From: Sameh El Tawil (eltawil@free.fr)
Date: Mon Nov 15 2004 - 19:28:39 GMT-3
Hi Al,
I tried to use your solution but it only worked after a little modification.
When I applied the configs you gave below, the Rp 150.1.5.5 was not
appearing in the mappings at all.. I wonder if there is something wrong with
my IOS version ?? I have tried the config on a 2612 with 12.2(26) (as a MA)
and a 2610 with 12.2(15)T13 with the same result. What are your IOS verions?
The only way I could get it to work was to add a group-list with the
send-rp-announce command on 150.1.5.5 that only permits 239.0.0.0/8.
On the other hand, I have found another workaround. That is to filter at the
RP end without filtering at the MA, but instead of using an acces list with
a deny statement I used an access list with only permit statements.
ip access-list standard not_admin_scoped
permit 224.0.0.0 7.255.255.255
permit 232.0.0.0 6.255.255.255
permit 236.0.0.0 0.255.255.255
permit 237.0.0.0 0.255.255.255
I still find it very mysterious the way ACLs are applied to the
send-rp-announce and rp-announce-filter commands. The announcements
themselves carry an ip address + prefix length. But how is this deduced from
an ACL? and how are they matched against the filter on the MA. I'd really
appreciate if the gurus on the lsit would shed some light..
Thanks,
Sameh
----- Original Message -----
From: "none" <alsontra@hotmail.com>
To: "'none'" <alsontra@hotmail.com>; "'Sameh El Tawil'" <eltawil@free.fr>;
<ccielab@groupstudy.com>
Sent: Sunday, November 14, 2004 5:47 PM
Subject: RE: auto-rp help needed - one more detail
> Oops!! the "sh ip pim rp map" should be:
>
>
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 224.0.0.0/4
> RP 150.1.4.4 (?), v2v1
> Info source: 150.1.4.4 (?), elected via Auto-RP
> Uptime: 00:08:00, expires: 00:00:03
> Group(s) 239.0.0.0/8
> RP 150.1.5.5 (?), v2v1
> Info source: 150.1.5.5 (?), elected via Auto-RP
> Uptime: 00:04:22, expires: 00:00:03
>
> Al
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
none
> Sent: Sunday, November 14, 2004 10:36 AM
> To: 'Sameh El Tawil'; ccielab@groupstudy.com
> Subject: RE: auto-rp help needed - one more detail
>
> Try filtering the 239.0.0.0/8 net at the mapping agent. Heck, filter all
> RPs.
>
> Something like below:
>
> ip pim send-rp-discovery Loopback0 scope 16
> ip pim rp-announce-filter rp-list 1 group-list 2
> ip pim rp-announce-filter rp-list 3 group-list 4
> !
> !
> access-list 1 permit 150.1.4.4
> access-list 2 deny 239.0.0.0 0.255.255.255
> access-list 2 permit 224.0.0.0 15.255.255.255
> access-list 3 permit 150.1.5.5
> access-list 4 permit 239.0.0.0 0.255.255.255
> !
> Your debug will then show you that you're filtering 150.1.4.4 for
> 239.0.0.0/8, as is shown below:
>
> 1 11:43:32.105: Auto-RP(0): Filtered -239.0.0.0/8 for RP 150.1.4.4
>
> The output of sh ip pim rp map should be as follows:
>
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 224.0.0.0/4
> RP 10.1.60.6 (?), v2v1
> Info source: 150.1.4.4 (?), elected via Auto-RP
> Uptime: 00:08:00, expires: 00:00:03
> Group(s) 239.0.0.0/8
> RP 150.1.5.5 (?), v2v1
> Info source: 150.1.5.5 (?), elected via Auto-RP
> Uptime: 00:04:22, expires: 00:00:03
>
>
>
> Or at least that's my understanding? I "labbed" this rather quickly, so
> please excuse typing mistakes. Can anyone confirm?
>
>
> HTH
> Al
>
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Sameh El Tawil
> Sent: Sunday, November 14, 2004 4:55 AM
> To: ccielab@groupstudy.com
> Subject: auto-rp help needed - one more detail
>
> Just one more detail to be precise. Actually the group mappings start off
> like this when the announcement from the RP for 239/8 (10.1.99.2) is heard
> first at the MA:
>
> R2#sh ip pim rp map
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback99)
>
> Group(s) 224.0.0.0/4
> RP 10.1.60.6 (?), v2v1
> Info source: 10.1.60.6 (?), elected via Auto-RP
> Uptime: 00:00:25, expires: 00:01:04
> Group(s) (-)239.0.0.0/8
> RP 10.1.99.2 (?), v2v1
> Info source: 10.1.99.2 (?), elected via Auto-RP
> Uptime: 00:00:27, expires: 00:01:01
> RP 10.1.60.6 (?), v2v1
> Info source: 10.1.60.6 (?), via Auto-RP
> Uptime: 00:00:25, expires: 00:01:04
> R2#
>
> Then after a few mintues, the announcement from 10.1.99.2 is removed
(seems
> that the following announcements from the same RP do not refresh it for
some
> reason). We converge to this:
>
> R2#sh ip pim rp map
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback99)
>
> Group(s) 224.0.0.0/4
> RP 10.1.60.6 (?), v2v1
> Info source: 10.1.60.6 (?), elected via Auto-RP
> Uptime: 00:02:16, expires: 00:01:14
> Group(s) (-)239.0.0.0/8
> RP 10.1.60.6 (?), v2v1
> Info source: 10.1.60.6 (?), elected via Auto-RP
> Uptime: 00:02:16, expires: 00:01:14
> R2#
>
> ----- Original Message -----
> From: "Sameh El Tawil" <eltawil@free.fr>
> To: <ccielab@groupstudy.com>
> Sent: Sunday, November 14, 2004 11:36 AM
> Subject: auto-rp help needed
>
>
> > Hi Guys,
> >
> > I have been pulling my hair out for 2 days now trying to make a
(normally)
> > basic auto RP config work. I am trying to build the case where one RP is
> > chosen for the administrativly scoped addresses and another performs RP
> > function for all other muticast groups.
