Saturday, May 4, 2024

 

Installation

Directly from Ansible Galaxy

  ansible-galaxy collection install cisco.cml

via git repository

  ansible-galaxy collection install 'git@github.com:CiscoDevNet/ansible-cml.git,branch'

Environmental Variables

  • CML_USERNAME: Username for the CML user (used when host not specified)
  • CML_PASSWORD: Password for the CML user (used when password not specified)
  • CML_HOST: The CML host (used when host not specified)
  • CML_LAB: The name of the lab

Running Playbook against CML Labs

You can specify the topology file when you run the playbook as an extravar.  

ansible-playbook cisco.cml.build -e wait='yes' -e cml_lab_file=topology.yaml


Saturday, December 13, 2014

Multicast - IGMP Snooping and MVR

Overview

IGMP snooping allows switches to listen to IGMP report and leave messages to determine what hosts if any are interested in receiving multicast traffic on a given vlan. With this information selective prune can be done by the switch to limit unnecessary flooding of multicast traffic to switch ports that do not have hosts interested in receiving multicast traffic.

MVR or Multicast Vlan Registration allows multicast traffic to be dedicated to a specific VLAN across a multicast domain so that recievers in other VLANs can join the sources in the dedicated VLAN and received multicast traffic.

Concepts tested
  • Configure IGMP snooping
  • Configure IGMP snooping immediate leave
  • Multicast Vlan Registration
  • Verify configuration
Topology




This lab requires access to real Catalyst switches.



Lab Tasks
  • Configure fa 0/19  on switch 1 as an access ports for VLAN 10 and configure the other end connected to switch 3 as an L3 interface with IP address 120.0.10.3/24
  • Configure fa 0/21 on switch 1 as an access for VLAN 100 and the opposite side connected to switch 4 as an L3 interface with IP address 120.0.100.4/24
  • Have both L3 interfaces join the group 239.1.1.1
  • On switch 1 configure VLAN 100 as a dedicate source MVR source VLAN using group 224.0.128.100
  • Ensure any sources can send traffic on the dedicated multicast VLAN

Solution


SW1(config)#no ip multicast-routing distributed
SW1(config)#mvr
SW1(config)#mvr vlan 100
SW1(config)#mvr group 239.1.1.1
SW1(config)#mvr mode dynamic
SW1(config)#int fa 0/19
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#mvr type receiver
SW1(config-if)#exit
SW1(config)#int fa 0/21
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 100
SW1(config-if)#mvr type source
SW1(config-if)#exit

SW3(config)#ip multicast-routing distributed
SW3(config)#int fa 0/19
SW3(config-if)#no switchport
SW3(config-if)#ip address 120.0.10.3 255.255.255.0
SW3(config-if)#ip pim dense-mode
SW3(config-if)#exit

SW4(config)#ip multicast-routing distributed
SW4(config)#int fa 0/21
SW4(config-if)#no switchport
SW4(config-if)#ip add 120.0.100.4 255.255.255.0
SW4(config-if)#ip pim dense-mode
SW4(config-if)#exit

Verification

SW3(config)#int fa 0/19
SW3(config-if)#ip igmp join-group 239.1.1.1
SW3(config-if)#end

SW4(config)#int fa 0/21
SW4(config-if)#ip igmp join-group 239.1.1.1
SW4(config-if)#end


SW1#sh mvr
SW1#sh mvr
MVR Running: TRUE
MVR multicast VLAN: 100
MVR Max Multicast Groups: 256
MVR Current multicast groups: 1
MVR Global query response time: 5 (tenths of sec)
MVR Mode: dynamic

SW1#sh mvr inter
SW1#sh mvr interface
Port      Type       Status           Immediate Leave
----      ----       ------           ---------------
Fa0/19    RECEIVER   ACTIVE/UP        DISABLED
Fa0/21    SOURCE     ACTIVE/UP        DISABLED

SW3#sh ip igmp groups
IGMP Connected Group Membership
Group Address    Interface                Uptime    Expires   Last Reporter   Group Accounted
239.1.1.1        FastEthernet0/19         00:02:22  00:02:57  120.0.10.3
224.0.1.40       FastEthernet0/19         00:07:17  00:02:44  120.0.10.3

SW4#sh ip igmp groups
IGMP Connected Group Membership
Group Address    Interface                Uptime    Expires   Last Reporter   Group Accounted
239.1.1.1        FastEthernet0/21         00:04:37  00:02:33  120.0.100.4
224.0.1.40       FastEthernet0/21         00:08:35  00:02:31  120.0.100.4

You can also create an access-list on the reciever port to confirm traffic is being recieved on that interface.

SW3(config)#access-list 100 permit ip host 120.0.100.4 host 239.1.1.1 log-in
SW3(config)#access-list 100 permit ip any any
SW3(config)#exit
SW3(config)#int fa 0/19
SW3(config-if)#ip access-group 100 in

*Mar  1 01:25:04.811: %SEC-6-IPACCESSLOGDP: list 100 permitted icmp 120.0.100.4 (FastEthernet0/19 001e.79be.df00) -> 239.1.1.1 (0/0), 1 packet

Extended IP access list 100
    10 permit ip host 120.0.100.4 host 239.1.1.1 log-input (8 matches)
    20 permit ip any any (1 match)





Friday, December 12, 2014

Multicast - AnycastRP

Overview

The concept of anycast is predicated on the longest match method of routing packets. Consequently its possible to have multiple devices with the same IP address. AnycastRP allows the sharing of a single IP across multiple RP's for load sharing. MSDP is used to track source sessions between RP's so that receivers joining different RPs will have full understanding of all domain sources.

Concepts tested
  • Configuring PIM SM
  • Configure BSR RP using anycast addressing
  • Configuring MSDP 
  • Verification of configuration
Topology







Lab Tasks
  • Configure PIM SM on all paths between R7 and R8
  • Configure R1 and R6 as candidate RPs and R2 as the BSR
  • Use anycast to distribute load between the RP's using the address 120.1.1.1
  • The RPs must communicate source registration between each other
GNS3 v1.1.2 configuration file, requires IOS v15 for the 7200 router: Link


Solution


R1(config)#ip multicast-routing
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g1/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g2/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit

R1(config)#int loopback 10
R1(config-if)#ip address 120.1.1.1 255.255.255.255
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#
R1(config)#ip pim rp-candidate loopback 10
R1(config)#
R1(config)#ip msdp originator-id loopback 0
R1(config)#ip msdp peer 6.6.6.6 connect-source loopback 0
R1(config)#end


R2(config)#ip multicast-routing
R2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int g1/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit

R2(config)#int loopback 0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#
R2(config)#ip pim bsr-candidate loopback 0
R2(config)#


R3(config)#ip multicast-routing
R3(config)#int g0/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int g1/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit

R4(config)#ip multicast-routing
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit

R5(config)#ip multicast-routing
R5(config)#int g0/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#exit
R5(config)#int g1/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#exit



R6(config)#ip multicast-routing
R6(config)#int g0/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#int g1/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#int g2/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit


R7(config)#ip multicast-routing
R7(config)#int g0/0
R7(config-if)#ip pim sparse-mode
R7(config-if)#exit

R8(config)#ip multicast-routing
R8(config)#int g0/0
R8(config-if)#ip pim sparse-mode
R8(config-if)#exit

Verification

First lets join R8's loopback to 239.1.1.1

R8(config)#int loopback 0
R8(config-if)#ip pim sparse-mode
R8(config-if)#ip igmp join-group 239.1.1.1

R8#sh ip mroute 239.1.1.1


(*, 239.1.1.1), 00:05:31/00:02:56, RP 120.1.1.1, flags: SJCL
  Incoming interface: GigabitEthernet0/0, RPF nbr 120.0.18.1
  Outgoing interface list:
    Loopback0, Forward/Sparse, 00:00:03/00:02:56

R1#sh ip mroute 239.1.1.1


(*, 239.1.1.1), 00:00:35/00:03:20, RP 120.1.1.1, flags: S
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    GigabitEthernet2/0, Forward/Sparse, 00:00:35/00:03:20

R6#sh ip mroute 239.1.1.1
Group 239.1.1.1 not found

Now lets start our source on R7

R7#ping 239.1.1.1 rep 1000
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 239.1.1.1, timeout is 2 seconds:

Reply to request 0 from 8.8.8.8, 228 ms
Reply to request 1 from 8.8.8.8, 168 ms
Reply to request 2 from 8.8.8.8, 108 ms

R6#sh ip mroute 239.1.1.1

(*, 239.1.1.1), 00:00:18/stopped, RP 120.1.1.1, flags: SP
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list: Null

(120.0.67.7, 239.1.1.1), 00:00:18/00:02:41, flags: TA
  Incoming interface: GigabitEthernet2/0, RPF nbr 120.0.67.7
  Outgoing interface list:
    GigabitEthernet1/0, Forward/Sparse, 00:00:18/00:03:12

Now lets look at R1 for a S,G entry

R1#sh ip mroute 239.1.1.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
       Q - Received BGP S-A Route, q - Sent BGP S-A Route,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 239.1.1.1), 00:02:04/00:03:25, RP 120.1.1.1, flags: S
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    GigabitEthernet2/0, Forward/Sparse, 00:02:04/00:03:25

(120.0.67.7, 239.1.1.1), 00:00:33/00:02:27, flags: MT
  Incoming interface: GigabitEthernet1/0, RPF nbr 120.0.31.3
  Outgoing interface list:
    GigabitEthernet2/0, Forward/Sparse, 00:00:33/00:03:25

We have our S,G entry created via MSDP PIM-SA communication.




Thursday, December 11, 2014

Multicast - BGP and MSDP

Overview

BGP has capabilities extensions to allow the distribution of multicast routing information between BGP speakers. This capability coupled with MSDP allows receivers in one AS to join and receive multicast traffic from sources in another AS.

Concepts tested
  • Basic BGP configuration
  • BGP Multicast address family configuration
  • BSR border configuration
  • MSDP peering configuration
  • Cross AS multicast traffic design and configuratino
  • Verification of configuration
Topology







Lab Tasks
  • Configure R1, R2, and R3 as a separate PIM SM domain with R1 as the BSR RP and agent
  • Configure R6, R5, and R4 as a seperate PIM SM domain with R6 as the BSR RP and agent
  • Establish eBGP peering between R2 and R4 and between R3 and R5 respectively.
  • Ensure multicast routes are exchanged via BGP
  • Multicast traffic should prefer using the path between R3 and R5 when sourced from AS 100
  • Ensure that PIM BSR messages are stopped at the ingress/egress of R2 and R3 between AS's
  • Establish an MSDP connection between the two autonomous systems using R1 and R6 as peering endpoints using their loopbacks as source interfaces.
  • Test that AS 200 multicast receivers can join and receive multicast traffic from AS 100 sources
GNS3 v1.1.2 configuration file, requires IOS v15 for the 7200 router: Link


Solution

R1(config)#ip multicast-routing
R1(config)#int loopback 0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#ip pim bsr-candidate loopback 0
R1(config)#ip pim rp-candidate loopback 0
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g1/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g2/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#router bgp 100
R1(config-router)# bgp log-neighbor-changes
R1(config-router)# neighbor pBGP peer-group
R1(config-router)# neighbor pBGP remote-as 100
R1(config-router)# neighbor 120.0.21.2 peer-group pBGP
R1(config-router)# neighbor 120.0.31.3 peer-group pBGP
R1(config-router)# neighbor 120.0.18.8 peer-group pBGP
R1(config-router)# address-family ipv4
R1(config-router-af)#redistribute ospf 1
R1(config-router-af)#  neighbor pBGP route-reflector-client
R1(config-router-af)#  neighbor pBGP next-hop-self
R1(config-router-af)#  neighbor 120.0.21.2 activate
R1(config-router-af)#  neighbor 120.0.31.3 activate
R1(config-router-af)#  neighbor 120.0.18.8 activate
R1(config-router-af)#network 1.1.1.0 mask 255.255.255.0
R1(config-router-af)# exit-address-family
R1(config-router)# address-family ipv4 multicast
R1(config-router-af)#  neighbor pBGP route-reflector-client
R1(config-router-af)#  neighbor pBGP next-hop-self
R1(config-router-af)#  neighbor 120.0.21.2 activate
R1(config-router-af)#  neighbor 120.0.31.3 activate
R1(config-router-af)# neighbor 120.0.18.8 activate
R1(config-router-af)#redistribute ospf 1
R1(config-router-af)# exit-address-family
R1(config)#ip msdp peer 6.6.6.6 connect-source loopback 0 remote-as 200
R1(config-router)#end



R2(config)#ip multicast-routing
R2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int g1/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#ip pim bsr-border
R2(config-if)#exit
R2(config)#route-map PREFER_R3_MCAST
R2(config-route-map)#set as-path prepend 100 100 100
R2(config-route-map)#exit
R2(config)#router bgp 100
R2(config-router)# bgp log-neighbor-changes
R2(config-router)# neighbor 120.0.21.1 remote-as 100
R2(config-router)# neighbor 120.0.24.4 remote-as 200
R2(config-router)# address-family ipv4
R2(config-router-af)#  neighbor 120.0.21.1 activate
R2(config-router-af)#  neighbor 120.0.24.4 activate
R2(config-router-af)#  neighbor 120.0.21.1 next-hop-self
R2(config-router-af)# exit-address-family
R2(config-router)# address-family ipv4 multicast
R2(config-router-af)#  redistribute ospf 1
R2(config-router-af)#  neighbor 120.0.21.1 activate
R2(config-router-af)#  neighbor 120.0.24.4 activate
R2(config-router-af)#  neighbor 120.0.21.1 next-hop-self
R2(config-router-af)#neighbor 120.0.24.4 route-map PREFER_R3_MCAST out
R2(config-router-af)# exit-address-family
R2(config-router)#end


R3(config)#ip multicast-routing
R3(config)#int g0/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int g1/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#ip pim bsr-border
R3(config-if)#exit
R3(config)#router bgp 100
R3(config-router)# bgp log-neighbor-changes
R3(config-router)# neighbor 120.0.31.1 remote-as 100
R3(config-router)# neighbor 120.0.35.5 remote-as 200
R3(config-router)# address-family ipv4
R3(config-router-af)#  neighbor 120.0.31.1 activate
R3(config-router-af)#  neighbor 120.0.35.5 activate
R3(config-router-af)#  neighbor 120.0.31.1 next-hop-self
R3(config-router-af)# exit-address-family
R3(config-router)# address-family ipv4 multicast
R3(config-router-af)#  redistribute ospf 1
R3(config-router-af)#  neighbor 120.0.31.1 activate
R3(config-router-af)#  neighbor 120.0.35.5 activate
R3(config-router-af)#  neighbor 120.0.31.1 next-hop-self
R3(config-router-af)# exit-address-family
R3(config-router)#end


R8(config)#ip multicast-routing
R8(config)#int g0/0
R8(config-if)#ip pim sparse-mode
R8(config-if)#end
R8(config)#router bgp 100
R8(config-router)# neighbor pBGP peer-group
R8(config-router)# neighbor pBGP remote-as 200
R8(config-router)# neighbor 120.0.18.1 remote 200
R8(config-router)#address-family ipv4 multicast
R8(config-router-af)# neighbor 120.0.18.1 activate
R8(config-router-af)#end

R6(config)#ip multicast-routing
R6(config)#int loopback 0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#ip pim bsr-candidate loopback 0
R6(config)#ip pim rp-candidate loopback 0
R6(config)#int g0/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#int g1/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#int g2/0
R6(config-if)#ip pim sparse-mode
R6(config-if)#exit
R6(config)#router bgp 200
R6(config-router)# bgp log-neighbor-changes
R6(config-router)# neighbor pBGP peer-group
R6(config-router)# neighbor pBGP remote-as 200
R6(config-router)# neighbor 120.0.46.4 peer-group pBGP
R6(config-router)# neighbor 120.0.56.5 peer-group pBGP
R6(config-router)# neighbor 120.0.67.7 peer-group pBGP
R6(config-router)# address-family ipv4
R6(config-router-af)#  neighbor pBGP route-reflector-client
R6(config-router-af)#  neighbor pBGP next-hop-self
R6(config-router-af)#  neighbor 120.0.46.4 activate
R6(config-router-af)#  neighbor 120.0.56.5 activate
R6(config-router-af)#  neighbor 120.0.67.7 activate
R6(config-router-af)# exit-address-family
R6(config-router)# address-family ipv4 multicast
R6(config-router-af)#  neighbor pBGP route-reflector-client
R6(config-router-af)#  neighbor pBGP next-hop-self
R6(config-router-af)#  neighbor 120.0.46.4 activate
R6(config-router-af)#  neighbor 120.0.56.5 activate
R6(config-router-af)# neighbor 120.0.67.7 activate
R6(config-router-af)# exit-address-family
R6(config-router)#end
R6(config)#ip msdp peer 1.1.1.1 connect-source loopback 0 remote-as 100



R4(config)#ip multicast-routing
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#route-map PREFER_R5_MCAST
R4(config-route-map)#set as-path prepend 200 200 200
R4(config-route-map)#exit
R4(config)#router bgp 200
R4(config-router)# bgp log-neighbor-changes
R4(config-router)# neighbor 120.0.46.6 remote-as 200
R4(config-router)# neighbor 120.0.24.2 remote-as 100
R4(config-router)# address-family ipv4
R4(config-router-af)#  neighbor 120.0.46.6 activate
R4(config-router-af)#  neighbor 120.0.46.6 next-hop-self
R4(config-router-af)#  neighbor 120.0.24.2 activate
R4(config-router-af)# exit-address-family
R4(config-router)# address-family ipv4 multicast
R4(config-router-af)#  redistribute ospf 1
R4(config-router-af)#  neighbor 120.0.46.6 activate
R4(config-router-af)#  neighbor 120.0.24.2 activate
R4(config-router-af)# exit-address-family
R4(config-router)#end


