Blogs
- Mastering DHCP Snooping: Enhance Your Network Security
- Automate Meraki Device Renaming
- Securing Your Network Access with 802.1X
- OpenSSL cheatsheet
- 802.1x EAP peap and EAP tls
- BGP Internet Edge
- Sumologic Troubleshooting
- Firewall Benefits
- Meraki
- Napalm Python
- SumoLogic SEIM
- Layer 1 and 2 checklist
- Automating OS Upgrade
- Netmiko
- TCPDUMP
- Multicast Notes
- MPLS Notes
- BGP Notes
- OSPF Notes
- Linux cheat sheet
- ISIS Notes
- TCP IP
Multicast Notes
Introduction
Multicast is a method of sending data to multiple computers simultaneously. It can be used for things like streaming audio or video or distributing information to large groups of people. Multicast is different from broadcast, which sends data to all computers on a network regardless of whether they want it or not. Multicast is a very efficient way to share data with many computers simultaneously, but it can be tricky to set up. Hopefully, this DOC will help you ensure that your multicast network is running smoothly.
Pre-requisite
- Networking knowledge
- Multicast knowledge
IGMP Multicast
LAYER 2
IGMP packets:
IGMP profile:
IGMP Throttling:
Querier election:
- IGMP report ( request to join the group)
- IGMP leave ( request to leave the group)
- IGMP Query ( send by the querier to check if users are still requesting this multicast group)
- IGMP profile can be allow with the IGMP access-control at layer2 profile are either in the permit or deny mode
- IGMP Throttling limits amount of groups joined on an interface; new groups are either denied or replace old existing ones
- In IGMP we have an election for which router will be the querier
Multicast - PIM
PIM forwarding modes
Dense Mode:
Sparse Mode:
Bidirectional PIM (Bidir-PIM):
Source-specific multicast SSM:
Forwarding checks :
- traffic is flooded out of every interface except the one you received the multicast feed or till you receive a prune message from the downstream neighbour
- uses a rendezvous point (RP) to process join request
- Bidirectional PIM (bidir-PIM) is an enhancement of the PIM protocol that was designed for efficient many-to-many communications within an individual PIM domain.
- SSM is best described as a one-to-many delivery system. The resever must know the group and the source of the application.
- Before data plane checks occur RPF checks if the traffic was received on the correct interface based on the source multicast routing table (MRIB/MFIB), checks what the outgoing interface is
- RPF check multicast packet comes on the router while looking at the source IP address, and incoming interface and unicast routing table (CEF table) is checked for the reverse path back to the source address
- The incoming interface can't be the outgoing interface at the same time
- When we enable PIM the router will send hellos to 224.0.0.13 to form neighbour ship
PIM DENSE MODE
- Traffic is flooded out of every interface except the one you received the multicast feed or till you receive a prune message from the downstream neighbour if it doesn’t need this traffic
- one prune occurs, traffic flow stops but (S,G) remains in the table also, traffic is periodically re-flooded at a set interval
- In dense mode, we are always in SPT because we are sending traffic to all downstream routers
- Prune occurs if :
- 1-multicast feed fails RPF check
- 2-no downstream neighbours or receivers
- 3-downstream neighbours have already sent prune
PIM SPARSE-MODE
- in sparse mode, we need to send a PIM join message to request to receive the multicast group
- We have a shared tree (RPT)(*,G) and shortest path tree(SPT)(S,G)
- sparse mode steps:
- Discover PIM neighbours and elect DR
- Discover RP for the group
- Tell RP about sources
- Tell RP about receivers
- Build a shared tree from sender to receivers through RP
- Then join the shortest path tree
- Finally, leave the shared tree
- RP is used as a reference point for the root of the shared tree
- RP learns about source through unicast PIM register messages (it tells the RP about the (S,G) entry)
- RP learns about receivers through PIM Join messages ( it tells the RP to add an interface to the OIL for (*,G) )
- RP is used to merge the 2 trees together
- All routers must agree on the same RP address per-group basis (register and joins are rejected for invalid RPs)
- RP address can be assigned Statically or Dynamically (auto-RP, BSR)
- PIM register message
- As the root of all shared trees, the RP must know about all sources
- When the first-hope router connected to the sender hears traffic, a unicast message is sent to the RP (NB: if multiple first-hop routers, only the DR registers)
- If the RP accepts this message, it acknowledges with a register stop and the RP inserts (S,G) into the table
- At this point, only the DR next to the source and the RP will know about (S,G)
- PIM join message
- As the root of all shared trees, the RP must also know about all receivers
- When a last-hop router receives an IGMP report, it will generate a pin join and send it up the reverse path tree toward the RP
- All routers in the reverse path install (*,G) and forwarded the join hop-by-hop to the RP
- At this point, the RP and all downstream devices towards the receiver know (*,G)
- Merging the trees
- Once the RP knows about both send and receiver (RP sends a PIM join message up reverse path towered the source)
- All routers in the reverse path from the RP to the source install (*,G) with OIL pointing towards RP
- Once (S,G) begins to flow, the tree is built end-to-end through the RP
- Routing table maintenance
- Pim sparse mode, like dense mode, uses state refresh to ensure that feeds do not timeout.
- Sparse prune message can be used to speed up state information timeout if IGMP leave is heard from the end host.
- RP selection
- Static RP
- As the name implies, this is statically configured on the devices
- Auto RP
- Cisco proprietary
- Defines 2 function roles
- 1 - Candidate RP (device willing to be the RP) candidate RPs send an announcement with the group range they are willing to service (uses group 224.0.1.39 for announcement)
- 2 - Mapping agent (choose the RP among candidates and relays the information to the rest of the PIM domain); this will allow for redundancy mapping agent discovers candidate RPs and advertises their mappings to all other routers and decide who will be the RP for the group
- Bootstrap router
- Defines 2 roles in the BSR domain
- RP candidate: uses unicast PIM to advertise itself to the bootstrap router
- Bootstrap router (BSR): advertises RP information to other routes with multicast PIM hop-by-hop
- Defines 2 roles in the BSR domain
- Static RP
Anycast and MSDP
- HOW Anycast work:
- Anycast work by mirroring the application data to multiple devices in the topology
- Give the same IP to multiple servers; in this case, the same IP to multiple routers but the server or router should have the same data the application should match or synchronize
- Use the routing table for load balancing & high availability; who you route to depends on where you are physically in the topology; if anycast device fails, use routing convergence to find the next closest device.
- HOW ANYCAST RP WORKS:
- Anycast RP assign a duplicate loopback address and advertise into IGP
- All routers point to anycast RP address: could be static or dynamic assignment (auto-rp, bsr))
- Anycast RPs are MSDP peers using a unique address (each device has a globally routable loopback plus the anycast loopback)
- When PIM register is received, MSDP SA is sent to MSDP peer, results in synchronization of (S,G) information RP that knows about receiver can now join the (S,G) tree
- PIM register and join messages go to the closet RP in the topology
- If RP goes down, convergence is up to IGP
- As long as one anycast RP is up, new trees can be built
- RP failure does not necessarily affect current trees
- We need to configure Multicast source discovery protocol (MSDP) for anycast to work; it uses TCP to communicate the (S,G) pair between RPs
Source-specific multicast
- The receiver knows the application source before it signals membership
- Uses group address range 232.0.0.0/8
- Receiver uses igmpv3
- RP is not needed to build the shared tree
- Result is SSN uses only (s,g) trees:
- Last hop router send (S,G) PIM join up RPF towards the source
Bidirectional PIM
- best used when the sender is the receive also
- define an RP and group range as bidirectional
- traffic flows upstream from source to RP
- traffic flow downstream from RP to receivers
- implies that traffic from the source always flows to the RP
- in bidirectional PIM, the position of the RP is more important because all traffic will flow toward it
- there won't be a (S,G) entry
Multicast BGP
- Multicast BGP advertises the source network for the purpose of RPF check ( not to replace PIM)
- Multicast BGP preferred over unicast protocols for multicast RPF check
- It is like a static multicast route but dynamic
- Doesn't require a separate routing protocol only BGP extensions
- BGP peers negotiate multicast address family during capabilities exchange
- Peers advertise NLRI under Multicast address family
- Network statement just like unicast
- All normal BGP rules apply
- When multicast traffic is received, MBGP learned routes are preferred over unicast.
IPv6 Sparse-Mode Multicast
- When it comes to multicast operation, IPv6 supports a few options when it comes to designating an RP. These options included a static assignment, IPv6 BSR, and the Embedded RP approach.
- IPv6 multicast replaces IGMP with Multicast Listener Discovery Protocol. For the best comparison of features, you can consider that MLDv1 is similar to IGMP Version 2, while MLDv2 is similar to IGMP Version 3. That means that MLDv2 will support Source-Specific Multicast in IPv6 networks.
- Pim is the somewhat the same with the address ff02::d
NB:
- You need to verify that the RPF is correct to the RP and the source
- In static multicast, we always prefer the multicast route over the unicast one, even if we are using a more specific one in unicast
- In multicast BGP we over right the unicast route if we have the same route and the administrative distance is lower.