1 group ped-pea [PE-D-bgp] peer 1.1.1.1 connect-interface Loopback1 [PE-Dbgp] ipv4-family vpn-instance RED [PE-D-bgp-RED] import-route ospf 2 [PE-D-bgp-RED] import-route direct [PE-D-bgp-RED] quit [PE-Dbgp] ipv4-family vpn-instance BLUE [PE-D-bgp-BLUE] import-route ospf 3 [PE-D-bgp-BLUE] import-route direct [PE-D-bgp-BLUE] quit
7-53

[PE-Dbgp] ipv4-family vpnv4 [PE-Dbgp-af-vpnv4] peer 1.1.1.1 enable [PE-Dbgp-af-vpnv4] quit [PE-D] ospf 1 [PE-D-ospf-1] area 0.0.0.0 [PE-D-ospf-1-area-0.0.0.0] network 1.1.1.4 0.0.0.0
[PE-D-ospf-1-area-0.0.0.0] network 10.10.0.0 0.0.255.255 [PE-D-ospf-1-area-0.0.0.0] quit [PE-D-ospf-1] quit [PE-D] ospf 2 vpn-instance RED [PE-D-ospf-2] import-route bgp [PE-D-ospf-2] area 0.0.0.0 [PE-D-ospf-2-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [PE-D-ospf-2-area-0.0.0.0] quit [PE-D] ospf 3 vpn-instance BLUE [PE-D-ospf-3] import-route bgp [PE-D-ospf-3] area 0.0.0.0 [PE-D-ospf-3-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [PE-D-ospf-3-area-0.0.0.0] quit
Step 5 Configure CE-A. # Enable multicast routing:

[CE-A] multicast routing-enable

[CE-A] interface gigabitethernet 1/0/0 [CE-A-GigabitEthernet1/0/0] ip address 10.111.5.1 24 [CE-A-GigabitEthernet1/0/0] pim sm

[CE-A] interface gigabitethernet 2/0/0 [CE-A-GigabitEthernet2/0/0] ip address 10.111.1.2 24 [CE-A-GigabitEthernet2/0/0] pim sm

[CE-A] ospf 1 [CE-A-ospf-1] area 0.0.0.0 [CE-A-ospf-1-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [CE-A-ospf-1-area-0.0.0.0] quit
Step 6 Configure CE-B. # Enable multicast routing:

[CE-B] multicast routing-enable

[CE-B] interface gigabitethernet 1/0/0 [CE-B-GigabitEthernet1/0/0] ip address 10.111.6.1 24 [CE-B-GigabitEthernet1/0/0] pim sm
7-54

[CE-B] interface gigabitethernet 2/0/0 [CE-B-GigabitEthernet2/0/0] ip address 10.111.2.2 24 [CE-B-GigabitEthernet2/0/0] pim sm

[CE-B] interface loopback 0 [CE-B-LoopBack0] ip address 2.2.2.2 32 [CE-B-LoopBack0] pim sm [CE-B-LoopBack0] quit
# Set Loopback0 as the BSR and RP of VPN BLUE:

[CE-B] pim [CE-B-pim] c-bsr Loopback 0 [CE-B-pim] c-rp Loopback 0

[CE-B] ospf 1 [CE-B-ospf-1] area 0.0.0.0 [CE-B-ospf-1-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [CE-B-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0 [CE-B-ospf-1-area-0.0.0.0] quit
Step 7 Configure CE-C. # Enable multicast routing:

[CE-C] multicast routing-enable
# Enable PIM-SM and IGMP on Gigabit Ethernet 1/0/0:

[CE-C] interface gigabitethernet 1/0/0 [CE-C-GigabitEthernet1/0/0] ip address 10.111.7.1 24 [CE-C-GigabitEthernet1/0/0] pim sm [CE-C-GigabitEthernet1/0/0] igmp enable

[CE-C] interface gigabitethernet 2/0/0 [CE-C-GigabitEthernet2/0/0] ip address 10.111.3.2 24 [CE-C-GigabitEthernet2/0/0] pim sm
# Set an IP address for Loopback0, and enable PIM-SM:

[CE-C] interface loopback0 [CE-C-LoopBack0] ip address 3.3.3.3 32 [CE-C-LoopBack0] pim sm [CE-C-LoopBack0] quit
# Set Loopback0 as the BSR and RP of VPN RED:

[CE-C] pimD [CE-C-pim] c-bsr Loopback0 [CE-C-pim] c-rp Loopback0

[CE-C] ospf 1
7-55

[CE-C-ospf-1] area 0.0.0.0
[CE-C-ospf-1-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [CE-C-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0 [CE-C-ospf-1-area-0.0.0.0] quit
Step 8 Configure CE-D. # Enable multicast routing:

[CE-D] multicast routing-enable
# Enable PIM-SM at Gigabit Ethernet 1/0/0:

[CE-D] interface gigabitethernet 1/0/0 [CE-D-GigabitEthernet1/0/0] ip address 10.111.8.1 24 [CE-D-GigabitEthernet1/0/0] pim sm [CE-D-GigabitEthernet1/0/0] igmp enable
# Enable PIM-SM at Gigabit Ethernet 2/0/0:

[CE-D] interface gigabitethernet 2/0/0 [CE-D-GigabitEthernet2/0/0] ip address 10.111.4.2 24 [CE-D-GigabitEthernet2/0/0] pim sm

[CE-D] ospf 1 [CE-D-ospf-1] area 0.0.0.0 [CE-D-ospf-1-area-0.0.0.0] network 10.111.0.0 0.0.255.255 [CE-D-ospf-1-area-0.0.0.0] quit
Step 9 Verify the configuration. After the configuration is complete, PC1 can receive multicast packets from Source1, and PC2 can receive multicast packets from Source2. ----End
Configuration files
Configuration file of PE-A
# sysname PE-A # multicast routing-enable # ip vpn-instance RED route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.1.1.1 binding mtunnel 0 multicast-domain switch-group-pool 225.1.1.1 255.255.255.240 # ip vpn-instance BLUE route-distinguisher 200:1 vpn-target 200:1 export-extcommunity vpn-target 200:1 import-extcommunity multicast routing-enable
7-56
multicast-domain share-group 239.4.4.4 binding mtunnel 1 multicast-domain switch-group-pool 225.4.4.1 255.255.255.240 # mpls lsr-id 1.1.1.1 mpls # mpls ldp # interface GigabitEthernet1/0/0 ip address 10.10.1.1 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip binding vpn-instance RED ip address 10.111.1.1 255.255.255.0 pim sm # interface Gigabit Ethernet3/0/0 ip binding vpn-instance BLUE ip address 10.111.2.1 255.255.255.0 pim sm # interface LoopBack1 ip address 1.1.1.1 255.255.255.255 pim sm # interface MTunnel0 ip binding vpn-instance RED ip address 1.1.1.1 255.255.255.255 pim sm # interface MTunnel1 ip binding vpn-instance BLUE ip address 1.1.1.1 255.255.255.255 pim sm # bgp 100 group pea-peb internal peer pea-peb connect-interface LoopBack1 peer 1.1.1.2 group pea-peb group pea-ped external peer pea-ped as-number 200 peer pea-ped ebgp-max-hop 255 peer 1.1.1.4 group pea-ped peer 1.1.1.4 connect-interface LoopBack1 # ipv4-family unicast undo synchronization peer pea-peb enable peer pea-peb label-route-capability peer 1.1.1.2 enable peer 1.1.1.2 group pea-peb peer pea-ped enable
7-57

peer 1.1.1.4 enable peer 1.1.1.4 group pea-ped # ipv4-family vpn-instance RED import-route direct import-route ospf 2 # ipv4-family vpn-instance BLUE import-route direct import-route ospf 3 # ipv4-family vpnv4 policy vpn-target peer 1.1.1.4 enable # ospf 1 area 0.0.0.0 network 10.10.0.0 0.0.255.255 network 1.1.1.1 0.0.0.0 # ospf 2 vpn-instance RED import-route bgp area 0.0.0.0 network 10.111.0.0 0.0.255.255 # ospf 3 vpn-instance BLUE import-route bgp area 0.0.0.0 network 10.111.0.0 0.0.255.255 # return
Configuration file of PE-B

# sysname PE-B # multicast routing-enable # mpls lsr-id 1.1.1.2 mpls # mpls ldp # interface GigabitEthernet1/0/0 ip address 10.10.1.2 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip address 192.168.1.1 255.255.255.0 pim sm pim bsr-boundary mpls # interface LoopBack1
7-58

ip address 1.1.1.2 255.255.255.255 pim sm # interface LoopBack2 ip address 11.11.11.11 255.255.255.255 pim sm #
ip route-static 1.1.1.3 255.255.255.255 GigabitEthernet2/0/0 192.168.1.2 # bgp 100 group peb-pea internal peer peb-pea connect-interface LoopBack1 peer 1.1.1.1 group peb-pea group peb-pec external peer peb-pec as-number 200 peer peb-pec ebgp-max-hop 255 peer peb-pec connect-interface LoopBack1 peer 1.1.1.3 group peb-pec # ipv4-family unicast undo synchronization import-route ospf 1 peer peb-pea enable peer peb-pea route-policy map2 export peer peb-pea next-hop-local peer peb-pea label-route-capability peer 1.1.1.1 enable peer 1.1.1.1 group peb-pea peer peb-pec enable peer peb-pec route-policy map1 export peer peb-pec label-route-capability peer 1.1.1.3 enable peer 1.1.1.3 group peb-pec # ospf 1 area 0.0.0.0 network 10.10.0.0 0.0.255.255 network 11.11.11.11 0.0.0.0 network 1.1.1.2 0.0.0.0 # route-policy map1 permit node 10 apply mpls-label route-policy map2 permit node 10 if-match mpls-label apply mpls-label # pim c-bsr LoopBack2 c-rp LoopBack2 # msdp encap-data-enable peer 1.1.1.3 connect-interface LoopBack1 # return
7-59
Configuration file of PE-C

# sysname PE-C # multicast routing-enable # mpls lsr-id 1.1.1.3 mpls # mpls ldp # interface GigabitEthernet1/0/0 ip address 10.10.2.1 255.255.255.0 pim sm mpls mpls ldp # interface GigabitEthernet2/0/0 ip address 192.168.1.2 255.255.255.0 pim sm pim bsr-boundary mpls # interface LoopBack1 ip address 1.1.1.3 255.255.255.255 pim sm # interface LoopBack2 ip address 22.22.22.22 255.255.255.255 pim sm # ip route-static 1.1.1.2 255.255.255.255 GigabitEthernet2/0/0 192.168.1.1 # bgp 200 group pec-ped internal peer pec-ped connect-interface LoopBack1 peer 1.1.1.4 group pec-ped group pec-peb external peer pec-peb as-number 100 peer pec-peb ebgp-max-hop 255 peer pec-peb connect-interface LoopBack1 peer 1.1.1.2 group pec-peb # ipv4-family unicast undo synchronization import-route ospf 1 peer pec-ped enable peer pec-ped route-policy map2 export peer pec-ped next-hop-local peer pec-ped label-route-capability peer 1.1.1.4 enable peer 1.1.1.4 group pec-ped peer pec-peb enable peer pec-peb route-policy map1 export peer pec-peb label-route-capability
7-60

peer 1.1.1.2 enable peer 1.1.1.2 group pec-peb # ospf 1 area 0.0.0.0 network 10.10.0.0 0.0.255.255 network 22.22.22.22 0.0.0.0 network 1.1.1.3 0.0.0.0 # route-policy map1 permit node 10 apply mpls-label route-policy map2 permit node 10 if-match mpls-label apply mpls-label # pim c-bsr LoopBack2 c-rp LoopBack2 # msdp encap-data-enable peer 1.1.1.2 connect-interface LoopBack1 # return
Configuration file of PE-D

# sysname PE-D # multicast routing-enable # ip vpn-instance RED route-distinguisher 100:1 vpn-target 100:1 export-extcommunity vpn-target 100:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.1.1.1 binding mtunnel 0 multicast-domain switch-group-pool 225.1.1.1 255.255.255.240 # ip vpn-instance BLUE route-distinguisher 200:1 vpn-target 200:1 export-extcommunity vpn-target 200:1 import-extcommunity multicast routing-enable multicast-domain share-group 239.4.4.4 binding mtunnel 1 multicast-domain switch-group-pool 225.4.4.4 255.255.255.240 # mpls lsr-id 1.1.1.4 mpls # mpls ldp # interface GigabitEthernet1/0/0 ip address 10.10.2.2 255.255.255.0 pim sm mpls
7-61

mpls ldp # interface GigabitEthernet2/0/0 ip binding vpn-instance RED ip address 10.111.3.1 255.255.255.0 pim sm # interface GigabitEthernet3/0/0 ip binding vpn-instance BLUE ip address 10.111.4.1 255.255.255.0 pim sm # interface LoopBack1 ip address 1.1.1.4 255.255.255.255 pim sm # interface MTunnel0 ip binding vpn-instance RED ip address 1.1.1.4 255.255.255.255 pim sm # interface MTunnel1 ip binding vpn-instance BLUE ip address 1.1.1.4 255.255.255.255 pim sm # bgp 200 group ped-pec internal peer ped-pec connect-interface LoopBack1 peer 1.1.1.3 group ped-pec group ped-pea external peer ped-pea as-number 100 peer ped-pea ebgp-max-ho/p 255 peer ped-pea connect-interface LoopBack1 peer 1.1.1.1 group ped-pea # ipv4-family unicast undo synchronization import-route direct import-route ospf 1 peer ped-pec enable peer ped-pec route-policy map2 export peer ped-pec next-hop-local peer ped-pec label-route-capability peer 1.1.1.3 enable peer 1.1.1.3 group ped-pec peer ped-pea enable peer ped-pea route-policy map1 export peer ped-pea label-route-capability peer 1.1.1.1 enable peer 1.1.1.1 group ped-pea # ipv4-family vpnv4 policy vpn-target peer 1.1.1.1 enable
7-62

# ipv4-family vpn-instance RED import-route direct import-route ospf 2 # ipv4-family vpn-instance BLUE import-route direct import-route ospf 3 # ospf 1 area 0.0.0.0 network 10.10.0.0 0.0.255.255 network 1.1.1.4 0.0.0.0 # ospf 2 vpn-instance RED import-route bgp area 0.0.0.0 network 10.111.0.0 0.0.255.255 # ospf 3 vpn-instance BLUE import-route bgp area 0.0.0.0 network 10.111.0.0 0.0.255.255 # return
Configuration file of CE-A

# sysname CE-A # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.111.5.1 255.255.255.0 pim sm # interface GigabitEthernet2/0/0 ip address 10.111.1.2 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 10.111.0.0 0.0.255.255 # return
Configuration file of CE-B

# sysname CE-B # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.111.6.1 255.255.255.0 pim sm #
7-63

interface GigabitEthernet2/0/0 ip address 10.111.2.2 255.255.255.0 pim sm # interface Loopback0 ip address 2.2.2.2 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.111.0.0 0.0.255.255 network 2.2.2.2 0.0.0.0 # pim c-bsr Loopback0 c-rp Loopback0 # return
Configuration file of CE-C

# sysname CE-C # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.111.7.1 255.255.255.0 pim sm igmp enable # interface GigabitEthernet2/0/0 ip address 10.111.3.2 255.255.255.0 pim sm # interface Loopback0 ip address 3.3.3.3 255.255.255.255 pim sm # ospf 1 area 0.0.0.0 network 10.111.0.0 0.0.255.255 network 3.3.3.3 0.0.0.0 # pim c-bsr Loopback0 c-rp Loopback0 # return
Configuration file of CE-D

# sysname CE-D # multicast routing-enable # interface GigabitEthernet1/0/0
7-64

ip address 10.111.8.1 255.255.255.0 pim sm igmp enable # interface GigabitEthernet2/0/0 ip address 10.111.4.2 255.255.255.0 pim sm # ospf 1 area 0.0.0.0 network 10.111.0.0 0.0.255.255 # return
7-65
Contents
Contents
8 Multicast routing and forwarding configuration ................................................................8-1
8.1 Introduction ...................................................................................................................................................8-2 8.1.1 Multicast routing and forwarding.........................................................................................................8-2 8.1.2 RPF mechanism ...................................................................................................................................8-3 8.1.3 Multicast policy ...................................................................................................................................8-5 8.2 Configuring static multicast routes................................................................................................................8-7 8.2.1 Establishing the configuration task ......................................................................................................8-7 8.2.2 Configuring a static multicast route .....................................................................................................8-8 8.2.3 Checking the configuration..................................................................................................................8-9 8.3 Configuring a multicast routing policy..........................................................................................................8-9 8.3.1 Establishing the configuration task ......................................................................................................8-9 8.3.2 Configuring longest match of multicast route....................................................................................8-10 8.3.3 Configuring load balancing of multicast route................................................................................... 8-11 8.3.4 Checking the configuration................................................................................................................8-12 8.4 Configuring multicast forwarding scope .....................................................................................................8-13 8.4.1 Establish the configuration task .........................................................................................................8-13 8.4.2 Configuring multicast forwarding boundary......................................................................................8-14 8.4.3 Configuring TTL threshold of multicast forwarding..........................................................................8-14 8.4.4 Checking the configuration................................................................................................................8-15 8.5 Setting limitation parameters of multicast forwarding table .......................................................................8-15 8.5.1 Establishing the configuration task ....................................................................................................8-15 8.5.2 Setting the maximum number of entries in multicast forwarding table .............................................8-17 8.5.3 Setting the maximum number of downstream nodes of multicast forwarding entry .........................8-18 8.5.4 Checking the configuration................................................................................................................8-19 8.6 Maintaining multicast policy.......................................................................................................................8-19 8.6.1 Clearing multicast routing and forwarding entries.............................................................................8-20 8.6.2 Debugging multicast routing and forwarding ....................................................................................8-20 8.7 Configuration examples ..............................................................................................................................8-21 8.7.1 Example of changing RPF routes through static multicast routes......................................................8-21 8.7.2 Example of connecting RPF routes through static multicast routes...................................................8-24 8.7.3 Example of implementing multicast through static multicast route tunnel ........................................8-29 8.8 Troubleshooting of static multicast routes...................................................................................................8-34
Figures
Figures
Figure 8-1 Diagram of RPF check process.........................................................................................................8-5 Figure 8-2 Diagram of static multicast route......................................................................................................8-6 Figure 8-3 Diagram of forwarding multicast packets over a tunnel ...................................................................8-7 Figure 8-4 Networking diagram of enabling static multicast route to change RPF route.................................8-22 Figure 8-5 Networking diagram of connecting RPF routes through static multicast routes.............................8-25 Figure 8-6 Networking diagram of implementing multicast through static multicast route tunnel ..................8-30
iii
Tables
Tables
Table 8-1 Description of the display multicast forwarding-table command output........................................8-2
8 Multicast routing and forwarding configuration
8
Section
Multicast routing and forwarding configuration
About this chapter