R5(config)#ip multicast-routing
R5(config)#int g0/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#exit
R5(config)#int g1/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#exit
R5(config)#router bgp 200
R5(config-router)# bgp log-neighbor-changes
R5(config-router)# neighbor 120.0.56.6 remote-as 200
R5(config-router)# neighbor 120.0.35.3 remote-as 100
R5(config-router)# address-family ipv4
R5(config-router-af)#  neighbor 120.0.56.6 activate
R5(config-router-af)#  neighbor 120.0.56.6 next-hop-self
R5(config-router-af)#  neighbor 120.0.35.3 activate
R5(config-router-af)# exit-address-family
R5(config-router)# address-family ipv4 multicast
R5(config-router-af)#  redistribute ospf 1
R5(config-router-af)#  neighbor 120.0.56.6 activate
R5(config-router-af)#  neighbor 120.0.35.3 activate
R5(config-router-af)# exit-address-family
R5(config-router)#end


R7(config)#ip multicast-routing
R7(config)#int g0/0
R7(config-if)#ip pim sparse-mode
R7(config-if)#end
R7(config)#router bgp 200
R7(config-router)# neighbor pBGP peer-group
R7(config-router)# neighbor pBGP remote-as 200
R7(config-router)# neighbor 120.0.67.6 remote 200
R7(config-router)#address-family ipv4 multicast
R7(config-router-af)# neighbor 120.0.67.6 activate
R7(config-router-af)#end


Verification

R1#sh ip msdp peer
MSDP Peer 6.6.6.6 (?), AS 200 (configured AS)
  Connection status:
    State: Up, Resets: 1, Connection source: Loopback0 (1.1.1.1)
    Uptime(Downtime): 00:03:21, Messages sent/received: 4/6
    Output messages discarded: 0
    Connection and counters cleared 00:53:22 ago
    Elapsed time since last message: 00:00:36
    Local Address of connection: 1.1.1.1
    Local Port: 15608, Remote Port: 639
  SA Filtering:
    Input (S,G) filter: none, route-map: none
    Input RP filter: none, route-map: none
    Output (S,G) filter: none, route-map: none
    Output RP filter: none, route-map: none
  SA-Requests:
    Input filter: none
  Peer ttl threshold: 0
  SAs learned from this peer: 1
  Number of connection transitions to Established state: 2
    Input queue size: 0, Output queue size: 0
  MD5 signature protection on MSDP TCP connection: not enabled
  Message counters:
    RPF Failure count: 0
    SA Messages in/out: 5/0
    SA Requests in: 0
    SA Responses out: 0
    Data Packets in/out: 1/0

R6#sh ip msdp peer
MSDP Peer 1.1.1.1 (?), AS 100 (configured AS)
  Connection status:
    State: Up, Resets: 1, Connection source: Loopback0 (6.6.6.6)
    Uptime(Downtime): 00:06:53, Messages sent/received: 11/7
    Output messages discarded: 0
    Connection and counters cleared 00:57:05 ago
  SA Filtering:
    Input (S,G) filter: none, route-map: none
    Input RP filter: none, route-map: none
    Output (S,G) filter: none, route-map: none
    Output RP filter: none, route-map: none
  SA-Requests:
    Input filter: none
  Peer ttl threshold: 0
  SAs learned from this peer: 0
  Number of connection transitions to Established state: 2
    Input queue size: 0, Output queue size: 0
  MD5 signature protection on MSDP TCP connection: not enabled
  Message counters:
    RPF Failure count: 0
    SA Messages in/out: 0/7
    SA Requests in: 0
    SA Responses out: 0
    Data Packets in/out: 0/2


R8(config)#int g0/0
R8(config-if)#ip igmp join-group 239.1.1.1

R7#ping 239.1.1.1 rep 1000
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 239.1.1.1, timeout is 2 seconds:

Reply to request 0 from 120.0.18.8, 140 ms
Reply to request 1 from 120.0.18.8, 136 ms
Reply to request 2 from 120.0.18.8, 112 ms
Reply to request 3 from 120.0.18.8, 144 ms

R8#sh ip mroute 239.1.1.1

(*, 239.1.1.1), 00:03:39/stopped, RP 1.1.1.1, flags: SJPCL
  Incoming interface: GigabitEthernet0/0, RPF nbr 120.0.18.1
  Outgoing interface list: Null

(120.0.67.7, 239.1.1.1), 00:00:42/00:02:18, flags: PLTX
  Incoming interface: GigabitEthernet0/0, RPF nbr 120.0.18.1, Mbgp
  Outgoing interface list: Null


R1#debug ip msdp detail

*Dec 11 08:06:29.339: MSDP(0): WAVL Insert SA Source 120.0.67.7 Group 239.1.1.1 RP 6.6.6.6 Successful
*Dec 11 08:06:25.787: MSDP(0): Forward decapsulated SA data for (120.0.67.7, 239.1.1.1) on GigabitEthernet2/0







Tuesday, December 9, 2014

Multicast - Source Specific Multicast

Overview

Source specific multicast or SSM uses IGMPv3 PM messages to allow receivers to specify the group and source they want to listen to. As a result  there is no need to configure any RP infrastructure since SSM only uses the shortest path tree and not the shared tree to the RP. This simplifies configuration considerably.

Concepts tested
  • Configuration PIM SSM
  • Verifying PIM SSM
Topology







Lab Tasks
  • Configure PIM SM across all paths between R1 and R5
  • Configure PIM SSM on all multicast routers
  • Configure PIM SSM to use the default SSM multicast group range of 232.0.0.0/8
  • Have R1 join the group 232.0.10.1 with source 120.0.45.5

GNS3 configuration file, requires IOS v15 for the 7200 router: Link


Solution

R1(config)#ip multicast-routing
R1(config)#ip pim ssm default
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#ip igmp version 3
R1(config-if)#exit

R2(config)#ip multicast-routing
R2(config)#ip pim ssm default
R2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int g1/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit

R3(config)#ip multicast-routing
R3(config)#ip pim ssm default
R3(config)#int g0/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int g1/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit

R4(config)#ip multicast-routing
R4(config)#ip pim ssm default
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g2/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit

R5(config)#ip multicast-routing
R5(config)#ip pim ssm default
R5(config)#int g0/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#ip igmp version 3
R5(config-if)#exit

Verification


R1(config)#int g0/0
R1(config-if)#ip igmp join-group 232.0.10.1 source 120.0.45.5

R1#sh ip igmp groups 232.0.10.1 detail

Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,
       SS - Static Source, VS - Virtual Source,
       Ac - Group accounted towards access control limit

Interface:      GigabitEthernet0/0
Group:          232.0.10.1
Flags:          L SSM
Uptime:         00:00:46
Group mode:     INCLUDE
Last reporter:  120.0.0.1
Group source list: (C - Cisco Src Report, U - URD, R - Remote, S - Static,
                    V - Virtual, M - SSM Mapping, L - Local,
                    Ac - Channel accounted towards access control limit)
  Source Address   Uptime    v3 Exp   CSR Exp   Fwd  Flags
  120.0.45.5       00:00:46  00:02:46  stopped   Yes  RL


R1#sh ip mroute 232.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(120.0.45.5, 232.0.10.1), 00:02:20/00:02:15, flags: sPLTI
  Incoming interface: GigabitEthernet0/0, RPF nbr 120.0.0.3
  Outgoing interface list: Null


R1#sh ip mroute 232.0.10.1 120.0.45.5
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(120.0.45.5, 232.0.10.1), 00:54:00/stopped, flags: sLTI
  Incoming interface: GigabitEthernet0/0, RPF nbr 120.0.0.3
  Outgoing interface list:
    Loopback0, Forward/Sparse, 00:11:25/00:00:34

R4#sh ip mroute 232.0.10.1 120.0.45.5
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(120.0.45.5, 232.0.10.1), 00:11:47/00:02:33, flags: sT
  Incoming interface: GigabitEthernet2/0, RPF nbr 120.0.45.5
  Outgoing interface list:
    GigabitEthernet1/0, Forward/Sparse, 00:11:47/00:02:33



Monday, December 8, 2014

Multicast - Bi-directional PIM

Overview

Bidirectional PIM is an extension to PIM SM that only uses the shared tree for multicast distribution. Typical use cases are when receivers also need to be senders such as with video conferencing. To enable PIM BiDir simple configure the global command ip pim bidir-enable on all multicast routers and designate an RP for the BiDir Multicast groups.


Concepts tested
  • Bidirectional PIM configuration
  • PIM SM configuratin
  • PIM BSR
  • Verification
Topology





Lab Tasks
  • Configure PIM SM on all paths between R1 and R5
  • Configure bi-direction PIM between R1 and R5 with R4 as the BSR and RP
  • Only the group 224.0.0.0 /5 should be bidirectional
  • Verify configuration
GNS3 configuration file, requires IOS v15 for the 7200 router: Link


Solution

R1(config)#ip multicast-routing
R1(config)#ip pim bidir-enable
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit


R2(config)#ip multicast-routing
R2(config)#ip pim bidir-enable
R2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int g1/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit

R3(config)#ip multicast-routing
R3(config)#ip pim bidir-enable
R3(config)#int g0/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int g1/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#

R4(config)#ip multicast-routing
R4(config)#ip pim bidir-enable
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int loopback 0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g2/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#ip access-list standard BIDIR_GROUP
R4(config-std-nacl)#permit 224.0.0.0 7.255.255.255
R4(config-std-nacl)#exit
R4(config)#ip pim rp-candidate loopback 0 group-list BIDIR_GROUP bidir
R4(config)#ip pim bsr-candidate loopback 0
R4(config)#

R5(config)#ip multicast-routing
R5(config)#ip pim bidir-enable
R5(config)#
R5(config)#int g0/0
R5(config-if)#ip pim sparse-mode
R5(config-if)#exit

Verification

R1(config)#int g0/0
R1(config-if)#ip igmp join-group 224.0.10.1
R1(config-if)#

R5(config)#int g0/0
R5(config-if)#ip igmp join-group 224.0.10.1
R5(config-if)#


R4#ping 224.0.10.1 rep 100

Type escape sequence to abort.
Sending 100, 100-byte ICMP Echos to 224.0.10.1, timeout is 2 seconds:

Reply to request 0 from 120.0.45.5, 28 ms
Reply to request 0 from 120.0.0.1, 104 ms
Reply to request 0 from 120.0.45.5, 76 ms
Reply to request 0 from 120.0.0.1, 76 ms

R1#sh ip mroute 224.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 224.0.10.1), 00:02:36/00:02:49, RP 4.4.4.4, flags: BPL
  Bidir-Upstream: GigabitEthernet0/0, RPF nbr 120.0.0.3
  Outgoing interface list:
    GigabitEthernet0/0, Bidir-Upstream/Sparse, 00:02:36/00:00:00

R2#sh ip mroute 224.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 224.0.10.1), 00:02:36/00:02:49, RP 4.4.4.4, flags: BP
  Bidir-Upstream: GigabitEthernet1/0, RPF nbr 120.0.24.4
  Outgoing interface list:
    GigabitEthernet1/0, Bidir-Upstream/Sparse, 00:02:36/00:00:00


R3#sh ip mroute 224.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 224.0.10.1), 00:02:36/00:02:49, RP 4.4.4.4, flags: BC
  Bidir-Upstream: GigabitEthernet1/0, RPF nbr 120.0.34.4
  Outgoing interface list:
    GigabitEthernet0/0, Forward/Sparse, 00:02:36/00:02:49
    GigabitEthernet1/0, Bidir-Upstream/Sparse, 00:02:36/00:00:00

R4#sh ip mroute 224.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 224.0.10.1), 00:10:13/00:02:57, RP 4.4.4.4, flags: BC
  Bidir-Upstream: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    GigabitEthernet1/0, Forward/Sparse, 00:02:36/00:02:52
    GigabitEthernet2/0, Forward/Sparse, 00:03:13/00:02:57

R5#sh ip mroute 224.0.10.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 224.0.10.1), 00:03:37/00:02:57, RP 4.4.4.4, flags: BPL
  Bidir-Upstream: GigabitEthernet0/0, RPF nbr 120.0.45.4
  Outgoing interface list:
    GigabitEthernet0/0, Bidir-Upstream/Sparse, 00:03:37/00:00:00

Multicast - helper-address

Overview

The ip multicast helper-address command can be useful when you have a need to send broadcast traffic between two layer 2 or more layer 2 domains. For instance a legacy application that pushes lots of information to clients such as a stock ticker program.. The steps are outlined below.


  1. Configure PIM multicast along path between source and target broadcast LAN(s)
  2. Configure ip forward-protocol   on ingress router
  3. Configure ip muticast helper-address on ingress router interface facing the destination L2 network
  4. Configure ip forward-protocol   on egress router
  5. Configure ip muticast helper-address  on egress router's interface(s) facing the source.
  6. Configure ip directed-broadcast  on ingress router's interface facing the destination L2 network
  7. Configure ip broadcast-address  on ingress router interface facing the destination L2 network


    Concepts tested
    • Configuring PIM SM mode
    • Forwarding broadcast traffic via multicast
    • Verification of configuration
    Topology







    Lab Tasks

    • Configure PIM SM across the paths between nodes R1, R2, R4, and R5. R3 should not be a multicast path.
    • R2 should be the BSR and RP
    • Configure R4 so that udp traffic from R5 on port 49000 is broadcast on to the 120.0.0.0/24 subnet
    • Use group 239.1.1.1 and DNS broadcast to test
    GNS3 configuration file, requires IOS v15 for the 7200 router: Link


    Solution

    R1(config)#ip multicast-routing
    R1(config)#int g0/0
    R1(config-if)#ip pim sparse-mode
    R1(config-if)#exit
    R1(config)#int loopback 0
    R1(config-if)#ip pim sparse-mode
    R1(config-if)#exit


    R2(config)#ip multicast-routing
    R2(config)#int g0/0
    R2(config-if)#ip pim sparse-mode
    R2(config-if)#exit
    R2(config)#int g1/0
    R2(config-if)#ip pim sparse-mode
    R2(config-if)#exit
    R2(config)#ip pim rp-candidate loopback 0
    R2(config)#ip pim bsr-candidate loopback 0

    R2(config)#ip access-list extended ALLOWED_IPS
    R2(config-ext-nacl)#permit udp any any eq 49000
    R2(config-ext-nacl)#permit udp any any eq 53

    R2(config)#ip forward-protocol udp 49000
    R2(config)#int g1/0
    R2(config-if)#ip multicast helper-map 239.1.1.1 120.0.0.255 ALLOWED_IPS
    R2(config)#int g0/0
    R2(config-if)#ip directed-broadcast
    R2(config-if)#ip broadcast-address 120.0.0.255



    R3(config)#ip multicast-routing
    R3(config)#int g0/0
    R3(config-if)#ip pim sparse-mode
    R3(config-if)#exit
    R3(config)#int g1/0
    R3(config-if)#ip pim sparse-mode
    R3(config-if)#exit

    R4(config)#ip multicast-routing
    R4(config)#int g0/0
    R4(config-if)#ip pim sparse-mode
    R4(config-if)#exit
    R4(config)#int g1/0
    R4(config-if)#ip pim sparse-mode
    R4(config-if)#exit
    R4(config)#int g2/0
    R4(config-if)#ip pim sparse-mode
    R4(config-if)#exit



    R4(config)#ip access-list extended ALLOWED_IPS
    R4(config-ext-nacl)#permit udp any any eq 49000
    R4(config-ext-nacl)#permit udp any any eq 53

    R4(config)#ip forward-protocol udp 49000
    R4(config-if)#ip multicast helper-map broadcast 239.1.1.1 ALLOWED_IPS


    R5(config)#ip multicast-routing
    R5(config)#
    R5(config)#int g0/0
    R5(config-if)#ip pim sparse-mode
    R5(config-if)#exit

    Verification

    R5(config)#ip domain lookup

    R4(config)#int g0/0
    R4(config-if)#no ip mfib cef input
    R4(config-if)#no ip mfib cef output
    R4(config-if)#int g2/0
    R4(config-if)#no ip mfib cef input
    R4(config-if)#no ip mfib cef output

    R4(config)#access-list 100 permit udp any any eq 53

    R4#debug ip mfib pak 239.1.1.1
    R4#deb ip pack detail 100


    R2(config)#int g0/0
    R2(config-if)#no ip mfib cef input
    R2(config-if)#no ip mfib cef output
    R2(config-if)#int g1/0
    R2(config-if)#no ip mfib cef input
    R2(config-if)#no ip mfib cef output

    R2(config)#access-list 100 permit udp any any eq 53

    R4:
    R4#debug ip packet detail 100
    R4#debug ip mfib pak 239.1.1.1
    *Dec  8 08:57:12.407: IP: s=120.0.45.5 (GigabitEthernet2/0), d=255.255.255.255, len 60, rcvd 2
    *Dec  8 08:57:12.407:     UDP src=50743, dst=53
    *Dec  8 09:43:26.099: MFIBv4(0x0): Pkt (120.0.45.5,239.1.1.1) from GigabitEthernet2/0 (PS) accepted for forwarding
    *Dec  8 09:43:26.103: MFIBv4(0x0): Pkt (120.0.45.5,239.1.1.1) from GigabitEthernet2/0 (PS) sent on GigabitEthernet0/0

    R2:

    R2#debug ip mfib pak 239.1.1.1
    *Dec  8 09:44:54.859: MFIBv4(0x0): Pkt (120.0.45.5,239.1.1.1) from GigabitEthernet1/0 (PS) accepted for forwarding
    *Dec  8 09:44:54.863: MFIBv4(0x0): Pkt (120.0.45.5,239.1.1.1) from GigabitEthernet1/0 (PS) sent on GigabitEthernet0/0


    R2#sh ip mroute 239.1.1.1

    (*, 239.1.1.1), 00:41:35/00:02:32, RP 2.2.2.2, flags: SJCL
      Incoming interface: Null, RPF nbr 0.0.0.0
      Outgoing interface list:
        GigabitEthernet0/0, Forward/Sparse, 00:16:41/00:02:33
        GigabitEthernet1/0, Forward/Sparse, 00:36:26/00:02:32

    (120.0.45.5, 239.1.1.1), 00:02:47/00:00:12, flags: LJT
      Incoming interface: GigabitEthernet1/0, RPF nbr 120.0.24.4
      Outgoing interface list:
        GigabitEthernet0/0, Forward/Sparse, 00:02:47/00:02:33