Enterprise IP Multicast Design and Troubleshooting Part 1 Cisco Advanced Services Maurice Flint, CCIE #9003 June 3 rd , 2009 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 2 I N T E G R A T I O N I N T E G R A T I O N mLDP and P2MP, RSVP-TE Multicast MPLS PIM SM, SSM, MLD v2 IPv6 Multicast MVPN Multicast VPN PGM Reliable Multicast MBGP , MSDP, Anycast RP, RGMP, BSR Interdomain Multicast PIM Bi-Directional Many-to-Many SSM & IGMP v3 One-to-Many PIM SM, DM, Auto RP, IGMP v2, CGMP Basic Multicast mLDP and P2MP, RSVP-TE Multicast MPLS PIM SM, SSM, MLD v2 IPv6 Multicast MVPN Multicast VPN PGM Reliable Multicast MBGP , MSDP, Anycast RP, RGMP, BSR Interdomain Multicast PIM Bi-Directional Many-to-Many SSM & IGMP v3 One-to-Many PIM SM, DM, Auto RP, IGMP v2, CGMP Basic Multicast M A N A G E M E N T M A N A G E M E N T High Availability Wireless Multicast Multicast OAM Multicast Security High Availability Wireless Multicast Multicast OAM Multicast Security Multicast Components Topics for Discussion Interdomain Multicast Interdomain Multicast Campus Multicast Campus Multicast ISP B Multicast Source Y ISP A Multicast Source X ISP B DR RP RP DR DR IGMP IGMP PIM-SM PIM-SSM MVPN PIM-SM PIM-SSM MVPN IGMP Snooping IGMP Snooping MBGP MBGP MSDP MSDP Core 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 3 Agenda Multicast Essentials Enterprise Multicast Service Model Any Source Multicast / Internet Standard Multicast Source Specific Multicast Case Study Multicast Campus Network IGMP Snooping PIM Snooping 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 4 IP Multicast Essentials RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 5 IP Multicast Essentials Unicast vs Multicast Host Router Unicast Host Router Multicast Number of Streams One-to-Many One-to-One 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 6 Information Delivery Server-to-Server, Server-to-Desktop Database replication Software distribution Stock Quotes News Feeds White boarding Interactive Gaming Replication Video, Web servers Kiosks Content delivery Live Video (IPTV) Video conferencing Live Internet Audio Hoot & Holler Non-Real Time Real Time M u l t i m e d i a D a t a - o n l y Multicast Applications 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 7 Cisco Applications that use Multicast: Its more than just the technology wwwin.cisco.com/sp/messaging/ipngn7.shtml Entertainment Grade IP/TV Video 2.0 (VQE- S,VQE-C) 2 cco/en/US/products/sw/voicesw/ps556/products_administration_guide_cha pter09186a00803edad7.html Music on Hold Cisco Call Manager 8 wwwin.cisco.com/marketing/datacenter/solutions/launches/acns_5_3.shtml Data Center Solution Application & Content Network System 9 wwwin.cisco.com/WWSales/wwops/wwssp/sai/archives/scientificatlanta/ Commercial Quality IP Video Scientific Atlanta 1 wwwin- nmbu.cisco.com/fieldportal/products/cmm/summary.cfm?family=Domain%2 0Managers&prod=cmm Network Management Cisco Multicast Manager 3 wwwin.cisco.com/emtg/dm2bu/ Unified Communications Cisco Digital Media System 5 www.cisco.com/en/US/products/sw/voicesw/ps1913/products_feature_guid e09186a008022b3fb.html/ Supports TIBCO RV for Management Cisco Media Gateway Controller 6 Video Surveillance Safety & Security Corporate Communications Cisco Video Surveillance Cisco IP Interoperability & Collaboration System (IPICS) Cisco IP/TV wwwin.cisco.com/emtg/csibu/ wwwin.cisco.com/emtg/s3bu/ www.cisco.com/en/US/netsol/ns340/ns394/ns158/ns88/networking_solution s_package.html 10 7 4 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 8 Why Multicast Multicast Advantages Supports One-to-Many Applications: Streaming multimedia, Music on Hold, etc. Supports Periodic data delivery- push technology: Finance, Entertainment, Resource Apps Enhanced Efficiency & Performance: Eliminates traffic redundancy & reduces server CPU loads Challenges: Why isnt IP Multicast widely deployed? Protocol complexity & support for a widely-deployed implementation Security Denial of Service Attacks (Intranet & Internet) Best Effort Delivery UDP-based with no Congestion-Avoidance Example: Audio Streaming All Clients Listening to the Same 8 Kbps Audio 0 0.2 0.4 0.6 0.8 T r a f f i c
( M b p s ) 1 20 40 60 80 100 Number of Clients Multicast Unicast * Pragmatic General Multicast (PGM) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 9 IP Multicast Technical Overview: Building a Solid Foundation 224.0.0.0/4 01-00-5e-00-00-00 Dense Mode Sparse Mode IGMP v2 (*,G) (S,G) (*,G) (S,G) (*,G) (S,G) RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 10 Rube Goldberg (1883-1970) Inventor / Cartoonist Whats Multicast Routing Have Anything to do with a Goldberg Machine? http://www.rube-goldberg.com A Rube Goldberg Machineis an extremely complicated device that executes a very simple task in a complex, indirect way. Traditional Multicast is our Rube Goldberg Machine! 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 11 Multicast Address Range IPv4 Assignment Class D Address Space Link-Local Address Range 224.0.0.0/24 local subnet (TTL=1) Global Address Range 224.0.1.0 238.255.255.255 (Globally scoped to/from Internet) 232.0.0.0/8 Source Specific Multicast (SSM) 233.0.0.0/ - GLOP (ASN Registered) AS number is inserted in middle two octets. Remaining low-order octet (233.x.x.0/24) used for group assignment Extended GLOP Addresses (EGLOP RFC 3180) Make use of private AS numbers Assigned by a Registration Authority Administratively Scoped Address Range 239.0.0.0 239.255.255.255 (Private address range similar to RFC 1918) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 12 Layer 2-3 Multicast Addressing IP Multicast MAC Address Mapping Gotcha: Caveat exists concerning multicast address overlap. Multicast represented by MAC 0x01005e 5 bits lost only 1 OUI purchased IEEE Creates 32:1 address overlap 32 L3 addresses can map to the same MAC! 32 Bits 28 Bits 25 Bits 23 Bits 48 Bits 01-00-5e-7f-00-01 01-00-5e-7f-00-01 1110 5 Bits Lost 239.255.0.1 239.255.0.1 32 Bits 28 Bits 25 Bits 23 Bits 48 Bits 01-00-5e-7f-00-01 01-00-5e-7f-00-01 1110 5 Bits Lost 239.255.0.1 239.255.0.1 224.1.1.1 224.129.1.1 225.1.1.1 225.129.1.1 . . . 238.1.1.1 238.129.1.1 239.1.1.1 239.129.1.1 0x0100.5E01.0101 1Multicast MAC Address (Ethernet) 32IP Multicast Addresses 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 13 RFC 2365 Local Scope RFC 2365 Local Scope Expansion RFC 2365 Org.-Local Expansion 239.255.0.0 239.255.255.255 239.0.0.0 RFC 2365 Org-Local Scope 239.196.0.0 239.192.0.0 Multicast Address Assignment Administratively Scoped Address Range Address Range: 239.0.0.0/8 - Private multicast address space - Similar to RFC1918 private unicast address space RFC 2365 Administratively Scoped Zones Organization-Local Scope (239.192/14) - Largest scope within the Enterprise network - Regional or global applications that are used within a private enterprise network. Local Scope (239.255/16) - Smallest possible scope within the Enterprise network - Expands downward in address range - Other scopes may be equal but not smaller - Targets local applications that are isolated within a site/region & blocked on defined boundaries. (Not to Scale) 239.255.253.0 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 14 Scope Relative ExampleLocal Scope Top 256 Addresses of Every Admin. Scope Range are reserved. 239.255.255.255 239.255.0.0 Local Scope Scope Relative 239.255.255.0 Local Scope 239.254.255.255 239.0.0.0 (Not to Scale) MBUS 239.255.255.247 MADCAP Protocol 239.255.255.254 SAP Session Announcement Protocol (SDR) 239.255.255.255 SLPv2 Protocol 239.255.255.253 MZAP Protocol 239.255.255.252 Multicast Discovery of DNS Services 239.255.255.251 SSDP 239.255.255.250 DHCPv4 239.255.255.249 AAP 239.255.255.248 Description Address 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 15 Scope Relative ExampleOrg-Local Scope Top 256 Addresses of Every Admin. Scope Range are reserved. 239.255.255.255 Org-Local Scope Relative Org-Local Scope 239.195.255.255 239.0.0.0 (Not to Scale) 239.192.0.0 239.195.255.0 MBUS 239.195.255.247 MADCAP Protocol 239.195.255.254 SAP Session Announcement Protocol (SDR) 239.195.255.255 SLPv2 Protocol 239.195.255.253 MZAP Protocol 239.195.255.252 Multicast Discovery of DNS Services 239.195.255.251 SSDP 239.195.255.250 DHCPv4 239.195.255.249 AAP 239.195.255.248 Description Address 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 16 RFC 2365 Local Scope Local Scope Expansion Org.-Local Expansion 239.255.0.0 239.196.0.0 239.255.255.255 239.0.0.0 Region Scope (/16) Campus Scope (/16) Enterprise Scope (/16) 239.192.0.0 Building Scope (/16) 239.191.0.0 Multicast Address Assignment Address Ranges to Avoid Avoid ranges that map to a MAC address of 0x0100-5E00-00xx! i.e. 239.128.0/24 and 239.0.0/24 239.0.0.0/24 239.128.0.0/24 RFC 2365 Org-Local Scope Are the same as 224.0.0.0/24 - Link Local These addresses are always flooded by Layer 2 switches! 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 17 Multicast Address Design Administrative Scoping Example Any Source Multicast Develop an Enterprise Multicast Address Assignment Design Global Scope 239.192.0.0/16 Regional Scope US/CALA 239.195.0.0/16 EMEA - 239.196.0.0/16 APAC - 239.197.0.0/16 Site-Local Scope 239.255.0.0/16 Internet - 233.0.0.0/8: GLOP (RFC 2770) ASN registered & have /24 per AS number. Develop an Enterprise Multicast Application Assignment Policy IP/TV or DMS, MoH, Others High-Rate and Low-Rate Streams Guidelines for Enterprise IP Multicast Address Allocation: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6552/ps6592/prod_white_paper0900aecd80310d68.pdf 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 18 Serial0 Serial1 Administrative Boundary = 239.0.0.0/8 239.x.x.x multicasts 239.x.x.x multicasts Multicast Forwarding Administrative Boundaries /Scoping Configured using the ip multicast boundary <acl> interface command 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 19 Region 3 Region 2 S 1 S 0 S 0 S 0 Border C Border B 239.195.0.0/16 239.194.0.0/16 239.193.0.0/16 Regional Boundaries Regional Boundary Border A Administratively-Scoped Zones Multicast Boundary Filters Interface Serial0 ip multicast boundary 10 access-list 10 deny 239.194.0.0 0.0.255.255 access-list 10 permit any Interface Serial0 ip multicast boundary 10 access-list 10 deny 239.195.0.0 0.0.255.255 access-list 10 permit any Interface Serial0 ip multicast boundary 10 Interface Serial1 ip multicast boundary 10 access-list 10 deny 239.193.0.0 0.0.255.255 access-list 10 permit any Region 1 Multicast Boundary filters block multicast traffic in both directions on the configured interface. The use of TTL filters are no longer recommended. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 20 Multicast Boundary Extensions Boundary Extensions Supported ip multicast boundary <acl> [ in | out | filter-autorp ] access-list 10 deny 239.192.0.0 0.0.255.255 access-list 10 permit any in filters source traffic coming into interface out prevents state from being created on interface IGMP reports and PIM J oins will not create state Interface will not be added to OIL More that one boundary command is allowed on interface but only one instance of in, out or filter-autorp Available in IOS (12.2 and above) Will be available on 6500 in 12.2SXI (Whitney 2) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 21 IP Multicast Essentials Terms Distribution Tree(s) Source Tree Rooted at the Source Represented by (S,G) entry Shared Tree Rooted at the Rendevous Point Represented by (*,G) entry (Sparse Mode) Source RP Receiver Receiver Shared Tree Source Tree Source RP Receiver Receiver Shared Tree Shared Tree Source Tree Source Tree Source Receiver Receiver Shared Tree Shared Tree Source Tree Source Tree 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 22 IP Multicast Essentials - Terms Anatomy of Mroute Table Rout er #sh i p mr out e 224. 1. 2. 3 I P Mul t i cast Rout i ng Tabl e Fl ags: D - Dense, S - Spar se, C - Connect ed, L - Local , P - Pr uned R - RP- bi t set , F - Regi st er f l ag, T - SPT- bi t set , J - J oi n SPT M - MSDP cr eat ed ent r y, X - Pr oxy J oi n Ti mer Runni ng A - Adver t i sed vi a MSDP Out goi ng i nt er f ace f l ags: H - Har dwar e swi t ched Ti mer s: Upt i me/ Expi r es I nt er f ace st at e: I nt er f ace, Next - Hop or VCD, St at e/ Mode (*, 224.1.2.3), 00:04:28/00:01:32, RP 171.68.28.140, f l ags: SC I ncomi ng i nt er f ace: Ser i al 1, RPF nbr 171. 68. 28. 140, Out goi ng i nt er f ace l i st : Et her net 0, For war d/ Spar se, 00: 00: 30/ 00: 02: 30 ( 10.10.10.1/32, 224.1.2.3), 00:04:28/00:01:32, f l ags: CT I ncomi ng i nt er f ace: Ser i al 0, RPF nbr 171. 68. 28. 190 Out goi ng i nt er f ace l i st : Ser i al 1, For war d/ Spar se, 00: 04: 28/ 00: 01: 32 Et her net 0, For war d/ Spar se, 00: 00: 30/ 00: 02: 30 Shared Tree Entry Used Exclusively by Sparse Mode Source Tree Used by Dense or Sparse Mode 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 23 IP Multicast Essentials IP Multicast Routing/ Multicast Forwarding
What is RPF? What is RPF? A router forwards a multicast datagram only if received on the up stream interface to the source (i.e. it follows the distribution tree).
The RPF Check
The RPF Check The routing table used for multicasting is checked against the source address in the multicast datagram. If the datagram arrived on the interface specified in the routing table for the source address; then the RPF check succeeds. This becomes the Incoming or RPF Interface. Otherwise, the RPF Check fails. Reverse Path Forwarding (RPF) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 24 IP Multicast Essentials IP Multicast Routing/ Multicast Forwarding RPF Check Fails! A closer look: RPF Check Fails RPF Check Fails Packet Arrived on Wrong Interface! E0 S1 S0 S2 Multicast Packet from Source 151.10.3.21 X Discard Packet! Unicast Route Table Unicast Route Table Network Network Interface Interface 151.10.0.0/16 151.10.0.0/16 S1 S1 198.14.32.0/24 198.14.32.0/24 S0 S0 204.1.16.0/24 204.1.16.0/24 E0 E0 S1 E 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 25 IP Multicast Essentials IP Multicast Routing/ Multicast Forwarding RPF Check Fails! A closer look: RPF Check Fails RPF Check Fails Packet Arrived on Wrong Interface! E0 S1 S0 S2 Multicast Packet from Source 151.10.3.21 X Discard Packet! Unicast Route Table Unicast Route Table Network Network Interface Interface 151.10.0.0/16 151.10.0.0/16 S1 S1 198.14.32.0/24 198.14.32.0/24 S0 S0 204.1.16.0/24 204.1.16.0/24 E0 E0 S1 E R1#sh ip mroute 239.192.1.1 count IP Multicast Statistics 5 routes using 3052 bytes of memory 3 groups, 0.66 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 1, Packets forwarded: 92, Packets received: 92 RP-tree: Forwarding: 92/0/100/0, Other: 92/0/0 Source: 10.4.1.6/32, Forwarding: 0/0/0/0, Other: 0/0/0 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 26 IP Multicast Essentials IP Multicast Routing/ Multicast Forwarding A closer look: RPF Check Succeeds RPF Check Succeeds RPF Check Succeeds! Unicast Route Table Unicast Route Table Network Network Interface Interface 151.10.0.0/16 151.10.0.0/16 S1 S1 198.14.32.0/24 198.14.32.0/24 S0 S0 204.1.16.0/24 204.1.16.0/24 E0 E0 E0 S1 S0 S2 Multicast Packet from Source 151.10.3.21 Packet Arrived on Correct Interface! S1 S1 Forward out all outgoing interfaces. (i. e. down the distribution tree) B 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 27 Well just use the spare 56K line for the IP Multicast traffic and not the T1. no ip pim sparse-mode ip pim sparse-mode IP Multicast Essentials Configure Multicast on Every Interface T1/E1 56K/64K src rcvr Network Engineer X X RPF to disabled link!!!!! Classic Partial Multicast Cloud Mistake #1 T1/E1 line has best metric to source 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 28 Well just use the spare 56K line for the IP Multicast traffic and not the T1. no ip pim sparse-mode ip pim sparse-mode IP Multicast Essentials Configure Multicast on Every Interface T1/E1 56K/64K src rcvr Network Engineer X X RPF to disabled link!!!!! Classic Partial Multicast Cloud Mistake #1 T1/E1 line has best metric to source Static multicast routing (static mroutes) can be to resolve this design requirement. ! Ip mroute 10.77.86.75 255.255.255.255 10.2.255.72 (RP =10.77.86.75) ip mroute 10.77.76.0 255.255.255.0 10.2.255.72 (Source Subnet =10.77.76.0/24) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 29 Well just keep multicast traffic off of certain routers in the network. IP Multicast Essentials Configure Multicast on Every Router src rcvr Blackhole Failure!!!!! Classic Partial Multicast Cloud Mistake #2 Multicast Disabled Multicast Enabled .2 .1 192.168.1.0/24 A A B B C C E0 E1 Highest next-hop IP address used for RPF when equal cost paths exist. Complies with RFC 2362! PIM J oin Network Engineer 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 30 IP Multicast Essentials IP Multicast Load Splitting Two Options exist for load-sharing multicast across equal cost multiple paths (ECMP). GRE Tunnels IP Multicast Multipath Feature (12.4T) IP Multicast Multipath Randomly distribute (*, G) and (S, G) traffic streams across multiple equal-cost reverse path forwarding (RPF) paths. Does not necessarily result in balanced IP multicast traffic loads. Networks where there are many traffic streams that utilize approximately the same amount of bandwidth benefit the most. Can be configured to load split based on Source, (S,G), or (S,G) and next-hop address. All participating interfaces still require PIM. Recei ver .2 .1 192.168.1.0/24 A AA A B BB B C CC C E0 E1 Source (S,G) Join 1 (S,G) Join 2 J oinscreate the OIL 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 31 IP Multicast Essentials Types of Multicast Routing Protocols DVMRPv3 (Internet-draft) MOSPF (RFC 1584) CBT (Internet-draft) PIM-DM(Internet-draft) PIM Sparse Mode (RFC 2362) Source Specific Multicast (SSM) Bi-directional PIM (Bidir) Multicast VPN (MVPN) All protocols are supported in this box Only PIM-DM is supported in this box 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 32 Multicast Service Models RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 33 Multicast Service Model IP Multicast Enabled Network There are two kinds of multicast-enabled networks available. Any Source Multicast ASM is the original multicast service model as defined in RFC 1112 [Deering]. In this model, a receiver simply joins the group and does not need to know the identity of the source(s). (Also called Internet Standard or Traditional Multicast) Source Specific Multicast RFC 3569 (2003) SSM modifies the original service such that in addition to knowing the group address, a receiver must know the relevant source(s). It becomes the application's responsibility to know what kind of multicast capability the network provides. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 34 Multicast Service Model Essential Protocol Components An IP multicast enabled network requires two essential protocol components: Internet Group Membership Protocol IGMP is the IP host-based protocol that allows a receiver application to notify a local router(s) that it has joined the group, and initiate the data flow from all sender(s) within the scope. Protocol Independent Multicast - PIM is a IP router-based protocol that allows routers with multicast group members (receivers) on the local networks to communicate with other routers to ensure that all datagrams sent to the group address are forwarded to all receivers within the intended scope. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 35 Any Source Multicast RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 36 Multicast Service Model Any Source Multicast (ASM) RFC 1112 IGMPv2 (Host to Router Signaling) RFC 2236 Membership reports used to J oinmulticast groups > 224.0.0.1 Classic (original) PIMv2 Sparse Mode (Router Signaling) Current PIMv2 specification is RFC 4601 Uses both Shared and Source Path Trees Requires a Rendezvous Point (RP) and Shared Tree for network- based Source discovery. Complex to Troubleshoot Susceptible to Denial of Service Attacks 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 37 H2 Any Source Multicast Host-Router Signaling IGMPv2Joining a Group J oining member sends reports for the multicast group that they want to J oin. Called unsolicitedreports. H2 224.1.1.1 Report 1.1.1.1 H1 H3 1.1.1.10 1.1.1.11 1.1.1.12 rtr-a 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 38 r t r - a>show ip igmp group I GMP Connect ed Gr oup Member shi p Gr oup Addr ess I nt er f ace Upt i me Expi r es Last Repor t er 239.192.1.1 Ethernet0 6d17h 00:02:31 1.1.1.11 Any Source Multicast Host-Router Signaling IGMPv2Verify the Group 1.1.1.1 H1 H3 1.1.1.10 1.1.1.11 1.1.1.12 rtr-a IGMP State in rtr-a H2 Group 239.192.1.1 is active 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 39 Any Source Multicast Host-Router Signaling IGMPv2 Maintaining the Group Router sends periodic queries to 224.0.0.1 @ 60-120s Query One member per group per subnet reports 224.1.1.1 Report Other members suppress reports 224.1.1.1 Suppressed X 224.1.1.1 Suppressed X H1 H2 H3 Group 224.1.1.1 Example 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 40 Host sends leave message to 224.0.0.2 H1 H3 H3 Leave to 224.0.0.2 224.1.1.1 #1 Router sends group-specific query for Group 224.1.1.1 Group Specific Query to 224.1.1.1 #2 No IGMP report is received within ~ 3 seconds Group 224.1.1.1 times out H2 Leaving a Group (224.1.1.1) Any Source Multicast Host-Router Signaling IGMPv2 Leaving a Group 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 41 Any Source Multicast Host-Router Signaling IGMPv2Querier Election Initially all routers send out a query @ 224.0.0.1 Router with lowest IP address electedquerier Other routers become non-queriers IGMPv2 1.1.1.1 1.1.1.2 H1 H2 H3 1.1.1.10 1.1.1.11 1.1.1.12 Query Query IGMP Querier IGMP Non-Querier rtr-a rtr-b 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 42 IGMPv2Querier Election Determining Which Router is the IGMP Querier r t r - a>show i p i gmp i nt er f ace e0 Et her net 0 i s up, l i ne pr ot ocol i s up I nt er net addr ess i s 1. 1. 1. 1, subnet mask i s 255. 255. 255. 0 IGMP is enabled on interface Cur r ent I GMP ver si on i s 2 CGMP i s di sabl ed on i nt er f ace I GMP quer y i nt er val i s 60 seconds I GMP quer i er t i meout i s 120 seconds I GMP max quer y r esponse t i me i s 10 seconds I nbound I GMP access gr oup i s not set Mul t i cast r out i ng i s enabl ed on i nt er f ace Mul t i cast TTL t hr eshol d i s 0 Mul t i cast desi gnat ed r out er ( DR) i s 1. 1. 1. 1 ( t hi s syst em) IGMP querying router is 1.1.1.1 (this system) Mul t i cast gr oups j oi ned: 224. 0. 1. 40 224. 2. 127. 254 r t r - a>show i p i gmp i nt er f ace e0 Et her net 0 i s up, l i ne pr ot ocol i s up I nt er net addr ess i s 1. 1. 1. 1, subnet mask i s 255. 255. 255. 0 IGMP is enabled on interface Cur r ent I GMP ver si on i s 2 CGMP i s di sabl ed on i nt er f ace I GMP quer y i nt er val i s 60 seconds I GMP quer i er t i meout i s 120 seconds I GMP max quer y r esponse t i me i s 10 seconds I nbound I GMP access gr oup i s not set Mul t i cast r out i ng i s enabl ed on i nt er f ace Mul t i cast TTL t hr eshol d i s 0 Mul t i cast desi gnat ed r out er ( DR) i s 1. 1. 1. 1 ( t hi s syst em) IGMP querying router is 1.1.1.1 (this system) Mul t i cast gr oups j oi ned: 224. 0. 1. 40 224. 2. 127. 254 IGMP is automatically enabled when PIM is enabled under the interface 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 43 IGMPv2 Designated Router (DR) If there are multiple routers on a LAN, a designated router (DR) must be elected to avoid duplicating multicast traffic. PIM routers follow an election process to select a DR - the PIM router with the highest Interface IP address becomes the DR. The DR is responsible for: Sending PIM register and PIM J oin and Prune messages toward the rendezvous point (RP) to inform it about host group membership. Sending PIM J oin messages for the Shortest Path Tree. Gotcha: When troubleshooting PIM, make sure that you identify the DR. The non-DRs will show (*,G) and (S,G) state, but take no action. DR Failover - 3 x <query-interval> - default interval 30s AA 192.168.1.0/24 .2 (DR) .1 BB IGMP Querier Designated Router 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 44 Any Source Multicast Router to Router Signaling Activating PIM-SM (Sparse-Mode) Interface configuration command - ip pim sparse-mode Enables multicast forwarding on the interface Controls the interfaces mode of operation Separate control and data plane > Unicast routing protocol-independent Explicit J oin Model Receivers must first be connectedto the tree before traffic begins to flow Traffic only sent down joinedbranches Must configure an RP Used to map the source multicast group address to the IPv4 unicast address of the source. Uses both Shared and Shortest Path Distribution Trees Starts out using Shared Tree, then switches over to the source-tree Very complex to troubleshoot 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 45 Any Source Multicast (ASM) PIM-SM with IGMPv2 Operation 10.1.1.5/24 Receiver wants to join 239.192.1.1, but doesnt know the unicast IP address of the source. Source Receiver 10.4.1.6/24 Source transmits the stream @ 239.192.1.1, but isnt responsible to determine where to send the packets. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 46 Any Source Multicast (ASM) PIM-SM with IGMPv2 > Map the Group to the Source IP RP Source Receiver Any Source Multicast requires a control plane which is anchored by the Rendezvous Point to jointhe Source and Receivers. The Rendezvous Point is responsible for multicast Group to Source IP address mapping. 10.4.1.6/24 10.1.1.5/24 Multicast Group 239.192.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 47 Any Source Multicast (ASM) PIM-SM Shared Tree Join Process Receiver RP PIM (*, G) Join (*, G) State created via the Shared Tree. The Outgoing Interface List (OIL) is created. Shared Tree IGMP Join 1. Receiver sends IGMPv2 Join 2. Last hop PIM router forwards the Join to the RP for 239.192.1.1 The receiver has joined the group, but is waiting for the source. (*,G) (*,G) (*,G) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 48 Any Source Multicast (ASM) PIM-SM Shared Tree Join Process Case Study R5(config-if)#ip igmp join-group 239.192.1.1 R6#ping 239.192.1.1 R5 R6 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 49 Any Source Multicast (ASM) PIM-SM Shared Tree Join Process Case Study 1. Receiver sends IGMPv2 Join 2. Last hop PIM router forwards the Join toward the RP for 239.192.1.1 R1#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:06:07/00:02:19, RP 10.3.3.3, flags: SJC Incoming interface: Ethernet0/1, RPF nbr 10.21.1.2 Outgoing interface list: Ethernet0/0, Forward/Sparse, 00:06:07/00:02:19 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 50 Any Source Multicast (ASM) PIM-SM Shared Tree Join Process Case Study R2#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:17:38/00:02:42, RP 10.3.3.3, flags: S Incoming interface: Ethernet0/2, RPF nbr 10.32.1.3 > towards RP Outgoing interface list: Ethernet0/1, Forward/Sparse, 00:17:38/00:02:42 > towards receiver 3. All PIM routers in the path forwards the Join to the RP for 239.192.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 51 Any Source Multicast (ASM) PIM-SM Shared Tree Join Process Case Study R3#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:23:36/00:03:00, RP 10.3.3.3, flags: S Incoming interface: Null, RPF nbr 0.0.0.0 > Always Null for the RP Outgoing interface list: Ethernet0/2, Forward/Sparse, 00:23:36/00:03:00 > towards the Receiver 4. RP receives the Join for 239.192.1.1 and creates the (*,G) Tree (*, G) State created via the Shared Tree. The Outgoing Interface List (OIL) is created. R3#sh ip mroute 239.192.1.1 count IP Multicast Statistics 5 routes using 3830 bytes of memory 3 groups, 0.66 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 0, Packets forwarded: 0, Packets received: 0 5. Use the show ip mroute x.x.x.x count keyword to verify traffic for the *,G tree 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 52 Any Source Multicast (ASM) PIM-SM Source Registration Process Receiver RP Source 8. RP sends a Join toward the source. (S, G) Register-Stop (unicast) (S, G) Register (unicast) 7. Multicast (S, G) traffic arrives at the RP (encapsulated in unicast IPv4 packets). The RP forwards the traffic based on the Outgoing Interface List (OIL). Note: No RPF for Receive Joins. Source Tree Traffic Flow Shared Tree 5. Source comes online . The 1 st hop router builds the (*,G) and (S,G) entries 10. RP sends a Register-Stop back to the first-hop router to complete the Register process. (*,G) (*,G) (*,G) (S,G) (S,G) (S,G) 9. The Shortest Path Tree from the RP to the Source is built. Building the PIM-SM Shared Tree is Complete! 6. The 1 st hop router sends Register with unicast stream to the RP for 239.192.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 53 Any Source Multicast (ASM) PIM-SM Shared Tree Source Registration Case Study R4#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:00:21/stopped, RP 10.3.3.3, flags: SPF > Register Flag Incoming interface: Ethernet0/0, RPF nbr 10.34.1.3 Outgoing interface list: Null (10.4.1.6, 239.192.1.1), 00:00:21/00:02:58, flags: PFT > Register Flag Incoming interface: Ethernet0/1, RPF nbr 0.0.0.0 Outgoing interface list: Null 4. Source comes online . The 1st hop router sends Register to the RP for 239.192.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 54 Any Source Multicast (ASM) PIM-SM Shared Tree Source Registration Case Study R4#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:00:21/stopped, RP 10.3.3.3, flags: SPF > Register Flag Incoming interface: Ethernet0/0, RPF nbr 10.34.1.3 Outgoing interface list: Null (10.4.1.6, 239.192.1.1), 00:00:21/00:02:58, flags: PFT > Register Flag Incoming interface: Ethernet0/1, RPF nbr 0.0.0.0 Outgoing interface list: Null 4. Source comes online . The 1st hop router sends Register to the RP for 239.192.1.1 R3 (RP)# debug ip pim *May 30 11:50:39.064: PIM(0): Received v2 Register on Ethernet0/0 from 10.34.1.4 for 10.4.1.6, group 239.192.1.1 *May 30 11:50:39.064: PIM(0): Insert (10.4.1.6,239.192.1.1) join in nbr 10.34.1.4's queue *May 30 11:50:39.064: PIM(0): Forward decapsulated data packet for 239.192.1.1 on Ethernet0/2 *May 30 11:50:39.064: PIM(0): Building J oin/Prune packet for nbr 10.34.1.4 *May 30 11:50:39.064: PIM(0): Adding v2 (10.4.1.6/32, 239.192.1.1), S-bit J oin *May 30 11:50:39.064: PIM(0): Send v2 join/prune to 10.34.1.4 (Ethernet0/0) *May 30 11:50:41.032: PIM(0): Received v2 Register on Ethernet0/0 from 10.34.1.4 for 10.4.1.6, group 239.192.1.1 *May 30 11:50:41.032: PIM(0): Send v2 Register-Stop to 10.34.1.4 for 10.4.1.6, group 239.192.1.1 *May 30 11:53:54.644: PIM(0): Building Periodic (*,G) J oin / (S,G,RP-bit) Prune message for 239.192.1.1 *May 30 11:53:55.916: PIM(0): Received v2 J oin/Prune on Ethernet0/2 from 10.32.1.2, to us *May 30 11:53:55.916: PIM(0): J oin-list: (*, 239.192.1.1), RPT-bit