Multicast
Command Review
224.0.0.0/4 (224.0.0.0-
239.255.255.255)
224.0.0.0/24 – link local
232.0.0.0/8- ssm
239.0.0.0/8 – private/admin scope
ip pim rp-address 1.1.1.1 (ACL) (override) - the acl list the groups that are mapped to this particular rp overide is to override dynamic
ip pim spt-threshold (rate in
kbps|infinity) what rate it wills switchover to spt if inifinity
does not switchover. This is done on the first hop router of the
reciever.
no ip dm-fallback - put on pim
sparse dense mode routers to prevent fallback to dense mode for
groups
pim assert- done on multiaccess
segments when two or more routers are delivering the mcast stream
invokes an election to get on router elected to service segement
election based on lowest admin distance if tied lowest metric to
source if same highest ip
ip pim accept rp "rp address"
"acl of groups"- filtering done on non rp's tp which rp
they will accept for which group
pim dr election- decides who will do registered on shared segement traffic has to be incoming if priority is the same highest ip
ip pim dr-priority “ priority”
- used to change the priority of an interface
sh ip pim interface - will show priority of interface
ip pim accept register "extended ACl| route-map" - the access-list goes like this
ip access-list REGISTER permit ip
"source-ip" "source-wildcard" "group-address"
" group-wildcard" - the purpose of the pim accept
register is to filter on the rp what sources are allowed to register
for what groups
In multicast tunnelling - we need to ensure the tunnel interface have lower admin distance and or metric than the underlying network or use static mroutes to ensure passing rpf check
ip pim nbma mode - only works
with sparse mode it treats the frame relay multipoint interface as a
collection of point to point it does so by tracking the pim joins.
These gets around issue of all host not recieveing pim message such
assets on nbma media
ip pim send-rp-annouce <interface>
scope <TTL> (group-list "std acl") - this command
is used for advertising in autorp a candidate rp to the mapping agent
the group list is a standard acl used to limit what group serviced by
RP. RP advertisement sent to 224.0.1.39
ip pim
send-rp-discovery<interface>scope <TTL>- this
command is used to set a router as ma it listens for candidate rp on
224.0.1.39 and advertises to all mcast pim routers on 224.0.1.40. If
multiple ma in network they hear each other every one will cease
sending discovery apart from MA with highest ip.
MA Rules
- Recieves announcement for group from 2 or more candidate rp it will select rp with hightest ip
- Recieves announcement for 2 different groups one is a subset of the other it will send both rp
For Autorp
Need ip pim sparse dense mode or ip
pim autorp listner – used to propgate the
224.0.1.39/224.0.1.40. As of the 224.0.1.39/224.0.1.40 being dense
groups
Sh ip pim rp mapping- used to see rp mappings
ip pim rp-announce-filter
{group-list <access-list> | rp-list <access-list>
{group-list <access-list} – used to filter on ma the
incoming rp it will accept for what groups
ip pim send-rp-discovery lo0 scope
4 or– can be used to limit the size and set boundary for
mcast domain
ip multicast boundary
<access-list><filter-autorp> - if standard acl the
acl inspecting for any pim/igmp messages to group see if there is
match on group if match it is allowed if not disallowed. For extended
acl both source and destination is inpected for match. If using
filter-autorp it will inspect autorp messages if not matching group
they are filtered.The acl has to be standard if using filter autorp
ip pim rp-candidate <pim-enabled-interface> [group-list <standard-ACL>] [interval (seconds) [priority <0-255> - advertise a candidate rp for BSR group list filters what groups it will service priority is used when multiple rp. Lowest priority is preferred default is 0.
ip pim bsr-candidate
<interface>[hash-mask-lenght][priority] – setting a
router as a bsr candidate the higher priority the more preferred the
bsr-candidate. When bsr recieves advertisement for multiple rp unlike
autorp it does not elect the rp for a router it sends out the
multiple rp to each router. The router decides which rp to use for
which group. A hashing procedure is done by the pim routers to ensure
that the rp are decided deterministectly this to ensure we do not
have say the source picking one rp and the receiver selecting
another.
Ip pim bsr-border - this is used on interface to stop flooding of pim messages. Used at network boundaries.
R1
Int fa0/1
ip igmp helper-address <1550.1.0.5>
- stub router with little memory
r2
access-list 22 deny 155.1.0.3
access-list 22 permit any
int s0/0
ip pim sparse-mode
ip pim neighbor-filter 33
The above config is used for setting up
stub router first part of sub router used igmp helper-address to
forward the mcast igmp joins. On r2 the router that is processing
igmp for the stub we need to ensure that it does not form pim adj
with r1 so we do a ip pim neighbor filter. R1 is configure with pim
dense mode to ensure it flood all mcast traffic received to the
segment.
Ip igmp limit “number” – can be applied globally or interface level. Interface level limits number of igmp groups joined on the interface. Applied globally it will limit the number of groups joined by directly connected recievers.
ip access-list standard IGMP_Filter
permit 239.1.1.0 0.0.0.255
int fa0/1
ip igmp access-group "acl"
– used to filter igmp join to group in this case on int fa0/1
sh ip igmp int
ip igmp query-interval “seconds”
- used on multiaccess segments one router is elect designated
querier by lowest ip other router on the segement listen for queries
set by the query-interval. Also used to query for group membership
ip igmp querier-timeout <seconds>
- this sets the timeout before the other router on segment will
take over the querier role
ip igmp query-max-response-time
<seconds>– this is the maximum time we will wait for a
reciever to express interest in group before we close it off.
Ip igmp last-member-query-count
& ip igmp last-member-query-interval “milliseconds” -
In igmpv2 we had the intro of leave message when host leave a group.
The querier on receiving will generate a last-member query to check
if anyone is still interested in the group. The query count is how
many queries it will send without response before closing off the
group.
Ip igmp immediate-leave group-list
“access-list” – this covers a situation whereby you know
you only have 1 source on the interface so if you receive a leave you
want to close the group off rather than doing last member queries.
Below is an example converting a bcast
to mcast then receiving on another remote segement converting back to
bcast
Router On Segmenet recieving initial broacast converting to mcast address
ip forward-protocol udp 5000
ip access-list extended Traffic
permit udp any any eq 5000
int fa0/0
ip multicast helper-map broadcast
239.1.1.100 Traffic
Router on Remote Segement
converting Mcast back to Bcast
ip forward-protocol udp 5000
ip access-list extended Traffic
permit udp any any eq 5000
int fa0/0
ip directed-broadcast
ip broadcast-address 155.1.37.255
int s1/0.1
ip mutlicast helper-map 239.1.1.100
155.1.37.255 Traffic
Notable things done with the multicast helper broadcast we convert broadcast which restricted down to bcase on port 5000 via the access list traffic and we convert them to 239.1.1.100
On router 2 we receive mcast 239.1.1.100 convert it to 155.1.37.255 we limit down to port 5000 with access-list traffic then to specify the bcast address as 155.1.37.255 we use ip broadcast-address 155.1.37.255 otherwise it assume bcast of 255.255.255.255. We could customise other address rather than 155.1.37.255
Debug ip mroute – to debug mcast traffic
No ip mroute cache – on
interfaces similar to changing to fast switching to view debug
traffic of transit traffic
Ip multicast rate-limite {in|out}
[group-list <acl>] [source-list “acl”] [limit in kbps] –
used to rate limit multicast you could by using group list limit
particular groups or you could limit by source list particular
sources. So you could have one rate limit for a group a and another
different one for group b
Ip pim bidir-enable- enables
bidirectional pim only (*,G) no (S,G) traffic always flows through RP
no switchover to SPT traffic can go bidirectionally for many sources
to many recievers enviorment
ip pim rp-address <ip><acl>
bidir - statically configuring an rp address for bidir
ip pim send-rp-announce <interface> scope <ttl> group-list <Acl> bidir - using autorp for rp candidate bidir
ip pim rp-candidate <interface>group-list <ACL> bidir - using bsr for rp candidate bidir
ip pim ssm range {default|range
"acl"}- global command. enable source specfic
multicast on a router if you say default it use the defaultrange for
ssm of 232.0.0.0/8 while if you say range you specify an acl for the
ssm addresses. SSM do not create (*,G) only (S,G)and do not need rp +
need igmp version 3 to be running
ip igmp version 3- enable igmp
v3 on interface
ip igmp join “group address “
source “source address” – specify an interface to join a
igmp multicast address
ip msdp peer 150.1.1.1
connect-source lo0 - used when
multiple rps to keep them in synch as regards registers from sources
and joins from recievers
ip msdp mesh-group GROUP1 150.1.1.1-
used when rps are meshed and we get into scenerio where rp advertises
group for example other rp recieves advertise to other rp who sends
it back to original rp this will be ok as rpf check will eventually
get rid but to optimize we can use mesh groups
sh ip msdp sa-cache-
to view mulitcast group cache on rp running msdp
access-list 150 deny ip any
239.0.0.0 0.255.255.255
access-list 150 permit ip any any
ip msdp sa-filter out 150.1.1.1 list
150 – so this filters any
private admin scope sa advertisement been sent out
when running multicast across AS we can run into rpf check issues to get around it was brought in multicast bgp when we enable mcast bgp when doing the rpf check we first check the static mrouter then bgp table then unicast table. So we get around rpf issues with using bgp routing. We can inflience paths taking using typical bgp mechanism weight/local pref/ med/as path
router bgp 1
address-family ipv4 multicast
neighbor 155.1.3.2 activate
network 150.1.29.1 mask
255.255.255.0
anycast rp
is two or more rp advertising
the same int address so say 1.1.1.1 on loopback been advertised
anycast
run msdp between each other clients register with closest rp and we
have redudancy
ip igmp snooping
– typically
switches flood all mcast traffic to all ports treats as unknown bcast
with igmp snooping the switch keeps track of all igmp joins it reads
the mcast packets and creates a mcast cam so we can send just to
interested reciever rather than all ports. It is on by default
we
can be specfic and turn it off generally and on for particular vlan
ip igmp snooping
vlan “xx”
ip igm snooping
vlan “xx” static “group address” interface “int” -
enabling
static join for a port
ip igmp snooping
tcn flood query count “ count” -
if it host changes port generates a tcn this will flood mcast traffic
for the period of the count
no ip igmp
snooping tcn flood –
to disable this flooding behaviour
ip igmp profile 1
permit/deny
range 239.0.0.0
int fa0/1
ip igmp profile –
used
for filtering igmp at layer 2 port they are either permit or deny
permit allows the group but only that group deny disallows the
specfied group but allows all others
ip igmp max-group “nn” - limits the number of groups allowed to join on interface
ip igmp
max-groups action deny | replace
– so new groups either the denied if reach max or replaced if
reaches max
mvr
mvr vlan “xx”
mvr group “group
address”
mvr query time 15
- so
mcast floods to specfic vlan then when joins are sent from ports on
different ports on different vlans they intercepted and get access
to mvr traffic vlan and recieve mcast flow Multicast does not have
enabled on switch used alot in metro ethernet enviorment
for
source ports we
mvr type source
for
reciever ports in other vlans mvr
type reciever
Ipv6 multicast
uses reserved range Ffxy::/8
where x = flags y
= scope
scope are 1=node
2= link 5=site 8=organisation E= global
sample address
are ff02::1 – all nodes ff02::2 – all routers
ff05::2 all
routers ff05::1:3 all dhcp servers
ipv6
multicast-routing –
enables pim on all interfaces by default to turn off go to interface
and do
no ipv6 pim
sh ipv6 mld
interface-
replaces igmp mld mldv1 copies igmp v2 mld v2 copies igmpv3
ipv6 mld limit
“number”
- limit number groups on interface that can be joined
ipv6 mld
query-interval-
mld query interval fro groups
ipv6 mld querier
timeout
ipv6 mld
query-max-response-time
ipv6 mld
access-group
- all same functions as igmp equivlant
ipv6 pim
rp-address “ipv6”-
manually specify rp address on pim rrouters
ipv6 pim bsr
candidate rp <ipv6> - candidate
rp for bsr no autorp in ipv6
ipv6 pim bsr
candidate bsr <ipv6>
- candidate bsr
ipv6 pim bsr
announced rp “ipv6” -
statically configure a rp address on bsr for distribution
show ipv6 pim
range-list
– replacement for sh ip pim rp-mapping
sh ipv6 pim
neighbors
– instead of sh ip pim neighbors
int
fa0/1
ipv6 mld join
ff0e::1
– manually join an interfaces
sh ipv6 bsr
election
– view the multiple candidate rp on bsr
ff7Y:0ill <64bit
rp prefix>:<32 bit group id> - embedded
rp address
Y
= scope ll= 8 bit rp address prefix lenght i = 4 interface id
e.g
rp
address 2001:150:1:4::4/64 becomes
ff7E:0440:2001:150:1:4::1
so
to break it up
ff
7 E is the scope 04 – 4 is interface id 40 is /64 is in hex
2001:150:1:4:: is the ipv6 address
