cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1627
Views
0
Helpful
20
Replies

mVPN Core Multicast group addresing

chintan-shah
Level 3
Level 3

Hi,

I have to run PIM-SM and PIM-SSM based both in Core. This is purely due to multivendor enviroment.

When I have all customer sites on cisco, i will run PIM-SSM ( default +data) and when i have multivendor in picture will run PIM-SM ( default) for specific customer. This will purely product team driven.

Now, I have to make sure that i use proper different Multicast group for both.

I have in mind that

1. PIM-SM - 239.192.0.0/16 range.

where 239.192.1.1 - default mdt, 239.192.2.0/24 - DATA MDT per customer

same way second customer 239.192.1.2 - default , 239.192.3.0/24 - DATA MDT

2. PIM-SSM : 239.232.0.0/16

customer -1

239.232.1.1 - default mdt

239.232.2.0/24 - data mdt

customer-2

239.232.1.2 - default mdt

293.232.3.0/24- data mdt ..so on.

With this, I have following configuation :

ip pim rp-address 1.1.1.1 SM-RANGE

ip pim ssm range SSM-RANGE

ip access-list standard SSM-RANGE

permit 239.232.0.0 0.0.255.255

ip access-list standard SM-RANGE

permit 239.192.0.0 0.0.255.255

ip vrf VPN-A

description A Customer using MVPN SM

rd 65000:65003

route-target both 65000:65000

mdt default 239.192.1.1

mdt data 239.192.2.0 0.0.0.15 threshold 1

ip vrf VPN-B

description A Customer using MVPN SSM

rd 65000:65011

route-target both 65000:65000

mdt default 239.232.1.1

mdt data 239.232.2.0 0.0.0.15 threshold

ip multicast-routing

ip multicast-routing vrf VPN-A

ip multicast-routing vrf VPN-B

Is this looking corect ? I have one doubt is, the DATA MDT range used for PIM-SM based solution should be in SM ACL or SSM ACL ??

Any suggestion on Multicast addressing for my requirment ? I would apprcieate the help !!

Regards,

Chintan

Regards,

Chitnan

2 Accepted Solutions

Accepted Solutions

Chintan,

Assuming you will always use PIM SSM for the DATA MDT, you can use the same pool on all PEs as PIM SSM uses both the multicast address and the source address to identify a given multicast stream. So using the same pool on a all PEs is not an issue as long as the pool is unique on the PE.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Hi,

Let's say you use PIM-SM for the Data-MDT and you have the same pool configured for the same Multicast Domain or mVPN.

If two PEs connected to two different customer sources using different groups choose the same Data-MDT group, each PE joining this Data-MDT will receive both traffic even if their receivers are interested only with one customer group.

If you let the PEs to switchover to the SPT, they could also choose the wrong source PE.

Here is an extract from Rozen draft about this issue:

"

7.3. Use of SSM for Data MDTs

The use of Data MDTs requires that a set of multicast P-addresses be

pre-allocated and dedicated for use as the destination addresses for

the Data MDTs.

If SSM is used to set up the Data MDTs, then each MD needs to be

assigned a set of these of multicast P-addresses. Each VRF in the MD

needs to be configured with this set (i.e., all VRFs in the MD are

configured with the same set). If there are n addresses in this set,

then each PE in the MD can be the source of n Data MDTs in that MD.

If SSM is not used for setting up Data MDTs, then each VRF needs to

be configured with a unique set of multicast P-addresses; two VRFs in

the same MD cannot be configured with the same set of addresses.

This requires the pre-allocation of many more multicast P-addresses,

and the need to configure a different set for each VRF greatly

complicates the operations and management. Therefore the use of SSM

for Data MDTs is very strongly recommended.

"

So the best design in your case is to have PIM-SM (without switchover to the SPT) for the default-MDT and PIM-SSM for the Data-MDT as already explained by Harold. This should be supported by all vendors.

Regarding your SLA, if you are using anycast RP, your convergence time is the same as for PIM-SSM, it relies only on the speed of your IGP to converge.

HTH

Laurent.

View solution in original post

20 Replies 20

Harold Ritter
Cisco Employee
Cisco Employee

Chintan,

Picking a different approach for different customers will make this network more complicated to provision, support and troubleshoot.

I would suggest you pick the one approach that fits all vendors (lowest common denominator) and that you use it for all customers. This will probably save lots of headaches.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Hritter,

I agree with you but problem is we have some of customer requirments like fast convergance where PIM-SM doesn't give be nefit due to RP/MSDP Infra and so we might have to use PIM-SSM.

But there are some customers who have specially not specific SLA and some of sites on DSL for which BRAS doesn't support PIm-SSM and we are forced to give PIM-SM . that's why we feel to keep two approach and going foraward i would like to keep only PIM-SSM once vendor support this....

