CCIE Pursuit Blog

December 24, 2007

Internetwork Expert Volume II: Lab 3 – Section 6

Section 6 – Multicast – 8 Points

6.1 PIM

This was a basic task.  You need to configure IP Multicast on some fo the routers and then PIM on certain interfaces.  Make r5’s loopback 0 the RP for a certain set of multicast groups.  The rest should not use an RP.

So we know that we have a mixture of PIM dense and PIM sparse because certain Multicast groups will require an RP while others will not.  Thus we need to configure “ip pim sparse-dense-mode”.

Good luck looking at the 12.4 command reference though:

ip pim register-source IMC-183

The Page You Have Requested Is Not Available
The page you are trying to access may have been moved to a different location or removed. If you typed the address, please verify that the spelling is correct.

I’m not sure how you would handle this in the lab, but I just jumped to the 12.3 documentation:

To use lo0 (the wrong way):

ip pim register-source

To configure the IP source address of a register message to an interface address other than the outgoing interface address of the designated router (DR) leading toward the rendezvous point (RP), use the ip pim register-source command in global configuration mode. To disable this configuration, use the no form of this command.

ip pim [vrf vrf-name] register-source interface-type interface-number
no ip pim [vrf vrf-name] register-source interface-type interface-number

I had everything that I needed EXCEPT a way to limit the RP to certain Multicast groups.  I was completely lost.  The answer was easy, but I took a wrong turn with “ip pim register-source”.  I really need to review Multicast.

You need an ACL and these two commands:

ip pim send-rp-announce

To use Auto-RP to configure groups for which the router will act as a rendezvous point (RP), use the ip pim send-rp-announce command in global configuration mode. To unconfigure this router as an RP, use the no form of this command.

ip pim [vrf vrf-name] send-rp-announce interface-type interface-number scope ttl-value [group-list access-list] [interval seconds] [bidir]

no ip pim [vrf vrf-name] send-rp-announce interface-type interface-number scope ttl-value [group-list access-list] [interval seconds] [bidir]
ip pim send-rp-discovery

Don’t forget to configure ip pim on the RP interface:

r5(config)#ip pim send-rp-announce lo0 scope 16 group-list 69
Must first configure PIM mode on the interface: Loopback0

The solution guide has a nice write-up on this task.

Nice verification command:

r1#sh ip pim rp mapping
PIM Group-to-RP Mappings

Group(s) 225.0.0.0/8
  RP 150.6.5.5 (?), v2v1
    Info source: 150.6.5.5 (?), elected via Auto-RP
         Uptime: 00:02:04, expires: 00:02:51
Group(s) 226.0.0.0/8
  RP 150.6.5.5 (?), v2v1
    Info source: 150.6.5.5 (?), elected via Auto-RP
         Uptime: 00:02:04, expires: 00:02:54
Group(s) 227.0.0.0/8
  RP 150.6.5.5 (?), v2v1
    Info source: 150.6.5.5 (?), elected via Auto-RP
         Uptime: 00:02:04, expires: 00:02:55

6.2 Multicast Forwarding

ip igmp static-group

r2#sh ip igmp mem
Flags: A  – aggregate, T – tracked
       L  – Local, S – static, V – virtual, R – Reported through v3
       I – v3lite, U – Urd, M – SSM (S,G) channel
       1,2,3 – The version of IGMP the group is in
Channel/Group-Flags:
       / – Filtering entry (Exclude mode (S,G), Include mode (*,G))
Reporter:
       <mac-or-ip-address> – last reporter if group is not explicitly tracked
       <n>/<m>      – <n> reporter in include mode, <m> reporter in exclude

