cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8161
Views
0
Helpful
17
Replies

Multicast traffic floods trunk ports

tgimmel-metro
Level 1
Level 1

This is one of those items I thought I knew what I was doing and turns out maybe I didn't! :(  I hope someone knows the answer.

I have 2 7609s tied together with a large port-channel that is configured as a trunk port.  Router 1 has a lot of multicast sources directly connected.  VLan config looks like this:

interface Vlan10
 description video_multicast
 ip vrf forwarding video
 ip address 192.168.110.1 255.255.255.0
 ip pim dr-priority 10
 ip pim sparse-mode
end

The other router is .2.  The port-channel looks like this:

interface Port-channel10
 description Links to *****
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 2,10,11,101-104
end

So my question is this: Is there an expectation that all multicast traffic would be flooded on VLAN 10 assuming there were interested receivers that had joined the group in router 1?

So an example mroute:

(*, 239.230.1.1), 1y25w/stopped, RP 192.168.255.254, flags: SJC
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list:
    Vlan10, Forward/Sparse, 12w5d/00:02:20

(192.168.111.50, 239.230.1.1), 43w0d/00:02:58, flags: T
  Incoming interface: Vlan11, RPF nbr 0.0.0.0, RPF-MFD
  Outgoing interface list:
    Vlan10, Forward/Sparse, 12w5d/00:02:20, H, A

So OGI is Vlan 10, in the other router:

(*, 239.230.1.1), 7w0d/stopped, RP 192.168.255.50, flags: SP
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list: Null

(192.168.111.50, 239.230.1.1), 7w0d/00:02:19, flags: PJT
  Incoming interface: Vlan11, RPF nbr 0.0.0.0
  Outgoing interface list: Null

It prunes it away as expected.

If it is working as designed, then I will change my setup and be quite!

--Tim

 

17 Replies 17

vishal vyas
Level 1
Level 1

As your Layer-3 is on Router-1, and just layer-2 on router-2 it should work fine. You should see IGMP joins coming in from host connected to vlan-10

You can verify IGMP joins coming in by using command # show ip igmp groups.

To be clear, VLAN 10 on router 2 is:

interface Vlan10
 description video_multicast
 ip vrf forwarding video
 ip address 192.168.110.2 255.255.255.0
 ip pim sparse-mode

So in my mind it more than just layer 2.  (but that means little)

Thanks for your reply,

--Tim

Jon Marshall
Hall of Fame
Hall of Fame

Tim

Is there an expectation that all multicast traffic would be flooded on VLAN 10 assuming there were interested receivers that had joined the group in router 1?

It won't be flooded on vlan 10 if you have "ip igmp snooping" enabled which is usually the default.

So if there are no receivers on router 2 in vlan 10 the stream should not be sent across the portchannel but if there are then they should receive the stream ie. the fact the mroute table says it's is pruned on router 2 does not mean the multicast stream is not sent across the port channel because it is being routed onto vlan 10 on router 1.

In fact you have no way of knowing where the receivers are ie. router 1 or 2 without looking at "sh ip igmp memberships" on both routers.

Is this what you were asking ?

Jon

 

Jon,

Using the "sh ip igmp membership" I see all the groups on router 2 however they all have short durations:

*,239.230.1.8                  192.168.110.12  00:03:24 02:39 2A     Vl10

and looking at mroute:

(*, 239.230.1.8), 7w0d/stopped, RP 192.168.255.50, flags: SP
  Incoming interface: Null, RPF nbr 0.0.0.0
  Outgoing interface list: Null

(192.168.111.50, 239.230.1.8), 7w0d/00:02:06, flags: PT
  Incoming interface: Vlan11, RPF nbr 0.0.0.0
  Outgoing interface list: Null

on router 2, its pruned away, but router 1 is still sending, which is my root problem.

This got me to thinking, I have a RP configured on both routers, 192.168.255.50 is the RP on router 2.  Could this be causing router 1 to send all traffic to router 2 whether there are interested receivers on router 2?

--Tim

 

Tim,

As you have enabled PIM on both the routers and router2 has a higher ip address than router-1, so router2 is acting as a DR router, so all the joins are going to router-2, if you want to remove router-2 as a DR router, you need to increase ip pim dr-priority on router-1 and

## r1

Int vlan 10

ip pim dr-priority 10

Verification command 

# show ip pim neighbor 

 

Vishal--

 

 

 

That has already been done:

Router 1:

Neighbor          Interface                Uptime/Expires    Ver   DR
Address                                                            Prio/Mode
192.168.110.2     Vlan10                   16w4d/00:01:25    v2    1 / S P

Router 2:

Neighbor          Interface                Uptime/Expires    Ver   DR
Address                                                            Prio/Mode
192.168.110.1     Vlan10                   16w4d/00:01:22    v2    10/ DR S P G

Thanks,

--Tim

Tim

Are you saying that the traffic is being sent across the trunk port even when there are no receivers on router 2 ?

Jon

Yes, that is exactly what I am saying, and I have a theory at this point, each router has a different RP configured.  Most of the multicast sources are in R1, and since R2 has a different RP address, this is causing PIM (I think) to ask for all of the sources, but as soon as R2 realizes there are no receivers IGMP prunes the OG interfaces away.  But regardless R1 is still sending the traffic. 

If you look at http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-multicast/whitepaper_c11-508498.html under "Static RP" it has the statement "Every router must have the same RP address.".  So that is the basis for my theory.  These two routers are connected together via a L2 Port-channel, but I do have a L3 address in the SVI for the VLAN on R2.

Hope that was not too confusing, I know my head is spinning! ;)

Cheers,

Tim

Tim

It's confusing me as well :-)

You may be right but I have a slightly different theory. From the 7600 configuration guide for PIM snooping -

To use PIM snooping, you must enable IGMP snooping on the Cisco 7600 series router. IGMP snooping restricts multicast traffic that exits through the LAN ports to which hosts are connected. IGMP snooping does not restrict traffic that exits through the LAN ports to which one or more multicast routers are connected.

Full link -

http://www.cisco.com/c/en/us/td/docs/routers/7600/ios/15S/configuration/guide/7600_15_0s_book/snooppim.html

As you can see from the outputs you posted router 1 sees the po10 interface to router 2 as an mrouter port ie. it leads to a multicast router and according to the above that would mean IGMP snooping would not stop the traffic being sent across the trunk link, although it would stop the multicast traffic being flooded to all end device ports in that vlan unless there were clients who had registered.

Now I could well be wrong about this as I have no devices to test with.  I don't know for example if merely knowing there is another PIM router on the same IP subnet means the multicast stream is automatically sent although it sounds from the above like it would be as snooping would not stop it.

So I'm not suggesting you should configure PIM snooping because I have never used it and I don't know what the consequences would be of router 2 not seeing the stream ie. it might then decide it should be forwarding itself.

Sorry I can't be more precise and I may have got it all wrong.

Perhaps someone else could comment ?

Thoughts ?

Jon

PIM snooping is an extension to igmp snooping. L2 subsystem forwards mcast packets to host ports by listening igmp join/leave packets and spams all mcast packets to a router port. With PIM extension L2 subsystem forward packets to mroute ports by listen for pim join/prune packets, similar to igmp snooping.

 

I'm not sure what is confusing you. If there are RP/STP tree node on port then packet will be send, if there are no tree nodes then there is no record in pim snooping table.

I'm not sure what is confusing you.

I am easily confused :-)

Jon

So I'm like Jon, easily confused, especially when it comes to multicast! 

So if I understand your comment, PIM snooping will listen just like IGMP snooping and only forward multicast packets that have an interested listener even though there are mrouter ports?

--Tim

Tim

In addition can you post the following output from both devices -

"sh ip igmp snooping mrouter vlan 10"

Jon

 

Here is the output from the snooping commands:

R1#sh ip igmp snooping mrouter vlan 10
vlan            ports
-----+----------------------------------------
  10  Po10,Router

R2#sh ip igmp snooping mrouter vlan 10
vlan            ports
-----+----------------------------------------
  10  Po10,Router

 

--Tim

Review Cisco Networking for a $25 gift card