配置VRF间组播,而不使用单播VRF间路由泄漏
简介
本文档介绍如何转发从虚拟路由和转发(VRF)源中的源传入的组播流,并转发到VRF接收器中的用户,而不进行单播VRF间路由泄漏。
先决条件
要求
思科建议您了解PIM功能和ASM。
使用的组件
本文档中的信息基于ASR1000。
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您的网络处于活动状态,请确保您了解所有命令的潜在影响。
网络图
配置
在源上生成UDP组播流。
Source#
ip sla 1
udp-echo 239.1.1.1 2000 source-ip 10.1.1.1
ip sla schedule 1 life forever start-time now
接收方配置了IGMP并发送IGMP成员报告。
ASR1000路由器正在进行vrf间组播流量转发。VRF“source”中的环回1是两个VRF的RP。
ASR1000#
ip vrf source
rd 1:1
!
ip vrf receiver
rd 2:2
!
ip multicast-routing vrf source distributed
ip multicast-routing vrf receiver distributed
ip pim vrf source rp-address 1.1.1.1
ip pim vrf receiver rp-address 1.1.1.1
interface Loopback1
ip vrf forwarding source
ip address 1.1.1.1 255.255.255.255
ip pim sparse-mode
interface GigabitEthernet0/0/0
ip vrf forwarding source
ip address 10.1.1.2 255.255.255.0
ip pim sparse-mode
interface GigabitEthernet0/0/1
ip vrf forwarding receiver
ip address 20.1.1.2 255.255.255.0
ip pim sparse-mode
(S, G)条目目前未在vrf“receive”中形成。
ASR1002-1#show ip mroute vrf source
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed,
Q - Received BGP S-A Route, q - Sent BGP S-A Route,
V - RD & Vector, v - Vector, p - PIM Joins on route,
x - VxLAN group, c - PFP-SA cache created entry,
* - determined by Assert
Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.1.1.1), 00:05:01/stopped, RP 1.1.1.1, flags: SPF
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null
(10.1.1.1, 239.1.1.1), 00:05:01/00:02:26, flags: PFT
Incoming interface: GigabitEthernet0/0/0, RPF nbr 0.0.0.0
Outgoing interface list: Null
(*, 224.0.1.40), 00:07:03/00:02:59, RP 1.1.1.1, flags: SJCL
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Loopback1, Forward/Sparse, 00:07:01/00:02:59
ASR1002-X-1#sh ip mroute vrf receiver
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed,
Q - Received BGP S-A Route, q - Sent BGP S-A Route,
V - RD & Vector, v - Vector, p - PIM Joins on route,
x - VxLAN group, c - PFP-SA cache created entry,
* - determined by Assert, # - iif-starg configured on rpf intf,
e - encap-helper tunnel flag
Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.1.1.1), 00:03:23/00:02:44, RP 1.1.1.1, flags: SJC
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
GigabitEthernet0/0/1, Forward/Sparse, 00:03:23/00:02:44
要解决此问题,您需要执行VRF选择以通过RPF检查。
ip access-list standard 1
permit 239.1.1.1 log
exit
ip multicast vrf receiver rpf select vrf source group-list 1
验证
使用本部分可确认配置能否正常运行。
执行上述步骤后,可在接收方上看到组播源。
Receiver#show flow monitor test cache format table
Cache type: Normal (Platform cache)
Cache size: 200000
Current entries: 1
High Watermark: 3
Flows added: 50
Flows aged: 49
- Inactive timeout ( 15 secs) 49
IPV4 SRC ADDR IPV4 DST ADDR TRNS SRC PORT TRNS DST PORT INTF INPUT FLOW SAMPLER ID IP TOS IP PROT ip src as ip dst as ipv4 next hop addr ipv4 src mask ipv4 dst mask tcp flags intf output bytes pkts time first time last
=============== =============== ============= ============= ==================== =============== ====== ======= ========= ========= ================== ============= ============= ========= ==================== ========== ========== ============ ============
10.1.1.1 239.1.1.1 57314 1967 Gi0/0/3 0 0x00 17 0 0 0.0.0.0 /0 /0 0x00 Null 80 1 11:09:08.082 11:09:08.082
接收方上的数据包捕获。
(S,G)条目在VRF接收器中形成。
ASR1002-1#show ip mroute vrf receiver 239.1.1.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local,
P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT,
M - MSDP created entry, E - Extranet, X - Proxy Join Timer Running,
A - Candidate for MSDP Advertisement, U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender, Y - Joined MDT-data group,
y - Sending to MDT-data group, G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed,
Q - Received BGP S-A Route, q - Sent BGP S-A Route, V - RD & Vector, v - Vector,
p - PIM Joins on route, x - VxLAN group, c - PFP-SA cache created entry,
* - determined by Assert Outgoing interface flags: H - Hardware switched,
A - Assert winner, p - PIM Join
Timers: Uptime/Expires
Interface state:
Interface, Next-Hop or VCD, State/Mode
(*, 239.1.1.1), 00:21:36/stopped, RP 1.1.1.1, flags: SJC
Incoming interface: Loopback1, RPF nbr 1.1.1.1, using vrf source
Outgoing interface list:
GigabitEthernet0/0/1, Forward/Sparse, 00:21:36/00:02:43
(10.1.1.1, 239.1.1.1), 00:03:55/stopped, flags: T
Incoming interface: GigabitEthernet0/0/0, RPF nbr 0.0.0.0, using vrf source
Outgoing interface list:
GigabitEthernet0/0/1, Forward/Sparse, 00:03:55/00:02:43
ASR1002-1#show ip mroute vrf source 239.1.1.1
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed,
Q - Received BGP S-A Route, q - Sent BGP S-A Route,
V - RD & Vector, v - Vector, p - PIM Joins on route,
x - VxLAN group, c - PFP-SA cache created entry,
* - determined by Assert
Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.1.1.1), 00:22:36/stopped, RP 1.1.1.1, flags: SJCFE
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null
Extranet receivers in vrf receiver:
(*, 239.1.1.1), 00:21:54/stopped, RP 1.1.1.1, OIF count: 1, flags: SJC
(10.1.1.1, 239.1.1.1), 00:04:14/00:02:55, flags: FTE
Incoming interface: GigabitEthernet0/0/0, RPF nbr 0.0.0.0
Outgoing interface list: Null
Extranet receivers in vrf receiver:
(10.1.1.1, 239.1.1.1), 00:04:14/stopped, OIF count: 1, flags: T
ASR1002-1#show ip mfib vrf receiver 239.1.1.1
Entry Flags: C - Directly Connected, S - Signal, IA - Inherit A flag,
ET - Data Rate Exceeds Threshold, K - Keepalive
DDE - Data Driven Event, HW - Hardware Installed
ME - MoFRR ECMP entry, MNE - MoFRR Non-ECMP entry, MP - MFIB
MoFRR Primary, RP - MRIB MoFRR Primary, P - MoFRR Primary
MS - MoFRR Entry in Sync, MC - MoFRR entry in MoFRR Client.
I/O Item Flags: IC - Internal Copy, NP - Not platform switched,
NS - Negate Signalling, SP - Signal Present,
A - Accept, F - Forward, RA - MRIB Accept, RF - MRIB Forward,
MA - MFIB Accept, A2 - Accept backup,
RA2 - MRIB Accept backup, MA2 - MFIB Accept backup
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts: Total/RPF failed/Other drops
I/O Item Counts: HW Pkt Count/FS Pkt Count/PS Pkt Count Egress Rate in pps
VRF receiver
(*,239.1.1.1) Flags: C HW
SW Forwarding: 0/0/0/0, Other: 0/0/0
HW Forwarding: 0/0/0/0, Other: 1/1/0
GigabitEthernet0/0/1 Flags: NS
(10.1.1.1,239.1.1.1) Flags: HW
SW Forwarding: 0/0/0/0, Other: 0/0/0
HW Forwarding: 15/0/94/0, Other: 0/0/0
GigabitEthernet0/0/1 Flags: NS
此外,VRF接收器RIB中没有用于RP和源IP的单播条目。
ASR1002-1#show ip route vrf receiver 1.1.1.1
Routing Table: receiver % Network not in table
ASR1002-1#show ip route vrf receiver 10.1.1.1
Routing Table: receiver % Network not in table
因此,RPF显示为失败,但是,组播流量将被转发。
ASR1002-1#show ip rpf vrf receiver 1.1.1.1
failed, no route exists
ASR1002-1#show ip rpf vrf receiver 10.1.1.1
failed, no route exists
实现这一点还有另一种方法,具体如下:
ip mroute vrf receiver 10.1.1.0 255.255.255.0 fallback-lookup vrf source
ip mroute vrf receiver 1.1.1.1 255.255.255.255 fallback-lookup vrf source
这样,RPF检查将成功。
ASR1002-1#show ip rpf vrf receiver 1.1.1.1
RPF information for ? (1.1.1.1)
RPF interface: Loopback1
RPF neighbor: ? (1.1.1.1) - directly connected
RPF route/mask: 1.1.1.1/32
RPF type: multicast (connected)
Doing distance-preferred lookups across tables
Using Extranet RPF Rule: Static Fallback Lookup, RPF VRF: source
RPF topology: ipv4 multicast base
ASR1002-1#show ip rpf vrf receiver 10.1.1.1
RPF information for ? (10.1.1.1)
RPF interface: GigabitEthernet0/0/0
RPF neighbor: ? (10.1.1.1) - directly connected
RPF route/mask: 10.1.1.0/24
RPF type: multicast (connected)
Doing distance-preferred lookups across tables
Using Extranet RPF Rule: Static Fallback Lookup, RPF VRF: source
RPF topology: ipv4 multicast base
但是,您可以使用RPF select或fallback lookup命令,这两种命令最终都能实现我们的目的。
故障排除
目前没有针对此配置的故障排除信息。
修订历史记录
| 版本 | 发布日期 | 备注 |
|---|---|---|
1.0 |
25-Nov-2021 |
初始版本 |
反馈