The following table describes the contents of this chapter. Description This section describes the principles and the concepts of multicast route, multicast forwarding, and Reverse Path Forwarding (RPF). This section describes the application and the configuration of static multicast routes. For configuration examples, see Example of changing RPF routes through static multicast routes and Example of connecting RPF routes through static multicast routes This section describes how to configure a multicast routing policy. This section describes how to configure a multicast forwarding scope. This section describes how to set the limitation parameters of the multicast forwarding table. This section describes how to clear the statistics of multicast routing and forwarding and how to debug multicast routing and forwarding. This section provides configuration examples of the multicast policy. This section describes how to detect and remove the faults of static multicast routes.
8.1 Introduction
8.2 Configuring static multicast routes
8.3 Configuring a multicast routing policy 8.4 Configuring multicast forwarding scope 8.5 Setting limitation parameters of multicast forwarding table 8.6 Maintaining multicast policy 8.7 Configuration examples 8.8 Troubleshooting of static multicast routes
8-1
8.1 Introduction
8.1.1 Multicast routing and forwarding
In the Nortel Secure Router 8000 Series, multicast routing and forwarding includes the following three aspects: Each multicast routing protocol uses its own routing table, such as the Protocol Independent Multicast (PIM) routing table The information on the multicast routing protocols builds a general multicast routing table. The multicast forwarding table controls the forwarding of the multicast packets. The multicast routing table resides in the multicast route management module. The table is composed of (S, G) entries. (S, G) indicates that S sends multicast data to G. If the multicast route management module supports multiple multicast protocols, the routing table contains multicast routes that are generated by protocols. The routing entries are copied to the multicast forwarding table. The multicast forwarding table guides the forwarding of data, and is consistent with the multicast routing table. The information given in the forwarding table is as follows:
<Nortel> display multicast forwarding-table Multicast Forwarding Table of VPN-Instance: public net Total 1 entry, 1 matched 00001. (172.168.0.2, 227.0.0.1), MID: 0, Flags: 0x0:0 Uptime: 00:08:32, Timeout in: 00:03:26 Incoming interface: Ethernet1/2/1 List of 1 outgoing interfaces: 1: Ethernet1/2/2 Matched 18696 packets (523488 bytes), Wrong If 0 packets Forwarded 18696 packets (523488 bytes)
Table 8-1 Description of the display multicast forwarding-table command output Item 00001 (172.168.0.2,227.0.0.1) Uptime Timeout in Incoming interface List of outgoing interface: 1: Ethernet1/2/2 Matched 18696 packets (523488 bytes), Wrong If 0 packets Forwarded 18696 packets (523488 bytes) Description The number of (S, G) entries (S, G) entry in the multicast routing table Existence time of (S, G) The residual time before the timeout of (S, G) Incoming interface of (S, G) Outgoing interface list; Number and name of outgoing interface; Number of packets (bytes ) matched with (S, G); number of Wrong If packets; number of multicast packets (bytes) forwarded by (S, G)
8-2
8.1.2 RPF mechanism

When creating the multicast routing table, the multicast protocol applies the Reverse Path Forwarding (RPF) mechanism. This mechanism ensures that the multicast data transmits along the correct path.
Application of RPF
After receiving a multicast packet sent by S to G, a router first searches the multicast forwarding table. If an (S, G) entry exists and the interface at which the packet arrives is consistent with the incoming interface, the router forwards the packet to all outgoing interfaces. If an (S, G) entry exists but the interface at which the packet arrives is not consistent with the incoming interface, the router does not perform the RPF check for the packet.
If the RPF check result indicates that the RPF interface is consistent with the incoming interface of the (S, G) entry, the (S, G) entry is correct, and the router drops packets obtained along incorrect paths. The (S, G) entry times out and the router updates the incoming interface as the RPF interface if the check result indicates inconsistency between the RPF interface and the incoming interface of the (S,G) entry. If the interface that the packet enters is just the RPF interface, the router forwards the packet to all outgoing interfaces. Otherwise, the router drops the packet.
If no (S, G) entry exists, the router performs the RPF check for the packet. The router uses the RPF interface as the incoming interface, and creates a routing entry. If the interface that the packet enters is the RPF interface, the router forwards the packet to all outgoing interfaces. Otherwise, the router drops the packet.
RPF check
A router performs the RPF check based on unicast routes, Multicast Border Gateway Protocol (MBGP) routes, or static multicast routes. The unicast routing table collects the shortest paths to each destination. The MBGP routing table provides the information on multicast routes. The static multicast routing table provides the information on RPF routes that are specified through static configuration. A multicast routing protocol does not maintain unicast routes independently, but depends on the current unicast routes, MBGP routes, or static multicast routes in the network to create routing entries. The reachable unicast route is the basis of the multicast route. While performing the RPF check, a router searches the unicast routing table, MBGP routing table, and static multicast routing table at the same time. 1. Select the best route from these routing tables.
Using the IP address of source of packets as the destination address, the router searches the unicast routing table and selects the best unicast route. The outgoing interface of the corresponding entry is the RPF interface. The next hop is the RPF neighbor. The router considers the path of multicast packets received by a RPF interface to be the shortest path from S to the local router. Using the IP address of source of packets as the destination address, the router searches the MBGP routing table and selects the best MBGP route. The outgoing interface of the corresponding entry is the RPF interface. The next hop is the RPF neighbor.
8-3
Using the IP address of source of packets as the destination address, the router searches the static multicast routing table and selects the best static route. The corresponding entry specifies the RPF interface and RPF neighbor. The router then selects a route from the three routes as the RPF route.
2.
The RPF route is chosen from the three optional routes according to the following methods:

If the longest match policy is configured for route selection, a route with the longest matched mask is preferred from these three routes. If the length of the masks is the same, the route with the highest priority is selected. In case of the same priority, a route is selected in the sequence of multicast static route, MBGP, and unicast route. If the longest match policy is not configured, the route with the highest priority is preferred. In case of the same priority, the route is selected in the sequence of the multicast static route, MBGP, and unicast route.
3.
Source of packets refers to the various aspects of the multicast protocol depending on the mode of multicast packet transmission:
If the current packet is sent along the shortest path tree (SPT) from the multicast source to a client or along a source tree from the multicast source to the rendezvous point (RP), the router performs the RPF check with the multicast source as the source of packets. If the current packet is sent along the RPT from the RP to a client, the router performs the RPF check, using the RP as the source of packets. If the current packet is the BSR packet and is sent along the path from the BootStrap router (BSR) to each router, the router performs the RPF check, using the BSR as the source of packets.
Typical example
As shown in Figure 8-1, the unicast route is reachable in the network. MBGP is not configured. Static multicast route is not configured on Router C. Multicast packets are sent along the SPT from Source to Receiver. A record exists that identifies the incoming interface as POS 2/0/0 in the (S, G) entry on Router C.
8-4
Figure 8-1 Diagram of RPF check process

RouterB
POS2/0/0
Receiver
RouterA Source
192.168.0.1/24
POS1/0/0
ISP
POS1/0/0 POS2/0/0
Receiver RouterC
multicast packets
IP routing table on RouterC Destination/mask 192.168.0.0/24 Interface POS2/0/0
When multicast packets arrive at Router C from POS1/0/0, the router finds that POS1/0/0 is not consistent with the incoming interface. Therefore, the router performs the RPF check. The router identifies POS2/0/0 as the outgoing interface with the shortest path to Source by searching the unicast routing table and the IP routing table (shown in Figure 8-1). The router also checks for consistency with the incoming interface. The router judges that the current (S, G) is correct and the packet is sent along the incorrect path. The router then drops the packet.
Advantages of RPF
RPF provides the following advantages: satisfies customer requirements responds to network changes promptly ensures that the path of the multicast packets is the best path with a source
8.1.3 Multicast policy

Static multicast route
The static multicast route is a key basis of the RPF check. By configuring static multicast routes, users can specify an RPF interface and an RPF neighbor for source on the current router. A static multicast route cannot forward data and affects only the RPF check. The route is effective only on multicast routers, and cannot be advertised or imported to other routers.
8-5
Figure 8-2 Diagram of static multicast route

RouterB Receiver
RouterA Source
192.168.0.1/24 POS2/0/0
POS1/0/0 10.10.1.1/24
ISP
POS1/0/0 10.10.1.24 POS2/0/0 multicast packets multicast static route
RouterC
Receiver
Multicast routing table static on RouterC Source/mask 192.168.0.0/24 Interface POS1/0/0 RPF neighbor/mask 10.10.1.1/24
As shown in Figure 8-2, when no static multicast route is configured in the network, the RPF neighbor from Router C to Source is Router A. The path of the multicast packet that is sent by Source along the path of Router A to Router C is consistent with the unicast path. Configure static multicast routes on Router C. The RPF neighbor from Router C to Source is specified as Router B. The path of the multicast packet sent by Source changes, and is sent along the path of Router A to Router B to Router C.
GRE tunnel
There may be routers that do not support multicast in the network. The multicast data is forwarded hop-by-hop along routers. If the router of the next hop does not support multicast, the multicast path is cut off. To make routers exchange multicast packets across the unicast network segment, you need to configure a Generic Routing Encapsulation (GRE) tunnel between routers at both ends of the unicast network segment.
8-6
Figure 8-3 Diagram of forwarding multicast packets over a tunnel
Multicast Router
Unicast Router
Unicast Router
Multicast Router
Source
RouterA
Tunnel
Unicast Router
RouterB
Receiver
Unicast Router
As shown in Figure 8-3, a GRE tunnel is configured between Router A and Router B. Router A encapsulates the multicast data in the unicast IP packet. The unicast router then forwards the packet to Router B. Router B restores the packet to the multicast data and forwards it. If the static unicast route is configured on both ends of the tunnel, any unicast packet can forward through the tunnel. You can configure the static multicast route on both ends of the tunnel.
8.2 Configuring static multicast routes

A static multicast route provides the following functions: Changing the RPF route If the topology of multicast is the same as that of unicast, the transmission path of multicast data is the same as that of unicast data. You can change the RPF route by configuring a static multicast route. Thus a transmission path of the multicast data, which is different from the transmission path of unicast data, is established. Connecting the RPF route In the network segment where the unicast route is cut off, if no configured static multicast route exists, routers cannot forward packets. To forward packets, you can configure a static multicast route on both ends of the network segment. An RPF route is thus connected.
Before you configure a static multicast route, complete the following tasks: Configure a unicast routing protocol. Configure the basic multicast function.
8-7
Data preparation
To configure a static multicast route, you need the following data. No. 1 2 3 Data Multicast source address, mask, or mask length Unicast routing protocol Filtering policy and precedence
No. 1 2 Procedure Configuring a static multicast route Checking the configuration
8.2.2 Configuring a static multicast route
When you configure static multicast routing, configure the outgoing interface through the command if the next hop is in the point-to-point format. If the next hop is not in the point-to-point format, you must use the next hop. Do as follows on the multicast router: Step 1 Run:
system-view

ip rpf-route-static [ vpn-instance vpn-instance-name ] source-address { mask | mask-length } [ protocol [ process-id ] ] [ route-policy policy-name ] { interface-type interface-number } [ preference preference ] [ order order-num ]
This command configures static multicast routing. The following list explains the parameters of the command: source-address { mask | mask-length }: indicates the multicast source address and mask. protocol [ process-id ]: indicates that the matched route must be present in the specified unicast routing protocol. The protocol indicates the unicast routing protocol. The process-id indicates the process number.
8-8
route-policy policy-name: indicates the matching rule of the static multicast route. interface-type interface-number: indicates the type and the number of the outgoing interface. The outgoing interface acts as the RPF interface. preference preference: indicates the preference of routes. The greater the preference value is, the lower the preference. order order-num: indicates the configuration order of routes on the same network segment. ----End

Use the commands in the following table to check the previous configuration. Action Check the static multicast routing table. Check the RPF routing information of the specified multicast source. Command display multicast routing-table [ vpn-instance vpn-instance-name ] static [ config ] [ source-address { mask | mask-length } ] display multicast [ vpn-instance vpn-instance-name | all-instance ] rpf-info source-address [ group-address ]
8.3 Configuring a multicast routing policy

To work out a detailed network planning according to the services, an Internet Service Provider (ISP) must perform the following configuration policies: Multicast route matching policy and load balancing policy For many best unicast routes in the same network segment, the NORTEL SECURE ROUTER 8000 SERIES provides the service of load balancing among routers. Defining multicast forwarding scope The multicast information that corresponds to each multicast group must be transmitted within a specific scope. You can specify the forwarding scope with the following methods:
Specifying the interfaces which serve as the multicast forwarding boundary to outline the forwarding scope. After the forwarding boundary is configured on the interface for a multicast group, the router cannot send or receive any packet from the group. Specifying the minimum time-to-live (TTL) value of the multicast packet to control the distance of forwarding multicast packets. The interface forwards only packets (including packets created on the local router) with TTL not smaller than the minimum TTL. If the TTL of a packet is smaller than the minimum TTL, the packet is discarded.
8-9
Limiting the number of entries in the multicast routing table Each router maintains a routing entry for each received multicast packet. However, too many entries can exhaust the memory of the router. In this case, you can define the maximum number of multicast routing entries. Limiting the number of the entries can avoid faults in the router.
Before you configure a multicast routing policy, complete the following tasks: Configure a unicast routing protocol. Configure basic multicast functions.
Data preparation
To configure multicast routing and forwarding, you need the following data. No. 1 2 Data Multicast source address, group address, mask, or mask length Matching policy, sequence, and precedence
No. 1 2 3 Procedure Configuring longest match of multicast route Configuring load balancing of multicast rout Checking the configuration
8.3.2 Configuring longest match of multicast route
Configurations related to a VPN instance apply only to the provider edge (PE) router. If you configure multicast route longest match for a VPN instance on a PE, perform the configuration in the VPN instance. In other cases, the multicast route longest match is configured in the public network instance. Do as follows on the multicast router:
8-10
By default, routes are selected in the order of routing entries.
Public network instance

Step 1 Run:
system-view

multicast longest-match
Routes are selected according to the longest match. ----End
VPN instance
Step 1 Run:
system-view


multicast longest-match
Routes are selected according to the longest match. Step 4 Run:

quit
8.3.3 Configuring load balancing of multicast route
Configurations related to a VPN instance apply only to a PE router. When you configure the longest match of multicast routes for a VPN instance on a PE, perform the configuration in the VPN instance. In other cases, the multicast route longest match is configured in the public network instance.
8-11

Step 1 Run:
system-view

multicast load-splitting { source |
group
| source-group }
This command performs load balancing among various routes according to multicast source or group. ----End
VPN instance
Step 1 Run:
system-view


multicast load-splitting { source |
group
| source-group }
This command performs load balancing among various routes according to multicast source or group. The following list explains the parameters of the command: group: indicates the load balancing is performed based on multicast group source: indicates the load balancing is performed based on multicast source source-group: indicates the load balancing is performed based on multicast group and multicast source Step 4 Run:
quit

Use the command in the following table to check the previous configuration.
8-12
Action Check the multicast routing table.
Command display multicast [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface { interface-type interface-number | register } | outgoing-interface { { include | exclude | match } { interface-type interface-number | register } } ] *
8.4 Configuring multicast forwarding scope

8.4.1 Establish the configuration task
The forwarding of multicast information in the network is not illimitable. Multicast information that corresponds to each multicast group is forwarded in certain scope. You can define the multicast forwarding scope through the following methods: Configure a multicast forwarding boundary to form a close multicast forwarding area. The interface configured with a forwarding boundary of a multicast group cannot send or receive packets of the multicast group. Configure the TTL threshold of multicast forwarding on an interface to limit the forwarding distance of multicast packets. The interface forwards only the packet whose TTL value is not smaller than the threshold. If the TTL value of a packet is smaller than the threshold, the packet is discarded.
To configure multicast forwarding scope, complete the following tasks: Configure a unicast routing protocol. Configure basic multicast functions.
Data preparation
To configure multicast forwarding scope, you need the following data. No. 1 2 Data Multicast source address, multicast group address, mask, or mask length Matching policy, route order, and route preference of the multicast routes
8-13
No. 1 2 3 Procedure Configuring multicast forwarding boundary Configuring TTL threshold of multicast forwarding Checking the configuration
8.4.2 Configuring multicast forwarding boundary

Do as follows on the multicast router:
By default, multicast forwarding boundary is not configured on the interface
Step 1 Run:
system-view


multicast boundary group-address { mask | mask-length }
This command configures the multicast forwarding boundary. Step 4 Run:

quit
8.4.3 Configuring TTL threshold of multicast forwarding

Do as follows on the multicast router:
By default, the forwarding TTL threshold is 1.
Step 1 Run:
system-view

8-14

multicast minimum-ttl ttl-value
This command configures the multicast forwarding TTL threshold. Step 4 Run:
quit

Use the commands in the following table to check the previous configuration. Action Check the multicast routing table. Command display multicast [ vpn-instance vpn-instance-name | all-instance ] routing-table [ group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface { interface-type interface-number | register } | outgoing-interface { { include | exclude | match } { interface-type interface-number | register } } ] * display multicast [ vpn-instance vpn-instance-name | all-instance ] boundary [ group-address [ mask | mask-length ] ] [ interface interface-type interface-number ] display multicast [ vpn-instance vpn-instance-name | all-instance ] minimum-ttl [ interface-type interface-number ]
Check the information about the multicast boundary of the interface. Check the forwarding TTL threshold on the interface.
8.5 Setting limitation parameters of multicast forwarding table

To work out a detailed network planning according to the services, an ISP must perform the following configuration policies: Limit the number of entries in the multicast forwarding table Each router maintains a routing entry for every received multicast packet. However, too many entries can exhaust the memory of the router. In this case, you can define the
8-15
maximum number of multicast routing entries. Limiting the number of the entries can avoid faults in the router. Routers copy a multicast packet for each downstream node, and the downstream node sends the copy out. Each downstream node forms a branch of the multicast distribution tree. The number of the downstream nodes determines the maximum scale of the multicast distribution tree and the multicast service scope. You can define the number of the downstream nodes in a single forwarding entry. Properly limit the number of downstream nodes according to actual networking and the service feature can reduce the pressure of routers and control the multicast service scope.
Before you configure limitation parameters of multicast forwarding table, complete the following tasks: Configure a unicast routing protocol. Configure basic multicast functions.
Data preparation
To configure limitation parameters of multicast forwarding table, you need the following data. No. 1 2 3 4 Data Multicast source address, group address, mask, or mask length Matching policy, router sequence, and route preference of the multicast routes Maximum number of entries in the multicast forwarding table Maximum number of downstream nodes of each entry in the multicast forwarding table
No. 1 2 3 Procedure Setting the maximum number of entries in multicast forwarding table Setting the maximum number of downstream nodes of multicast forwarding entry Checking the configuration
8-16
8.5.2 Setting the maximum number of entries in multicast forwarding table
Configurations related to a VPN instance apply only to a PE router. When you configure the longest match of multicast routes for a VPN instance on a PE, perform the configuration in the VPN instance. In other cases, the multicast route longest match is configured in the public network instance. Do as follows on the multicast router:
By default, the maximum number allowed by the system is used.

Step 1 Run:
system-view

multicast forwarding-table downstream-limit limit
This command configures the maximum number of entries in the multicast forwarding table. The maximum number is valid when it is smaller than the default value. ----End
VPN instance
Step 1 Run:
system-view


multicast forwarding-table route-limit limit
This command configures the maximum number of entries in the multicast forwarding table. The maximum number is valid when it is smaller than the default value.
8-17
Step 4 Run:
quit
This command quits the VPN view. ----End
8.5.3 Setting the maximum number of downstream nodes of multicast forwarding entry
Configurations related to a VPN instance apply only to a PE router. When you configure the longest match of multicast routes for a VPN instance on a PE, perform the configuration in the VPN instance. In other cases, the multicast route longest match is configured in the public network instance. Do as follows on the multicast router:
By default, the maximum number allowed by the system is used.

Step 1 Run:
system-view

multicast forwarding-table route-limit limit
This command configures the maximum number of downstream nodes of a single route in the multicast forwarding table. The maximum number is valid when it is smaller than the default value. ----End
VPN instance
Step 1 Run:
system-view

8-18

multicast forwarding-table downstream-limit limit
This command configures the maximum number of downstream nodes of a single route in the multicast forwarding table. Step 4 Run:
quit

Use the command in the following table to check the previous configuration. Action Check the multicast forwarding table. Command display multicast [ vpn-instance vpn-instance-name | all-instance ] forwarding-table [ group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface { interface-type interface-number | register } | outgoing-interface { { include | exclude | match } { interface-type interface-number | register | none } } | statistics] *
8.6 Maintaining multicast policy

This section covers the following topics: Clearing multicast routing and forwarding entries Debugging multicast routing and forwarding
8-19
8.6.1 Clearing multicast routing and forwarding entries
The reset command clears the entries in the multicast forwarding table or the multicast routing table. The action can result in abnormal multicast information forwarding. After you clear the routing entries in the multicast routing table, the corresponding forwarding entries corresponding to the public network instance or VPN instance are also cleared. Confirm the action before you use the command. To clear the entries in multicast forwarding table and routing table, run the following reset commands in the user view. Action Clear forwarding entries in the multicast forwarding table. Command reset multicast [ vpn-instance vpn-instance-name | all-instance ] forwarding-table all reset multicast [ vpn-instance vpn-instance-name | all-instance ] forwarding-table { group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface { interface-type interface-number | register } } * Clear the routing and forwarding entries in the multicast routing table. reset multicast [ vpn-instance vpn-instance-name | all-instance ] routing-table all reset multicast [ vpn-instance vpn-instance-name | all-instance ] routing-table { group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface { interface-type interface-number | register } } *
8.6.2 Debugging multicast routing and forwarding
Debugging affects system performance. After you debug the system, execute the undo debugging all command to disable it immediately. After a multicast running fault occurs, run the following debugging commands in the user view to debug multicast routes and locate the fault. For information about the output of the debugging command, see Nortel Secure Router 8000 Series Command Reference.
8-20
Action Debug multicast forwarding.
Command debugging mfib [ vpn-instance vpn-instance-name | all-instance ] all debugging mfib [ vpn-instance vpn-instance-name | all-instance ] { no-cache | packet | register | route | sync | upcall | wrong-iif } [ acl-number ]
Debug multicast routing management.
debugging mrm [ vpn-instance vpn-instance-name | all-instance ] { all | event | packet [ acl-number ] | route [ acl-number ] }

This section provides the following configuration examples: Example of changing RPF routes through static multicast routes Example of connecting RPF routes through static multicast routes Example of implementing multicast through static multicast route tunnel
8.7.1 Example of changing RPF routes through static multicast routes

As shown in Figure 8-4, the network runs PIM-Dense Mode (DM), all routers in the network support multicast, and Receiver can receive the information from the multicast source Source. Open Shortest Path First (OSPF) runs between Router A, Router B, and Router C. You must use static multicast routes. The multicast path from Source to Receiver must be different from the unicast.
8-21
Figure 8-4 Networking diagram of enabling static multicast route to change RPF route
RouterC
POS3/0/0 12.1.1.2/24 POS2/0/0 13.1.1.2/24
POS3/0/0 12.1.1.1/24
PIM-DM
POS2/0/0 13.1.1.1/24
RouterA
GbE2/0/0 8.1.1.1/24 POS1/0/0 9.1.1.1/24 POS1/0/0 9.1.1.2/24
RouterB
GbE3/0/0 7.1.1.1/24
8.1.1.2/24
7.1.1.2/24
source
receiver
multicast static route
The steps in the configuration roadmap are Configure the IP address and OSPF unicast routing protocols at interfaces on all routers. Enable multicast, PIM-DM at all interfaces, and the Internet Group Management Protocol (IGMP) on the interface that connects to user hosts. Configure static multicast RPF routes on Router B, and specify Router C as the RPF neighbor. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: IP address of Source The outgoing interface through which Router B connects to Router C is POS2/0/0.
This configuration example includes only the commands related to configuring static multicast route.
Step 1 Configure IP addresses and a unicast routing protocol on each router. # As shown in Figure 8-4, configure IP addresses and masks on the interfaces of each router. OSPF runs between Router A, Router B, and Router C, and the three routers update routes
8-22
among them through a unicast routing protocol. The configuration procedure is not mentioned here. Step 2 Enable the multicast and PIM-DM on each interface # Enable multicast on all routes, enable PIM-DM at all interface, and enable IGMP on the interface that connects to the host. Configurations on other routers are similar to that of Router B and are not mentioned here:
[RouterB] multicast routing-enable [RouterB] interface pos 1/0/0 [RouterB-Pos1/0/0] pim dm [RouterB-Pos1/0/0] quit [RouterB] interface pos 2/0/0 [RouterB-Pos2/0/0] pim dm [RouterB-Pos2/0/0] quit [RouterB] interface pos 3/0/0 [RouterB-Pos3/0/0] igmp enable [RouterB-Pos3/0/0] pim dm [RouterB-Pos3/0/0] quit
# Run the display multicast rpf-info command on Router B to view the RPF information of Source. The RPF routes are from unicast, and the RPF neighbor is Router A. The display is as follows:
[RouterB] display multicast rpf-info 8.1.1.2 RPF information about source 8.1.1.2: RPF interface: Pos1/0/0, RPF neighbor: 9.1.1.1 Referenced route/mask: 8.1.1.0/24 Referenced route type: unicast Route selection rule: preference-preferred Load splitting rule: disable
Step 3 Configure a static multicast route. # Configure a static multicast RPF route on Router B and configure Router C as the RPF neighbor to Source:
[RouterB] ip rpf-route-static 8.1.1.0 255.255.255.0 13.1.1.2
Step 4 Verify the configuration # Run the display multicast rpf-info command on Router B to view the RPF information of Source 2. The RPF routes and the RPF neighbor are updated according to the static multicast route. The display of RPF is as follows:
<RouterB> display multicast rpf-info 8.1.1.2 RPF information about source 8.1.1.2: RPF interface: Pos2/0/0, RPF neighbor: 13.1.1.2 Referenced route/mask: 8.1.1.0/24 Referenced route type: mstatic Route selection rule: preference-preferred Load splitting rule: disable
----End
Configuration files
8-23

# sysname RouterB # multicast routing-enable # interface pos1/0/0 link-protocol ppp ip address 9.1.1.2 255.255.255.0 pim dm # interface pos2/0/0 link-protocol ppp ip address 13.1.1.1 255.255.255.0 pim dm # interface pos3/0/0 link-protocol ppp ip address 7.1.1.1 255.255.255.0 igmp enable pim dm # ospf 1 area 0.0.0.0 network 7.1.1.0 0.0.0.255 network 9.1.1.0 0.0.0.255 network 13.1.1.0 0.0.0.255 # ip rpf-route-static 8.1.1.0 255.255.255.0 13.1.1.2 # Return
8.7.2 Example of connecting RPF routes through static multicast routes

As shown in Figure 8-4, the network runs PIM-DM, all routers in the network support multicast, and Receiver can receive the information from the multicast source Source 1. OSPF runs between Router B, and Router C. You must use static multicast routes. The Receiver can receive the information about Source 2 outside the OSPF area.
8-24
Figure 8-5 Networking diagram of connecting RPF routes through static multicast routes
PIM-DM OSPF Source1

10.1.3.2/24 GbE2/0/0 10.1.3.1/24
GbE3/0/0 10.1.4.1/24
GbE3/0/0 RouterA 10.1.4.2/24 GbE1/0/0 10.1.5.1/24
RouterB
GbE1/0/0 10.1.2.2/24 GbE1/0/0 10.1.2.1/24
RouterC
GbE2/0/0 10.1.1.1/24
Source2
10.1.5.2/24
Receiver
multicast static route
The steps in the configuration roadmap are Configure the IP address and OSPF unicast routing protocols at interfaces on all routers. Enable multicast, PIM-DM at all interfaces, and IGMP on the interface that connects to user hosts. Configure static multicast RPF routes on Router B and Router C. Verify the configuration.
Data preparation
To complete the configuration, you need the following data: IP address of Source 2. RPF interface through which Router B connects to Source 2 is GbE3/0/0, and the RPF neighbor is Router A. RPF interface through which Router C connects to Source 2 is GbE1/0/0, and the RPF neighbor is Router B.
8-25
This configuration example includes only the commands related to configuring static multicast route.
Step 1 Configure IP addresses and a unicast routing protocol on each router. # As shown in Figure 8-5, configure IP addresses and masks of the interfaces of each router. Router B and Router C belong to the same OSPF area, and the two routers update routes among them through a unicast routing protocol. The configuration procedure is not mentioned here. Step 2 Enable the multicast and PIM-DM on each interface # Enable multicast on all routes, enable PIM-DM at all interface, and enable IGMP on the interface that connects to the host. Configuration on Router A is similar to that of Router B and is not mentioned here:
[RouterA] multicast routing-enable [RouterA] interface gigabitethernet 1/0/0 [RouterA-GigabitEthernet1/0/0] pim dm [RouterA-GigabitEthernet1/0/0] quit [RouterA] interface gigabitethernet 3/0/0 [RouterA-GigabitEthernet3/0/0] pim dm [RouterB] multicast routing-enable [RouterB] interface gigabitethernet 1/0/0 [RouterB-GigabitEthernet1/0/0] pim dm [RouterB-GigabitEthernet1/0/0] quit [RouterB] interface gigabitethernet 2/0/0 [RouterB-GigabitEthernet2/0/0] pim dm [RouterB-GigabitEthernet2/0/0] quit [RouterB] interface gigabitethernet 3/0/0 [RouterB-GigabitEthernet3/0/0] pim dm [RouterB-GigabitEthernet3/0/0] quit [RouterC] multicast routing-enable [RouterC] interface gigabitethernet 1/0/0 [RouterC-GigabitEthernet1/0/0] pim dm [RouterC-GigabitEthernet1/0/0] quit [RouterC] interface gigabitethernet 2/0/0 [RouterC-GigabitEthernet2/0/0] pim dm [RouterC-GigabitEthernet2/0/0] igmp enable [RouterC-GigabitEthernet2/0/0] quit
# Source 1 (10.1.3.2/24) and Source 2 (10.1.5.2/24) send multicast data to the multicast group G (225.1.1.1). Receiver joins G. Receiver can receive the multicast data sent by Source 1, but cannot receive the multicast data sent by Source 2. # Run the display multicast rpf-info 10.1.5.2 command on Router B and Router C. If no display appears, Router B and Router C have no RPF route to Source 2. Step 3 Configure static multicast route # Configure static multicast RPF route on Router B and configure Router A as the RPF neighbor to Source 2:
8-26
# Configure RPF static multicast route on Router C, and configure Router B as the RPF neighbor to Source 2:
[RouterC] ip rpf-route-static 10.1.5.0 255.255.255.0 10.1.2.2
Step 4 Verify the configuration # Run the display multicast rpf-info 10.1.5.2 command on Router B and Router C to view the RPF information of Source 2. The display of RPF is as follows:
<RouterB> display multicast rpf-info 10.1.5.2 RPF information about: 10.1.5.2 RPF interface: GigabitEthernet3/0/0, RPF neighbor: 10.1.4.2 Referenced route/mask: 10.1.5.0/24 Referenced route type: mstatic Route selecting rule: preference-preferred Load splitting rule: disable <RouterC> display multicast rpf-info 10.1.5.2 RPF information about source 10.1.5.2: RPF interface: GigabitEthernet1/0/0, RPF neighbor: 10.1.2.2 Referenced route/mask: 10.1.5.0/24 Referenced route type: mstatic Route selection rule: preference-preferred Load splitting rule: disable
# Run the display pim routing-table command to view the routing table. Router C has the multicast entry of Source 2. Receiver can receive the multicast data from Source 2.
<RouterC> display pim routing-table Vpn-instance: public net Total 1 (*, G) entry; 2 (S, G) entry (*, 225.1.1.1) Protocol: pim-dm, Flag: WC UpTime: 03:54:19 Upstream interface: NULL Upstream neighbor: NULL, RPF prime neighbor: NULL Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: pim-dm, UpTime: 01:38:19, Expires: never (10.1.3.2, 225.1.1.1) Protocol: pim-dm, Flag: ACT UpTime: 00:00:44 Upstream interface: GigabitEthernet1/0/0 Upstream neighbor: 10.1.2.2, RPF prime neighbor: 10.1.2.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: pim-dm, UpTime: 00:00:44, Expires: never (10.1.5.2, 225.1.1.1) Protocol: pim-dm, Flag: ACT UpTime: 00:00:44
8-27

Upstream interface: GigabitEthernet1/0/0
Upstream neighbor: 10.1.2.2, RPF prime neighbor: 10.1.2.2 Downstream interface(s) information: Total number of downstreams: 1 1: GigabitEthernet2/0/0 Protocol: pim-dm, UpTime: 00:00:44, Expires: never
----End
Configuration files
# sysname RouterA # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.1.5.1 255.255.255.0 pim dm # interface GigabitEthernet3/0/0 ip address 10.1.4.2 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 10.1.5.0 0.0.0.255 network 10.1.4.0 0.0.0.255 # return

# sysname RouterB # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.1.2.2 255.255.255.0 pim dm # interface GigabitEthernet2/0/0 ip address 10.1.3.1 255.255.255.0 pim dm # interface GigabitEthernet3/0/0 ip address 10.1.4.1 255.255.255.0 pim dm # ospf 1 area 0.0.0.0 network 10.1.2.0 0.0.0.255 network 10.1.3.0 0.0.0.255 # ip rpf-route-static 10.1.5.0 24 10.1.4.2
8-28

# return

# sysname RouterC # multicast routing-enable # interface GigabitEthernet1/0/0 ip address 10.1.2.1 255.255.255.0 pim dm # interface GigabitEthernet2/0/0 ip address 10.1.1.1 255.255.255.0 igmp enable pim dm # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 10.1.2.0 0.0.0.255 # ip rpf-route-static 10.1.5.0 24 10.1.2.2 # return
8.7.3 Example of implementing multicast through static multicast route tunnel

As shown in Figure 8-6, the network runs PIM-DM; Router A and Router B support multicast while Router C does not support multicast; Receiver can receive the information from the multicast source Source. The OSPF protocol runs between Router A, Router B, and Router C. You must use static multicast routes and Receiver can receive the information from the multicast source Source.
8-29
Figure 8-6 Networking diagram of implementing multicast through static multicast route tunnel
9.1.1.2/24
POS4/0/0 9.1.1.1/24
Multicast Router
Source
RouterA
POS1/0/0 10.1.1.1/24 POS1/0/0 10.1.1.2/24
Unicast Router
POS3/0/0 14.1.1.1/24
Multicast Router
POS2/0/0 8.1.1.1/24
8.1.1.2/24
RouterC
POS3/0/0 14.1.1.2/24
RouterB
Receiver
The steps in the configuration roadmap are 1. 2. 3. 4. 5. Configure the IP address at interfaces on each router. Set up the GRE tunnel between Router A and Router B. Configure OSPF to enable Router A, Router B, and Router C to communicate with each other. Enable multicast on Router A and Router B; enable PIM-DM at all interfaces; enable IGMP on the interface that connects to the host. Configure static multicast RPF routes on Router B and specify Router A as the RPF neighbor.
Data preparation
To complete the configuration, you need the following data: IP address of Source IP addresses of the interfaces on each router
Step 1 Configure IP addresses of the interfaces of each router. # Configure IP addresses and masks of the interfaces on each router as shown in Figure 8-6. The configuration procedure is not mentioned here. Step 2 Set up the GRE tunnel between Router A and Router B. # The configuration of Router A is as follows:
[RouterA] interface tunnel 0/0/1 [RouterA-Tunnel0/0/1] ip address 20.1.1.1 24 [RouterA-Tunnel0/0/1] source 10.1.1.1 [RouterA-Tunnel0/0/1] destination 14.1.1.2
8-30

[RouterA-Tunnel0/0/1] tunnel-protocol gre [RouterA-Tunnel0/0/1] quit
# The configuration of Router B is as follows:

[RouterB] interface Tunnel0/0/1 [RouterB-Tunnel0/0/1] ip address 20.1.1.2 24 [RouterB-Tunnel0/0/1] source 14.1.1.2 [RouterB-Tunnel0/0/1] destination 10.1.1.1 [RouterB-Tunnel0/0/1] tunnel-protocol gre [RouterB-Tunnel0/0/1] quit
Step 3 Configure OSPF on Router A, Router B, and Router C so that the three routers update routes among them through the unicast routing protocol. # The configuration of Router A is as follows:
[RouterA] ospf 1 [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 20.1.1.1 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] quit [RouterA-ospf-1] quit

[RouterB] ospf 1 [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 14.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 8.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 20.1.1.2 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit
# The configuration of Router C is as follows:

[RouterC] ospf 1 [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 14.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit
Step 4 Enable multicast on Router A and Router B. Enable PIM-DM on each interface. # Enable multicast on Router A and Router B, enable PIM-DM on each interface, and enable IGMP on the interface that connects the host. # The configuration of Router A is as follows:
[RouterA] multicast routing-enable [RouterA] interface pos 4/0/0 [RouterA-Pos4/0/0] pim dm [RouterA-Pos4/0/0] quit [RouterA] interface pos 1/0/0 [RouterA-Pos1/0/0] pim dm [RouterA-Pos1/0/0] quit [RouterA] interface Tunnel0/0/1 [RouterA-Tunnel0/0/1] pim dm
8-31

[RouterA-Tunnel0/0/1] quit

[RouterB] multicast routing-enable [RouterB] interface pos 3/0/0 [RouterB-Pos3/0/0] pim dm [RouterB-Pos3/0/0] quit [RouterB] interface pos 2/0/0 [RouterB-Pos2/0/0] pim dm [RouterB-Pos2/0/0] igmp enable [RouterB-Pos2/0/0] quit [RouterB] interface Tunnel0/0/1 [RouterB-Tunnel0/0/1] pim dm [RouterB-Tunnel0/0/1] quit
Step 5 Configure a static multicast route. # Configure a static multicast RPF route on Router B and configure Router A as the RPF neighbor:
Step 6 Verify the configuration. # Source (9.1.1.2/24) sends multicast data to the multicast group G (225.1.1.1). Receiver joins G. Receiver can receive the multicast data sent by Source 1. Run the display pim routing-table command on Router B to view the information on the routing table:
[RouterB] display pim routing-table Vpn-instance: public net Total 0 (*, G) entry; 1 (S, G) entry (9.1.1.2, 225.1.1.1) Protocol: pim-dm, Flag: ACT UpTime: 00:13:29 Upstream interface: Tunnel0/0/1 Upstream neighbor: 20.1.1.1, RPF prime neighbor: 20.1.1.1 Downstream interface(s) information: Total number of downstreams: 1 1: Pos2/0/0 Protocol: pim-dm, UpTime: - , Expires: -
----End
Configuration files
# sysname RouterA # multicast routing-enable # interface Pos1/0/0 link-protocol ppp ip address 10.1.1.1 255.255.255.0 pim dm #
8-32

interface Pos4/0/0 link-protocol ppp ip address 9.1.1.1 255.255.255.0 pim dm #
interface Tunnel0/0/1 ip address 20.1.1.1 255.255.255.0 source 10.1.1.1 destination 14.1.1.2 pim dm
# ospf 1 area 0.0.0.0 network 9.1.1.0 0.0.0.255 network 10.1.1.0 0.0.0.255 network 20.1.1.1 0.0.0.255 # return

# sysname RouterB # multicast routing-enable # interface Pos2/0/0 link-protocol ppp ip address 8.1.1.1 255.255.255.0 pim dm # interface Pos3/0/0 link-protocol ppp ip address 14.1.1.2 255.255.255.0 pim dm # interface Tunnel0/0/1 ip address 20.1.1.2 255.255.255.0 source 14.1.1.2 destination 10.1.1.1 pim dm # ospf 1 area 0.0.0.0 network 8.1.1.0 0.0.0.255 network 14.1.1.0 0.0.0.255 network 20.1.1.1 0.0.0.255 # ip rpf-route-static 9.1.1.0 255.255.255.0 20.1.1.1 # return

# sysname RouterC #
8-33

interface Pos1/0/0 link-protocol ppp ip address 10.1.1.2 255.255.255.0 # interface Pos3/0/0 link-protocol ppp ip address 14.1.1.1 255.255.255.0 # ospf 1 area 0.0.0.0 network 10.1.1.0 0.0.0.255 network 14.1.1.0 0.0.0.255 # return
8.8 Troubleshooting of static multicast routes

Fault description
A router does not use dynamic routing protocols. The physical state of the router and the state of the link layer protocol are both up. The static route of the router, however, fails.
Fault analysis
The possible causes are: The static route is not configured or updated correctly so that it does not exist in the multicast routing table. An optimal route has been received. This cause can lead to static route failure.
Troubleshooting
Step 1 Check whether the static route exists in the multicast routing table. Run the display multicast routing-table static command to check the multicast static routing table to ensure the corresponding route is configured correctly and exists in multicast configuration table. Step 2 Check the interface type of the next hop of multicast static routes. If the interface is not point-to-point, you must configure the egress in the format of next-hop address. Step 3 Check whether a static multicast route matches the specified routing protocol. If the protocol is specified when the static multicast route is configured, you can run the display ip routing-table command to check whether the route is added for the specified protocol. Step 4 Check whether a static multicast route matches the specified routing policy. If the routing policy is specified when the static multicast route is configured, you can run the display route-policy command to check the configured routing policy. ----End
8-34
Contents
Contents
A Glossary .................................................................................................................................... A-1 B Acronyms and abbreviations .................................................................................................B-1
A Glossary
A
(S, G) (*, G) A ASM assert
Glossary
A multicast routing entry. S indicates a multicast source and G indicates a multicast group. After a multicast packet with S as the source address and G as the group address reaches the router, it forwards through the downstream interface of the (S, G) entry. The packet is expressed as (S, G) packet. A PIM routing entry.* indicates any source and G indicates a multicast group. (*, G) entry applies to all multicast packets with a group address of G. All multicast packets that are sent to G forward through the downstream interface of the (*, G) entry, regardless of which source sends the packets out.
Any-source multicast that is implemented through Protocol Independent Multicast-Dense Mode (PIM-DM) and PIM-Spare Mode (PIM-SM). A mechanism that applies to PIM-DM and PIM-SM. After a router receives a multicast packet from the downstream, a router performs a Reverse Path Forwarding (RPF) check on the packet. If the RPF check fails, other multicast forwarders exist in the network segment. The router sends an assert message through the downstream interface to join the assert election. If the router fails in the assert election, it removes the downstream interface from the downstream interface list. Assert ensures that a maximum of one multicast forwarder exists in a network segment and only one multicast packet is transmitted.
B BSR BootStrap Router, which is the management core of the PIM-SM network. The BSR collects advertisement information on candidate-rendezvous points (C-RP) to form an RP-Set, encapsulate the RP-Set in the a Bootstrap message, and then advertise it to each PIM-SM router. The router calculates the RP that corresponds to the specific multicast group according to the RP-set. BSR administrative scope BSR administrative domain that applies only to PIM-SM. Each BSR administrative domain has its router that serves the specific multicast group. The BSR and RP are valid only in the administrative domain.
A-1
A Glossary
D downstream interface The interface that forwards multicast data. The router or the receiver host that the sent multicast data reaches is the downstream router or downstream host. The network segment where the downstream interface resides is the downstream network segment. DR Designated router that applies only to PIM-SM. In the network segment that connects to S, the DR sends a register message to the RP. In the network segment that connects to members, the DR sends a join message to the RP.
F first-hop router flooding The PIM router that directly connects to the multicast source and forwards the multicast data sent by the multicast source. The flooding that applies only to PIM-DM. PIM-DM assumes that all members are densely distributed on the network and each network segment can have members. According to the assumption, the multicast source floods multicast data to each network segment and then prunes the network segment that does not have members. Through the periodical flooding-prune process, PIM-DM establishes and maintains a unidirectional shortest path tree (SPT) that connects the multicast source with members.
G graft The graft that applies only to PIM-DM. When a pruned downstream node needs to restore the forwarding function, it sends a graft message to the upstream node. The upstream node responds to the message. The previously pruned branch thus restores the forwarding of multicast information.
H hash function A function that is expressed as Value (G, M, C ( i ) ) = (1103515245 * ( (1103515245 * (G & M )+12345 ) XOR C ( i ) ) + 12345 ) mod 2^31 When using the RP, the PIM-SM uses the hash function. The RP chosen from C-RPs serves the specific multicast group.
I IGMP The Internet Group Management protocol that is a signaling mechanism of the host towards the router and is used in IP multicast on the leaf network. Hosts send an IGMP message to join or leave a multicast group. Routers periodically send an IGMP message to hosts to obtain the information about members.
A-2
A Glossary
J join The join that applies only to PIM-SM. When a member exists in a network segment, the DR of the network segment sends a join message to the RP hop-by-hop. A multicast route is generated. When the RP starts the SPT switchover, the RP sends a join message to the source hop-by-hop. A multicast route is generated.
L leaf router last-hop router The router that connects to user hosts. The PIM router that directly connects to a multicast group member and forwards multicast data to the member.
M MBGP The application of the Multiprotocol Border Gateway Protocol (MP-BGP) to multicast. MP-BGP is the multiprotocol extension of the Border Gateway Protocol (BGP). At present, the BGP4 protocol applies only in unicast. MP-BGP enables BGP4 to support multiple routing protocols including multicast. mesh group If multiple Multicast Source Discovery Protocol (MSDP) peers exist in the network, a source active (SA) message is flooded between peers. Configuring multiple MSDP peers to join a mesh group reduces the number of SA messages transmitted between these MSDP peers. After receiving an SA message, a member of the mesh group checks the source of the message first: If the SA message is from an MSDP peer outside the mesh group, the member performs the RPF check on the message. If the message passes the check, the member forwards it to other members in the mesh group. If the SA message is from a member of the mesh group, the member does not perform the RPF check and directly receives the message. At the same time, the member does not forward the message to other members in the mesh group. MD A multicast domain that is an implementation mechanism of a multicast virtual private network (VPN). Only the provider edge (PE) needs to support multi-instance. MD is transparent to the customer edge (CE) and the provider router (P). MD refers to the set of all VPN instances that can send and receive multicast packets on each PE. Different VPN instances belong to different MDs. An MD serves a specific VPN. All private multicast data transmitted in the VPN is transmitted in the MD.
A-3
A Glossary
MDT
Multicast Distribution Tree. In the PIM multicast domain, a point-to-multipoint multicast forwarding path is set up. The multicast forwarding path uses a group as the unit. As the shape of the multicast forwarding path resembles a tree, it is called a multicast distribution tree. The characteristic of the multicast distribution is each link has only one type of multicast data, regardless of the number of members in the network. The multicast data is copied and distributed at as far a branch as possible.
MSDP
The Multicast Source Discovery Protocol that applies only to PIM-SM and is useful for only ASM. The MSDP peers set up by RPs of different PIM-SM domains share the information on the multicast source by sending SA messages. The interdomain multicast is thus implemented. The MSDP peers set up by RPs of the same PIM-SM domain share the information on the multicast source by sending SA messages. The anycast RP is thus implemented.
MT
Multicast tunnel (MT) In an MD, all PEs connect to an MT. That is, all PEs connects to the shared network segment and use the MT to transmit private data. The transmission process of MT is the local PE encapsulates a VPN data packet into a public network data packet, and forwards it in the public network along the MDT. After receiving the packet, the remote PE decapsulates it and reverts it to the VPN data packet.
MTI
Multicast tunnel interface (MTI) is the outgoing interface or incoming interface of the MT. The MTI is equal to the outgoing interface or incoming interface of the MD. The local PE sends the VPN data from MTI. The remote PE receives the data from MTI. MTI is the channel of the public network instance and the VPN instance on a PE. A PE connects to an MT through the MTI, that is, PE connects to the shared network segment. On each PE, VPN instances that belong to the MD set up PIM neighbor relationship on the MTI.
P PIM The Protocol Independent Multicast (PIM) that is a multicast routing protocol. A reachable unicast route is the basis of PIM forwarding. According to the current unicast routing information, PIM performs the RPF check on multicast packets, creates a multicast routing entry, and establishes the multicast distribution tree. prune The prune message that applies to PIM-DM and PIM-SM. If there are no downstream multicast group members, a router sends a prune message to the upstream node to inform it not to forward any more data. After receiving the prune message, the upstream node removes the downstream interface from the downstream interface list.
A-4
A Glossary
register
The register message that applies only to PIM-SM. When the active multicast source exists in the network, the first-hop router encapsulates multicast data into a register message, and unicasts the packet to the RP to inform the RP about the existence of the multicast source.
RP
The rendezvous point that applies only to PIM-SM. RP is the forwarding core of the PIM-SM network. Members send join messages to the RP and set up an RP tree (RPT) with itself as root. Multicast source registers with the RP and creates (S, G) entry on the RP. The multicast source sends multicast packets to members through the RP.
RPF
Reverse Path Forwarding is the basis of the multicast routing. Routers perform the RPF check on the received packets to create and maintain multicast routing entries. As a result, the multicast data can forward along the correct path. After receiving a multicast packet, a router searches the unicast routing table, MBGP routing table, and static multicast routing table according to the packet source to select the RPF route. If the interface that the packet reaches is the same as the RPF interface, the RPF check on the packet succeeds. Otherwise, the RPF check fails.
RPF static route
An RPF static route, also called static multicast route, is not used to forward data. The route affects only the RPF check. By configurating the static multicast route, you can specify the RPF interface and the RPF neighbor for the specific packet source on the current router. The multicast distribution tree that uses the RP as the root and multicast group members as leaves. RPT applies only to PIM-SM.
RPT
S SA Source active is the message type of the MSDP message. SA message contains many groups of (S, G) information or a register message. MSDP peers share the multicast source by exchanging SA messages. SA-cache After receiving an SA message, an MSDP peer stores the (S, G) information carried in the SA message in the SA-cache. When a receiving requirement exists, the (S, G) message can be obtained from the SA-cache. If a router is not configured with the SA-cache, the router cannot store the (S, G) entry carried in SA message. If the router must receive the packets of (S, G), it must wait for the SA message sent by its MSDP Peer in the next period. SA-request When the local MSDP peer has new members, but has no (S, G) information that meet the requirements, it sends the SA request to the specified remote MSDP peer. After receiving the SA request message, the specified remote MSDP peer immediately responds to the SA request message if it has the (S, G) information that meets the requirements. Share-Group A VPN instance uniquely specifies the address of a Share-Group. The VPN data is transparent to the public network. The PE does not distinguish which multicast group a VPN packet belongs to or whether it is a protocol packet or a data packet. The PE uniformly encapsulates the packet into a general public network multicast packet with a Share-Group as its group. The PE then sends the packet to the public network.
A-5
A Glossary
Share-MDT
Share-Multicast Distribution Tree One Share-Group uniquely maps to an MD. The Share-Group uniquely sets up a Share-Multicast Distribution Tree (Share-MDT) to guide routers to forward packets. All VPN packets are forwarded along the Share-MDT; regardless of the PE from which they enter the public network.
SPT
The shortest path tree is a multicast distribution tree that uses the multicast source as the root and multicast group members as leaves. The SPT applies to PIM-DM, PIM-SM, and PIM-Source Specific Mode (SSM). The SPT switch applies only to the PIM-SM. When the rate of the register packet is high, the RP triggers the SPT switch, sends a join message to the multicast source, establishes the multicast path from the source to the RP, and informs the DR not to send a register message. When the packet rate of the RPT is high, the DR triggers the SPT switch, sends a join message to the multicast source, establishes the SPT from the source to the DR, and switch the multicast data to the SPT.
SPT switch
SSM static-rpf-peer
The Source-Specific Multicast is the technology that is implemented by PIM-SM. The static RPF peer is the special application of the MSDP peer. You can run the command to specify a static RFP peer for the MSDP peer. The SA message sent by the static RFP peer can be free of the RFP check.
Switch-group-pool
One Share-Group uniquely identifies a Switch-group-pool. The Switch-group-pool defines an address scope of a multicast group for the Switch-MDT switch. When the Switch-MDT is performed, an idle address is chosen from the Switch-group-pool. All VPN multicast packets that enter the public network from a PE are encapsulated with this Switch-group address. Switch-Multicast Distribution Tree All PEs in the network monitor the forwarding rate of the Share-MDT. When the forwarding rate of the data that is sent to the public network through a PE exceeds the threshold, the PE sends the switch notification to downstream receivers along the Share-MDT. The switch notification carries the address of the Switch-group. A Switch-MDT with the PE as source and Switch-group as group address is set up between the PE and the remote PE. Compared with Share-MDT, Switch-MDT prunes the remote PE without a receiving requirement. This process implements the multicast forwarding according to requirements. All VPN multicast data that enters the public network through the PE is not encapsulated with the Share-Group address, but is encapsulated into a Switch-group packet of the public network and is forwarded along the Switch-MDT.
Switch-MDT
U upstream interface The interface through which the local router receives multicast data. The router or the multicast source that forwards multicast data to the local router is the upstream router or upstream multicast source. The network segment where the upstream interface resides is the upstream network segment.
A-6
B Acronyms and abbreviations
B
A ASM B BGP BSR BootStrap Router C C-BSR C-RP Candidate-BSR Candidate-RP
Acronyms and abbreviations
Any-source multicast
Border Gateway Protocol
D DR Designated router
I IGMP ISP Internet Group Management Protocol Internet Service Provider
L LSP Label Switched Path
M MBGP Multicast BGP
B-1
B Acronyms and abbreviations
MP-BGP MPLS MSDP MD MT MTI MTD
Multiprotocol Border Gateway Protocol Multiprotocol Label Switching Multicast Source Discovery Protocol Multicast domains Multicast tunnel Multicast tunnel interface Multicast distribution tree
O OSPF Open Shortest Path First
P PIM PIM-DM PIM-SM Protocol Independent Multicast Protocol Independent Multicast Dense Mode Protocol Independent Multicast Sparse Mode
R PR RPF RPT Rendezvous point Reverse Path Forwarding RP tree
S SA SSM SPT Source active Source-Specific Multicast Shortest path tree
V VPN Virtual Private Network
B-2
Contents
Index ................................................................................................................................................ i-1
Index
Index
C
configuring PIM-SM C-BSR position, 4-18 configuring PIM-SSM group address scope, 4-21 MBGP overview, 6-2 MD scheme multi-AS multicast VPN, 7-12 neighbor relationship, 7-6 share-MT establishment, 7-6 MSDP overview, 5-3 peer, 5-3 MSDP examples, 5-43 MSDP maintenance debugging, 5-43 multicast VPN-instance, 1-11 multicast application, 1-5 IP address, 1-7 MAC address, 1-9 multi-instance, 1-11 packet forwarding mechanism, 1-11 protocol, 1-10 transmission mode, 1-4 multicast model any-source multicast, 1-5 source-specific multicast, 1-6 Multicast policy maintenance debugging, 8-20 Multicast policy troubleshooting, 8-34 multicast static routing overview, 8-5 multicast VPN example, 7-21 multicast VPN maintenance debugging, 7-21 multicast VPN overview, 7-2
E
enabling PIM-DM, 3-7
I
IGMP basic configuration, 2-7 multi-instance, 2-7 Querier, 2-2 query and response, 2-17 router-alert option, 2-13 version, 2-9 VPN-instance, 2-7 IGMP examples, 2-24 IGMP maintenance debugging, 2-24 IGMP overview, 2-2 IGMP timers, 2-16 IGMPv1 overview, 2-2 IGMPv2 group-specific query, 2-4 leave group, 2-4 maximum response time, 2-4 querier election, 2-4 IGMPv2 overview, 2-4 IGMPv3 group record type, 2-5 group-and-source-Specific query, 2-5 IGMPv3 overview, 2-4
O
OSPF maintenance resetting, 4-52, 5-42
M
MBGP basic configuration, 6-2 MBGP route, 6-22 MBGP examples, 6-30
P
PIM multi-instance, 3-5, 4-12 VPN-instance, 3-5, 4-12
i-1
Index
PIM example, 4-52 PIM maintenance debugging, 3-26, 4-51 PIM-DM assert, 3-4 graft, 3-4 neighbor discovery, 3-3 overview, 3-2 RPT. see also RP-rooted tree shortest path tree, 3-2 source tree, 3-2 SPT. see also shortest path tree PIM-DM example, 3-27 PIM-SM
bootstrap router, 4-5 BSR. see also bootstrap router BSR administrative domain, 4-9 candidate-BSR, 4-6 candidate-RP, 4-5, A-1 DR election, 4-5 RP discovery, 4-5 RP-rooted tree, 4-3 RPT-to-SPT switchover, 4-8 source registration, 4-7 PIM-SSM DR election, 4-11 neighbor discovery, 4-11 SPT establishment, 4-12
i.
i-2
Nortel Secure Router 8000 Series
Configuration Guide - IP Multicast

Copyright 2009 Nortel Networks All Rights Reserved. Printed in Canada, India, and the United States of America Release: 5.3 Publication: NN46240-509 Document Revision: 01.02 Document status: Standard Document release date: 14 August 2009 To provide feedback or to report a problem in this document, go to www.nortel.com/documentfeedback. www.nortel.com LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners.
ATTENTION For information about the safety precautions, read "Safety messages" in this guide. For information about the software license, read "Software license" in this guide.

100096763

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

100096763

Hochgeladen von

Copyright:

Verfügbare Formate

Nortel Secure Router 8000 Series

Configuration Guide - IP Multicast

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

2 IGMP configuration ..................................................................................................................2-1

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

3 PIM-DM configuration .............................................................................................................3-1

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

4 PIM-SM configuration ..............................................................................................................4-1

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

6 MBGP configuration .................................................................................................................6-1

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

7 Multicast VPN configuration...................................................................................................7-1

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

8 Multicast routing and forwarding configuration ................................................................8-1

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

About this document

About this document

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

About this document

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Chapter 3 PIM-DM configuration

Multicast VPN configuration

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

About this document

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

About this document

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Updates in Issue 1.0 (6 June 2008)

Nortel Networks Inc.

Issue 5.3 (14 August 2009)

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast

Issue 5.3 (14 August 2009)

Nortel Networks Inc.

Nortel Secure Router 8000 Series Configuration Guide - IP Multicast