MVPN for IPv4/IPv6 in Nokia SR OS and Cisco IOS XR. Part 1 – GRE transport
Anton Karneliuk
Hello my friend,
The next logical step in multicast journey is to enable multicast support in VPN. Whereas there are almost no problems to do it in L2 VPN (like VPWS and VPLS), there are tremendous amount of options, how to do in L3 VPN. Let’s see what we can do.
1 2 3 4 5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
Brief overview
MVPN stands for multicast VPN. In a nutshell it’s a set of technologies, which can be grouped in 3 major categories:
P-MCAST signaling. It’s set of technologies used to setup MDT (multicast distribution tree) within SP core. There are PIM, mLDP, mRSVP-TE coupled by BGP for Auto-discovery (if necessary) available.
P-MCAST transport. It’s set of technologies how to encapsulate customer multicast traffic in SP core network. There are GRE or MPLS (LDP or RSVP-TE) available.
C-MCAST signaling. It’s set of technologies used to propagate customer multicast-routes between PE routers within SP-core. There are PIM or BGP (AFI/SAFI: MVPN IPv4/IPv6) available
At the end of the day certain MVPN option will be particular subset of mentioned technologies (one of each category). What you also need to understand is that not all the combinations are possible. Cisco calls such options MVPN profile and they have 27 profiles actually:
There are a lot of theory behind those MVPN flavors, which is impossible to describe in single article. I will share some links in the end part, where you might see some theory, if you need it.
What are we going to test?
We’ll configure 5 different MVPN profiles. Two of them are based on GRE transport (one uses PIM signaling for customer routes and another uses BGP):
Profile 0 Default MDT – GRE – PIM C-mcast Signaling
The final profile we are going is partitioned MDT. The main it’s reason comparing to default MDT is absence of I-PMSI (inclusive tree). It’s useful if the customer has only SSM routes.
For tests in this lab I use the following versions of software for routers:
Nokia (Alcatel-Lucent) SR OS 14.0.R4
Cisco IOS XRv 6.1.2
As I said in the previous article about multicast, there are some problems with multicast in VSR with SR OS version 15.0.R4. The reason for that is absence of multicast support in VSR-I mode, which is basis for 15.0.R4. As I was said, it is going to be supported, but later. We’ll see how VSR will be developed further.
Topology
Physical topology is quite well known, if you have read other articles in my series:
Pay attention to the fact that we use vnet2 and vnet6 interfaces at Nokia (Alcatel-Lucent) SR OS routers VSR1 and VSR2, because we have to create SAP for customer ports.
The logical topology is quite similar to previous one:
Routers SR1, SR2 and XR3 are PE routers that terminate customer connectivity in BGP/MPLS IP VPN instances. Interconnect links are redistributed into MP-BGP (both form IPv4 and IPv6), whereas multicast clients (created as VRFs) have only default routes in direction of the closest PE. As MPLS dataplane we use ordinary LDP.
Before we go into MVPN details, let’s make sure that unicast connectivity with L3VPN is working across our multivendor service provider core build on Nokia (Alcatel-Lucent) VSR (SR 7750) and Cisco IOS XRv (ASR 9000) routers:
RP/0/0/CPU0:XR4#ping vrf R41 10.255.114.44
Sending 5, 100-byte ICMP Echos to 10.255.114.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R41 10.255.124.44
Sending 5, 100-byte ICMP Echos to 10.255.124.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/11/19 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R41 10.255.134.44
Sending 5, 100-byte ICMP Echos to 10.255.134.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/19 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R41 fc00::10:255:114:44
Sending 5, 100-byte ICMP Echos to fc00::10:255:114:44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R41 fc00::10:255:124:44
Sending 5, 100-byte ICMP Echos to fc00::10:255:124:44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/27/49 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R41 fc00::10:255:134:44
Sending 5, 100-byte ICMP Echos to fc00::10:255:134:44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/9 ms
Looks good, isn’t it? Let’s go further.
Configuration of MVPN profile 0 (GRE transport, PIM signalling for P Core and for Clients, BGP MDT for Auto Discovery) for IPv4/IPv6
To provide the multicast service for the customer we need to do the following steps:
Configure PIM in SP core on all interfaces
Configure MP-BGP (IPv4 MDT) between all PE
Configure VPRN/VRF to support multicast (PIM, IGMP, MLD)
Configure mapping of customer multicast (VRF) to core trees (in global routing table – GRT)
The configuration will be quite long, but it’s unavoidable, when we speak about introduction of the such complex service:
Nokia (Alcatel-Lucent) SR OS
Cisco IOS XR
SR1
XR3
A:SR1>edit-cfg# candidate view
=========================
configure
router
bgp
group “IBGP_PEERS”
family vpn-ipv4 vpn-ipv6 mdt-safi
exit
exit
igmp
interface “toSR2”
no shutdown
exit
interface “toXR3”
no shutdown
exit
interface “toXR4”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
enable-mdt-spt
interface “toSR2”
exit
interface “toXR3”
exit
interface “toXR4”
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
exit
service
vprn 10 customer 1 create
igmp
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
mld
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toCLIENT”
priority 100
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
mvpn
auto-discovery mdt-safi source-address 10.0.0.11
provider-tunnel
inclusive
pim ssm 232.0.0.10
exit
exit
selective
pim-ssm 232.11.4.0/24
exit
exit
vrf-target unicast
exit
exit
exit
exit
exit
=========================
A:SR2>edit-cfg# candidate view
=========================
configure
router
bgp
group “IBGP_PEERS”
family vpn-ipv4 vpn-ipv6 mdt-safi
exit
exit
igmp
interface “toSR1”
no shutdown
exit
interface “toXR4”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
enable-mdt-spt
interface “toSR1”
exit
interface “toXR4”
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
exit
service
vprn 10 customer 1 create
igmp
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
mld
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toCLIENT”
priority 100
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
mvpn
auto-discovery mdt-safi source-address 10.0.0.22
provider-tunnel
inclusive
pim ssm 232.0.0.10
exit
exit
selective
pim-ssm 232.22.4.0/24
exit
exit
vrf-target unicast
exit
exit
exit
exit
exit
=========================
RP/0/0/CPU0:XR4#show run
!
multicast-routing
address-family ipv4
mdt source Loopback0
interface all enable
accounting per-prefix
!
!
router pim
address-family ipv4
log neighbor changes
!
!
end
Both for Nokia (Alcatel-Lucent) SR OS and Cisco IOS XR we show only extension to BGP, which is necessary to fulfil the task. Refer to initial configuration for more details.
Configuration of the multicasting in SP core is pretty the same as we did in previous article, so we don’t stop here. The same statement is applicable for enabling multicast support in VPRN/VRF. BGP configuration is very easy as well, as we only add additional address-family to existing sessions.
Remember that BGP session flaps, when you add new address-family to it.
The most important and complex configuration is mapping of customer multicast to SP Core multicast. In Nokia (Alcatel-Lucent) SR OS all the configuration is done within “mvpn” part of VPRN configuration. In Cisco IOS XR we have two major pillars, which are “multicast-routing vrf CUST” and “router pim vrf CUST”. In the first one we define parameters of MDT tree and in the second one we instruct PIM how to perform RPF check (what topology to use) for multicast traffic as well as what protocol we use for customer signalling. Let’s issue some “show” commands in order to verify operation of multicast.
The first one is summary of MVPN configuration at SR1:
A:SR1# show router 10 mvpn
===============================================================================
MVPN 10 configuration data
===============================================================================
signaling : Pim auto-discovery : Mdt-Safi
UMH Selection : N/A SA withdrawn : N/A
intersite-shared : N/A Persist SA : N/A
source-address : 10.0.0.11
vrf-import : N/A
vrf-export : N/A
vrf-target : unicast
C-Mcast Import RT : target:10.0.0.11:2
.
ipmsi : pim-ssm 232.0.0.10
admin status : Up three-way-hello : N/A
hello-interval : 30 seconds hello-multiplier : 35 * 0.1
tracking support : Disabled Improved Assert : Enabled
i-pmsi Tunnel Name : 10-mt-232.0.0.10
.
