09-28-2012 05:48 PM - edited 03-07-2019 09:10 AM
Looking for assistance with multicast over IRB interfaces. My full config below, works as expected on a Cisco 1760 router (IOS 12-4) but fails strangely on our Cisco 2800 (IOS 15-1) and Cisco 1941 G2 routers.
I use Windows 7 Enterprise and VLC 2.0.0 Two Flower as the multicast video receiver. On the 1760 router, I open VLC, request the video (rtp://@239.255.0.1:5004) and it plays flawlessly.
We have to upgrade the older outdated unsupported Cisco 1760 routers. We replace the Cisco 1760 router with a Cisco 1941 router. Configuration differs ONLY in the interface speeds; F0/0 to G0/0 and that is just bout it. Using the same Windows 7 Enterprise PC, I open VLC again and request the video -same as before; No video and no voice. We swap the 1941 out and put in the 1760 again, multicast works flawlessly. If we put the 1941 router back in, multicast fails again. We put the Cisco 2800 series router in and it also fails the same as the 1941 router.
Troubleshooting, I open VLC and request the same multicast video. On the same PC, I open Wireshark and start capturing packets, - and instantly the VLC video starts playing. I close Wireshark and the video stops. I open Wireshark and start capturing packets again and the VLC video starts playing again.
Wireshark shows the video packets are being received from the source when VLC is requesting the video. If I close VLC while Wireshark is capturing packets, Wireshark shows the video stream stops.
Shows the correct multicast sources, incoming and outgoing interface details
Incoming interface is Serial
Outgoing interface is BVI
Show ip pim rp
Reveals the correct RP details
show ip pim rp mapping
Display the correct details also.
Debug ip pim 239.255.0.1
Output matches the other peer stub; other stub does not use bridging.
TOPOLOGY:
This router is a single stub router with a single 2960 switch.
Source---2960_switch---WAN1----MPLS_Cloud---WAN3---2960_switch----PC_VLC_Receiver
WAN3 CONFIGURATION : - I included the entire config hoping to speed the resolution.
WAN3#sh run
configuration mode exclusive auto
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime
service timestamps log datetime
service password-encryption
service sequence-numbers
!
hostname WAN3
!
boot-start-marker
boot system flash:c1700-adventerprisek9-mz.124-25d.bin
boot-end-marker
!
security passwords min-length 14
logging buffered 51200 debugging
logging rate-limit console 10
enable secret --removed--
!
no aaa new-model
clock timezone EST -5
clock summer-time EDT recurring
no ip source-route
no ip gratuitous-arps
ip cef
!
ip nbar pdlm flash:bittorrent.pdlm
ip nbar pdlm flash:citrix.pdlm
ip nbar pdlm flash:edonkey.pdlm
ip nbar pdlm flash:sap-app.pdlm
ip nbar pdlm flash:sap-msg.pdlm
ip nbar pdlm flash:winmx.pdlm
!
no ip dhcp use vrf connected
ip dhcp excluded-address 172.16.3.1 172.16.3.5
!
ip dhcp pool DHCP
network 172.16.3.0 255.255.255.0
domain-name IPKET
default-router 172.16.3.1
dns-server 172.16.1.2
lease 2
!
!
ip flow-cache timeout active 5
no ip bootp server
no ip domain lookup
ip domain name IPKET
ip multicast-routing
ip multicast netflow output-counters
ip multicast netflow rpf-failure
ip multicast auto-enable
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
login block-for 65535 attempts 3 within 1800
login quiet-mode access-class LOGIN
login on-failure log
login on-success log
!
ipv6 unicast-routing
ipv6 cef
!
password encryption aes
!
!
!
ip tcp selective-ack
ip tcp synwait-time 10
ip ssh time-out 30
ip ssh source-interface Loopback0
ip ssh version 2
!
class-map match-all COPP_DEFAULT
match access-group name DEFAULT
class-map match-all VIDEO
match dscp default
class-map match-all COPP_2
match access-group name CRITICAL
class-map match-all COPP_7
match access-group name UNDESIRABLE
class-map match-all COPP_6
match access-group name NORMAL
class-map match-any COPP_4
match access-group name IMPORTANT
match protocol arp
!
