Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
4
Replies

PIX SMR 6.2 (multicast) Feature - Explanation Needed.

kfarrington
Level 3
Level 3

‎06-10-2003 07:02 AM - edited ‎02-20-2020 10:47 PM

Stub Multicast Routing (SMR) feature, introduced with PIX Firewall version 6.2.

Can somone help me and give me an indepth explanation on how this works say for an multicast receiver.

example1 (recv)

rtrx(RP)-------rtra------pix-------rtrb-------host(receiver)

example2 (source)

rtrx(RP)-------rtra------pix-------rtrb-------host(source)

example1

Host sends an igmp join. rtrb must send pim join to pix

How does the pix enterpret the pim join? does it proxy the pim-join and send an igmp-join to rtra?

example2

Host sends a UDP stream. rtrb unicast register packet to RP.

RP, sends PIM-join to rtra which sends a pim-join to pix, which then the PIX must send a pim joint to rtrb.

How does this work? In this instance, it cant use IGMP as it's rtr-to-rtr?

Many thx

Ken

0 Helpful
4 Replies 4

msitzman
Cisco Employee
Cisco Employee

‎06-10-2003 07:20 AM

The short answer is that the PIX does not currently support PIM. :-(

The PIX does support IGMP for passthrough traffic and for the most basic setup all you have to do is enable the interfaces for multicast. Once this is done the PIX will see the IGMP join message from the inside host and will forward the inbound traffic to the host who asked for it.

Out bound multicast traffic is slightly different but all you have to add here is a multicast route (mroute) for the next hop, again after enabling the interfaces for multicast traffic.

Hope this helps...

Marcus

0 Helpful

kfarrington
Level 3
Level 3
In response to msitzman

‎06-10-2003 07:29 AM

Many thx for that Marcus, but if the pix receives a PIM messages (not an IGMP) message, does the pix see the PIM join, and replaces it with an IGMP join?

Assume, the host is not on a LAN directly off the PIX, and off a router behind the pix. host sends igmp join, but the router must create state and send a pim join towards the RP. The hosts igmp join has a ttl of 1 so cannot be re-used, or does the router f/wd the igmp join to the pix instead of a pim join and change the igmp joins ttl so the router can f/wd it to the pix?

Many thx fella :)

0 Helpful

msitzman
Cisco Employee
Cisco Employee
In response to kfarrington

‎06-10-2003 07:55 AM

No problem at all. This is a fairly new and not so widely used feature of the pix so there is not a lot of information out there as of yet for the pix igmp support.

The pix will basically ignore any pim message it receives. It does not know what to do with it since there is no pim support. The pix will only handle igmp messages from hosts/routers.

I can not speak intelligently about the design of your multicast network but the inside router will need to send an igmp join towards the pix. If you confiugre the inside router as a member of the igmp group for the interface that faces the inside of the pix, you should see this result. Does that makes sense (it sounds kind of weird ;-) )

Marcus

0 Helpful

kfarrington
Level 3
Level 3
In response to msitzman

‎06-10-2003 08:02 AM

That sounds spot on mate :)

Will lab this and get some decodes but that sounds perfect.

Many thx for you help :))

Ken

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card