set, WC-bit set, S-bit set *May 30 11:53:55.916: PIM(0): Update Ethernet0/2/10.32.1.2 to (*, 239.192.1.1), Forward state, by PIM *G J oin *May 30 11:53:55.916: PIM(0): Update Ethernet0/2/10.32.1.2 to (10.4.1.6, 239.192.1.1), Forward state, by PIM *G Join R3#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,= L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:00:59/stopped, RP 10.3.3.3, flags: S Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Ethernet0/2, Forward/Sparse, 00:00:59/00:02:34 (10.4.1.6, 239.192.1.1), 00:00:03/00:02:59, flags: T Incoming interface: Ethernet0/0, RPF nbr 10.34.1.4 Outgoing interface list: Ethernet0/2, Forward/Sparse, 00:00:03/00:02:56 > Automatically populates based on (*,G) OIL > no RPF 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 55 Any Source Multicast (ASM) PIM-SM Shared Tree Traffic Flow Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! R6 R3#sh ip mroute 239.192.1.1 count IP Multicast Statistics 6 routes using 4340 bytes of memory 3 groups, 1.00 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5 RP-tree: Forwarding: 1/0/100/0, Other: 1/0/0 Source: 10.4.1.6/32, Forwarding: 4/1/100/0, Other: 4/0/0 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 56 Any Source Multicast (ASM) PIM-SM Shared Tree Traffic Flow Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! R6 R2#sh ip mroute 239.192.1.1 count IP Multicast Statistics 5 routes using 3194 bytes of memory 3 groups, 0.66 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 0, Packets forwarded: 5, packets received: 5 RP-tree: Forwarding: 5/1/100/0, Other: 5/0/0 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 57 Any Source Multicast (ASM) PIM-SM Shared Tree Traffic Flow Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! R6 R1#sh ip mroute 239.192.1.1 count IP Multicast Statistics 5 routes using 3052 bytes of memory 3 groups, 0.66 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5 RP-tree: Forwarding: 5/0/100/0, Other: 5/0/0 Source: 10.4.1.6/32, Forwarding: 0/0/0/0, Other: 0/0/0 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 58 Any Source Multicast (ASM) PIM-SM Shared Tree Traffic Flow Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! R6 R6#ping Protocol [ip]: Target IP address: 239.192.1.1 Repeat count [1]: 5 Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echo to 239.192.1.1, timeout is 2 seconds: Reply to request 0 from 10.1.1.5, 20 ms Reply to request 1 from 10.1.1.5, 4 ms Reply to request 2 from 10.1.1.5, 4 ms Reply to request 3 from 10.1.1.5, 8 ms Reply to request 4 from 10.1.1.5, 4 ms 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 59 Any Source Multicast (ASM) PIM-SM SPT Switchover Process Receiver RP Source Source Tree 11. Once multicast traffic arrives at the last hop PIM router via the Shared Tree, a Join request is sent toward the source. Traffic Flow Shared Tree 12. Traffic flows down the Shortest Path Tree (*,G) (*,G) (*,G) (S,G) (S,G) (S,G) (S,G) (S,G) 13. The Shared Tree Path is Pruned toward the RP. 14. If no other Receivers exist, the RP Prunes the Source Path Tree. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 60 Any Source Multicast (ASM) PIM-SM SPT Switchover Process Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! 1. Packets arrive at R1 via the Shared (*,G) tree the purpose of the Shared Tree is Complete! 2. R1 performs PIM SPT switchover by send (S,G) Join. The purpose of the Shared Tree J oin is complete > the Last-hop Router has learned the IP address of the Source! 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 61 Any Source Multicast (ASM) PIM-SM SPT Switchover Process Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! 3. Packets begin to flow down the Source (S,G) Tree to R1. R1 also sends a Prune message toward the RP. R1#sh ip mroute 239.192.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239.192.1.1), 00:00:42/stopped, RP 10.3.3.3, flags: SJ C Incoming interface: Ethernet0/1, RPF nbr 10.21.1.2 Outgoing interface list: Ethernet0/0, Forward/Sparse, 00:00:42/00:02:20 (10.4.1.6, 239.192.1.1), 00:00:04/00:02:55, flags: JT Incoming interface: Ethernet0/2, RPF nbr 10.41.1.4 Outgoing interface list: Ethernet0/0, Forward/Sparse, 00:00:04/00:02:55 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 62 Any Source Multicast (ASM) PIM-SM SPT Switchover Process Case Study Source Tree Traffic Flow Shared Tree Building the PIM-SM Shared Tree is Complete! R1#sh ip mroute 239.192.1.1 count IP Multicast Statistics 4 routes using 2794 bytes of memory 2 groups, 1.00 average sources per group Forwarding Counts: Pkt Count/Pkts(neg(-) =Drops) per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: 239.192.1.1, Source count: 1, Packets forwarded: 5, Packets received: 5 RP-tree: Forwarding: 1/1/100/0, Other: 1/0/0 Source: 10.4.1.6/32, Forwarding: 4/0/100/0, Other: 4/0/0 3. Packets begin to flow down the Source (S,G) Tree to R1. R1 also sends a Prune message toward the RP. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 63 Any Source Multicast (ASM) Issue concerning Multiple Sources Receiver 1 RP Source Eventually, (S, G) Traffic flow creates an issue as two sources exist. Traffic Flow Error Multicast Source #2 239.192.1.1 239.192.1.1 Issue: A 2 nd Source appears in the network streaming the same multicast group (S, G) Register. Solution: Accept-Register filters to prevent unwanted Multicast flows Receiver 2 ip pim accept-register list 10 access-list 10 permit 10.4.1.6 10.4.1.6 172.30.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 64 Any Source Multicast (ASM) How Does the Network Know About the RP? Static configuration Manually on every router in the PIM domain AutoRP Routers learn RP automatically Option exists to provide Load-Balancing & Redundancy BSR (Bootstrap Router) draft-ietf-pim-sm-bsr PIMv2 for Sparse-mode (RFC 2362) defines a Bootstrap mechanism that permits all PIM-SM routers within a domain to dynamically learn all Group-to-RP mappings and avoid any manual RP configurations > AutoRP & BSR 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 65 Static RPs Hard-configured RP address When used, must be configured on every router All routers must have the same RP address RP failover not possible Exception: if anycast RPs are used Command ip pim rp-address <address> [group-list <acl>] [override] Optional group list specifies group range Default: range = 224.0.0.0/4 (includes auto-RP groups!!!) Override keyword overridesauto-RP information Default: auto-RP learned info takes precedence 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 66 Auto-RP Dynamic Group to RP Mapping Announce Announce A n n o u n c e A n n o u n c e Announce Announce A n n o u n c e A n n o u n c e Announce RP-Announcements Multicast to the Cisco Announce (224.0.1.39) Group A C D C-RP 1.1.1.1 C-RP 2.2.2.2 B Mapping Agent Mapping Agent ip pim send-rp-announce loopback0 scope 255 group-list 20 access-list 20 permit 239.192.0.0 0.0.255.255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 67 Auto-RP Dynamic Group to RP Mapping Announce Announce A n n o u n c e A n n o u n c e Announce Announce A n n o u n c e A n n o u n c e Announce RP-Announcements Multicast to the Cisco Announce (224.0.1.39) Group A C D C-RP 1.1.1.1 C-RP 2.2.2.2 B Mapping Agent Mapping Agent The active RP for each Multicast group range is selected based on the highest Loopback IP address (router ID) from the candidate RPs. RP Mapping Agents store the candidate-RPs in a Group-to-RP mapping cache. Each entry in the Group-to-RP mapping cache has an expiration timer that is initialized to the holdtime value (3X) in the received RP- Announce message (60s). Once the timer expires, the Mapping Agent selects a new RP from its Group-to-RP mapping cache and sends out an RP-Discovery message with the updated