I am still under evaluation stage and will also have word with our cisco AS team.

Many thanks for your feedback.

Regards,

Chintan

Laurent Aubert
Cisco Employee
Cisco Employee

Hi,

It works for PIM SSM because the source will be different so you can use the same Data-MDT pool for the same mVPN on different PE.

But with PIM-SM, you will not be able to differentiate two different sources for which their attached PEs chose the same Data-MDT so you need a pool per mVRF instead of per mVPN

Also your configuration looks correct.

HTH

Laurent.

Hi Laurent,

When you say PIm-SM, I will neer pool per mVRF instead of per mVPN.

Does it mean that if i have 100 sites say connected to 20 PE in network , I will have to use total 20 different DATA POOL.

like : 239.192.2.0/24 ---239.192.21.0/24 ?

Regards,

Chintan

Hi Chintan

You can use the same pool across all the PE. Because data mdt will be used as a single per PE. SO if you are using /24 pool it means 255 PE can be connetced for same mVPN custmer.

regards

shivlu jain

Hi Shivlu,

I had a same understanding but as per laurent it is not a case , as he says for PIM-SM, you will have to use different pool per mVRF not per mVPN.

Am I understanding something wrong here ?

REgards,

Chintan

Hi Chintan

It is truly said by laurent.

Please check the section 4.1 of the given link

http://tools.ietf.org/html/draft-rosen-vpn-mcast-07

regards

shivlu jain

Chintan,

Assuming you will always use PIM SSM for the DATA MDT, you can use the same pool on all PEs as PIM SSM uses both the multicast address and the source address to identify a given multicast stream. So using the same pool on a all PEs is not an issue as long as the pool is unique on the PE.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Hritter,

But if we use PIM-SM for DATA MDT aswell, What Laurent says is applicable and for same customer if they have 10 VRF ( i.e.PE) i have to use 10 different Multicast group range for DATA MDT.

But even I use PIM-SM for Default but DATA on PIM-SSM , What you says would be more sclable solution.

Am i correct ?

Hi Laurent

It would be better if you explain with the help of some example so that we can get the proper understanding.

regards

shivlu jain

Hi,

Can you direct to any link explaining your input in little detail ?

Regards,

Chintan

shivlu jain
Level 5
Level 5

Hi Chintan

The configuration looks fine. If the customer is provisioned with SSM then data and default mdt shoudl be a part of SSM acl. If the customer is provisioned with SM then data and default mdt should be configured in SM acl.

The main logic is that mrouting of data and default should available in global mrouting table.

regards

shivlu jain

Hi,

Let's say you use PIM-SM for the Data-MDT and you have the same pool configured for the same Multicast Domain or mVPN.

If two PEs connected to two different customer sources using different groups choose the same Data-MDT group, each PE joining this Data-MDT will receive both traffic even if their receivers are interested only with one customer group.

If you let the PEs to switchover to the SPT, they could also choose the wrong source PE.

Here is an extract from Rozen draft about this issue:

"

7.3. Use of SSM for Data MDTs

The use of Data MDTs requires that a set of multicast P-addresses be

pre-allocated and dedicated for use as the destination addresses for

the Data MDTs.

If SSM is used to set up the Data MDTs, then each MD needs to be

assigned a set of these of multicast P-addresses. Each VRF in the MD

needs to be configured with this set (i.e., all VRFs in the MD are

configured with the same set). If there are n addresses in this set,

then each PE in the MD can be the source of n Data MDTs in that MD.

If SSM is not used for setting up Data MDTs, then each VRF needs to

be configured with a unique set of multicast P-addresses; two VRFs in

the same MD cannot be configured with the same set of addresses.

This requires the pre-allocation of many more multicast P-addresses,

and the need to configure a different set for each VRF greatly

complicates the operations and management. Therefore the use of SSM

for Data MDTs is very strongly recommended.

"

So the best design in your case is to have PIM-SM (without switchover to the SPT) for the default-MDT and PIM-SSM for the Data-MDT as already explained by Harold. This should be supported by all vendors.

Regarding your SLA, if you are using anycast RP, your convergence time is the same as for PIM-SSM, it relies only on the speed of your IGP to converge.

HTH

Laurent.

Hi Laurent,

Many thanks for excellent explanation on pointing on draft-rosen section. Now I understood well.

I will change my configuation to keep PIN-SM ACL for only Default MDT and PIM-SSM for DATA MDT.

And also can use PIM-SSM Default MDT from same SSM based range.

Sorry for multiple mails but i understood well now.

Thanks Hritter for your help too !!

Regards,

Chintan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: