Monday 12 November 2012

Multicast: Configuring Source Specific Multicast:


Multicast: Configuring Source Specific Multicast:

·         PIM-SSM is the protocol required for configuring Source Specific Multicast.
·         IGMPv3 is required to do source specific filtering
·         As per RFC 4607, IPv4 uses 232.0.0.0 to 232.255.255.255 for Source specific multicast destination addresses and are reserved for use by source-specific applications and protocols.
·         SSM configuration steps:
·         We need to enable SSM by using “ip pim ssm default”, that means it uses default range 232.0.0.0/8
·         If we want to specify a specific range, we can use “ip pim ssm range <ACL>” command
·         Then we need specify IGMPv3 under the client.
·         Let me take a small topology to configure SSM:
 
R1----Ser1/0--------10.1.12.0/24-------Ser1/0-----R2
 
·         Let me configure SSM with default range first:
 
R1(config)#ip multicast-routing
R1(config)#ip pim ssm default
R1(config)#
R1(config)#int loop0
R1(config-if)#ip pim sparse-dense-mode
R1(config-if)#ip igmp version 3
R1(config-if)#int ser1/0
R1(config-if)#ip pim sparse-dense-mode
R1(config-if)#
 
 
R2(config)#ip multicast-routing
R2(config)#ip pim ssm default
R2(config)#
R2(config)#int loop0
R2(config-if)#ip pim sparse-dense-mode
R2(config-if)#ip igmp version 3
R2(config-if)#ip igmp join-group 232.2.2.2 source 1.1.1.1
R2(config-if)#
R2(config-if)#int ser1/0
R2(config-if)#ip pim sparse-dense-mode
 
·         Now, let me verify multicast connectivity by initiating the ping from server 1.1.1.1:
 
R1#ping 232.2.2.2 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 232.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
 
Reply to request 0 from 10.1.12.2, 52 ms
Reply to request 0 from 10.1.12.2, 52 ms
R1#
 
Observation:
·         Multicast functionality is working fine.
 
·         Now, let me create SSM with acess-list:
 
R1#show run | i access-li
access-list 1 permit 231.3.3.3
access-list 1 permit 231.2.2.2
R1#
R1#show run | i ssm
ip pim ssm range 1
R1#
 
R2#show run | i access-li
access-list 1 permit 231.3.3.3
access-list 1 permit 231.2.2.2
R2#
R2#show run | i ssm
ip pim ssm range 1
R2#
R2#show run int loop0
Building configuration...
 
Current configuration : 372 bytes
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
 ip pim sparse-mode
 ip igmp join-group 232.2.2.2 source 1.1.1.1
 ip igmp join-group 232.3.3.3 source 1.1.1.1
 ip igmp join-group 232.4.4.4 source 1.1.1.1
 ip igmp join-group 231.2.2.2 source 1.1.1.1
 ip igmp join-group 235.2.2.2 source 1.1.1.1
 ip igmp join-group 231.3.3.3 source 1.1.1.1
 ip igmp version 3
end
 
R2#
 
·         Now, let me verify multicast connectivity by initiating the ping from server 1.1.1.1:
 
R1#ping 231.2.2.2 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 231.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
 
Reply to request 0 from 10.1.12.2, 20 ms
Reply to request 0 from 10.1.12.2, 20 ms
R1#
R1#ping 231.3.3.3 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 231.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
 
Reply to request 0 from 10.1.12.2, 40 ms
Reply to request 0 from 10.1.12.2, 60 ms
R1#
 
Observation:
·         Multicast functionality is working fine for the source addresses that were matched with the access-list.
 
·         Now, let me try pining from the other addresses, that were not matched by the ACL:
 
R1#ping 232.2.2.2 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 232.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
.
R1#ping 232.3.3.3 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 232.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
.
R1#ping 235.2.2.2 source 1.1.1.1
 
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 235.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
.
R1#
 
Observation:
·         Multicast functionality is is failing for the source addresses that were not matched with the access-list.
 


No comments:

Post a Comment