CCIE STUFF

Wednesday, April 24, 2013

Misc Mcast-02

interesting debug command:
SW2#debug ip mpacket 238.1.1.1 detail
IP multicast packets debugging is on (detailed) for group 238.1.1.1
SW2#

mroute; multicast route info
The good old mroute command has some knobs that beats the 'debug' command in some situations.
R5#sh ip mroute count
IP Multicast Statistics
6 routes using 3528 bytes of memory
3 groups, 1.00 average sources per group
Forwarding Counts: Pkt Count/Pkts(neg(-) = Drops) per second/Avg Pkt Size/Kilobits per second
Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)

Group: 239.1.1.7, Source count: 3, Packets forwarded: 7, Packets received: 7
RP-tree: Forwarding: 4/0/100/0, Other: 4/0/0
Source: 150.1.10.10/32, Forwarding: 1/0/100/0, Other: 1/0/0
Source: 155.1.10.10/32, Forwarding: 1/0/100/0, Other: 1/0/0
Source: 155.1.108.10/32, Forwarding: 1/0/100/0, Other: 1/0/0

Group: 239.7.7.7, Source count: 0, Packets forwarded: 3, Packets received: 3
RP-tree: Forwarding: 3/0/100/0, Other: 3/0/0

Group: 224.0.1.40, Source count: 0, Packets forwarded: 0, Packets received: 0
R5#

Here is the gory details.

Group:	Summary statistics for traffic on an IP multicast group G. This row is displayed only for non-SSM groups.
Forwarding Counts:	Statistics on the packets that are received and forwarded to at least one interface. Note There is no specific command to clear only the forwarding counters; you can clear only the actual multicast forwarding state with the clear ip mroute command. Issuing this command will cause interruption of traffic forwarding.
Pkt Count/	Total number of packets received and forwarded since the multicast forwarding state to which this counter applies was created.
Pkts per second/	Number of packets received and forwarded per second. On an IP multicast fast-switching platform, this number is the number of packets during the last second. Other platforms may use a different approach to calculate this number. Please refer to the platform documentation for more information.
Avg Pkt Size/	Total number of bytes divided by the total number of packets for this multicast forwarding state. There is no direct display for the total number of bytes. You can calculate the total number of bytes by multiplying the average packet size by the packet count.
Kilobits per second	Bytes per second divided by packets per second divided by 1000. On an IP multicast fast switching platform, the number of packets per second is the number of packets during the last second. Other platforms may use a different approach to calculate this number. Please refer to the platform documentation for more information.
Other counts:	Statistics on the received packets. These counters include statistics about the packets received and forwarded and packets received but not forwarded.
Total/	Total number of packets received.
RPF failed/	Number of packets not forwarded due to a failed RPF or acceptance check (when bidir-PIM is configured).
Other drops(OIF-null, rate-limit etc)	Number of packets not forwarded for reasons other than an RPF or acceptance check (such as the OIF list was empty or because the packets were discarded because of a configuration, such as ip multicast rate-limit, was enabled).
Group:	Summary information about counters for (, G) and the range of (S, G) states for one particular group G. The following RP-tree: and Source: output fields contain information about the individual states belonging to this group. Note* For SSM range groups, the Group: displays are statistical. All SSM range (S, G) states are individual, unrelated SSM channels.
Source count:	Number of (S, G) states for this group G. Individual (S, G) counters are detailed in the Source: output field rows.
Packets forwarded:	The sum of the packets detailed in the Forwarding Counts: fields for this IP multicast group G. This field is the sum of the RP-tree and all Source: fields for this group G.
Packets received:	The sum of packets detailed in the Other counts fields for this IP multicast group G. This field is the sum of the Other count: Pkt Count fields of the RP-tree: and Source: rows for this group G.
RP-tree:	Counters for the (, G) state of this group G. These counters are displayed only for groups that have a forwarding mode that do not forward packets on the shared tree. These (,G) groups are bidir-PIM and PIM-SM groups. There are no RP-tree displays for PIM-DM and SSM range groups.
Source:	Counters for an individual (S, G) state of this group G. There are no (S, G) states for bidir-PIM groups.

to quickly find out if OIF is null or not, or mode of the group, etc.
R5#sh ip mroute sum
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode

(*, 239.1.1.7), 04:25:29/stopped, RP 150.1.8.8, OIF count: 1, flags: SJCF
(150.1.10.10, 239.1.1.7), 00:00:05/00:02:55, OIF count: 1, flags: JT
(155.1.10.10, 239.1.1.7), 00:00:05/00:02:55, OIF count: 1, flags: JT
(155.1.108.10, 239.1.1.7), 00:00:05/00:02:55, OIF count: 1, flags: JT

(*, 239.7.7.7), 04:25:18/00:02:38, RP 150.1.10.10, OIF count: 1, flags: SF

(*, 224.0.1.40), 04:25:40/00:02:37, RP 0.0.0.0, OIF count: 1, flags: DCL

R5#
mstat; multicast statistics
SW1#mstat 150.1.10.10 150.1.7.7
Type escape sequence to abort.
Mtrace from 150.1.10.10 to 150.1.7.7 via RPF
From source (?) to destination (?)
Waiting to accumulate statistics......
Results after 10 seconds:

Source        Response Dest   Packet Statistics For     Only For Traffic
150.1.10.10     155.1.37.7      All Multicast Traffic     From 150.1.10.10
     |       __/ rtt 83   ms   Lost/Sent = Pct Rate     To 0.0.0.0
     v      /     hop 83   ms   ---------------------     --------------------
150.1.10.10     SW4

155.1.108.10    ?
     |     ^      ttl   0
     v     |      hop 418 ms    -2/0 = --%      0 pps    0/0 = --% 0 pps
155.1.108.8     SW2
155.1.58.8      ?
     |     ^      ttl   1
     v     |      hop -2   s     0/0 = --%      0 pps    0/0 = --% 0 pps
155.1.58.5       R5
155.1.0.5       ?
     |     ^      ttl   2
     v     |      hop -12 s     0/0 = --%      0 pps    0/0 = --% 0 pps
155.1.0.3       R3
155.1.37.3      ?
     |     ^      ttl   3
     v     |      hop 14   s     0/0 = --%      0 pps    0/0 = --% 0 pps
155.1.37.7      SW1
150.1.7.7       ?
     |      \__   ttl   4
     v         \ hop 0    ms        0         0 pps           0    0 pps
150.1.7.7       155.1.37.7
Receiver      Query Source

SW1#
mrinfo; multicast router info
SW1#mrinfo 150.1.5.5
150.1.5.5 [version 12.4] [flags: PMA]:
150.1.5.5 -> 0.0.0.0 [1/0/pim/querier/leaf]
155.1.58.5 -> 155.1.58.8 [1/0/pim]
155.1.45.5 -> 155.1.45.4 [1/0/pim]
155.1.0.5 -> 155.1.0.2 [1/0/pim/querier]
155.1.0.5 -> 155.1.0.1 [1/0/pim/querier]

SW1#mrinfo
155.1.7.7 [version 12.2] [flags: PMA]:
155.1.7.7 -> 0.0.0.0 [1/0/pim/querier/leaf]
155.1.67.7 -> 155.1.67.6 [1/0/pim/querier]
155.1.79.7 -> 155.1.79.9 [1/0/pim]
155.1.37.7 -> 0.0.0.0 [1/0/pim/querier/leaf]
150.1.7.7 -> 0.0.0.0 [1/0/pim/querier/leaf]

SW1#

mtrace; multicast traceroute
SW1#mtrace 150.1.8.8
Type escape sequence to abort.
Mtrace from 150.1.8.8 to 155.1.37.7 via RPF
From source (?) to destination (?)
Querying full reverse path...
0 155.1.37.7
-1 155.1.37.7 PIM [150.1.8.0/24]
-2 155.1.37.3 PIM [150.1.8.0/24]
-3 155.1.0.5 PIM [150.1.8.0/24]
-4 155.1.58.8 PIM [150.1.8.0/24]
-5 150.1.8.8
SW1#

rpf; reverse path forwarding check
R5#sh ip rpf 150.1.7.7
RPF information for ? (150.1.7.7)
RPF interface: Serial0/0/0
RPF neighbor: ? (155.1.0.3)
RPF route/mask: 150.1.7.0/24
RPF type: unicast (ospf 1)
RPF recursion count: 0
Doing distance-preferred lookups across tables
R5#

Possible sources of RPF information are:

Unicast Routing Table,
MBGP routing table,
DVMRP routing table and
Static Mroute table.

