121 IPExpert IP Multicast configuration and Troubleshooting

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] our five in our network is going to be the source sending the traffic our four is going to be acting as the bootstrap router r2 is going to be the r5 so R is going to be our two sorry our two is going to let BS r know that it's going to be the RP candidate and our four will have to let everyone else know our six is going to be just a regular multicast router and our nine is going to be our client and on the client here we are going to be joining the group so we want to get the traffic sent to two three nine nine nine nine so the goal is to get the traffic from the source to this group here so let me just write this out in in red here so our nine will be joining this group here so this is the goal now what are the prerequisites for multicast configuration so I'm going to write here multicast configuration so multicast configuration the number one prerequisite is fully converged unicast Raleigh now don't even try to build your multicast network before your unicast routing is fully converged so in our example here we need to have a fully converged unicast Network if there is no full reach ability in this network our multicast is almost guaranteed going to fail so that's number one prerequisite number two prerequisite is enable multicast routing on relevant routers and this is a step that can be easily forgotten number three is enable pin on relevant interfaces now I'm going to give you an advice here and this is going to be in green if unrestricted enable pin on all the interfaces in the network number four RP configuration and here we are talking about static ESR or auto RP now if you are given a choice if they if the lab doesn't necessarily require you to run anything in particular my recommendation is run BSR so not static run BSR because you can use be sr messages for troubleshooting very very effectively finally join groups we are needed and test and here I'm going to write in red that we are talking about IP IGMP join group so this is the command that you will need to do so these are the the steps and the prerequisites for multicast configuration now again I cannot stress this enough fully converged unicast routing now this is going to be number one issue that you are going to be dealing with multicast is that you think that you have a multicast problem and in fact there is some unicast reachability why because unicast routing table is actually used by default for RPF verification if your unicast doesn't work your multicast will not work then make sure that multicast routing is enabled on all relevant routers and able pin on relevant interfaces as I said if unrestricted enable on all of the interfaces RP configuration static besar or out RP my preference given to be SR and then join groups where needed and test IP IGMP group and how do you test you can test using thing and then the group address because pink is perfectly fine traffic generator so given this knowledge here if we go back to our example here that we need to build what would be the relevant routers on which I need to enable multicast routing so I will need to enable it here here and here now mind you our five being the source doesn't need multicast routing and our nine given that your unrestrictedly that we are going to join the group from this interface here also doesn't need to have multicast routing so these are the relevant router routers on which I need to enable multicast routing what about PIM PIM needs to be enabled on this interface here this interface here this interface here this interface here this one here this one here but it doesn't actually have to be enabled here or here why because this is a source the source doesn't need any special configuration just needs to be able to generate the traffic and this one here is going to be acting as a client and on the client you don't need Tim on the client interface so these are going to be the pimp interfaces so this is the relevant configuration so I know that I mentioned that if you are unrestricted and able on all the interfaces PIM but I'm not going to be doing that now because I want to give you an example of what is actually required in a network so I'm going to now go not not with what I would recommend is the best way but what would be the absolute minimum configuration to actually get this working because I want to emphasize one thing and that is it multicast is inherently easy to make to make work if you satisfy these requirements here if these requirements are actually in place it would be very difficult to break multicast multicast wants to work right you actually have to make an effort to make multicast fail and this is the mindset that I would like you to have when you go to the lab that multicast is actually an easy thing to configure in it is not actually that complicated so let's start with our configuration so I'm going to start by enabling multicast routing where it needs to be enabled so I'm just going to say IP multicast routing here and then on actually I've forgot one thing so all these things here the BS are the RP this is going to be happening on the loopback interfaces so these are going to be our BS our address this is going to be our RP address so obviously on these interfaces here I will need to enable pin as well but here on this loop back on our six I don't actually need to have it enabled so this interface here doesn't need to have pimped enabled because it will have no special role in our configuration so going to our configuration here on our four where do I need to have it have it enabled so let me just do it do it like this so I'm going to look at our