 Channel/Group                  Reporter        Uptime   Exp.  Flags  Interface
 *,228.22.22.22                 0.0.0.0         00:00:27 stop  2SA    Fa0/0
 *,224.0.1.39                   136.6.245.5     00:09:01 02:54 2A     Se0/0
 *,224.0.1.40                   136.6.29.2      00:19:26 02:51 2LA    Fa0/0

r2#sh ip mroute | sec 228.
(*, 228.22.22.22), 00:01:32/stopped, RP 0.0.0.0, flags: DC
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    Serial0/0, Forward/Sparse-Dense, 00:01:32/00:00:00
    FastEthernet0/0, Forward/Sparse-Dense, 00:01:32/00:00:00
(136.6.245.5, 228.22.22.22), 00:00:35/00:02:30, flags: T
  Incoming interface: Serial0/0, RPF nbr 136.6.245.5
  Outgoing interface list:
    FastEthernet0/0, Forward/Sparse-Dense, 00:00:35/00:00:00
(150.6.5.5, 228.22.22.22), 00:00:35/00:02:30, flags: T
  Incoming interface: Serial0/0, RPF nbr 136.6.245.5
  Outgoing interface list:
    FastEthernet0/0, Forward/Sparse-Dense, 00:00:35/00:00:00

6.3 Multicast Filtering

It took me a while to understand this question, but I was able get the points for this task (it really helps that the task was called “Multicast Filtering”).  🙂

Pretty simple config using and ACL and “ip igmp access-group”

ip igmp access-group

r4(config-ext-nacl)#int e0/0
r4(config-if)#ip igmp access-group FILTER_MULTI ?
  <cr>

This must be inbound only:

r4#sh ip igmp int e0/0
Ethernet0/0 is up, line protocol is up
  Internet address is 136.6.4.4/24
  IGMP is enabled on interface
  Current IGMP host version is 2
  Current IGMP router version is 2
  IGMP query interval is 60 seconds
  IGMP querier timeout is 120 seconds
  IGMP max query response time is 10 seconds
  Last member query count is 2
  Last member query response interval is 1000 ms
  Inbound IGMP access group is FILTER_MULTI
  IGMP activity: 1 joins, 0 leaves
  Multicast routing is enabled on interface
  Multicast TTL threshold is 0
  Multicast designated router (DR) is 136.6.4.4 (this system)
  IGMP querying router is 136.6.4.4 (this system)
  Multicast groups joined by this system (number of users):
      224.0.1.40(1)

If you look at the documentation for “ip igmp access-group” it has some interesting ACLs:

The following are examples of extended access lists:

The first part of the extended access list clause controls the source (multicast sender), and the second part of the extended access list clause controls the multicast group.

Deny all state for a group G
deny igmp any host G
permit igmp any any

Deny all state for a source S
deny igmp host S any
permit igmp any any

Permit all state for a group G
permit igmp any host G

Permit all state for a source S
permit igmp host S any

Filter a particular source for a group G
deny igmp host S host G
permit igmp any host G

6.4 Multicast Filtering

I had no idea on this one.  I gave it the old college try by going under the interface and looking at the options for “ip igmp” and “ip pim” to see if I could steal some points, but nothing looked promising:

r1(config-if)#ip igmp ?  [output filtered]
  last-member-query-count     IGMP last member query count
  last-member-query-interval  IGMP last member query interval
  querier-timeout             IGMP previous querier timeout
  query-interval              IGMP host query interval
  query-max-response-time     IGMP max query response value

r1(config-if)#ip pim ?
  bidir-neighbor-filter  PIM bidir capable peering filter
  bsr-border             Border of PIM domain
  dense-mode             Enable PIM dense-mode operation
  dr-priority            PIM router DR priority
  nbma-mode              Use Non-Broadcast Multi-Access (NBMA) mode on interface
  neighbor-filter        PIM peering filter
  query-interval         PIM router query interval
  sparse-dense-mode      Enable PIM sparse-dense-mode operation
  sparse-mode            Enable PIM sparse-mode operation
  state-refresh          PIM DM State-Refresh configuration
  version                PIM version
  <cr>

I should have done this:

r1(config-if)#ip multicast ?
  boundary       Boundary for administratively scoped multicast addresses
  helper-map     Broadcast to Multicast map OR Multicast to ip-address map
  rate-limit     Rate limit multicast data packets
  tagswitch      Enable IP Multicast Tagswitching
 ttl-threshold  TTL threshold for multicast packets

ip multicast ttl-threshold

Advertisements

1 Comment »

  1. did u notice that they decided to use a threshold of 12 and not 13? It used 13 then realised I was “wrong”… I wonder how the moderator will mark that?

    Comment by Jedi Cisco — January 22, 2008 @ 3:50 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: