Thank you, Giuseppe for your reply. Before implementing mvrf, I did some tests on my lab using extranet mvrf guide you've mentioned, but with 1811 routers and 15 ios. Everything were perfect, but topology was a bit simplier (ce-pe-pe-ce). By the way, here I am running in c6500, and there are no any configuration RP's. Do I need it in this topology? Hopefully, don't.

Cisco IOS Software, s6523_rp Software (s6523_rp-ADVIPSERVICESK9-M), Version 12.2(33)SXH4, RELEASE SOFTWARE (fc1)

System image file is "sup-bootflash:s6523-advipservicesk9-mz.122-33.SXH4.bin"

cisco ME-C6524GT-8S (R7000) processor (revision 1.1) with 458752K/65536K bytes of memory.

R7000 CPU at 300Mhz, Implementation 0x27, Rev 3.3, 256KB L2, 1024KB L3 Cache

Hello Evgeny,

my understanding is that if you are not using PIM SSM, you need an RP on each VRF as PIM DM fallback in MVPN extranet is not supported:

>>

The  Multicast VPN Extranet Support feature supports only Protocol  Independent Multicast (PIM) sparse mode (PIM-SM) and Source Specific  Multicast (SSM) traffic; PIM dense mode (PIM-DM) and bidirectional PIM  (bidir-PIM) traffic are not supported.

by the way, you have been too kind in rating my question in the other thread!

Hope to help

Giuseppe

Hello Giuseppe. Thank you for helping me with my issue. Followed your recomendations I did some reconfiguration.

Firstly, I deleted everything about pim and then assigned rp as vlan ip address of proper vlan

ip pim rp-address 172.16.8.254                                  < - lo0

ip pim vrf source rp-address 192.168.9.1                  < - vl 237

ip pim vrf reciever rp-address 172.20.178.21            < - vl 956

so the picture didn't changed.

pe-sw1#sh ip mro vrf voip-g 230.0.0.3
(*, 230.0.0.3), 00:11:21/stopped, RP 172.20.160.65, flags: SJCF
  Incoming interface: Tunnel0, RPF nbr 172.16.160.60, Partial-SC
  Outgoing interface list:
    Vlan237, Forward/Sparse-Dense, 00:10:32/00:02:27, H

(192.168.9.5, 230.0.0.3), 00:11:21/00:02:52, flags: PFT
  Incoming interface: Vlan237, RPF nbr 0.0.0.0, RPF-MFD
  Outgoing interface list: Null

pe-sw1#sh ip mro vrf voip-mc 230.0.0.3
Group 230.0.0.3 not found

Then, I tryed to use ssm (I thing it is not a problem to have both pim-rp and pim-ssm configured)

ip pim rp-address 172.16.8.254                < - Lo0 (core)
ip pim send-rp-announce Loopback0 scope 16 group-list reciever
ip pim send-rp-discovery Loopback0 scope 16
ip pim ssm range reciever

ip pim vrf source rp-address 192.168.9.1      < - Vl 237 (vrf source)
ip pim vrf source send-rp-announce Vlan237 scope 16 group-list reciever
ip pim vrf source send-rp-discovery Vlan237 scope 16
ip pim vrf source ssm range reciever

ip pim vrf reciever rp-address 172.20.178.21   < - vl 956 (vrf reciever)
ip pim vrf reciever send-rp-announce Vlan956 scope 16 group-list reciever
ip pim vrf reciever send-rp-discovery Vlan956 scope 16
ip pim vrf reciever ssm range reciever

pe-sw1#sh ip mro vrf source 230.0.0.3
IP Multicast Routing Table

(192.168.9.5, 230.0.0.3), 00:00:44/00:02:55, flags: sPT
  Incoming interface: Vlan237, RPF nbr 0.0.0.0, RPF-MFD
  Outgoing interface list: Null

pe-sw1#sh ip mro vrf reciever 230.0.0.3
Group 230.0.0.3 not found

Althoug mstat build proper tree

pe-sw1#mstat
VRF name: reciever
Source address or name: 172.20.178.21
Destination address or name: 192.168.9.5
Group address or name: 230.0.0.3
Multicast request TTL [64]:
Response address for mtrace:
Type escape sequence to abort.
Mtrace from 172.20.178.21 to 192.168.9.5 via group 230.0.0.3 in VRF reciever
From source (?) to destination (?)
Waiting to accumulate statistics......
Results after 10 seconds:

  Source        Response Dest   Packet Statistics For     Only For Traffic
172.20.178.21   172.20.178.21   All Multicast Traffic     From 172.20.178.21
     |       __/  rtt 0    ms   Lost/Sent = Pct  Rate     To 230.0.0.3
     v      /     hop 0    ms   ---------------------     --------------------
172.20.178.21   ?
     |      \__   ttl   0  
     v         \  hop 0    ms        0         0 pps           0    0 pps
192.168.9.5     172.20.178.21  
  Receiver      Query Source

I see, that 0 packets are sent. In my first post here you can find that mstat using in vrf source shows some traffic activity. I hope, the problem is there is no information changing between vrfs. Each vrf build this own tree perfect, but for some reasons they don't communicate with each other.

Hello Evgeny,

the scenario is quite complex, before attempting to go into the finer details I would like to recap what we understand.

You have a single multilayer switch C6500 with appropriate IOS image and feature set and you are attempting to achieve mvpn extranet.

Current Cisco implementation of MVPN follows the so called draft Rosen:

this means that customer multicast traffic is sent encapsulated into a GRE packet with source = PE Loopback and destination that is a multicast destination taken from SP space.

Each VRF has a default multicast delivery tree MDT that maps directly to a specific unique SP multicast address per VRF.

The forwarding plane is implemented by having a different PE node PE y, that is member of the same mvpn  directly or via the extranet feature, to join SP MDT of the appropriate VRF.

Once the join is performed the MDT is used for low level traffic but also for exchange of VRF aware PIM messages with the mGRE acting as a virtual common LAN.

So ideally  PE y has to join MDT of other VRF in which PE x is member.

Now, all this is fine if PE x and PE y are two different boxes but in your case PE X = PE Y

this adds difficulties to the process.

The first suggestion is to have PIM SM enabled under interface loopback in order to ensure correct handling of GRE traffic with multicast destination.

the issue is that the device should build a PIM  adjacency with itself.

this looks like difficult

to understand if this is the issue  I would suggest the following:

connect with a cross-over cable two GE ports on C6500 device

make them routed ports ( no switchport)

make port 1 member of VRF A

make port 2 member of VRF B

have them share a common IP subnet

enable PIM in VRF on both ports

look at the result

if still the stream cannot go from one VRF to other one consider the use of an MSDP session between the two VRFs and appropriate static routeds for the source to pass RPF check on rx side VRF

WARNING:

I assume your setup is not a production network but a lab so the suggested actions should not harm if it is production network consider carefully all possible drawbacks

Hope to help

Giuseppe

Hello, Giuseppe! It is production equipment actually with a lot of active users and resource acvities . By the way, the problem solved simply. While playing with configs, i deleted route-target import/export and then turned them back. It helped me and I found all mroutes in vrf B. As I mantioned, I tryed to use 3 ms switches and 2 vrfs. Now everything looks fine. I am really not sure about having multicast between vrf's no the same device without mdt and pim neighboors, but using 3 swithes I got full connectivity. Also, I got one advice that to analize show command and so on in this case, at least you need 1 active reciever on VRF B. Thank you once again.

Hello Evgeny,

it is nice to know that it worked in production network with three different devices as actually our doubts were about the test with a single device.

It makes sense as creating a mGRE with itself may be difficult ....

Best Regards

Giuseppe

Hi Eugene,

I'm having the same problem and I don't know how to proceed.

In the guidelines for VPN Extranet support they said that the same mdt default group must be configured. Trying to do that, I always get the following:

ip vrf USERS

mdt default 232.0.0.2

% MDT-default group 232.0.0.2 overlaps with vrf SERVERS

I was wondering how could you solve it using different mdt groups on each VRF.

My scenario is the same. Single switch with multiple vrfs. One vrf for multicast users. Rest of vrfs for multicast servers.

Thanks,