03-07-2011 06:53 PM - edited 03-04-2019 11:40 AM
Hi,
We have a client wanting us to support multicast across our network(They have multiple tails in single vrf, connected to our P/PE's(All 7200's)
(Customer is running there own RP)
As we are only provding multicast support to a single customer, On our P/PE routers is it still necessary to enable multicast routing globally, MP-BGP Loop Interfaces and tag-switching/mpls interfaces? (I'm guessing it would be as the client has tails terminating on multiple P/PE's?)
i.e.
Loop0 is MP-BGP loop
Router-PE1(config)#ip multicast-routing
Router-PE1(config)#interface Loopback0
Router-PE1(config-if)#ip address 10.0.0.2 255.255.255.255
Router-PE1(config-if)#ip pim sparse-dense-mode
Router-PE1(config-if)#exit
Router-PE1(config)#interface FastEth2/0
Router-PE1(config-if)#ip address 10.1.1.13 255.255.255.252
Router-PE1(config-if)#ip pim sparse-dense-mode
Router-PE1(config-if)#tag-switching ip
Or, is it sufficient to enable it only within the vrf, and all Interfaces in that vrf?
Router-PE1(config)#ip multicast-routing vrf NetworkA
Router-PE1(config)#ip vrf NetworkA
Router-PE1(config-vrf)#rd 100:1
Router-PE1(config-vrf)#route-target export 100:1
Router-PE1(config-vrf)#route-target import 100:1
Router-PE1(config-vrf)#mdt default 239.100.100.1
Router-PE1(config)#interface Ethernet0/0.99
Router-PE1(config-if)#description connection to customer A, site 1
Router-PE1(config-if)#encapsualtion dot1q 99
Router-PE1(config-if)#ip vrf forwarding NetworkA
Router-PE1(config-if)#ip address 192.168.1.1 255.255.255.0
Router-PE1(config-if)#ip pim sparse-dense-mode
Also, is the mdt default IP an address that we (client+provider) agree on?
Thanks in advance.
03-08-2011 02:16 AM
johnelliot6 wrote:
Hi,
We have a client wanting us to support multicast across our network(They have multiple tails in single vrf, connected to our P/PE's(All 7200's)
(Customer is running there own RP)
As we are only provding multicast support to a single customer, On our P/PE routers is it still necessary to enable multicast routing globally, MP-BGP Loop Interfaces and tag-switching/mpls interfaces? (I'm guessing it would be as the client has tails terminating on multiple P/PE's?)
i.e.
Loop0 is MP-BGP loop
Router-PE1(config)#ip multicast-routing
Router-PE1(config)#interface Loopback0
Router-PE1(config-if)#ip address 10.0.0.2 255.255.255.255
Router-PE1(config-if)#ip pim sparse-dense-mode
Router-PE1(config-if)#exitRouter-PE1(config)#interface FastEth2/0
Router-PE1(config-if)#ip address 10.1.1.13 255.255.255.252
Router-PE1(config-if)#ip pim sparse-dense-mode
Router-PE1(config-if)#tag-switching ipOr, is it sufficient to enable it only within the vrf, and all Interfaces in that vrf?
Router-PE1(config)#ip multicast-routing vrf NetworkA
Router-PE1(config)#ip vrf NetworkA
Router-PE1(config-vrf)#rd 100:1
Router-PE1(config-vrf)#route-target export 100:1
Router-PE1(config-vrf)#route-target import 100:1
Router-PE1(config-vrf)#mdt default 239.100.100.1Router-PE1(config)#interface Ethernet0/0.99
Router-PE1(config-if)#description connection to customer A, site 1
Router-PE1(config-if)#encapsualtion dot1q 99
Router-PE1(config-if)#ip vrf forwarding NetworkA
Router-PE1(config-if)#ip address 192.168.1.1 255.255.255.0
Router-PE1(config-if)#ip pim sparse-dense-modeAlso, is the mdt default IP an address that we (client+provider) agree on?
Thanks in advance.
If you want to provide mVPN service across your network, which appears to be the case, then you will need to configure your IP/MPLS core for this. Choose an appropriate PIM variant (SSM, SM, Bidir) for your core to allow the customer multicast traffic to be appropriately handled within your core. The VRF multicast configuration itself only configures the PE to speak PIM with the customer and unless you have your core multicast enabled the multicast traffic will not be carried across the core as it relies on encapsulating customer multicast in GRE which is then sent to your core multicast groups that respective PEs have joined. The MDT groups (default / data) are not required to be synchronized with customers. Just make sure that you use unique groups per VRF that requires multicast.
Atif
03-08-2011 02:12 PM
Thanks very much!
Client is using sparse mode on all there CE Interfaces, so would we then just configure
ip pim sparse-mode
Under each Interface?
Is there any benefits to running sparse-dense mode?
Client also has a number of dsl tails in this vrf(P/PE's are also LNS's) - Would a cisco-avpair reply attribute in radius for specific users like this be sufficient?
cisco-avpair="lcp:interface-config=ip pim sparse-mode"
Also, should we expect any noticable load increase on our core from enabling this?(And are there any "best-practice" security policies we should be implementing for multicast?
03-08-2011 09:59 PM
johnelliot6 wrote:
Thanks very much!
Client is using sparse mode on all there CE Interfaces, so would we then just configure
ip pim sparse-mode
Under each Interface?
Is there any benefits to running sparse-dense mode?
Client also has a number of dsl tails in this vrf(P/PE's are also LNS's) - Would a cisco-avpair reply attribute in radius for specific users like this be sufficient?
cisco-avpair="lcp:interface-config=ip pim sparse-mode"
Also, should we expect any noticable load increase on our core from enabling this?(And are there any "best-practice" security policies we should be implementing for multicast?
John,
How you configure multicast for the VRF depends on how customer has it deployed. If they are using PIM sparse mode with bsr then all you need to do is to configure 'ip pim sparse-mode' under the VRF interface along with the other VRF multicast global commands. Sparse-dense mode is normally used when auto-rp is being used for RP discovery/propagation. If customer is using static RP then you will need to configure 'ip pim vrf
Is multicast required to be extended to the DSL tails? If yes then depending on how you have it configured you can either return the attribute you mentioned or probably make it a part of the virtual-template config.
Multicast, like other technologies, does need to be secured to protect your core devices. I will suggest you read the basic multicast security guidelines first at:
http://www.cisco.com/web/about/security/intelligence/multicast_toolkit.html
Regarding the CPU load it is difficult to predict for software based platforms like the 7200 without scale testing. Even then the numbers can potentially change depending on your environment specific variables. I will let someone with experience with running mVPN on 7200s chime in as I personally have worked with platforms that support this feature in hardware.
Atif
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide