Rob Riker/ Simplified Networking: IOS and IOS XR Multicast VPN with the Rosen Model Default MDT with Static RP

In this post we will follow on from the previous post where we looked at Multicast VPN on just IOS. We'll expand on that post with this one. Just a couple of things before we get into the fun stuff. The topology has grown significantly since the last post, this was done as the original 2 IOS XR PE routers running IOS XR 6.0 code don't appear to support multicast in the data plane. I have attempted mVPN on both IOS XR 6.0 OVA and .VMDK variations. These are the same .VMDK used for VIRL, that's where I downloaded it from. I ended up using IOS XR 5.3 OVA, the OVA is the only version tested that supports the dataplane. I have not tested any other versions, so you may get lucky if you find a version that works. However, for those with an interest of the CCIE SPv4 lab exam, IOS XR 6.0 is the version listed to be used in the lab exam.

So like the previous post, the is the MDT default, which means that like PIM Dense mode, every PE gets the traffic even if the traffic isn't destined for it.

XR9 is the bottom left router connected to R14 and XR1. IOS XR uses two different constructs to enable mVPN. IOS XR supports both enterprise and service provider multicast. We'll configure multicast on IOS XR and show the configuration of R3 just to show IOS and IOS XR in the same post. R5 is the multicast source, ping 224.1.1.1 from here should get responses from 6 receivers

PIM or Protocol Independent Mutlicast is used to build PIM trees between all the routers. Without PIM enabled, routed multicast can't flow between the routers and is restricted to a TTL of 1 or link local multicast. The PIM construct is used to define the RP address, where to source PIM traffic from and define VRF specific info. The RP address of 172.16.100.1 is the RP of the SP and the VRF RP address is the RP of the customer.

The multicast construct enables multicast to be forwarded. The MDT or multicast distribution tree is used to build the PIM tunnels. To avoid an RPF issue, it is a best practice to enable multicast on all interfaces enabled for IGP. Specify the MDT source, since this is a PE router, the MDT source should be the loopback that is the LDP and BGP source. Under the VRF, specifying the MDT default multicast group address.

XR9
multicast-routing
address-family ipv4
mdt source Loopback0
interface all enable
!
vrf MCAST
address-family ipv4
mdt source Loopback0
interface all enable
mdt default ipv4 232.0.0.1
!
router pim
address-family ipv4
rp-address 172.16.100.1
interface Loopback0
!
vrf MCAST
address-family ipv4
rp-address 172.16.100.5
interface GigabitEthernet0/0/0/0.1419
!
router bgp 1
address-family ipv4 unicast
!
address-family vpnv4 unicast
!
address-family ipv6 unicast
!
address-family vpnv6 unicast
!
address-family ipv4 mdt
!
neighbor 172.16.100.1
remote-as 1
update-source Loopback0
address-family vpnv4 unicast
!
address-family vpnv6 unicast
!
address-family ipv4 mdt
!
!
vrf MCAST
rd 1:1
address-family ipv4 unicast
!
address-family ipv6 unicast

RP/0/0/CPU0:XR9#sh pim neighbor
Sun Mar 4 23:56:32.026 UTC

Neighbor Address Interface Uptime Expires DR pri Flags

10.11.19.11 GigabitEthernet0/0/0/0.1119 01:38:18 00:01:31 1 B
10.11.19.19* GigabitEthernet0/0/0/0.1119 01:38:23 00:01:29 1 (DR) B P E
172.16.100.19* Loopback0 01:38:23 00:01:21 1 (DR) B P

This validates that there are PIM neighbors, in this case it is XR1.

RP/0/0/CPU0:XR9#sh pim vrf MCAST neighbor
Sun Mar 4 23:56:41.246 UTC

Neighbor Address Interface Uptime Expires DR pri Flags

10.14.19.14 GigabitEthernet0/0/0/0.1419 01:36:38 00:01:36 1 P
10.14.19.19* GigabitEthernet0/0/0/0.1419 01:38:32 00:01:20 1 (DR) B P E
172.16.100.3 mdtMCAST 01:29:31 00:01:18 1 P
172.16.100.9 mdtMCAST 01:29:58 00:01:19 1 P
172.16.100.18 mdtMCAST 01:29:42 00:01:31 1
172.16.100.19* mdtMCAST 01:38:28 00:01:34 1 P
172.16.100.110 mdtMCAST 01:29:57 00:01:21 1 (DR) P

There are also VRF MCAST PIM neighbors, one to R14 which is the G0/0/0/0.1419, there others are MDT peers from the PIM tunnels, which are mGRE tunnels.

RP/0/0/CPU0:XR9#sh bgp ipv4 mdt | b Network
Sun Mar 4 23:57:28.713 UTC
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1
*>i172.16.100.3/96 172.16.100.3 0 100 0 ?
*>i172.16.100.4/96 172.16.100.4 0 100 0 ?
*>i172.16.100.9/96 172.16.100.9 0 100 0 ?
*>i172.16.100.14/96 172.16.100.14 100 0 i
*>i172.16.100.18/96 172.16.100.18 100 0 i
*> 172.16.100.19/96 0.0.0.0 0 i
*>i172.16.100.110/96 172.16.100.110 0 100 0 ?

Processed 7 prefixes, 7 paths

R14#sh ip pim neighbor | b Address
Address Prio/Mode
10.14.19.19 GigabitEthernet1.1419 01:43:29/00:01:28 v2 1 / DR P G

R3
ip multicast-routing distributed
!
ip multicast-routing vrf MCAST distributed
!
interface GigabitEthernet1.13
ip pim sparse-mode
!
interface Loopback0
ip pim sparse-mode
!
interface GigabitEthernet1.35
vrf forwarding MCAST
ip pim sparse-mode
!
ip pim rp-address 172.16.100.1
!
ip pim vrf MCAST rp-address 172.16.100.5
!
router bgp 1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 172.16.100.1 remote-as 1
neighbor 172.16.100.1 update-source Loopback0
!
address-family ipv4 mdt
neighbor 172.16.100.1 activate
neighbor 172.16.100.1 send-community both

R3#sh bgp ipv4 mdt all
BGP table version is 25, local router ID is 172.16.100.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf MCAST)
*> 172.16.100.3/32 0.0.0.0 0 ?
*>i 172.16.100.4/32 172.16.100.4 0 100 0 ?
* i 172.16.100.4 0 100 0 ?
* i 172.16.100.9/32 172.16.100.9 0 100 0 ?
*>i 172.16.100.9 0 100 0 ?
*>i 172.16.100.13/32 172.16.100.13 100 0 i
*>i 172.16.100.14/32 172.16.100.14 100 0 i
*>i 172.16.100.18/32 172.16.100.18 100 0 i
* i 172.16.100.18 100 0 i
*>i 172.16.100.19/32 172.16.100.19 100 0 i
*>i 172.16.100.110/32

172.16.100.110 0 100 0 ?

R1
router bgp 1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor MCAST peer-group
neighbor MCAST remote-as 1
neighbor MCAST update-source Loopback0
neighbor 172.16.100.19 peer-group MCAST
!
address-family ipv4 mdt
neighbor MCAST route-reflector-client
neighbor 172.16.100.19 activate

R1#sh bgp ipv4 mdt all | b Network
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1
*>i 172.16.100.3/32 172.16.100.3 0 100 0 ?
*>i 172.16.100.4/32 172.16.100.4 0 100 0 ?
*>i 172.16.100.9/32 172.16.100.9 0 100 0 ?
*>i 172.16.100.14/32 172.16.100.14 100 0 i
*>i 172.16.100.18/32 172.16.100.18 100 0 i
*>i 172.16.100.19/32 172.16.100.19 100 0 i
*>i 172.16.100.110/32
172.16.100.110 0 100 0 ?

We can see that R1, the BGP Route Reflector, has formed MDT peerings with all the PE routers.

R5
ip multicast-routing distributed
!
ip pim rp-address 172.16.100.5
!
interface GigabitEthernet1.35
ip pim dr-priority 0
ip pim sparse-mode
!
interface Loopback0
ip pim sparse-mode

R5#ping 224.1.1.1 repeat 2
Type escape sequence to abort.
Sending 2, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds:

Reply to request 0 from 10.10.11.11, 64 ms
Reply to request 0 from 10.18.13.13, 318 ms
Reply to request 0 from 10.4.7.7, 263 ms
Reply to request 0 from 10.4.8.8, 246 ms
Reply to request 0 from 10.14.19.14, 229 ms
Reply to request 0 from 172.16.100.120, 188 ms
Reply to request 0 from 10.12.9.12, 64 ms

Rob Riker/ Simplified Networking

Sunday, March 4, 2018

IOS and IOS XR Multicast VPN with the Rosen Model Default MDT with Static RP

No comments:

Post a Comment

Blog Archive