Group-to-RP mapping. Failover is less than 3 minutes for any NEWconnections (Established Source Path Trees dont need RPs) ip pim send-rp-announce loopback0 scope 255 group-list 20 access-list 20 permit 239.192.0.0 0.0.255.255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 68 C D C-RP 1.1.1.1 C-RP 2.2.2.2 Dynamic Group to RP Mapping Auto-RPFrom 10,000 Feet Discovery RP-Discoveries Multicast to the Cisco Discovery (224.0.1.40) Group Mapping Agent Mapping Agent D is c o v e r y D is c o v e r y D i s c o v e r y D i s c o v e r y A D is c o v e r y D is c o v e r y D i s c o v e r y D i s c o v e r y B ip pim send-rp-discovery loopback0 scope 255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 69 C D C-RP 1.1.1.1 C-RP 2.2.2.2 Dynamic Group to RP Mapping Auto-RPFrom 10,000 Feet Discovery RP-Discoveries Multicast to the Cisco Discovery (224.0.1.40) Group Mapping Agent Mapping Agent D is c o v e r y D is c o v e r y D i s c o v e r y D i s c o v e r y A D is c o v e r y D is c o v e r y D i s c o v e r y D i s c o v e r y B RP announcements and RP discovery messages occurs every 60 seconds by default with holdtime of 180 seconds. If no RP is found, the next search is done locally on each router for a static RP mapping. If no static RP mapping is configured, the router defaults to dense mode. Mapping Agents function independently, multicasting identical Group-to-RP mapping information to all routers in the network. Based on this functionality, each device configured as a mapping agent will advertise identical Group-to- RP mapping information based on the fact that they are using the same selection algorithm of highest IP address to select the active RP. This methodology is recommended as Auto-RP Discovery packets are sent unreliably because the protocol has no provision to detect missed packets and no way to request retransmission. MA updates are sent every 60s or when changes are detected. ip pim send-rp-discovery loopback0 scope 255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 70 Any Source Multicast (ASM) Auto-RP Failover Auto-RP failover time (Default) Function of Holdtime in C-RP Announcement Holdtime = 3 x <rp-announce-interval> Default < rp-announce-interval> = 60 seconds Default Failover ~ 3 minutes Tuning Auto-RP failover Tune candidate RPs using the interval clause to control failover times ip pim send-rp-announce <intfc> scope <ttl> [group-list acl] interval <seconds>] Smaller intervals = faster RP failover + increased amount of RP traffic Increase is usually insignificant Total RP failover time reduced > Min. failover ~ 3 seconds 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 71 Any Source Multicast (ASM) PIM-SM AutoRP Case Study Source Tree Traffic Flow Shared Tree R1#sh ip pim rp map PIM Group-to-RP Mappings Group(s) 239.192.0.0/16 RP 10.3.3.3 (?), v2v1 Info source: 10.3.3.3 (?), elected via Auto-RP Uptime: 16:30:44, expires: 00:02:00 Acl: 10, Static RP: 10.3.3.3 (?) R1#sh access-lists 10 Standard IP access list 10 10 permit 239.192.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 72 Any Source Multicast (ASM) PIM-SM AutoRP Case Study Source Tree Traffic Flow Shared Tree R1#sh ip mroute IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - J oin SPT, M - MSDP created entry, X - Proxy J oin Timer Running, A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel, z - MDT-data group sender, Y - J oined MDT-data group, y - Sending to MDT-data group Outgoing interface flags: H - Hardware switched, A - Assert winner Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 224.0.1.39), 00:14:44/stopped, RP 0.0.0.0, flags: D Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Ethernet0/2, Forward/Sparse, 00:14:44/00:00:00 Ethernet0/1, Forward/Sparse, 00:14:44/00:00:00 (10.3.3.3, 224.0.1.39), 00:02:44/00:00:28, flags: PT Incoming interface: Ethernet0/1, RPF nbr 10.21.1.2 Outgoing interface list: Ethernet0/2, Prune/Sparse, 00:02:44/00:00:25 (*, 224.0.1.40), 00:18:09/stopped, RP 0.0.0.0, flags: DCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Ethernet0/2, Forward/Sparse, 00:18:10/00:00:00 Ethernet0/1, Forward/Sparse, 00:18:10/00:00:00 Ethernet0/0, Forward/Sparse, 00:18:10/00:00:00 (10.3.3.3, 224.0.1.40), 00:17:42/00:02:20, flags: LT Incoming interface: Ethernet0/1, RPF nbr 10.21.1.2 Outgoing interface list: Ethernet0/0, Forward/Sparse, 00:17:42/00:00:00 Ethernet0/2, Prune/Sparse, 00:01:45/00:01:21 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 73 Fast RP Failover = Anycast RP Multicast Source Discovery Protocol MSDP Rec Rec Rec Rec Src 239.193.1.1 Src 239.194.1.1 SA SA A RP1 10.1.1.1 B RP2 10.1.1.1 X When a source registers with one RP, a Source-Active (SA) message will be sent to the other RPs informing them that there is an active source for a particular multicast group. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 74 Fast RP Failover = Anycast RP Multicast Source Discovery Protocol MSDP Rec Rec Rec Rec Src 239.193.1.1 Src 239.194.1.1 SA SA A RP1 10.1.1.1 B RP2 10.1.1.1 X By default, RP failover is 3-180s. Anycast RP can be used to reduce failover interval. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 75 Anycast RP Rec Rec Rec Rec Src 239.194.1.1 Src 239.193.1.1 A RP1 10.1.1.1 B RP2 10.1.1.1 X 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 76 Anycast RP Configuration With Static RP ip pim rp-address 10.0.0.1 ip pim rp-address 10.0.0.1 Interface loopback 0 description Anycast RP ip address 10.0.0.1 255.255.255.255 Interface loopback 1 ip address 10.0.0.2 255.255.255.255 ! ip msdp peer 10.0.0.3 connect-source loopback 1 ip msdp originator-id loopback 1 Interface loopback 0 description Anycast RP ip address 10.0.0.1 255.255.255.255 Interface loopback 1 ip address 10.0.0.3 255.255.255.255 ! ip msdp peer 10.0.0.2 connect-source loopback 1 ip msdp originator-id loopback 1 MSDP B RP2 A RP1 C D 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 77 Any Source Multicast Design Recommendations Use PIM-SM on interfaces in conjunction with the IP PIM Auto-RP Listener command. This feature permits the two AutoRP groups 224.0.1.39 and 224.0.1.40 to be flooded across interfaces operating in PIM sparse mode. (Available 12.3(4)T, 12.2(28)S) As described, Mapping Agents operate independently using the same selection algorithm. Depending on when checked, the mroute table will reflect whichever update it received first. This provides Mapping Agent Failover design. Using a Catch-AllRP (224.0.0.0/4) on the network promotes unauthorized multicast states (applications that have multicast enabled by default) > some MPLS service providers limit the number of IP mroutes permitted on the network. Filtering is on option, but hard to manage. A caveat exists with PIM such that multicast group and interface states are treated separately. Although no dense-mode flooding will occur on sparse- mode interfaces, the mroute group cache can be impacted (DM-Fallback) resulting in broken SPT state during RP outages. Use the no ip pim dm- fallback global command or RP of Last Resort design to maintain the sparse- mode state. (DM-Fallback is enabled by default) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 78 Any Source Multicast Design Recommendation Filter RPs Mapping Agent Security - Caveat for filtering RPs - CSCdv79987 The ip pim rp-announce-filter rp-list <acl> group-list <acl> command is insufficiently documented. The filter should be configured as described in the example below. This following filter allows the rogue rp ip-address to pass the rp filter and. then be filtered by the group-list filter which denies all groups. The valid RPs (10.1.1.1 & 10.1.1.2) are exempt. Documentation: ! access-list 14 permit 10.1.1.1 (RP #1) access-list 14 permit 10.1.1.2 (RP #2) access-list 14 deny any ! access-list 15 permit 224.0.0.0 15.255.255.255 Actual Configuration ! ip pimrp-announce-filter rp-list 14 group-list 15 ! access-list 14 deny 10.1.1.1 access-list 14 deny 10.1.1.2 access-list 14 permit any ! access-list 15 deny 224.0.0.0 15.255.255.255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 79 Any Source Multicast RP Placement Q: Where do I put the RP? A: Generally speaking, its not critical Shortest Path Trees (SPTs) are normally used by default RP is a place for source and receivers to meet Traffic does not normally flow through the RP RP is therefore not a bottleneck Exception: SPT-Threshold = Infinity Default = 0 Traffic stays on the shared tree RP could could become a bottleneck 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 80 RP Resource Requirements Each (*,G) entry requires 380 bytes + outgoing interface list (OIL) overhead. Each (S,G) entry requires 220 bytes + outgoing interface list overhead. The outgoing interface list overhead is 150 bytes per OIL entry. For example, if there are 10 groups with 6 sources per group and 3 outgoing interfaces: #of (*,G)s x (380 + (#of OIL entries x 150)) = 10 x (380 + (3 x 150)) = 8300 bytes for (*,G) #of (S,G)s x (220 + (#of OIL entries x 150)) = 60 x (220 + (3 x 150))= 40,200 bytes for (S,G) A total of 48,500 bytes of memory is required for the mroute table. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 81 General RP Recommendations Use Auto-RP When minimum configuration is desired and/or When maximum flexibility is desired Pros Most flexible method Easiest to maintain Cons Increased RP Failover times vs Anycast Special care needed to avoid DM Fallback Some methods greatly increase configuration Use PIM Sparse-Mode with IP PIM AutoRP Listener! 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 82 General RP Recommendations Use Anycast RPs: When network must connect to Internet or When rapid RP failover is critical Pros Fastest RP Convergence method Required when connecting to Internet Cons Requires more configuration Requires use of MSDP between RPs Remember: RPs are only used for new Connections 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 83 Multicast Service Model Any Source Multicast (ASM) Evaluation Uses both Shared Trees and Source Path Trees Requires RP and Shared Tree for network-based Source Discovery Group to RP Mapping must be consistent in the PIM domain Pros: Traffic only sent down joinedbranches Can switch to optimal source-trees for high traffic sources dynamically Unicast routing protocol-independent Cons: Need some form of RP Failover mechanism No Single Pt. of Failure Dense Mode Fallback can be a problem Shared to Source Tree switchover complexities 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 84 Source Specific Multicast RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 85 Multicast Service Model Source Specific Multicast (SSM) RFC 4607 (2006) IGMPv3 (Host to Router Signaling) RFC 3376 Adds Include/Exclude Source Lists New IGMPv3 stack required in the O/S Apps must be rewritten to use IGMPv3 Include/Exclude features Receivers subscribe to the SSM Channel (S,G) Hosts responsible for source discovery (learning the (S,G) information) Uses out-of-band mechanism to learn the source (web page, content server) Hosts uses IGMPv3 to join specific (S,G) instead of (*,G) PIM-SM (Router to Router Signaling) No RPs or Shared Trees > Uses Source Trees Only Only the specified (S,G) flow is delivered to host Data and control planes are decoupled Eliminates possibility of Multicast Content J ammers Simplifies Address Allocation IANA - 232.0.0.0/8 Private SSM Range 239.232.0.0/16 recommended Different sources can use the same multicast group address 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 86 SSM Host to Router Signaling IGMPv3 Source Discovery Example Source = 1.1.1.1 Group = 224.1.1.1 H1Member of 224.1.1.1 R1 R3 R2 Source = 2.2.2.2 Group = 224.1.1.1 H1 wants to receive only S = 1.1.1.1 and no other. With IGMP, specific sources can be joined. S = 1.1.1.1 in this case IGMPv3: J oin 224.1.1.1 Include: 1.1.1.1 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 87 H2 SSM Host to Router Signaling IGMPv3Joining a Group J oining member sends IGMPv3 Report to 224.0.0.22 immediately upon joining H2 Group: 224.1.1.1 Exclude: <empty> v3 Report (224.0.0.22) 1.1.1.1 H1 H3 1.1.1.10 1.1.1.11 1.1.1.12 rtr-a 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 88 H2 SSM Host to Router Signaling IGMPv3Joining Specific Source(s) IGMPv3 report contains desired source(s) in the Include list Only Includedsource(s) are joined H2 1.1.1.1 H1 H3 1.1.1.10 1.1.1.11 1.1.1.12 rtr-a Group: 224.1.1.1 Include: 10.0.0.1 v3 Report (224.0.0.22) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 89 H2 SSM Host to Router Signaling IGMPv3Excluding Specific Source(s) IGMPv3 report contains undesired source(s) in the Exclude list All sources except Excludedsource(s) are joined H2 1.1.1.1 H1 H3 1.1.1.10 1.1.1.11 1.1.1.12 rtr-a Group: 224.1.1.1 Exclude: 7.7.7.7 v3 Report (224.0.0.22) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 90 SSM Host to Router Signaling IGMPv3Maintaining State Router sends periodic queries All IGMPv3 members respond Reports contain multiple Group state records Query 1.1.1.1 1.1.1.10 1.1.1.11 1.1.1.12 H1 H2 H3 v3 Report (224.0.0.22) v3 Report (224.0.0.22) v3 Report (224.0.0.22) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 91 SSM Router to Router Signaling PIM Source Specific Mode (PIM-SSM) Receiver Source Out-of-band source directory, example: web page, content server, etc. Receiver learns of source, group/port B A C D F E IGMPv3 (S, G) Join Receiver sends IGMPv3 (S,G) Join PIM-SM (S, G) Join First-hop sends PIM (S,G) Join directly toward Source S,G S,G 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 92 SSM Router to Router Signaling PIM Source Specific Mode (PIM SSM) Result: Shortest path tree rooted at the source, with no shared tree. Out-of-band source directory, example: web page, content server, etc. Receiver B A C D F E Source It doesnt get any simpler than this! 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 93 PIM-SSM IP Addressing R2(config)#ip pimssm? default Use 232/8 group range for SSM range ACL for group range to be used for SSM There are 2 options for PIM SSM Addresses 1. Use IANA assigned SSM group range 232.0.0.0/8 or 2. Use ACL to specify multicast address from 224.0.0.0 through 239.255.255.255 > Cisco recommends 239.232.0.0/16 R2(config)#ip pimssm? default Use 232/8 group range for SSM range ACL for group range to be used for SSM Use ssmrange ACLfor PIM-SSM ip pimssmrange ssm_group_map ! Use SSM based on ACL ssm_group_map ip access-list standard ssm_group_map ! ACL for SSM multicast groups permit 232.0.0.0 0.255.255.255 permit 239.232.0.0 0.0.255.255 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 94 PIM-SSM What if the Application does not support IGMPv3? Why isnt Everyone using it? Multicast Applications must support IGMPv3 Application support to learn the Source Out-of-Band Option - IGMPv2 Mapping 1. Static mapping 2. DNS mapping Static SSM Mapping ! ip igmp ssm-map enable ip igmp ssm-map static <group-range-ACL> <source-1 IP address> * Only Last-hop PIM routers require the static mapping. DNS SSM Mapping ! ip igmp ssm-map enable ip igmp ssm-map query dns ip domain multicast domain-prefix ip name-server server-address1 [server-address2...] 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 95 SSM Mapping DNS Example IGMPv2 join Receiver Reverse DNS lookup for group G DNS response: Group G -> Source S PIM (S,G) join PIM (S,G) join DNS Record Format: 3.2.1.232 IN A 172.23.20.70 H1 (S,G) (S,G) (S,G) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 96 SSMSummary Uses Source Trees only Hosts are responsible for source and group discovery Hosts must use IGMPv3 to signal which (S,G) to join Pros: IP Multicast Address Management Simplified Denial of Service Attacks from Unwanted Sources Inhibited Easy to Troubleshoot and Manage Mechanism provided to migrate from Any Source Multicast. Cons: Requires IGMPv3 support on host or SSM Mapping Hosts can create unlimited (S,G) state for non-existent sources L2 Multicast Mgmt Protocols (IGMPv3 Snooping support required) 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 97 IP Multicast at Layer 2 RP 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 98 IGMP Problem: Older L2 switches treat multicast traffic as unknown or broadcast and floodthe frame to every port IGMP L2 Multicast Frame Switching IGMP Snooping Todays L3 aware switches implement IGMP Snooping without suffering performance degradation using L3 ASICs and the TCAM. IGMP packets intercepted by the NMP or by special hardware ASICs. Switch examines content of IGMP messages to determine which ports want what traffic IGMP membership reports IGMP leave messages PIM 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 99 2 0 Host 1 3 Host 2 4 Host 3 5 Host 4 CAM CAM Table Table CPU CPU LAN Switch 1 Router A MAC Address L3 Ports 0100.5exx.xxxx IGMP 0 IGMP Processing Entry IGMP Snooping L3 Aware Switches Switching Engine (w/L3 ASICs) Switching Engine (w/L3 ASICs) (IGMP Snooping Enabled) The CPU populates the CAM Table with a wildcard MAC address that matches on any IGMP packets. Frames that match, will be forwarded to the CPU. This prevents the switch from being overloaded 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 100 2 3 4 5 Host 1 Host 2 Host 3 Host 4 CPU CPU LAN Switch (IGMP Snooping Enabled) 1 Router A 0 CAM CAM Table Table IGMP Report 224.1.2.3 Switching Engine (w/L3 ASICs) Switching Engine (w/L3 ASICs) MAC Address L3 Ports 0100.5e01.0203 !IGMP 1,2 0100.5exx.xxxx IGMP 0 IGMP Snooping L3 Aware Switches Hosts join multicast groups either by sending an unsolicited IGMP join message or by sending an IGMP join message in response to a general query from a multicast router The second entry tells the switching engine to send frames addressed to the 0x0100.5E01.0203 multicast MAC address that are not IGMP packets (!IGMP) to the multicast router and to the host that has joined the group. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 101 2 3 4 5 Host 1 Host 2 Host 3 Host 4 CPU CPU LAN Switch (IGMP Snooping Enabled) 1 Router A 0 CAM CAM Table Table Switching Engine (w/L3 ASICs) Switching Engine (w/L3 ASICs) IGMP Report 224.1.2.3 IGMP Snooping L3 Aware Switches MAC Address L3 Ports 0100.5e01.0203 !IGMP 1,2 0100.5exx.xxxx IGMP 0 ,5 Port Added 2nd Join IGMP snooping suppresses all but one of the host join messages per multicast group and forwards this one join message to the multicast router. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 102 2 3 4 5 Host 1 Host 2 Host 3 Host 4 CPU CPU LAN Switch (IGMP Snooping Enabled) 1 Router A 0 CAM CAM Table Table Switching Engine (w/L3 ASICs) Switching Engine (w/L3 ASICs) MAC Address L3 Ports 0100.5e01.0203 !IGMP 1,2 0100.5exx.xxxx IGMP 0 6Mbps MPEG Video IGMP Snooping L3 Aware Switches ,5 Packets in the stream match on the second CAM Table entry and are switched to ports 2 and 5. The CPU is not burdened with this multicast stream. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 103 IGMP Snooping Caveat Issues when no Mrouter exists http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008059a9df.shtml IGMP Snooping Gotcha By default, IGMP Snooping is enabled on Catalyst Switches. Expects to listenfor IGMP messages to build the Snooping table map. Only forwards some of the IGMP reports to the mrouter. This mechanism "breaks down" in the absence of an mrouter port. Two scenarios exist where multicast is impacted: L2 Multicast applications within a VLAN that do not use IGMP. Daisy-chained switch absorbsthe IGMP report from its local receiver. Solutions 1. Enable PIM on the VLAN interface 2. Enable the IGMP Querier feature 3. Configure a static mrouter port ip igmp snooping vlan 1 mrouter int fa 1/0/33 4. Configure static multicast MAC entries 5. Disable IGMP Snooping risk of L2 Flooding 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 104 Solution IGMP Snooping Querier In a routed multicast network, the PIM router acts as the querier, but when multicast routing is not needed, the IGMP Snooping Querier functionality can be used as a way to trigger membership reports. The feature allows the Layer 2 switch to proxy for a multicast router and send out periodic IGMP queries in that network. This action causes the switch to consider itself an mrouter port. The remaining switches in the network simply define their respective mrouter ports as the interface on which they received this IGMP query. Configuration per-VLAN ! Interface vlan 1 ip igmp snooping querier 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 105 IGMP Snooping Caveat Flooding Multicast to the Mrouters By default, routers do not send IGMP Membership Reports for desired multicast flows - They use PIM control messages. IGMP Snooping can constrain multicast on host ports, but has noability to control mrouter ports. PIM Snooping is configured to enable the switch to listen to PIM control messages and only forwards multicast flows to the mrouters that need it. Works with IGMP Snooping Layer 2 Switch Layer 2 Switch 7200 7200 Receiver Group 2 Receiver Group 1 2600 2600 T1 WAN Video Server 1.5MB MPEG Video Streams Unnecessary Multicast Traffic !!! Unnecessary Multicast Traffic !!! Unnecessary Multicast Traffic !!! Unnecessary Multicast Traffic !!! Holy Multicast, Batman!! 3MB of unwanted data! (Choke, gasp, wheeze!) Holy Multicast, Batman!! 3MB of unwanted data! (Choke, gasp, wheeze!) 7200 7200 7200 7200 Router A Router B Router C Router D 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 106 Constraining Multicast IGMP & PIM Snooping No Snooping. Flood on all ports h1 h2 h3 mr1 R Traffic in IGMP Snooping only. Flood only on multicast router ports h1 h2 h3 R IGMP and PIM Snooping. No flooding h1 h2 h3 R mr2 mr3 mr4 mr1 mr2 mr3 mr4 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 107 Enterprise Multicast Design & Troubleshooting Summary IP Multicast is technology that still provides the best solution for one- to-many communication over an IP infrastructure. Understanding IP multicast design and how to troubleshoot the control-plane permits network engineers to effectively plan and support multicast applications in concert with the rest of their business-critical infrastructure. Source Specific Multicast significantly reduces network infrastructure complexity as compared to traditional multicast. Configuring interfaces to support PIM Sparse-Mode in conjunction with IP PIM AutoRP listener reduces the impact of dense-mode flooding within a traditional multicast deployment. Use IGMP Snooping to reduce flooding in switched infrastructure. It is recognized that IGMP Snooping cannot solve all L2 flooding issues. 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 108 IP Multicast Essentials Disabling Multicast GroupsNew Method New global command extension ip multicast-routing [group-range <acl>] Router drops all control packets (PIM, IGMP) for denied groups Router drops all data packets for denied groups No IGMP or PIM state created for denied groups IPv4 support ships in 12.5(1st)T and 12.2XSIWhitney 2 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 109 Thank You! Q and A 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 110 More Information White papers Web and mailers Cisco Press CCO Multicast page: http://www.cisco.com/go/ipmulticast Questions: cs-ipmulticast@cisco.com Customer support mailing list: tac@cisco.com RTFB = Read the Fine Book