Solved: Forwarding FHRP (HSRP) Multicast over a GRE Multicast-enabled Tu

spoofneted · ‎09-22-2013

I've been reading through various Multicast Forwarding over GRE (i.e. enable PIM Sparse on the Interesting Interface on each router, and the GRE Tunnel), and can see that this allows you to use the pre-allocated 224.0.1.40 Multicast subnet.

(Source: https://supportforums.cisco.com/thread/2168826)

My intent here is to try and run HSRP between two routers with a shared Subnet (i.e. RouterA has an Fa1/0 as 10.230.108.2/28 -

HSRP 10.230.108.1; RouterB has an Fa1/0 as 10.230.108.3/28 - HSRP 10.230.108.1) - however that Shared Subnet is actually a Resilient (Active/Passive) pair of ASA Firewalls, hence I don't have a common Broadcast Domain for the HSRP -> 224.0.0.2 Multicast "Hello" messages to traverse.

RouterA and RouterB have a /30 routed interface between them, and some Track objects/IP SLA which enables the WAN -> Firewall and Firewall -> WAN Failover to occur (big hint: turn CEF off or watch your Sunday afternoon disappear in a cloud of "Why are you routing there when the RIB table says you go here?!" smoke).

It seems to be possible to forward Multicast across a GRE Tunnel, connected to both RouterA and RouterB so can this be extended to forward HSRP Multicast packets to 224.0.0.2, without needing common Switched infrastructure between RouterA and Router B?

RouterA

ip pim bidir-enable

ip multicast-routing

!

interface FastEthernet0/0

description *** ASA Failover Link ***

ip address 10.182.179.225 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet1/0

description *** Link to ASA (Primary HA) ***

ip address 10.230.108.2 255.255.255.240

no ip redirects

no ip proxy-arp

ip pim sparse-dense-mode

ip route-cache flow

no ip mroute-cache

duplex auto

speed auto

standby 1 ip 10.230.108.1

standby 1 priority 110

standby 1 preempt

!

interface Tunnel1

ip unnumbered FastEthernet1/0

ip pim sparse-dense-mode

tunnel source FastEthernet0/0

tunnel destination 10.182.179.226

end

RouterB

ip pim bidir-enable

ip multicast-routing

!

ip mroute 10.230.108.2 255.255.255.255 Tunnel1

ip mroute 10.182.179.224 255.255.255.252 Tunnel1

ip mroute 10.230.108.0 255.255.255.240 Tunnel1

!

interface FastEthernet0/0

description *** ASA Failover Link ***

ip address 10.182.179.226 255.255.255.252

duplex auto

speed auto

!

interface FastEthernet1/0

description *** Link to ASA (Primary HA) ***

ip address 10.230.108.3 255.255.255.240

no ip redirects

no ip proxy-arp

ip pim sparse-dense-mode

ip route-cache flow

no ip mroute-cache

duplex auto

speed auto

standby 1 ip 10.230.108.1

standby 1 preempt

!

interface Tunnel1

ip unnumbered FastEthernet1/0

ip pim sparse-dense-mode

tunnel source FastEthernet0/0

tunnel destination 10.182.179.225

end

Lei Tian · ‎09-23-2013

Hi Spoofneted,

The local only mulitcast range 224.0.0.0/24 has ttl = 1. So, my understanding is unless you can bridge the physical and tunnel interface to a layer 2. This will not work.

HTH,

Lei Tian

View solution in original post

Lei Tian · ‎09-23-2013

Hi Spoofneted,

The local only mulitcast range 224.0.0.0/24 has ttl = 1. So, my understanding is unless you can bridge the physical and tunnel interface to a layer 2. This will not work.

HTH,

Lei Tian

spoofneted · ‎10-11-2013

Lei,

Thanks. I achieved what I wannted by investigating bridge-domains instead, as I have a direct L3 link between two routers than a BDI could run across - logically extending ("cross connecting") the L2 domain across, and hence spanning the HSRP.

Very interesting though - the theory was there, just shame the TTL part stopped me,

Lei Tian · ‎10-11-2013

Hi,

Glad you found the solution, and thanks for sharing.

Regards,

Lei Tian

Forwarding FHRP (HSRP) Multicast over a GRE Multicast-enabled Tunnel