BSR signalling : none
Wildcard s-pmsi : Disabled
Multistream-SPMSI : Disabled
spmsi : pim-ssm 232.11.4.0/24
join-tlv-packing : Enabled spmsi-auto-discove*: Disabled
data-delay-interval: 3 seconds
enable-asm-mdt : N/A
===============================================================================
* indicates that the corresponding row element may have been truncated.
Another useful command for troubleshooting is see the content of BGP MDT table:
A:SR1# show router bgp routes mdt-safi
===============================================================================
BGP Router ID:10.0.0.11 AS:65000 Local AS:65000
===============================================================================
Legend –
Status codes : u – used, s – suppressed, h – history, d – decayed, * – valid
. l – leaked, x – stale, > – best, b – backup, p – purge
Origin codes : i – IGP, e – EGP, ? – incomplete
===============================================================================
BGP MDT-SAFI Routes
===============================================================================
Flag Network LocalPref MED
. Nexthop Group-Addr Label
. As-Path
——————————————————————————-
u*>i 65000:10:10.0.0.22 100 0
. 10.0.0.22 232.0.0.10 –
. No As-Path
u*>i 65000:10:10.0.0.33 100 None
. 10.0.0.33 232.0.0.10 –
. No As-Path
——————————————————————————-
Routes : 2
===============================================================================
For Cisco IOX XR we can check BGP table and RPF policy:
RP/0/0/CPU0:XR3#show bgp ipv4 mdt
Status codes: s suppressed, d damped, h history, * valid, > best
. i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
. Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:10
*>i10.0.0.11/96 10.0.0.11 0 100 0 i
*>i10.0.0.22/96 10.0.0.22 0 100 0 i
*> 10.0.0.33/96 0.0.0.0 0 i
Processed 3 prefixes, 3 paths
!
!
RP/0/0/CPU0:XR3#show pim vrf CUST rpf route-policy statistics
RPF route-policy statistics for VRF CUST:
. Route-policy name: RP_MCAST_CORE
. Number of lookup requests 21
. Pass 21, Drop 0
. Default RPF Table selection 21, Specific RPF Table selection 0
There are some other check commands, but it’s much better to configure multicast clients and test how multicast traffic flows across our VPN. The topology of the multicast within customer network is the following:
At the customer side we do the following configuration:
Actually Cisco IOS XRv router XR4 emulates all multicast sender and receivers. There are two streams for IPv4:
R41 is client of SSM group 232.0.0.11 with source R43
R43 is client of ASM group 239.0.0.33, where R42 is RP and R41 is sender
Let’s test both streams:
RP/0/0/CPU0:XR4#ping vrf R41 239.0.0.44 rep 5
Sending 5, 100-byte ICMP Echos to 239.0.0.44, timeout is 2 seconds:
.
Reply to request 1 from 10.255.134.44, 19 ms
Reply to request 2 from 10.255.134.44, 19 ms
Reply to request 3 from 10.255.134.44, 29 ms
Reply to request 4 from 10.255.134.44, 29 ms
!
!
RP/0/0/CPU0:XR4#ping vrf R43 232.0.0.11 rep 5
Sending 5, 100-byte ICMP Echos to 232.0.0.11, timeout is 2 seconds:
Reply to request 0 from 10.255.114.44, 9 ms
Reply to request 1 from 10.255.114.44, 19 ms
Reply to request 2 from 10.255.114.44, 19 ms
Reply to request 3 from 10.255.114.44, 1 ms
Reply to request 4 from 10.255.114.44, 19 ms
It’s amazing, isn’t it? Our customer has possibility to send multicast traffic across L3 VPN!
Let’s look at some details more:
A:SR1# show router pim group
===============================================================================
Legend: A = Active S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address Type Spt Bit Inc Intf No.Oifs
. Source Address RP State Inc Intf(S)
——————————————————————————-
232.0.0.10 (S,G) spt system 3
. 10.0.0.11
232.0.0.10 (S,G) spt toSR2 1
. 10.0.0.22
232.0.0.10 (S,G) spt toXR3 2
. 10.0.0.33
——————————————————————————-
Groups : 3
===============================================================================
!
!
A:SR1# show router 10 pim group
===============================================================================
Legend: A = Active S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address Type Spt Bit Inc Intf No.Oifs
. Source Address RP State Inc Intf(S)
——————————————————————————-
224.0.1.40 (*,G) 10-mt-232.0.0* 1
. * 10.255.124.44
232.0.0.11 (S,G) spt 10-mt-232.0.0* 1
. 10.255.134.44 10.255.124.44
239.0.0.44 (S,G) toCLIENT 1
. 10.255.114.44 10.255.124.44
——————————————————————————-
Groups : 3
===============================================================================
* indicates that the corresponding row element may have been truncated.
You see that we have only three trees in the SP core, in which customer traffic (from VPRN/VRF) is mapped.
Configuration of MVPN profile 11 (GRE transport, PIM signalling for P Core, BGP for client’s routes, BGP MVPN for Auto Discovery) for IPv4
In general, we need to perform similar steps as we did previously with some changes, which are replacement of BGP MDT with BGP MVPN AFI/SAMI:
Configure PIM in SP core on all interfaces
Configure MP-BGP (IPv4 MVPN) between all PE
Configure VPRN/VRF to support multicast (PIM, IGMP, MLD)
Configure mapping of customer multicast (VRF) to core trees (in global routing table – GRT)
We’ll start again from the initial configuration and add here necessary commands to implement necessary profile. From previous subchapter you remember that the main difference lays in part “mvpn” for Nokia (Alcatel-Lucent) SR OS and “multicast-routing vrf CUST” and “router pim vrf CUST” for Cisco IOS XR:
Nokia (Alcatel-Lucent) SR OS
Cisco IOS XR
SR1
XR3
A:SR1>edit-cfg# candidate view
=========================
configure
router
bgp
rapid-withdrawal
rapid-update mvpn-ipv4 mvpn-ipv6
mvpn-vrf-import-subtype-new
group “IBGP_PEERS”
family vpn-ipv4 vpn-ipv6 mvpn-ipv4 mvpn-ipv6
exit
exit
igmp
interface “toSR2”
no shutdown
exit
interface “toXR3”
no shutdown
exit
interface “toXR4”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toSR2”
exit
interface “toXR3”
exit
interface “toXR4”
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
exit
service
vprn 10 customer 1 create
igmp
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
mld
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toCLIENT”
priority 100
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
mvpn
auto-discovery default
c-mcast-signaling bgp
provider-tunnel
inclusive
pim ssm 232.0.0.10
exit
exit
selective
data-threshold 224.0.0.0/8 1
pim-ssm 232.11.4.0/24
exit
exit
vrf-target unicast
exit
exit
exit
exit
exit
=========================
A:SR2>edit-cfg# candidate view
=========================
configure
router
bgp
rapid-withdrawal
rapid-update mvpn-ipv4 mvpn-ipv6
mvpn-vrf-import-subtype-new
group “IBGP_PEERS”
family vpn-ipv4 vpn-ipv6 mvpn-ipv4 mvpn-ipv6
exit
exit
igmp
interface “toSR1”
no shutdown
exit
interface “toXR4”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toSR1”
exit
interface “toXR4”
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
exit
service
vprn 10 customer 1 create
igmp
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
mld
interface “toCLIENT”
no shutdown
exit
no shutdown
exit
pim
no ipv6-multicast-disable
interface “toCLIENT”
priority 100
exit
apply-to all
rp
static
exit
bsr-candidate
shutdown
exit
rp-candidate
shutdown
exit
exit
no shutdown
exit
mvpn
auto-discovery default
c-mcast-signaling bgp
provider-tunnel
inclusive
pim ssm 232.0.0.10
exit
exit
selective
data-threshold 224.0.0.0/8 1
pim-ssm 232.22.4.0/24
exit
exit
vrf-target unicast
exit
exit
exit
exit
exit
=========================
RP/0/0/CPU0:XR4#show run
!
multicast-routing
address-family ipv4
mdt source Loopback0
interface all enable
accounting per-prefix
!
!
router pim
address-family ipv4
log neighbor changes
!
!
end
As we learned above, we don’t have possibility to provide IPv6 support for MVPN with GRE transport in core.
The main difference here is that we use new address-family for BGP, which is MVPN. It allows us to utilize auto-discovery and to use BGP for C-MCAST signalling. Let’s see what we have in BGP table. But to make review meaningful, we’ll take two our traffic flows as an example. We start with SSM, because it’s easier from the signalling point of view. Our SSM group looks like the following:
R41 is client of SSM group 232.0.0.11 with source R43
On Nokia (Alcatel-Lucent) SR OS router SR1 we check PIM table in VPRN 10 and BGP RIB for MVPN-IPV4:
A:SR1# show router 10 pim group
===============================================================================
Legend: A = Active S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address Type Spt Bit Inc Intf No.Oifs
. Source Address RP State Inc Intf(S)
——————————————————————————-
224.0.1.40 (*,G) 10-mt-232.0.0* 1
. * 10.255.124.44 232.0.0.11 (S,G) 10-mt-232.0.0* 1 . 10.255.134.44 10.255.124.44
——————————————————————————-
Groups : 2
===============================================================================
* indicates that the corresponding row element may have been truncated.
!
!
A:SR1# show router bgp neighbor 10.0.0.22 advertised-routes mvpn-ipv4
===============================================================================
BGP Router ID:10.0.0.11 AS:65000 Local AS:65000
===============================================================================
Legend –
Status codes : u – used, s – suppressed, h – history, d – decayed, * – valid
. l – leaked, x – stale, > – best, b – backup, p – purge
Origin codes : i – IGP, e – EGP, ? – incomplete
===============================================================================
BGP MVPN-IPv4 Routes
===============================================================================
Flag RouteType OriginatorIP LocalPref MED
. RD SourceAS Label
. Nexthop SourceIP
. As-Path GroupIP
——————————————————————————-
i Intra-Ad 10.0.0.11 100 0
. 65000:10 – –
. 10.0.0.11 –
. No As-Path –
i Shared-Join – 100 0
. 65000:10 65000 –
. 10.0.0.11 10.255.124.44
. No As-Path 224.0.1.40 i Source-Join – 100 0 . 65000:10 65000 – . 10.0.0.11 10.255.134.44 . No As-Path 232.0.0.11
——————————————————————————-
Routes : 3
===============================================================================
PIM join (S,G) is translated into BGP MVPN type 7 route (Source-Join), as over SP core only BGP signalling is transferred. As multicast ingress router is XR3, we’ll check it:
RP/0/0/CPU0:XR3#show bgp ipv4 mvpn vrf CUST
Status codes: s suppressed, d damped, h history, * valid, > best
. i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
. Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:10 (default for vrf CUST)
*>i[1][10.0.0.11]/40 10.0.0.11 0 100 0 i
*>i[1][10.0.0.22]/40 10.0.0.22 0 100 0 i
*> [1][10.0.0.33]/40 0.0.0.0 0 i
*> [6][65000:10][65000][32][10.255.124.44][32][239.0.0.44]/184
. 0.0.0.0 0 i *>i[7][65000:10][65000][32][10.255.134.44][32][232.0.0.11]/184 . 10.0.0.11 0 100 0 i
Processed 5 prefixes, 5 paths
!
!
RP/0/0/CPU0:XR3#show pim vrf CUST ipv4 topology
IP PIM Multicast Topology Table
Entry state: (*/S,G)[RPT/SPT] Protocol Uptime Info
Entry flags: KAT – Keep Alive Timer, AA – Assume Alive, PA – Probe Alive
. RA – Really Alive, IA – Inherit Alive, LH – Last Hop
. DSS – Don’t Signal Sources, RR – Register Received
. SR – Sending Registers, SNR – Sending Null Registers
. E – MSDP External, EX – Extranet
. MFA – Mofrr Active, MFP – Mofrr Primary, MFB – Mofrr Backup
. DCC – Don’t Check Connected, ME – MDT Encap, MD – MDT Decap
. MT – Crossed Data MDT threshold, MA – Data MDT Assigned
. SAJ – BGP Source Active Joined, SAR – BGP Source Active Received,
. SAS – BGP Source Active Sent, IM – Inband mLDP, X – VxLAN
. Interface state: Name, Uptime, Fwd, Info
. Interface flags: LI – Local Interest, LD – Local Dissinterest,
. II – Internal Interest, ID – Internal Dissinterest,
. LH – Last Hop, AS – Assert, AB – Admin Boundary, EX – Extranet,
. BGP – BGP C-Multicast Join, BP – BGP Source Active Prune,
. MVS – MVPN Safi Learned, MV6S – MVPN IPv6 Safi Learned
.
(*,224.0.1.40) DM Up: 00:17:58 RP: 0.0.0.0
JP: Null(never) RPF: Null,0.0.0.0 Flags: LH DSS
. GigabitEthernet0/0/0/0.134 00:17:58 off LI II LH
. (10.255.134.44,232.0.0.11)SPT SSM Up: 00:14:57 JP: Join(00:01:05) RPF: GigabitEthernet0/0/0/0.134,10.255.134.44* Flags: . mdtCUST 00:14:57 fwd BGP
.
(*,239.0.0.44) SM Up: 00:17:51 RP: 10.255.124.44
JP: Join(BGP) RPF: mdtCUST,10.0.0.22 Flags: LH
. GigabitEthernet0/0/0/0.134 00:17:51 fwd LI LH
We see as BGP type 7 MVPN route is translated again into PIM (S,G) join at Cisco IOS XR router XR3 and send further. Let’s perform brief ping check:
RP/0/0/CPU0:XR4#ping vrf R43 232.0.0.11 rep 5
Sending 5, 100-byte ICMP Echos to 232.0.0.11, timeout is 2 seconds:
Reply to request 0 from 10.255.114.44, 19 ms
Reply to request 1 from 10.255.114.44, 19 ms
Reply to request 2 from 10.255.114.44, 1 ms
Reply to request 3 from 10.255.114.44, 9 ms
Reply to request 4 from 10.255.114.44, 1 ms
So for IPv4 SSM multicasting BGP signalling works fine, and in general solution is OK.
In order to shorten the article, I’ll provide very limited output for ASM multicasting. I’ll recall the scenario:
R43 is client of ASM group 239.0.0.33, where R42 is RP and R41 is sender
We start with check at Cisco IOS XR router XR3:
RP/0/0/CPU0:XR3#show pim vrf CUST ipv4 topology
.
(*,239.0.0.44) SM Up: 00:25:38 RP: 10.255.124.44
JP: Join(BGP) RPF: mdtCUST,10.0.0.22 Flags: LH
. GigabitEthernet0/0/0/0.134 00:25:38 fwd LI LH
!
!
RP/0/0/CPU0:XR3#show bgp ipv4 mvpn vrf CUST
Status codes: s suppressed, d damped, h history, * valid, > best
. i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
. Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:10 (default for vrf CUST)
[6][65000:10][65000][32][10.255.124.44][32][239.0.0.44]/184
. 0.0.0.0 0 i
BGP route type 6 is a translation of PIM (*,G) join from the multicast receiver towards RP. RP is connected to Nokia (Alcatel-Lucent) SR OS router SR2, so we check it now:
A:SR2# show router bgp routes mvpn-ipv4
===============================================================================
BGP Router ID:10.0.0.22 AS:65000 Local AS:65000
===============================================================================
Legend –
Status codes : u – used, s – suppressed, h – history, d – decayed, * – valid
. l – leaked, x – stale, > – best, b – backup, p – purge
Origin codes : i – IGP, e – EGP, ? – incomplete
===============================================================================
BGP MVPN-IPv4 Routes
===============================================================================
Flag RouteType OriginatorIP LocalPref MED
. RD SourceAS Label
. Nexthop SourceIP
. As-Path GroupIP
——————————————————————————-
u*>i Shared-Join – 100 None
. 65000:10 65000 –
. 10.0.0.33 10.255.124.44
. No As-Path 239.0.0.44
===============================================================================
!
!