!
policy-map DROP
class VIDEO
drop
policy-map CONTROL-PLANE-POLICY
class COPP_2
police 512000 8000 conform-action transmit exceed-action transmit
class COPP_4
police 256000 4000 conform-action transmit exceed-action drop
class COPP_6
police 128000 2000 conform-action transmit exceed-action drop
class COPP_7
police 8000 1000 conform-action drop exceed-action drop
class class-default
police 64000 1000 conform-action transmit exceed-action drop
!
!
no crypto isakmp enable
!
bridge irb
!
!
!
interface Loopback0
description MGT
ip address 172.16.30.2 255.255.255.255
ip pim sparse-mode
ipv6 address --removed--
!
interface Loopback1
description 6to4
ip address 172.16.30.3 255.255.255.255
!
interface Loopback3
description 6TO4
no ip address
ipv6 address --removed--
!
interface Loopback64
description 6TO4
no ip address
ipv6 address --removed--
!
interface Tunnel2002
description Dynamic 6to4 Tunnel
no ip address
no ip redirects
ipv6 address 2002:AC10:1E03::1/128
tunnel source Loopback1
tunnel mode ipv6ip 6to4
!
interface FastEthernet0/0
description DO NOT SHUT
bandwidth 100000
no ip address
load-interval 30
speed auto
!
interface FastEthernet0/0.6
description MGT
encapsulation dot1Q 6 native
ip address 192.168.1.7 255.255.255.0
ip flow ingress
ip flow egress
!
interface FastEthernet0/0.31
encapsulation dot1Q 31
bridge-group 6
!
interface FastEthernet0/0.32
encapsulation dot1q 32
bridge-group 6
!
interface Serial1/0
bandwidth 1544
no ip address
encapsulation frame-relay IETF
load-interval 30
clock rate 2000000
frame-relay lmi-type ansi
frame-relay intf-type dce
!
interface Serial1/0.1 point-to-point
description To MPLS cloud
ip address 172.17.30.1 255.255.255.252
ip flow ingress
ip flow egress
ip pim sparse-mode
ipv6 address 172:17:30::1/126
frame-relay interface-dlci 300 IETF
!
interface BVI6
ip address 172.16.3.1 255.255.255.0
no ip redirects
ip flow ingress
ip flow egress
ip pim sparse-mode
ip igmp version 3
ipv6 address --removed--
!
router bgp 30
bgp router-id 172.16.30.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 172:17:30::2 remote-as 65535
neighbor 2002:AC10:A03::1 remote-as 10
neighbor 2002:AC10:A03::1 description 6to4 Tunnel, WAN1
neighbor 2002:AC10:A03::1 ebgp-multihop 3
neighbor 2002:AC10:A03::1 password --removed--
neighbor 172.17.30.2 remote-as 65535
!
address-family ipv4
redistribute connected route-map LOCALS
neighbor 172.17.30.2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family ipv6
neighbor 172:17:30::2 activate
neighbor 172:17:30::2 prefix-list SITESUM out
neighbor 172:17:30::2 filter-list 1 in
neighbor 2002:AC10:A03::1 activate
neighbor 2002:AC10:A03::1 prefix-list 6TO4 out
aggregate-address --removed--::/58 summary-only
redistribute connected
no synchronization
exit-address-family
!
no ip forward-protocol nd
no ip forward-protocol udp bootps
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
ip route 172.16.0.0 255.255.0.0 Null0
!
ip as-path access-list 1 permit ^65535_
ip flow-export source FastEthernet0/0.6
ip flow-export version 9
ip flow-export template refresh-rate 15
ip flow-export destination 192.168.1.246 9996
ip flow-export destination 192.168.1.100 9996
!
no ip http server
no ip http secure-server
ip pim bidir-enable
no ip pim dm-fallback
ip pim autorp listener
!
ip access-list standard ADMIN
permit 192.168.1.0 0.0.0.255
deny any log
ip access-list standard LOCALS
remark Loop0
permit 172.16.30.2
remark Loop1
permit 172.16.30.3
remark Local NETS
permit 172.16.3.0 0.0.0.255
ip access-list standard LOGIN
permit 192.168.1.1
deny any log
!
