From: Jian Gu (guxiaojian@gmail.com)
Date: Thu Oct 20 2005 - 14:21:37 GMT-3
Brian,
I think the priority should be defined in "ip pim rp-candidate", since BSR
does not do arbitration.
Jian
On 10/20/05, Brian McGahan <bmcgahan@internetworkexpert.com> wrote:
>
> Ryan,
>
> You can use the "priority" option of the "ip pim bsr-candidate"
> command to accomplish this with bootstrap router. It is similar to
> auto-rp but is a standards based protocol.
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/
> fiprmc_r/mult/1rfmult2.htm#wp1019473
>
> HTH,
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > The Great Ryan
> > Sent: Thursday, October 20, 2005 11:44 AM
> > To: Brian McGahan
> > Cc: Eugene Ward; guxiaojian@gmail.com; ccielab@groupstudy.com
> > Subject: Re: Use of "ip pim rp-announce-filter"
> >
> > Thanks for your decision on my group-list question.
> >
> > Besides, I have a situation to elect RP with multiple potential RPs
> >
> > R3---R2
> > |
> > R1
> >
> > RP of R1 = 1.1.1.1 <http://1.1.1.1>
> > RP of R2 = 2.2.2.2 <http://2.2.2.2>
> >
> > R1 and R2 are RP-announce routers for group
224.0.0.0/7<http://224.0.0.0/7>, R3 as
> > mapping agent will choose RP with highest IP as winner (i.e. R2) . If
> > the winner is down, mapping agent will switch RP to the lower IP RP.
> >
> > Is there any option/parameter for mapping agent to choose R1 as winner
> > first ? As Brain said, use of "ip pim rp-announce-filter" will filter
> > potential RP permanently. Thus I don't think "ip pim
> > rp-announce-filter" can do that. Any other command can do that ?
> >
> >
> > Regards,
> > Ryan
> >
> > 2005/10/21, Brian McGahan <bmcgahan@internetworkexpert.com>:
> > > > On the mapping agent side, suppose you had three routers
> advertising
> > > > themselves as RPs for the 239.0.0.0/8 <http://239.0.0.0/8> range.
> You could use the
> > > "rp-list"
> > > > option to specify which routers are allowed to be RPs. Also, you
> > > could
> > > > use the "group-list" option in conjunction with the "rp-list"
> option
> > > in
> > > > the "rp-announce-filter" message to specify a particular RP with a
> > > > particular range. For example (on the mapping agent):
> > >
> > > If by this you mean that a candidate RP can announce
> 224.0.0.0/4 <http://224.0.0.0/4>
> > > and the rp-announce-filter can limit them to
224.0.0.0/5<http://224.0.0.0/5>,
> no. The
> > > rp-announce-filter is used to either accept or reject an RP, along
> with
> > > the groups it is announcing. If RP "X" is advertising groups
> > > 224.0.0.0/5 <http://224.0.0.0/5>, and mapping agent "Y" wants RP X and
> only RP X to
> service
> > > these groups there must be matching access-list logic on both X and
> Y
> > > for this range, along with an additional filter on Y assigning
> > > 224.0.0.0/5 <http://224.0.0.0/5> to no other RPs.
> > >
> > > You would *assume* that the correct logic would be that the
> > > candidate RPs could just announce 224.0.0.0/4 <http://224.0.0.0/4> and
> the mapping agent
> > > could sort through it, but it doesn't work that way. Think of this
> > > feature instead as a way to prevent arbitrary devices from
> advertising
> > > themselves as candidate RPs for your auto-rp domain.
> > >
> > >
> > > HTH,
> > >
> > > Brian McGahan, CCIE #8593
> > > bmcgahan@internetworkexpert.com
> > >
> > > Internetwork Expert, Inc.
> > > http://www.InternetworkExpert.com
> > > Toll Free: 877-224-8987 x 705
> > > Outside US: 775-826-4344 x 705
> > > 24/7 Support: http://forum.internetworkexpert.com
> > > Live Chat: http://www.internetworkexpert.com/chat/
> > >
> > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
> Behalf
> > > Of
> > > > Eugene Ward
> > > > Sent: Thursday, October 20, 2005 5:59 AM
> > > > To: pv.ryan@gmail.com
> > > > Cc: guxiaojian@gmail.com; ccielab@groupstudy.com
> > > > Subject: Re: Use of "ip pim rp-announce-filter"
> > > >
> > > > Ryan,
> > > >
> > > > The "group-list" option in the "send-rp-announce" message is to
> limit
> > > the
> > > > subset of groups advertised by a potential RP. For example, if
> you
> > > did
> > > > not use the "group-list" option, the router would advertise itself
> as
> > > an
> > > > RP for the whole 224.0.0.0/4 <http://224.0.0.0/4> multicast range.
> However, let's say
> that
> > > you
> > > > only want the router to be an RP for the
239.0.0.0/8<http://239.0.0.0/8>range; then
> use
> > > the
> > > > "group-list" to reference an ACL matching only that range.
> > > >
> > > > On the mapping agent side, suppose you had three routers
> advertising
> > > > themselves as RPs for the 239.0.0.0/8 <http://239.0.0.0/8> range.