four configuration now I'm going to go to interface actually interface will look like zero I'm going to say I type in sparse mode then I'm going to say interface serial 0 0 0 4 or 5 I'm going to say I type in sparse mode and I will have the same towards r2 so this is the configuration that will be very good to paste on our 4 so this is what I'm going to do here let's go back to our to whiteboard and the notepad so on r2 this is actually the interface that I've been needing to 0 for then I will need towards 6 so this goes in so I can go back in here and paste this to r2 and on our six I don't need it on the loopback and I need it towards 602 and serial zero to zero so this is where I need to have this available so now I have configured pin just blindly haven't verified anything now one of the most important verification commands when you are configuring or troubleshooting your multicast is show IP pimp interfaces now this is a very very useful command because it will show you on the router on which interfaces you have pimp enabled so these are the interfaces where PIM is enabled it will tell you in which mode you are operating so here we can see that we are operating in pimp version two and that the mode is sparse mode it will also tell me what is the neighbor count how many neighbors I have on these interfaces now I can see that on these two interfaces on the loopback and on a serial interface interface facing five I have 0 PIM neighbors now looking at the diagram that's exactly what I have on this interface here I'm not expecting any neighbors because pimp is not actually enabled on this interface so that's good now on this interface here on the other hand I do have the neighbor and I can see that they have neighbor 1 now if I can do also show IP PIM neighbors to confirm but I already know that I actually have one neighbor on this interface and here is that one neighbor there so I can see that this neighbor is in place and this is good this is exactly what I was expecting to see now going back to up to my whiteboard so this was verification on our 4 let's take a look at the verification on our tool let's have let's see what is happening on our two now so going back there on our two I'm going to say again show IP pin interfaces and Here I am seeing three interfaces enable 4 pin which is exactly what I expected because I do have one interface here one interface here and the loopback into and I can see that on two of these interfaces I have neighbors so on serial interfaces I do have neighbor so I don't even have to run show IP pim neighbors but I can and this will exactly show me who the neighbors are on our six show IP pin interfaces again I'm seeing two interfaces here and one of these has neighbors and it is this interface facing r2 now this interface facing r9 does not have the neighbor it has zero neighbors here which is okay because I have not enabled pin on that interface here so this is how I would build very quickly my multicast infrastructure and this is really what my multicast infrastructure is so this is the source it's outside my infrastructure and this is the client and the client is also outside the infrastructure so only routers for two and six are actually what form my MPLS sorry not by impulse but my multicast infrastructure all those other routers are actually outside of my multicast domain because they are clients and sources they connect to the domain but they are not actually part of what I'm building so what is going to be the next step here the next step is going to be to test do I have full of converged unicast natural rerouting I should have actually pointed that out that this is already in place so all my router so if I do show IP route I'm running OSPF here so all my routers actually have full reach ability so that is prerequisite that I have already met I have enabled multicast routing on all relevant routers check and I have enabled pin on all relevant interfaces check now RP configuration static BSR or auto RP in my case I want to configure BSR so let's go to our forum here and I'm going to say in the configuration I pimp BSR candidate and I want it to be look back zero so now this makes our for the candidate for the PSR if I do show PI pippin BSR and this is the verification command that I can run I will see that r4 is to be the bootstrap router it's not only the candidate it is actually the bootstrap router and I should be able to see that information on all of my routers that are part of my multicast domain so our 4 R 2 and R 6 will have this information of course our 9 and our 5 will not have this information because they have absolutely no use of it I have not actually enabled multicast routing on them now the next thing that I'm going to do is I'm going to make my art to I type in R P candidate Olympic zero so if I do show IP pin RP here now for very brief period of time I'm going to see just information with this information with this router is the candidate but in the meantime I have actually received the BSR message that now says that ok you are the b sr so now on r2 r4 in our six actual RP map sorry I will have the information that for all groups in in the network r2 is the candidate now let me explain the output of this command just a little bit you see these question marks here now these question marks here do not indicate any problem but they make because of pain for you in the lab now if in your lab you actually have IP domain lookup enabled when you do show IP m RP map your output is going to hang here because now router is trying to resolve the name so this question mark here means that we couldn't resolve a DNS name for this IP address so every time you run multicast