ip access-list extended CRITICAL
remark _____________________________
permit tcp host 172.17.30.1 host 172.17.30.2 eq bgp
permit tcp host 172.17.30.2 host 172.17.30.1 eq bgp
remark Include MFR packets
deny ip any any
ip access-list extended DEFAULT
permit ip any any
ip access-list extended IMPORTANT
remark _____________________________
permit udp host 192.168.1.248 172.16.0.0 0.0.255.255 eq snmp
permit ip host 192.168.1.248 192.168.0.0 0.0.255.255
permit udp host 192.168.1.249 172.16.0.0 0.0.255.255 eq snmp
permit ip host 192.168.1.249 192.168.0.0 0.0.255.255
permit udp host 192.168.1.250 172.16.0.0 0.0.255.255 eq snmp
permit ip host 192.168.1.250 192.168.0.0 0.0.255.255
permit udp host 192.168.1.251 192.168.1.0 0.0.0.255 eq snmp
permit udp host 192.168.1.252 192.168.1.0 0.0.0.255 eq snmp
permit icmp host 192.168.1.251 192.168.1.0 0.0.0.255
permit icmp host 192.168.1.252 192.168.1.0 0.0.0.255
permit udp host 192.168.1.12 192.168.1.0 0.0.0.255 eq ntp
permit pim any any
deny ip any any
ip access-list extended NET-WK-MGT
permit tcp 192.168.1.0 0.0.0.255 172.16.0.0 0.0.255.255 eq 8008
permit tcp 192.168.1.0 0.0.0.255 172.16.0.0 0.0.255.255 range 48000 48020
permit ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 172.16.2.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 172.16.3.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 172.16.4.0 0.0.0.255
permit icmp host 192.168.1.252 any echo
permit icmp host 192.168.1.251 any echo
permit icmp 192.168.1.0 0.0.0.255 any echo
permit icmp 192.168.1.0 0.0.0.255 any echo-reply
permit udp host 192.168.1.252 any eq snmp log
permit udp host 192.168.1.252 any eq snmptrap log
permit udp host 192.168.1.251 any eq snmp log
permit udp host 192.168.1.251 any eq snmptrap log
permit udp host 192.168.1.248 any eq snmp log
permit udp host 192.168.1.248 any eq snmptrap log
permit udp 192.168.1.0 0.0.0.255 any eq ntp
permit udp any any eq domain
deny udp any any eq 5355 log
deny ip any any log
ip access-list extended NORMAL
remark _____________________________
permit icmp any any echo
permit icmp any any echo-reply
deny ip any any
ip access-list extended UNDESIRABLE
remark _____________________________
permit udp any any eq ntp
permit udp any any eq snmptrap
permit tcp any any eq 22
permit tcp any any eq telnet
permit eigrp any any
permit ospf any any
permit udp any any eq rip
deny ip any any
!
logging history debugging
logging facility syslog
logging source-interface FastEthernet0/0.6
logging 192.168.1.220
access-list 1 permit 172.16.1.0 0.0.0.255
access-list 1 permit 172.16.2.0 0.0.0.255
access-list 1 permit 172.16.3.0 0.0.0.255
access-list 1 permit 172.16.4.0 0.0.0.255
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 deny any log
snmp-server group RO v3 priv match exact read READVIEW access ADMIN
snmp-server view READVIEW internet included
snmp-server ifindex persist
snmp-server enable traps tty
ipv6 route 2002:AC10:A03::1/128 Tunnel2002
ipv6 route --removed--::/58 Null0
!
!
ipv6 prefix-list 6TO4 seq 20 permit 2002:AC10:1E03::1/128
ipv6 prefix-list 6TO4 seq 30 permit --removed--::/60
!
ipv6 prefix-list SITESUM seq 20 permit --removed--::/58
route-map LOCALS permit 10
match ip address LOCALS
!
!
control-plane
service-policy input CONTROL-PLANE-POLICY
!
bridge 6 protocol ieee
bridge 6 route ip
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
login
line aux 0
access-class 1 in
exec-timeout 0 1
no exec
speed 300
line vty 0 4
session-timeout 5 output
exec-timeout 0 0
password --removed--
logging synchronous
login
transport input telnet
transport output telnet
line vty 5 15
session-timeout 5 output
exec-timeout 0 0
password --removed--
logging synchronous
login
transport input telnet
transport output telnet
!
ntp logging
ntp authentication-key --removed-- md5 --removed-
ntp authenticate
ntp trusted-key --removed--
ntp clock-period 17207749
ntp source FastEthernet0/0.6
ntp server 192.168.1.12
end
!
interface FastEthernet0/0.32
encapsulation dot1Q 32
bridge-group 6
10-02-2012 07:42 AM
Still looking for assistance.
Anyone . . . ?????
10-12-2012 11:13 AM
Problem resolved; IOS BUG.
Now works just as expected!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide