Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
0
Replies

Nexus 5600: Multicast RP register-policy does not send register-stop to first hop router when receiving not allowed streams?

thorsten.steffen
Level 3
Level 3

‎01-24-2019 03:21 AM

Hi,

I test nexus 5600 [NX-OS 7.3(1)N1(1)] as pim-sm multicast rp with using pim register-policy to control allowed multicast sources and groups.

 

For using the "ip pim register-policy" command I configured a route-map like

route-map rm_registertest permit 10
 match ip multicast source 10.0.0.1/32 group 239.192.100.100/32
route-map rm_registertest permit 20
 match ip multicast source 10.123.123.1/32 group 239.192.100.100/32
...

 

When sending a multicast stream not allowed in the route-map this stream will be registered by the first hop router (Catalyst 6K Switch) endlessly. That means "show ip mroute" will show registering state endlessly,

firsthop-router#sh ip mroute              
...
(10.123.123.1, 239.192.200.200), 00:13:44/00:01:10, flags: PFT
  Incoming interface: Vlan2222, RPF nbr 0.0.0.0, Registering
  Outgoing interface list: Null

 and "show ip pim policy statistics register-policy" on rp (Nexus 5600) will increase comparison counts of every route-map entry endlessly.

mcast-rp# sh ip pim policy statistics register-policy 
route-map rm_registertest permit 10
 match ip multicast source 10.0.0.1/32 group 239.192.100.100/32   C: 571192  M: 0
route-map rm_registertest permit 20
 match ip multicast source 10.123.123.1/32 group 239.192.100.100/32 C: 571192  M: 0
...
Total accept count for policy: 18    
Total reject count for policy: 571192

 So it seems that the rp does not send a register-stop to the fhr, which results in the fhr endlessly registering (incl. encapsulating) the stream and the rp endlessly decapsulating/checking/dropping this stream. No good when it's a 3Gb/s video stream; yes we already use register-rate limit on the fhr to prevent this but I think it would be better if fhr would drop the stream instead of endlessly registering.

 

When using a catalyst 6K as rp (= IOS and "ip pim accept-register <acl>" configuration) in the same scenario it seems that the rp sends a register-stop to the fhr because there is no registering state in the mroute table.

firsthop-router# sh ip mroute 
...
(10.123.123.1, 239.192.200.200), 00:00:12/00:02:47, flags: PFT
  Incoming interface: Vlan2222, RPF nbr 0.0.0.0
  Outgoing interface list: Null

 

Does anybody know if nexus behaviour can be changed to send register-stops? Or is there any other possibility to solve this issue?

 

Best regards

Thorsten

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card