> You could use the
> > > "rp-list"
> > > > option to specify which routers are allowed to be RPs. Also, you
> > > could
> > > > use the "group-list" option in conjunction with the "rp-list"
> option
> > > in
> > > > the "rp-announce-filter" message to specify a particular RP with a
> > > > particular range. For example (on the mapping agent):
> > > >
> > > > ip pim rp-announce-filter rp-list 1 group-list 11
> > > > ip pim rp-announce-filter rp-list 2 group-list 12
> > > >
> > > > access-list 1 permit 4.4.4.4 <http://4.4.4.4>
> > > > access-list 2 permit 7.7.7.7 <http://7.7.7.7>
> > > > access-list 11 permit 239.0.0.0 <http://239.0.0.0>
0.255.255.255<http://0.255.255.255>
> > > > access-list 12 permit 224.0.0.0 <http://224.0.0.0>
0.255.255.255<http://0.255.255.255>
> > > >
> > > > 4.4.4.4 <http://4.4.4.4> is the RP for the 239/8 range, while
> 7.7.7.7 <http://7.7.7.7> is the RP for
> the
> > > > 224/8 range.
> > > >
> > > > Lastly, (I semi-remember how this works), if the "group-list"
> option
> > > is
> > > > used with the "rp-announce-filter" command, then the "group-list"
> > > > advertised by the RP needs to line up with the "group-list" on the
> > > mapping
> > > > agent. I'm sure someone will correct me if I have missed
> anything.
> > > >
> > > > HTH,
> > > >
> > > > Eugene
> > > >
> > > >
> ----------------------------------------------------------------------
> > > >
> > > >
> > > > Ok. the "group-list" option in rp-announce-filter is used for
> > > > security
> > > > reason. I want to know what is the use of "group-list" option in
> > > > rp-send-announce ?
> > > >
> > > > I only know that group-list option is used to limit the join-group
> > > > access of RP. But not sure the result when use "group-list" in
> > > > "rp-announce-filter" and "rp-send-announce".
> > > >
> > > >
> > > > Thanks!
> > > > Ryan
> > > >
> > > >
> > > > 2005/10/20, Jian Gu <guxiaojian@gmail.com>:
> > > > > ip pim rp-announce-filter should always be configured on mapping
> > > agents,
> > > > > what you've configured on RP (group-list etc) is irrelavent, the
> > > command
> > > > is
> > > > > there mainly for security reason, immagine what will happen if a
> RP
> > > is
> > > > > adverstising bogus RP-address.
> > > > >
> > > > >
> > > > > On 10/19/05, The Great Ryan <pv.ryan@gmail.com> wrote:
> > > > > >
> > > > > > Hi, Group,
> > > > > >
> > > > > > ---(e0)R1(s1)------(s1)R2(e0)---
> > > > > >
> > > > > >
> > > > > > I setup a lab for RP Filtering by using Auto-RP
> > > > > > R1 acts as RP announcement
> > > > > > R2 acts as mapping agent
> > > > > >
> > > > > > In R1, I already limit the use of RP by access-list 11 (i.e.
> > > > 224.0.0.0 <http://224.0.0.0>
> > > > > > 7.255.255.255 <http://7.255.255.255>)
> > > > > > Is it necessary to also set a RP-filter on the mapping agent
> to
> > > > limit
> > > > > > the use of RP?
> > > > > > I have no idea where I should put "ip pim
> > > > rp-announce-filter" in
> > > > > > multicast network. Thanks !
> > > > > >
> > > > > > Ryan
> > > > > > =======================================
> > > > > > R2#show ip pim rp mapping
> > > > > > PIM Group-to-RP Mappings
> > > > > > This system is an RP-mapping agent (Loopback0)
> > > > > >
> > > > > > Group(s) 224.0.0.0/5 <http://224.0.0.0/5>
> > > > > > RP 172.16.1.1 <http://172.16.1.1> (?), v2v1
> > > > > > Info source: 172.16.1.1 <http://172.16.1.1> (?), elected via
> Auto-RP
> > > > > > Uptime: 00:20:11, expires: 00:02:48
> > > > > >
> > > > > > ================R1 Config========================
> > > > > >
> > > > > > interface Loopback 0
> > > > > > ip address 172.16.1.1 <http://172.16.1.1>
255.255.255.0<http://255.255.255.0>
> > > > > > interface serial 1
> > > > > > ip pim sparse-dense-mode
> > > > > > !
> > > > > > ip pim send-rp-announce Loopback0 scope 15 group-list 11
> > > > > > access-list 11 permit 224.0.0.0 <http://224.0.0.0>
7.255.255.255<http://7.255.255.255>
> > > > > > ================R2 Config========================
> > > > > > R2
> > > > > >
> > > > > > interface s1
> > > > > > ip pim sparse-dense-mode
> > > > > > !
> > > > > > ip pim send-rp-discovery Loopback0 scope 15
> > > > > > ip pim rp-announce-filter rp-list 1 group-list 11
> > > > > > access-list 1 permit 172.16.1.1 <http://172.16.1.1>
> > > > > > access-list 11 permit 224.0.0.0 <http://224.0.0.0>
7.255.255.255<http://7.255.255.255>
> > > >
> > > >
> > > >
> ___________________________________________________________________
> > > > Try Juno Platinum for Free! Then, only $9.95/month!
> > > > Unlimited Internet Access with 250MB of Email Storage.
> > > > Visit http://www.juno.com/value to sign up today!
> > > >
> > > >
> > >
> _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sun Nov 06 2005 - 22:00:51 GMT-3