Sunday, 11 November 2012

Multicast: Understanding RPF check


Multicast: Understanding RPF check

 

·         While configuring multicast, we often see RPF failures

·         What is RPF check and why it needs to be done?

·         If we see the multicast functionality, PIM depends on IGP protocols to find the best path.

·         And if multiple paths exist in the IGP and PIM is not enabled on the IGP best path, then we have issues.

·         To avoid this, RPF check is used.

·         This simply to check the source, where the packet is coming from; if the router uses the same interface to reach the source, then RPF check is pass or else it is fail.

·         Let me take 2 router topology to configure this and verify:

 

R1----S1/0--------------------------S1/0----R2

R1----S1/1--------------------------S1/1----R2

 

·         R1-R2 – Ser1/0: 10.1.21.0/24

·         R1-R2 – Ser1/1: 10.1.12.0/24

·         OSPF has been configured between R1 and R2

 

R1#show ip ospf nei

 

Neighbor ID     Pri   State           Dead Time   Address         Interface

2.2.2.2           0   FULL/  -        00:00:34    10.1.12.2       Serial1/1

2.2.2.2           0   FULL/  -        00:00:32    10.1.21.2       Serial1/0

R1#

R1#show ip route 2.2.2.2

Routing entry for 2.2.2.2/32

  Known via "ospf 1", distance 110, metric 65, type intra area

  Last update from 10.1.21.2 on Serial1/0, 00:00:07 ago

  Routing Descriptor Blocks:

  * 10.1.21.2, from 2.2.2.2, 00:00:07 ago, via Serial1/0

      Route metric is 65, traffic share count is 1

 

R1#

 

R2#show ip ospf nei

 

Neighbor ID     Pri   State           Dead Time   Address         Interface

1.1.1.1           0   FULL/  -        00:00:37    10.1.12.1       Serial1/1

1.1.1.1           0   FULL/  -        00:00:34    10.1.21.1       Serial1/0

R2#

R2#show ip route 1.1.1.1

Routing entry for 1.1.1.1/32

  Known via "ospf 1", distance 110, metric 65, type intra area

  Last update from 10.1.21.1 on Serial1/0, 00:01:27 ago

  Routing Descriptor Blocks:

  * 10.1.21.1, from 1.1.1.1, 00:01:27 ago, via Serial1/0

      Route metric is 65, traffic share count is 1

 

R2#

 

Observation:

·         OPSF neighbor relationship is up between R1-R2 Fa0/0 and Ser1/0

·         R1 and R2 using Fa0/0 to reach each other’s loopback0

 

·         Now, let me enable multicast (I’m using dense mode here).

·         R1’s loopback 1.1.1.1 is the server and R2’s loopback 2.2.2.2 is the client

·         I’m enabling multicast under Ser1/1, which not the best path to reach the loopbacks.

 

R1(config-if)#do show run int ser1/1

Building configuration...

 

Current configuration : 124 bytes

!

interface Serial1/1

 ip address 10.1.12.1 255.255.255.0

 ip pim dense-mode

 ip ospf cost 999

 serial restart-delay 0

end

 

R1(config-if)#do show run int loop0

Building configuration...

 

Current configuration : 82 bytes

!

interface Loopback0

 ip address 1.1.1.1 255.255.255.255

 ip pim dense-mode

end

 

R1(config-if)#

 

R2(config-if)#do show run int ser1/1

Building configuration...

 

Current configuration : 124 bytes

!

interface Serial1/1

 ip address 10.1.12.2 255.255.255.0

 ip pim dense-mode

 ip ospf cost 999

 serial restart-delay 0

end

 

R2(config-if)#do show run int loop0

Building configuration...

 

Current configuration : 115 bytes

!

interface Loopback0

 ip address 2.2.2.2 255.255.255.255

 ip pim dense-mode

 ip igmp join-group 227.27.27.27

end

 

R2(config-if)#

·         Now, let me verify multicast reachability by initiating the ping from R1:

 

R1#ping 227.27.27.27 source 1.1.1.1

 

Type escape sequence to abort.

Sending 1, 100-byte ICMP Echos to 227.27.27.27, timeout is 2 seconds:

Packet sent with a source address of 1.1.1.1

.

R1#

 

Observation:

·         Ping is unsuccessfulL

 

·         Now, let me check the multicast routing table to identify the problem:

 

R1#show ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report,

       Z - Multicast Tunnel, z - MDT-data group sender,

       Y - Joined MDT-data group, y - Sending to MDT-data group

Outgoing interface flags: H - Hardware switched, A - Assert winner

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 227.27.27.27), 00:07:40/stopped, RP 0.0.0.0, flags: D

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:07:40/00:00:00

 

(1.1.1.1, 227.27.27.27), 00:03:26/00:02:54, flags: T

  Incoming interface: Loopback0, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:03:26/00:00:00

 

(*, 224.0.1.40), 01:03:49/00:02:55, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:11:48/00:00:00

    Loopback0, Forward/Dense, 00:22:54/00:00:00

 

R1#

 

R2#show ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report,

       Z - Multicast Tunnel, z - MDT-data group sender,

       Y - Joined MDT-data group, y - Sending to MDT-data group

Outgoing interface flags: H - Hardware switched, A - Assert winner

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 227.27.27.27), 00:08:57/stopped, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:08:57/00:00:00

    Loopback0, Forward/Dense, 00:08:57/00:00:00

 

(1.1.1.1, 227.27.27.27), 00:00:10/00:02:49, flags: L

  Incoming interface: Null, RPF nbr 10.1.21.1

  Outgoing interface list:

    Loopback0, Forward/Dense, 00:00:10/00:00:00

    Serial1/1, Forward/Dense, 00:00:10/00:00:00

 

(*, 224.0.1.40), 01:03:32/00:02:52, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:11:53/00:00:00

    Loopback0, Forward/Dense, 01:02:26/00:00:00

 

R2#

 

Observation:

·         RPF check is failed in R2, because Ser1/0, 10.1.21.0/24 is the best path to reach the server 1.1.1.1 and multicast is not enabled under Ser1/0

·         This we can see in R2’s multicast routing table, incoming interface is set to NULL.

·         Solution is to create multicast static route in R2, mroute through Ser1/1

 

R2#conf t

Enter configuration commands, one per line.  End with CNTL/Z.

R2(config)#ip mroute 1.1.1.1 255.255.255.255 serial 1/1

R2(config)#

 

·         Now, let me verify multicast connectivity:

 

R1#ping 227.27.27.27

 

Type escape sequence to abort.

Sending 1, 100-byte ICMP Echos to 227.27.27.27, timeout is 2 seconds:

 

Reply to request 0 from 10.1.12.2, 92 ms

Reply to request 0 from 10.1.12.2, 92 ms

R1#

 

Observation:

·         Ping is successfulJ

 

·         Now, let me check the multicast routing table:

 

R1#show ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report,

       Z - Multicast Tunnel, z - MDT-data group sender,

       Y - Joined MDT-data group, y - Sending to MDT-data group

Outgoing interface flags: H - Hardware switched, A - Assert winner

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 227.27.27.27), 00:00:30/stopped, RP 0.0.0.0, flags: D

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:00:30/00:00:00

 

(1.1.1.1, 227.27.27.27), 00:00:30/00:02:31, flags: T

  Incoming interface: Loopback0, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:00:30/00:00:00

 

(*, 224.0.1.40), 01:17:39/00:02:08, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:25:38/00:00:00

    Loopback0, Forward/Dense, 00:36:44/00:00:00

 

R1#

 

R2#show ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report,

       Z - Multicast Tunnel, z - MDT-data group sender,

       Y - Joined MDT-data group, y - Sending to MDT-data group

Outgoing interface flags: H - Hardware switched, A - Assert winner

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 227.27.27.27), 00:22:49/stopped, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:22:49/00:00:00

    Loopback0, Forward/Dense, 00:22:49/00:00:00

 

(1.1.1.1, 227.27.27.27), 00:00:37/00:02:28, flags: LT

  Incoming interface: Serial1/1, RPF nbr 10.1.12.1, Mroute

  Outgoing interface list:

    Loopback0, Forward/Dense, 00:00:37/00:00:00

 

(*, 224.0.1.40), 01:17:24/00:02:09, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Serial1/1, Forward/Dense, 00:25:45/00:00:00

    Loopback0, Forward/Dense, 01:16:19/00:00:00

 

R2#

 

Observation:

·         RPF check is passed now, because, though Ser1/1 is not the best path to reach 1.1.1.1, I have created a static mroute to reach 1.1.1.1 through Ser1/1.

·         This we can see in R2’s multicast routing table, incoming interface is set to Ser1/1.
Posted by at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)