A:SR2# show router 10 pim group ipv4
===============================================================================
Legend: A = Active S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address Type Spt Bit Inc Intf No.Oifs
. Source Address RP State Inc Intf(S)
——————————————————————————-
224.0.1.40 (*,G) toCLIENT 2
. * 10.255.124.44 239.0.0.44 (*,G) toCLIENT 1 . * 10.255.124.44
===============================================================================
In MVPN we have the same logic for shared trees as normal IP network, so RPT tree is built from R43 towards R42, which is RP. Now we issue ping from R41 to assure that multicasting is working:
RP/0/0/CPU0:XR4#ping vrf R41 239.0.0.44 rep 5
Sending 5, 100-byte ICMP Echos to 239.0.0.44, timeout is 2 seconds:
.
Reply to request 1 from 10.255.134.44, 39 ms
Reply to request 2 from 10.255.134.44, 9 ms
Reply to request 3 from 10.255.134.44, 9 ms
Reply to request 4 from 10.255.134.44, 1 ms
It works, which is good by default. Now we start our check with multicast ingress router SR1:
A:SR1# show router 10 pim group
===============================================================================
Legend: A = Active S = Standby
===============================================================================
PIM Groups ipv4
===============================================================================
Group Address Type Spt Bit Inc Intf No.Oifs
. Source Address RP State Inc Intf(S)
——————————————————————————-
239.0.0.33 (S,G) toCLIENT 0
. 10.255.114.44 10.255.124.44
239.0.0.44 (S,G) spt toCLIENT 1
. 10.255.114.44 10.255.124.44
===============================================================================
* indicates that the corresponding row element may have been truncated.
!
!
A:SR1# show router bgp neighbor 10.0.0.22 advertised-routes mvpn-ipv4
===============================================================================
BGP Router ID:10.0.0.11 AS:65000 Local AS:65000
===============================================================================
Legend –
Status codes : u – used, s – suppressed, h – history, d – decayed, * – valid
. l – leaked, x – stale, > – best, b – backup, p – purge
Origin codes : i – IGP, e – EGP, ? – incomplete
===============================================================================
BGP MVPN-IPv4 Routes
===============================================================================
Flag RouteType OriginatorIP LocalPref MED
. RD SourceAS Label
. Nexthop SourceIP
. As-Path GroupIP
——————————————————————————-
u*>i Source-Join – 100 0
. 65000:10 – –
. 10.0.0.11 10.255.114.44
. No As-Path 239.0.0.44
===============================================================================
As we have full-mesh BGP peering, so it’s easier to check MVPN routes at Cisco IOS XR:
RP/0/0/CPU0:XR3#show bgp ipv4 mvpn vrf CUST
Status codes: s suppressed, d damped, h history, * valid, > best
. i – internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i – IGP, e – EGP, ? – incomplete
. Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:10 (default for vrf CUST)
*>i[5][32][10.255.114.44][32][239.0.0.44]/88
. 10.0.0.11 0 100 0 i
*> [6][65000:10][65000][32][10.255.124.44][32][239.0.0.44]/184
. 0.0.0.0 0 i
*> [7][65000:10][65000][32][10.255.114.44][32][239.0.0.44]/184
. 10.0.0.11 0 100 0 i
We have mentioned previously PIM join (*,G) is translated into BGP type 6 MVPN route. Route type 7 is already known for us, it’s originated by egress multicast router XR3 when R43 switchover from RPT to SPR towards multicast source R41. BGP MVPN route-type 5 is issued when R41 starts multicast stream towards RP R42.
Long story short, we have configured another MVPN profile, which uses BGP for auto-discovery and for signalling customer routes.
When I was studying for CCIE SP I have mastered almost all MVPN profiles for Cisco IOS XR. It was very interesting for me to check the interoperability with Nokia (Alcatel-Lucent) SR OS and I was quite surprised, because it doesn’t support IPv6 over IPv4 GRE. I like interoperability tests, because it shows the real network stuff uncensored.
Conclusion
MVPN and especially something called NG-MVPN (next generation MVPN), where we use BGP for c-mcast signalling and for auto-discovery, is one of the most important value added services to ordinary BGP/MPLS IP VPN. In reality multicasting is also used for financial trading, so MVPN applicability isn’t limited to big service providers but it’s extended also to big financial corporation or trading platform. In the next article we’ll speak about MVPN with MPLS data plane, so we won’t have PIM in SP core. Take care and good bye!