When you calculate the RPF interface, primarily administrative distance is used to determine exactly which source of information the RPF calculation is based on. The specific rules are

All preceding sources of RPF data are searched for a match on the source IP address.

When using Shared Trees, the RP address is used instead of the source address.
If more than one matching route is found, the route with the lowest administrative distance is used.
If the admin distances are equal, then this order of preference is used:

Static mroutes
DVMRP routes
MBGP routes
Unicast routes

If multiple entries for a route occur within the same route table, the longest match route, longest subnet mask, is used.

Tuesday, April 23, 2013

Misc Mcast-01

ip pim rp-announce-filter
Only routers configured as mapping agents subscribe to candidate RP announcement messages. Therefore, the ip pim rp-announce-filter global configuration command is effective only when configured on a mapping agent router. This command has no effect when configured on any other router.

R5(config)#do sh run | i rp-
ip pim send-rp-discovery Loopback0 scope 16
ip pim rp-announce-filter rp-list RPS group-list DENSE
R5(config)#

The following example configures the router to accept RP announcements from RPs in access list 1 for group ranges described in access list 2; note the ACEs in access-list 2.

ip pim rp-announce-filter rp-list 1 group-list 2
access-list 1 permit 10.0.0.1
access-list 1 permit 10.0.0.2
access-list 2 permit 224.0.0.0 192.168.255.255

If rp-list is missing, filtering is then based on group-list and vice versa.

mtrace
This command is great to give you an overview of your topology with regards to any S and G you're tracking. Note that 155.1.67.7 which was a test vlan on SW1 showing up!

R6#mstat 150.1.6.6 150.1.10.10 224.0.1.40
Type escape sequence to abort.
Mtrace from 150.1.6.6 to 150.1.10.10 via group 224.0.1.40
From source (R6) to destination (?)
Waiting to accumulate statistics....* .* .
Results after 13 seconds:

Source        Response Dest   Packet Statistics For     Only For Traffic
150.1.6.6       150.1.6.6       All Multicast Traffic     From 150.1.6.6
     |       __/ rtt 48   ms   Lost/Sent = Pct Rate     To 224.0.1.40
     v      /     hop -1   s    ---------------------     --------------------
150.1.6.6
155.1.67.6      ?
     |     ^      ttl   0
     v     |      hop 719 ms    -4/0 = --%      0 pps    0/0 = --% 0 pps
155.1.67.7
155.1.37.7      ?
     |     ^      ttl   1
     v     |      hop -14 s     0/0 = --%      0 pps    0/0 = --% 0 pps
155.1.37.3
155.1.0.3       ?
     |     ^      ttl   2
     v     |      hop 12   s     0/0 = --%      0 pps    0/0 = --% 0 pps
155.1.0.5
155.1.58.5      ?
     |     ^      ttl   3
     v     |      hop 2441 ms    -3/0 = --%      0 pps    0/0 = --% 0 pps
155.1.58.8
155.1.108.8     ?
     |     ^      ttl   4
     v     |      hop -1   s     -3/0 = --%      0 pps    0/0 = --% 0 pps
155.1.108.10    ?
     |      \__   ttl   5
     v         \ hop 1211 ms        0         0 pps           0    0 pps
150.1.10.10     150.1.6.6
Receiver      Query Source

R6#

mrinfo
This command shows multicast neighbor router information, router capabilities and code version, multicast interface information, TTL thresholds, metrics, protocol, and status. It is useful when you need to verify multicast neighbors, confirm that bi−directional neighbor adjacency exists, and verify that tunnels are up in both directions.
R1#mrinfo
155.1.146.1 [version 12.4] [flags: PMA]:
155.1.146.1 -> 155.1.146.4 [1/0/pim/querier]
155.1.146.1 -> 155.1.146.6 [1/0/pim/querier]
155.1.0.1 -> 155.1.0.5 [1/0/pim]
150.1.1.1 -> 150.1.9.9 [1/0/tunnel/pim]
150.1.1.1 -> 0.0.0.0 [1/0/pim/querier/leaf]
150.1.1.1 -> 150.1.3.3 [1/0/tunnel/pim]

R1#
R1#sh ip pim ne
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
      S - State Refresh Capable
Neighbor          Interface                Uptime/Expires    Ver   DR
Address                                                            Prio/Mode
155.1.146.4       GigabitEthernet0/0       1w1d/00:01:24     v2    1 / S P
155.1.146.6       GigabitEthernet0/0       1w1d/00:01:38     v2    1 / S P
155.1.0.5         Serial0/0/0.1            1w1d/00:01:34     v2    1 / S P
150.1.9.9         Tunnel0                  1d23h/00:01:24    v2    1 / S P
150.1.3.3         Tunnel1                  1d23h/00:01:22    v2    1 / S P
R1#

Friday, April 19, 2013

Mcast Commands

ip pim accept-rp
To configure a router to accept join or prune messages destined for a specified rendezvous point (RP) and for a specific list of groups:

ip pim [vrf vrf-name] accept-rp {rp-address | auto-rp} [access-list]
The following example states that the router will accept join or prune messages destined for the RP at address 172.17.1.1 for the multicast group 224.2.2.2:

ip pim accept-rp 172.17.1.1 3
access-list 3 permit 224.2.2.2

ip pim accept-register
To configure a candidate rendezvous point (RP) router to filter Protocol Independent Multicast (PIM) register messages, use the ip pim accept-register command.

ip pim [vrf vrf-name] accept-register {list access-list | route-map map-name}

The following example shows how to restrict the RP from allowing sources in the Source Specific Multicast (SSM) range of addresses to register with the RP. These statements need to be configured only on the RP.
ip pim accept-register list no-ssm-range
ip access-list extended no-ssm-range
deny ip any 232.0.0.0 0.255.255.255
permit ip any any

no ip pim rp-address bug
If the access-list is removed before issuing no ip rp-address statement, we see Access list associated with RP must be standard on the console.
The work-around is to create an empty list and then try the 'no' and remove the command.

SW2(config)#no ip pim rp-address 150.1.5.5 10
Access list associated with RP must be standard.
SW2(config)#
SW2(config)#do sh run | i access-list
ip access-list standard GROUP
SW2(config)#
SW2(config)#ip access-list st 10
SW2(config-std-nacl)#exit
SW2(config)#
SW2(config)#no ip pim rp-address 150.1.5.5 10
SW2(config)#

Wednesday, April 17, 2013

Misc Mcast-00 (troubleshooting)

Good Link for troubleshooting mcast from INE:
http://blog.ine.com/2010/09/17/troubleshooting-multicast-routing/

Cisco link for common problems:
http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080094b55.shtml

ip pim accept-rp { rp-address | auto-rp} [ access-list]
if a match is found with this command/filter the (*,G) is processed as PIM SPARSE and the following message will be generated from the RP configured with the filter when 'sender' trying to register with RP for the group.

R5#sh run | i (-rp|rp-)
ip pim rp-address 150.1.5.5 10
ip pim accept-rp 150.1.5.5 GROUP
R5#
R5#sh ip access GROUP
Standard IP access list GROUP
    20 permit 224.110.110.110 (15 matches)
    10 permit 224.10.10.10 (484 matches)
R5#
%PIM-1-INVALID_RP_REG: Received Register from router 155.1.146.6 for group 224.11.11.11, 150.1.5.5 not willing to be RP

The PIM DR priority is PREEMPTIVE! and subject to RPF check.

R1(config-if)#ip pim dr-priority 111
R1(config-if)#do sh ip pim int

Address          Interface                Ver/   Nbr    Query DR     DR
                                          Mode   Count Intvl Prior
155.1.146.1      GigabitEthernet0/0       v2/SD 2      30     111    155.1.146.1
155.1.0.1        Serial0/0/0.1            v2/SD 1      30     1      0.0.0.0
R1(config-if)#

%PIM-5-DRCHG: DR change from neighbor 155.1.146.6 to 155.1.146.1 on interface GigabitEthernet0/0.146

Tools for debugging mcast issues:
mrinfo
This command shows multicast neighbor router information, router capabilities and code version, multicast interface information, TTL thresholds, metrics, protocol, and status. It is useful when you need to verify multicast neighbors, confirm that bi-directional neighbor adjacency exists, and verify that tunnels are up in both directions.

P = prune-capable
M = mtrace-capable
S = SNMP-capable
A = Auto-RP-capable

R5#mrinfo
155.1.58.5 [version 12.4] [flags: PMA]:
150.1.5.5 -> 0.0.0.0 [1/0/pim/querier/leaf]
155.1.58.5 -> 155.1.58.8 [1/0/pim]
155.1.45.5 -> 155.1.45.4 [1/0/pim]
155.1.0.5 -> 155.1.0.1 [1/0/pim/querier]

R5#sh ip pim ne
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
      S - State Refresh Capable
Neighbor          Interface                Uptime/Expires    Ver   DR
Address                                                            Prio/Mode
155.1.58.8        GigabitEthernet0/0       4d12h/00:01:25    v2    1 / DR S P
155.1.45.4        Serial0/0/1              4d12h/00:01:42    v2    1 / S P
155.1.0.1         Serial0/0/0              3d16h/00:01:25    v2    1 / S P
R5#

Sparse-Dense Mode for Auto-RP
A prerequisite of Auto-RP is that all interfaces must be configured in sparse-dense mode using the ip pim sparse-dense-mode interface configuration command. An interface configured in sparse-dense mode is treated in either sparse mode or dense mode of operation, depending on which mode the multicast group operates. If a multicast group has a known RP, the interface is treated in sparse mode. If a group has no known RP, the interface is treated in dense mode and data will be flooded over this interface.

To successfully implement Auto-RP and prevent any groups other than 224.0.1.39 and 224.0.1.40 from operating in dense mode, we recommend configuring a sink RP (also known as RP of last resort). A sink RP is a statically configured RP that may or may not actually exist in the network. Configuring a sink RP does not interfere with Auto-RP operation because, by default, Auto-RP messages supersede static RP configurations. We recommend configuring a sink RP for all possible multicast groups in your network, because it is possible for an unknown or unexpected source to become active. If no RP is configured to limit source registration, the group may revert to dense mode operation and be flooded with data.

deny in this context qualifies the entry for Dense mode operation.
ip pim rp-address 1.1.1.1 20
access-list 20 deny 224.0.1.39
access-list 20 deny 224.0.1.40
access-list 20 permit 224.0.0.0 15.255.255.255

Access rule can't be configured at higher sequence num
SW2(config)#ip access s GROUPS
SW2(config-std-nacl)#permit 224.0.0.0 15.255.255.255
SW2(config-std-nacl)#permit 232.0.0.0 7.255.255.255
SW2(config-std-nacl)#deny 224.110.110.110
SW2(config-std-nacl)#
12w3d: Access rule can't be configured at higher sequence num as it is part of the existing rule at sequence num 10
SW2(config-std-nacl)#
SW2(config-std-nacl)#do sh ip access
Standard IP access list GROUPS
    10 permit 224.0.0.0, wildcard bits 15.255.255.255
    20 permit 232.0.0.0, wildcard bits 7.255.255.255
SW2(config-std-nacl)#
SW2(config-std-nacl)#no ip access s GROUPS
SW2(config)#ip access s GROUPS
SW2(config-std-nacl)#deny 224.110.110.110
SW2(config-std-nacl)#permit 224.0.0.0 15.255.255.255
SW2(config-std-nacl)#permit 232.0.0.0 7.255.255.255
SW2(config-std-nacl)#
SW2(config-std-nacl)#do sh ip access
Standard IP access list GROUPS
    10 deny   224.110.110.110
    20 permit 224.0.0.0, wildcard bits 15.255.255.255
    30 permit 232.0.0.0, wildcard bits 7.255.255.255
SW2(config-std-nacl)#

in the same token, note that deny is causing the entry to be treated as Dense Mode.

SW2#sh run | i rp-
ip pim send-rp-announce Loopback0 scope 16 group-list GROUPS
SW2#
SW2#sh ip access
Standard IP access list GROUPS
    10 deny   224.110.110.110
    20 permit 224.0.0.0, wildcard bits 7.255.255.255
    30 permit 232.0.0.0, wildcard bits 7.255.255.255
SW2#
SW2#sh ip pim rp ma
PIM Group-to-RP Mappings
This system is an RP (Auto-RP)

Group(s) 224.0.0.0/5
RP 150.1.10.10 (?), v2v1
    Info source: 150.1.5.5 (?), elected via Auto-RP
         Uptime: 01:16:20, expires: 00:02:08
Group(s) (-)224.110.110.110/32
RP 150.1.10.10 (?), v2v1
    Info source: 150.1.5.5 (?), elected via Auto-RP
         Uptime: 01:16:20, expires: 00:02:07
Group(s) 232.0.0.0/5
RP 150.1.10.10 (?), v2v1
    Info source: 150.1.5.5 (?), elected via Auto-RP
         Uptime: 01:16:20, expires: 00:02:07
SW2#

mtrace order of operations.
Note the From/To fields in mtrace that shows respective interfaces and direction.
R5#mtrace 150.1.3.3 150.1.5.5
Type escape sequence to abort.
Mtrace from 150.1.3.3 to 150.1.5.5 via RPF
From source (?) to destination (R5)
Querying full reverse path...
0 R5 (150.1.5.5)
-1 R5 (150.1.5.5) PIM [150.1.3.0/24]
-2 155.1.0.2 PIM [150.1.3.0/24]
-3 155.1.23.3 PIM [150.1.3.0/24]
-4 150.1.3.3
R5#mtrace 150.1.5.5 150.1.3.3
Type escape sequence to abort.
Mtrace from 150.1.5.5 to 150.1.3.3 via RPF
From source (R5) to destination (?)
Querying full reverse path...
0 150.1.3.3
-1 155.1.13.3 PIM [150.1.5.0/24]
-2 155.1.23.2 PIM [150.1.5.0/24]
-3 155.1.0.5 PIM [150.1.5.0/24]
-4 R5 (150.1.5.5)
R5#

The RP candidate uses default priority 0 (Cisco implementation, whereas the standard uses 192, max. 255). RP with the LOWEST priority (0) is preferred.
In PIMv2, a BSR is the equivalent of Mapping Agent used in Auto-RP. BSR default priority is 0 (0-255). Candidate with the HIGHEST priority is preferred if multiple BSR candidates exist.

http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti/command/imc-cr-book.html

Sunday, April 14, 2013

Multicast DR and DF

Designated Forwarder uses Assert Messages to forward the traffic to a shared segment.

The router generating an Assert with the lowest Admin Distance is elected the forwarder. If the Admin Distances are the same then,
The lowest unicast routing metric is used to break a tie. If metrics are the same,
The device with the highest IP Address will be elected as the PIM Forwarder.

Note the Assert Looser will prune it's interface(s) for that segment; flags P on show ip mroute command and Assert Winner will have the A flag set/displayed.
Also note the NBMA networks may be more prone to multicast flow breakage if the wrong router is elected/assigned the DR role; Hub and Spoke frame-relay is an example when Spoke becomes DF, thus Hub stops sending multicast traffic to other Spokes.

R1#sh ip mroute 239.6.6.6 155.1.108.10
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode

(155.1.108.10, 239.6.6.6), 00:01:35/00:01:29, flags: T
Incoming interface: Serial0/0/0.1, RPF nbr 155.1.0.5
Outgoing interface list:
    GigabitEthernet0/0, Forward/Sparse-Dense, 00:01:35/00:00:00, A
R1#
R4#sh ip mroute 239.6.6.6 155.1.108.10
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report,
       Z - Multicast Tunnel, z - MDT-data group sender,
       Y - Joined MDT-data group, y - Sending to MDT-data group,
       V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode

(155.1.108.10, 239.6.6.6), 00:00:15/00:02:48, flags: PT
Incoming interface: Serial0/0/1, RPF nbr 155.1.45.5
Outgoing interface list:
    GigabitEthernet0/1, Prune/Sparse-Dense, 00:00:14/00:02:45
R4#

Designated Router uses PIM Hello messages, every 30 seconds, to elect a router on the shared segment to do the IGMP Query for the segment towards the upstream PIM neighbors.

If the router, after 105 seconds, hears no response, it declares itself as DR.
On hearing from other routers, higher IP address determines the DR.

Note when source of the multicast is also the DR of that segment, in that case DR can not register the source with the RP so, the RPF check may fail!

Sunday, April 7, 2013

BGP MISCELLANEOUS

neighbor a.b.c.d TTL-security hops

- remember to enable the feature on both ends of peering, else session will not come up.

