Controlling the border for a multicast domain can be done with two basic mechanisms. Fist using the TTL option with AutoRP but some topologies make this difficult to implement effectively. Another option is the ip multicast boundary acl filter-autorp command. This feature can filter both the data and control planes based on the applied acl. Standard access lists specify the group to filter and extended access lists define source and group.
Concepts tested
- IP PIM sparse mode configuration
- Controlling the edge of a multicast domain
- Using ACL's to define filtering criteria
Topology
Lab Tasks
- Configure PIM sparse mode on all paths between the source and receiver hosts
- Use the Cisco proprietary method configure R2 as an RP for the group 237.0.0.0 /23
- Using the Cisco proprietary method configure R3 as the RP for the group 237.0.2.0 /23
- Configure R4 as a mapping agent
- R2 and R3 should provide backup for each other should one fail
- Prevent the Receiver from receiving traffic from the 237.0.2.0 /23 group
- Filter 237.0.2.0/23 from AutoRP messages
GNS3 configuration file, requires IOS v15 for the 7200 router: Link
Solution
Receiver(config)#ip multicast-routing
Receiver(config)#int g0/0
Receiver(config-if)#ip pim sparse-mode
Receiver(config-if)#exit
Receiver(config)#ip pim autorp listener
R1(config)#ip multicast-routing
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g1/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#ip pim autorp listener
R1(config)#access-list 1 deny 237.0.2.0 0.0.1.255
R1(config)#access-list 1 permit any any
R2(config-std-nacl)#permit 237.0.0.0 0.0.1.255
R2(config-std-nacl)#permit 237.0.0.0 0.0.3.255
R2(config)#ip pim autorp listener
R2(config)#ip pim send-rp-announce loopback 0 scope 10 group-list R2_GROUPS
R4(config)#ip multicast-routing
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int loopback 0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#ip pim autorp listener
R4(config)#ip pim send-rp-discovery scope 10
Source(config)#ip multicast-routing
Source(config)#int g0/0
Source(config-if)#ip pim sparse-mode
Verification
R1:
%AUTORP-4-OVERLAP: AutoRP Announcement packet, group 237.0.0.0 with mask 255.255.252.0 removed because of multicast boundary for 237.0.2.0 with mask 255.255.254.0
R4:
R4#sh ip pim rp mapping
PIM Group-to-RP Mappings
This system is an RP-mapping agent
Group(s) 237.0.0.0/23
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 02:44:04, expires: 00:02:51
Group(s) 237.0.0.0/22
RP 3.3.3.3 (?), v2v1
Info source: 3.3.3.3 (?), elected via Auto-RP
Uptime: 03:31:26, expires: 00:02:32
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), via Auto-RP
Uptime: 03:32:04, expires: 00:02:51
Group(s) 237.0.2.0/23
RP 3.3.3.3 (?), v2v1
Info source: 3.3.3.3 (?), elected via Auto-RP
Uptime: 02:42:26, expires: 00:02:28
R3#debub ip pim autorp
*Dec 1 16:22:16.898: Auto-RP(0): Build announce entry for (237.0.0.0/23)
*Dec 1 16:22:16.898: Auto-RP(0): Build announce entry for (237.0.0.0/22)
Solution
Receiver(config)#ip multicast-routing
Receiver(config)#int g0/0
Receiver(config-if)#ip pim sparse-mode
Receiver(config-if)#exit
Receiver(config)#ip pim autorp listener
R1(config)#ip multicast-routing
R1(config)#int g0/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#int g1/0
R1(config-if)#ip pim sparse-mode
R1(config-if)#exit
R1(config)#ip pim autorp listener
R1(config)#access-list 1 deny 237.0.2.0 0.0.1.255
R1(config)#access-list 1 permit any any
R1(config-if)#ip multicast boundary 1 filter-autorp
R2(config)#ip multicast-routing
R2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int s2/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int loopback 0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#ip access-list standard R2_GROUPSR2(config)#int g0/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int s2/0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config)#int loopback 0
R2(config-if)#ip pim sparse-mode
R2(config-if)#exit
R2(config-std-nacl)#permit 237.0.0.0 0.0.1.255
R2(config-std-nacl)#permit 237.0.0.0 0.0.3.255
R2(config)#ip pim send-rp-announce loopback 0 scope 10 group-list R2_GROUPS
R3(config)#ip multicast-routing
R3(config)#int g0/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int g1/0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#int loopback 0
R3(config-if)#ip pim sparse-mode
R3(config-if)#exit
R3(config)#ip pim autorp listener
R3(config)#ip access-list standard R3_GROUPS
R3(config-std-nacl)#permit 237.0.2.0 0.0.1.255
R3(config-std-nacl)#permit 237.0.0.0 0.0.3.255
R3(config)#ip pim send-rp-announce loopback 0 scope 10 group-list R3_GROUPS
R4(config)#int g0/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int g1/0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#int loopback 0
R4(config-if)#ip pim sparse-mode
R4(config-if)#exit
R4(config)#ip pim autorp listener
R4(config)#ip pim send-rp-discovery scope 10
Source(config)#int g0/0
Source(config-if)#ip pim sparse-mode
R1:
%AUTORP-4-OVERLAP: AutoRP Announcement packet, group 237.0.0.0 with mask 255.255.252.0 removed because of multicast boundary for 237.0.2.0 with mask 255.255.254.0
R4:
R4#sh ip pim rp mapping
PIM Group-to-RP Mappings
This system is an RP-mapping agent
Group(s) 237.0.0.0/23
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 02:44:04, expires: 00:02:51
Group(s) 237.0.0.0/22
RP 3.3.3.3 (?), v2v1
Info source: 3.3.3.3 (?), elected via Auto-RP
Uptime: 03:31:26, expires: 00:02:32
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), via Auto-RP
Uptime: 03:32:04, expires: 00:02:51
Group(s) 237.0.2.0/23
RP 3.3.3.3 (?), v2v1
Info source: 3.3.3.3 (?), elected via Auto-RP
Uptime: 02:42:26, expires: 00:02:28
Receiver:
Receiver#sh ip pim rp map
PIM Group-to-RP Mappings
Group(s) 237.0.0.0/23
RP 2.2.2.2 (?), v2v1
Info source: 120.0.34.4 (?), elected via Auto-RP
Uptime: 02:28:20, expires: 00:02:37
Receiver#sh ip pim rp-hash 237.0.2.0
No RP available for this group
R3#debub ip pim autorp
*Dec 1 16:22:54.422: Auto-RP(0): Build RP-Announce for 3.3.3.3, PIMv2/v1, ttl 10, ht 181
*Dec 1 16:22:54.422: Auto-RP(0): Build announce entry for (237.0.2.0/23)
*Dec 1 16:22:54.422: Auto-RP(0): Build announce entry for (237.0.0.0/22)
R2#debug ip pim autorp
*Dec 1 16:22:16.894: Auto-RP(0): Build RP-Announce for 2.2.2.2, PIMv2/v1, ttl 10, ht 181*Dec 1 16:22:16.898: Auto-RP(0): Build announce entry for (237.0.0.0/23)
*Dec 1 16:22:16.898: Auto-RP(0): Build announce entry for (237.0.0.0/22)
No comments:
Post a Comment