> >
> > The problem I am facing is that the RP announcing the 239.0.0.0/8 range
is
> not
> > installed in the mapping. Instead when I look at the mapping agent I
find
> a
> > mapping for this range with a minus (-) sign bound to the global RP. I
> have
> > run several debugs, the RP announcements are all received at the mapping
> > agent. This announcement coming with a minus sign worries me... am I
doing
> > something wrong with the access list used with the send-rp-announce
> statement
> > ?? If anyone has encountered this behaviour before please help.
> >
> > Enough talking now let me show you some output. The topology looks like
> this:
> >
> > [R1 (rp for global scope)]---ethernet---[R2
> (MA)]--ethernet--[R3]--serial--[R4
> > (RP for 239/8)]
> >
> > The routing protocol is eigrp, sparse-dense-mode is used on all
> interfaces.
> >
> > R1 config:
> > --------------
> > interface Loopback0
> > ip address 10.1.60.6 255.255.255.0
> > ip pim sparse-mode
> > !
> > ip pim send-rp-announce Loopback0 scope 64 group-list not_admin_scoped
> > interval 30
> > !
> > ip access-list standard not_admin_scoped
> > deny 239.0.0.0 0.255.255.255
> > permit 224.0.0.0 15.255.255.255
> >
> > R2 config:
> > --------------
> > interface Loopback99
> > ip address 10.1.99.1 255.255.255.255
> > ip pim sparse-mode
> > !
> > ip pim send-rp-discovery Loopback99 scope 64
> >
> > R4 config:
> > --------------
> > interface Loopback99
> > ip address 10.1.99.2 255.255.255.255
> > !
> > ip pim send-rp-announce Loopback99 scope 64 group-list admin_scoped
> interval
> > 30
> > !
> > ip access-list standard admin_scoped
> > permit 239.0.0.0 0.255.255.255
> > !
> >
> > Here is how the mapping appears (Output from R2):
>
> --------------------------------------------------------------------------
> -
> >
> > PIM Group-to-RP Mappings
> > This system is an RP-mapping agent (Loopback99)
> >
> > Group(s) 224.0.0.0/4
> > RP 10.1.60.6 (?), v2v1
> > Info source: 10.1.60.6 (?), elected via Auto-RP
> > Uptime: 00:36:34, expires: 00:01:24
> > Group(s) (-)239.0.0.0/8
> > RP 10.1.60.6 (?), v2v1
> > Info source: 10.1.60.6 (?), elected via Auto-RP
> > Uptime: 00:36:34, expires: 00:01:25
> >
> > Here is a "debug ip pim auto-rp" on R2 showing annpuncements being
> received
> > from both R1 and R4:
>
> --------------------------------------------------------------------------
> ---
> > ------------------------------------------------------------------
> >
> > 2514#debug ip pim auto
> > PIM Auto-RP debugging is on
> > 2514#
> > *Mar 1 01:46:25: Auto-RP: Build RP-Discovery packet
> > *Mar 1 01:46:25: Auto-RP: Build mapping (224.0.0.0/4, RP:10.1.60.6),
> PIMv2
> > v1,
> > *Mar 1 01:46:25: Auto-RP: Build mapping (-239.0.0.0/8, RP:10.1.60.6),
> PIMv2
> > v1.
> > *Mar 1 01:46:25: Auto-RP: Send RP-discovery packet on Ethernet0 (1 RP
> > entries)
> > *Mar 1 01:46:25: Auto-RP: Send RP-discovery packet on Ethernet1 (1 RP
> > entries)
> > *Mar 1 01:46:25: Auto-RP: Send RP-discovery packet on Loopback99 (1 RP
> > entries)
> > *Mar 1 01:46:25: Auto-RP: Received RP-discovery, from ourselves
> (10.1.99.1),
> > ignored
> > *Mar 1 01:46:25: Auto-RP: Received RP-discovery, from ourselves
> (10.1.99.1),
> > ignored
> > 2514#
> > *Mar 1 01:46:26: Auto-RP: Received RP-announce, from 10.1.99.2, RP_cnt
1,
> ht
> > 91
> > *Mar 1 01:46:26: Auto-RP: Received RP-announce, from 10.1.99.2, RP_cnt
1,
> ht
> > 91
> > *Mar 1 01:46:26: Auto-RP: Received RP-announce, from 10.1.99.2, RP_cnt
1,
> ht
> > 91
> > *Mar 1 01:46:26: Auto-RP: Received RP-announce, from 10.1.99.2, RP_cnt
1,
> ht
> > 91
> > 2514#
> > 2514#
> > 2514#un all
> > All possible debugging has been turned off
> > 2514#sh ip pim rp map
> > PIM Group-to-RP Mappings
> > This system is an RP-mapping agent (Loopback99)
> >
> > Group(s) 224.0.0.0/4
> > RP 10.1.60.6 (?), v2v1
> > Info source: 10.1.60.6 (?), elected via Auto-RP
> > Uptime: 00:02:33, expires: 00:01:24
> > Group(s) (-)239.0.0.0/8
> > RP 10.1.60.6 (?), v2v1
> > Info source: 10.1.60.6 (?), elected via Auto-RP
> > Uptime: 00:02:34, expires: 00:01:24
> > 2514#
> >
> > Best Reagrds,
> > Sameh
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:46 GMT-3