R1#sh bgp sum
BGP router identifier 150.1.1.1, local AS number 146
BGP table version is 270, main routing table version 270
40 network entries using 5280 bytes of memory
68 path entries using 3536 bytes of memory
19/12 BGP path/bestpath attribute entries using 3192 bytes of memory
6 BGP AS-PATH entries using 144 bytes of memory
2 BGP community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 5) using 64 bytes of memory
BGP using 12264 total bytes of memory
Dampening enabled. 0 history paths, 0 dampened paths
BGP activity 148/108 prefixes, 1818/1750 paths, scan interval 60 secs

Neighbor        V        AS MsgRcvd MsgSent   TblVer InQ OutQ Up/Down State/PfxRcd
155.1.0.5       4        200    8037    8197      270    0    0 01:28:49       19
155.1.13.3      4        200    7861    8092        0    0    0 00:00:45 Active
155.1.146.4     4        146    8469    8269      270    0    0 3d23h          30
155.1.146.6     4        146    7820    8186      270    0    0 3d23h          17
R1#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router bgp 200
BGP is already running; AS is 146
R1(config)#router bgp 146
R1(config-router)#nei 155.1.13.3 ttl hop 1
R1(config-router)#
.Apr 8 00:34:46.955: %BGP-5-ADJCHANGE: neighbor 155.1.13.3 Up
R1(config-router)#

BGP ORF (Outbound Route Filtering)

The BGP Prefix-Based Outbound Route Filtering feature is enabled through the advertisement of ORF capabilities to peer routers. The advertisement of the ORF capability indicates that a BGP speaker will accept a prefix list from a neighbor and apply the prefix list to locally configured ORFs (if any exist).

When this capability is enabled, the BGP speaker can install the inbound prefix list filter to the remote peer as an outbound filter, which reduces unwanted routing updates.

- ORF is a BGP capability (Code 3), can be send only, receive only, or send AND receive, aka both.
- prefix-list MUST be applied 'in' on the sender side.
- clear ip bgp * soft in prefix-filter to propagate the config.

R1#sh run | i bgp|1.13.3
router bgp 146
bgp router-id 150.1.1.1
bgp log-neighbor-changes
bgp dampening route-map DAMP
neighbor 155.1.13.3 remote-as 200
neighbor 155.1.13.3 local-as 100 no-prepend replace-as
neighbor 155.1.13.3 send-community
neighbor 155.1.13.3 capability orf prefix-list receive
neighbor 155.1.13.3 advertisement-interval 0
neighbor 155.1.13.3 soft-reconfiguration inbound
ip bgp-community new-format
R1#

R3#sh run | i bgp|1.13.1
router bgp 200
bgp always-compare-med
bgp log-neighbor-changes
bgp deterministic-med
bgp dampening 4
neighbor 155.1.13.1 remote-as 100
neighbor 155.1.13.1 send-community both
neighbor 155.1.13.1 capability orf prefix-list send
neighbor 155.1.13.1 soft-reconfiguration inbound
neighbor 155.1.13.1 prefix-list ORF-SEND in
neighbor 155.1.13.1 route-map COM200 in
ip bgp-community new-format
R3#

Verification:

R3#sh ip pref det ORF-SEND
ip prefix-list ORF-SEND:
   count: 3, range entries: 1, sequences: 5 - 15, refcount: 3
   seq 5 deny 112.0.0.0/8 (hit count: 1, refcount: 1)
   seq 10 deny 114.0.0.0/8 (hit count: 1, refcount: 2)
   seq 15 permit 0.0.0.0/0 le 32 (hit count: 38, refcount: 1)
R3#

R1#sh ip bgp ne 155.1.13.3 received pref
Address family: IPv4 Unicast
ip prefix-list 155.1.13.3: 3 entries
   seq 5 deny 112.0.0.0/8
   seq 10 deny 114.0.0.0/8
   seq 15 permit 0.0.0.0/0 le 32
R1#
R1#sh ip bgp ne 155.1.13.3 | i ORF
    Outbound Route Filter (ORF) type (128) Prefix-list:
Outbound Route Filter (ORF): received (3 entries)
    ORF prefix-list:                      2        n/a
R1#
R1#
R1#sh run | i orf
neighbor 155.1.0.5 capability orf prefix-list receive
neighbor 155.1.13.3 capability orf prefix-list receive
R1#

R1#debug ip bgp 155.1.13.3 updates
BGP updates debugging is on for neighbor 155.1.13.3 for address family: IPv4 Unicast
R1#