commands you might in danger of these annoying delays so my recommendation is no IP domain lookup because then this failure happens immediately and you just get the output that you care about because really in most cases you don't care about what is the name of these addresses so now I can see that my R 4 R 2 and R six actually have the information about who the RP in our network is now let me show you one more thing so I'm going to go on our for now and I'm going to say show IP and right now this is my multicast state table or my multicast routing table call it whatever now we know for a fact that I will be joining this one group here so this one group here is irrelevant so I'm not going to be paying any more attention to it but this is for use without 2rp so I'm going to go to our five now and I'm going to ping two three nine nine nine nine now remember what are the roles in our network our four is the BS r and r 2 is the RP but our 4 for this traffic that will be arriving from our 5 is also the first cup router which means that this router will be in charge of actually registering this traffic with our two so when I send this pink two two three nine nine nine nine what I will be seeing is multicast state here so I will be seeing 192 168 45 five comma two three nine nine nine nine but I will also be so this is our s comma G state but I will also be seen this state created here now I will be seeing this state cradle here as the result of this register message but there will be no state on our six because our nine has not joined this group yet so I'm going to go to our five and I'm just going to send one pink so now if i do show ipm route here i'm seeing the state and if i do show IP emerald here i am seeing that the state was created on our two now you might remember that I said that you will also have star comma G state but this state is actually irrelevant now what is relevant state on r4 is actually this state here this state here says that this is the source as I said it will be 192 168 45 5 that's what we have and two three nine nine nine nine now we can see that we do have an incoming interface but the outgoing interface is now because we don't have any downstream routers that want to receive this traffic now it's a shame that I don't actually have a router between our four and our two that they are directly connected so that I could actually show you that we are not going to have the state on this router between them but I really didn't want this router here to be DRP so maybe this would have been slightly better example if we had one more router in between to show that there is no state on this router here in between but this is something that I will leave to you as an exercise now on r2 I have this state created here I do I know what is my incoming interface where I would need to go here because this is the same interface that will be the best interface to reach this address here and I have outgoing interface now which means that none of the clients are interested so if i do show ipm route on our six I don't have any of this so basically our RP has learned where the traffic is coming from it has created the state and our four here has the state but the actual multicast traffic is not actually being transmitted on this link this was a unicast encapsulated registered message now if I let enough time elapsed this multicast state will actually expire so maybe we can wait for that to happen we can see that it is actually a two minute and six seconds old so it is going to expire of that because there is no there is no source transmitting so we have you know some time before it expires so I believe that this is the timer counting down 48 seconds before it actually disappears from our wrap from our table so let's just wait for that to uh to happen and the same thing we have here on our - we have a countdown and this one will actually expire in 25 seconds 20 seconds so 16 more seconds before we actually lose this state and we can see it's it's very close so this is a three minute timer here and in seven seconds we are actually going to lose this state actually we lost it here when this timer yet when this timer hit three minutes we can see that now we don't have the state so after three minutes have expired both routers here have lost the state this state here now is going to disappear actually this one might stay a little bit longer but we don't have that Eskimo GI I did mention that this one here is really irrelevant one so at this moment here we have lost the information about the source the source sent just one packet the state got created and it existed for three minutes but if the source is not transmitting the state will be deleted so let's now go to our nine so now there is no source let's go to our nine and on interface serial zero to zero let's join that group so IP IGMP join group two three nine nine nine nine so now what's going to happen is on our nine if I do show ipm route I will not be seeing anything because remember on our nine multicast routing is not actually enabled but on our six if I do show IP am route what I am going to be seeing now is only star comma G entry why because our six doesn't know who the source is and what we can see here is that we do have an incoming interface why do we have an incoming interface because this is the best path to reach the rendezvous point remember this is a shared tree we are talking about and the outgoing interface so we do have outgoing interface list on the outgoing interface list we actually do have a serial interface why because we actually do have an interested client here now let's take a look what's the situation on our to remember our - in the meantime has forgotten who the source is so show IP out here now shows me only stark emoji entry that says incoming interface now that means we do not know where the source is but you do have an outgoing interface list and here on outgoing interface list we can see that serial zero one zero means that we do have a client now our four here in the meantime well it still has this entry here have no idea it will expire actually in 54 seconds I'm pretty sure about it so it has still not forgotten but as I said this is a real irrelevant state so let's send that one pink now from our five so that thing now goes so what has happened now is that our five has sent the pink to our for our four has received this pink and has encapsulated it as unicast registering it with our two but our two now sent it as multicast towards our six who delivered it to our nine but if I go to our six right now I will actually see that in the meantime this state got created this state here that is s comma G state so now at this moment my router will start building that source-based tree this is going to happen totally outside of my control now not totally outside my control I shouldn't say that I should say that it's going to happen by default I don't have to do anything for that other tree to be built now in this case we have only one path back so the sheer tree and this in this and the source tree will be actually taking the same path but that's okay now I want to expand this example I actually wanted to add something more to my network so this something more is actually going to be one more interface between r9 + r6 so to do that I'm going to bring in another diagram here so I will put it in the background so I'm just going to try to align it here with this so I'm going to say here okay maybe I need to do one more thing so let me do order send it to back and now this one here I want to actually delete this one so this is the network that I'm going to set up now so now instead of having just a single interface here between our six and our nine I'm actually adding a fast internet interface which means that that join group that I had on a serial interface now it's going to be joining just a traffic here so I'm going to move that join and join it on the loopback interface so now the loopback interface on our nine is actually going to be the one that joins this group here so let me go and implement that change so on our nine I'm going to set interface fastener 0 1 is it 1 0 1 yes then we'll say no shut down here and on our six no shut down and show run till face serial zero two zero I'm going to remove this join group and I'm going to go to interface loopback zero and I'm going to join the groups here now in the meantime I see that my OSPF actually converged on this Fast Ethernet interface so I do have full reach ability there as well and I can probably ping so five and forty five five now let's see what happens when I try the same thing now when I try the same thing the same thing is actually going to be failing so I'm going to keep sending this pin so not repeat one and we're just going to say repeat 1,000 times and timeout in one second so no matter how many pins I sent now basically they're not arriving on our nine now why they are actually arriving on our nine but the problem is that they are arriving on our nine on one of these interfaces it doesn't matter on which one but then my join group is actually on a downstream interface so now in this case on our nine I actually must enable multicast routing because at this point here these i GN p joins that were now that existed on serial zero to zero they were actually being heard by our six so our six was acting as the upstream router for the client but now these joints are actually being heard by our nine so our nine now instead of sending IGMP join to our six actually needs to send a pin join so to do that i actually need to enable multicast routing on our nine so let me do that so i'm going to go to our nine and I'm going to say IP multicast routing and then I need to enable pin on all the relevant the interfaces so I pip in sparse mode on the loopback interface faster than 0 1 IP pim sparse mode and interface serial 0 to 0 I type in sparse mode now let me do the same thing on our six interface faster than 0 1 type in sparse mode so now pin is actually enabled on all of these interfaces here so I have pin enabled on this interface here on this interface here and on the loopback and multicast routing is actually enabled on 9 which means that in the meantime if I do show IP actually on our 9 if I do show IP pin BSR I have the bootstrap information I type in our P map I do have the RP mapping which means that my ping actually works now the reason why it works is that I have enabled PIM on all of these interfaces here but what if I was restricted what if my lab told me enable pin or let's say that you were not allowed to enable pin on fastethernet 0/1 so that we can enable it on serial 0 to 0 and on the back but on the fast internet 0 1 we are not allowed to enable PIM let's do that so or here so on this interface here PIM is not allowed to run let's go to our r9 and let's make that change so interface fast new 0 1 no I Pippin sparse mode and on our 6 interface path 9 0 1 no IP pim sparse mark so now PIM is gone from that interface and we can see that at this moment here my ping is actually failed now why spin failing because if we go to our 9 at this point what is the traffic that I'm supposed to be receiving it is traffic going from 1 & 2 to 168 45 5 to the group 2 3 9 9 9 9 so at this moment I have to see which way am I supposed to receive this traffic now remember that simple idea that I have given you that your multicast traffic by default will follow the same path as the unicast traffic from the client to the source will follow so my multicast traffic actually needs to follow this same path in the opposite direction so my traffic needs to go over this interface first then over this interface then over this interface and then over this interface here so if I take a look at my diagram my multicast traffic needs to flow here here here and then over fast ethernet why because if I take a look at this this says 96 and 96 is exactly this fast internet interface so one of the best troubleshooting tools that you can use for multicast is to actually do the trace route but it's upside-down you don't trace route from client to source so not sorry not from upside down so let me right so it's not from source to client that you have to do what you have to do is do the traceroute from the client to the source and then see if you have discrepancy with your PIN enabled interfaces so in this case the reason why I'm not getting this traffic is because I have RPF failure here now how can I confirm that I actually have RPF failure well I can go to my r9 and I can do show IP RPF and do 45 5 now take a look at this it says no route exists but that's not true because I actually do have the route the route says it's sorry not not not not for this 445 0 it says here that I do have the OSPF route but take a look it points out to the Fast Ethernet interface now how do I correct this problem how do I make the traffic go where I need to go when I'm not allowed to enable payment well as it turns out there are multiple solutions so how to correct RPF now you can correct our PF failure by modifying unicast routing you can correct the RPF by using multicast or let me up write this down there multiple names for this next feature you can use static RPF verification which is sometimes incorrectly called static multicast routes and you can use multicast BGP now this one here is simple to understand now simple to understand because the only thing that I actually need to do is make sure that our line here prefers the path over serial interface instead of fast internet interface to reach the the source of the traffic but for these two here I want you to remember that it is all about the sources not about the destination this is about the sources so what I need to do is not to route the destination multicast address in multicast BGP or in the static RPF verification what I need to do is tell my r9 that it is okay to receive traffic from this destination someplace else so let's use the static one here so I'm going to say I PM route and I'm going to say this so this is the source network that I need to route and I'm going to say you know what it's okay to receive this traffic from this serial interface here so if I do show IP camera if I do show IP RPF 102 168 45 0 I will see now that I do have a static RPF that points to a correct interface but I still have a problem because pink is still failing now take a look the problem on our line if I do show IP pim BSR I don't have information for the BSR why because this information is actually coming from this IP address here I will also need to correct the RPF for RP now what I can do here is instead of using this one ipm rod I can say IPM route and tell the router you know what it's okay to receive any multicast traffic coming from this interface so now if I do show IP RPF this I will see now that what is actually used for RPF verification is the static enroute that allows for all traffic to arrive so at this point here well actually not yet because we need to hear from the BSR show IP pin BSR that's going to take some time so we can maybe debug it so debug IP pin BSR let's wait for the packets to actually be sent by r4 so it wasn't sent yet so we can see show IP pin so let's see when the packet will be sent so we can see that the next bootstrap message will be in fifteen seconds nine eight seven six now should be going out soon two seconds one second the message has gone out reached our to reached our six and by now should have arrived to our line and we can see that we actually do have the BSR information at this point our ping here actually works so at this point here we have corrected the multicast RPF problem now you can use also multicast bgp for this purpose but one thing before I'm not going to use that example now but order of RPF verification is as follows so the first thing that is going to be checked is unicast routing table then we are going to have multicast BGP and three we are going to have static but the problem is that the order is actually this way so it is again upside-down so unicast routing is last static is first multicast BGP is like this so here one two three so this is the order of preference now that means that static will win over multicast BGP will milk will over unicast routing but it's important is that it's a first match rule and not most specific match and this is the reason why our multicast route here that I use so here if I go to our line if I do show run it could I pick em rot I see that I have a static default M route pointing to cereal zero to zero but if I do show IP route one or two one sixty eight forty five zero I see that this is still pointing to this interface if it was the most specific match this would win over this one but it doesn't because it's the first match role so this is pretty much it that you need to know about the static RPF verification and about correcting the RPF failures in your life

Info

Channel: CCIEORDIE.COM

Views: 16,920

Rating: 4.982379 out of 5

Keywords:

Id: 8MpuH-_NYqo

Channel Id: undefined

Length: 38min 17sec (2297 seconds)

Published: Fri Feb 02 2018