From: Henk de Tombe (henk.de.tombe@qi.nl)
Date: Mon Mar 27 2006 - 10:12:54 GMT-3
That's what I've seen in the output of the debug:
The IOS version I've used is:
IOS (tm) 3700 Software (C3745-JK9O3S-M), Version 12.2(15)T14, RELEASE
SOFTWARE (fc4)
Regards,
Henk
Van: Petr Lapukhov [mailto:petrsoft@gmail.com]
Verzonden: maandag 27 maart 2006 15:07
Aan: Henk de Tombe
CC: CCIE LAB
Onderwerp: Re: multicast helper-map configuration review
Do I get you right:
You point on fact, that even if we specify broadcast address
in "ip multicast-helper map", IOS still uses interface default?
and if we need to change that behavior, we should change
broadcast address on interfacse?
Petr
2006/3/27, Henk de Tombe <henk.de.tombe@qi.nl <mailto:henk.de.tombe@qi.nl>
>:
Hi Group,
I want to ask you something, I've configured the Multicast helper-map.
Configs are posted below:
ROUTER01#sh run
Building configuration...
Current configuration : 2041 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ROUTER01
!
logging queue-limit 100
!
memory-size iomem 10
ip subnet-zero
!
!
ip multicast-routing
ip audit notify log
ip audit po max-events 100
!
!
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.11.1 <http://192.168.11.1> 255.255.255.0
<http://255.255.255.0>
ip pim dense-mode
ip multicast helper-map broadcast 224.11.11.11 <http://224.11.11.11> 100
duplex auto
speed auto
!
interface Serial0/0
ip address 164.1.0.1 <http://164.1.0.1> 255.255.255.0
<http://255.255.255.0>
ip pim dense-mode
encapsulation frame-relay
ip ospf hello-interval 2
ip ospf dead-interval 4
frame-relay map ip 164.1.0.3 <http://164.1.0.3> 103 broadcast
frame-relay map ip 164.1.0.5 <http://164.1.0.5> 105 broadcast
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 164.1.0.1 <http://164.1.0.1> 0.0.0.0 <http://0.0.0.0> area 0
network 192.168.11.1 <http://192.168.11.1> 0.0.0.0 <http://0.0.0.0> area 1
neighbor 164.1.0.3 <http://164.1.0.3> priority 1
!
ip http server
no ip http secure-server
ip classless
!
!
!
access-list 100 permit udp any any eq domain
access-list 100 deny udp any any
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
ROUTER03(config-if)#do sh run
Building configuration...
Current configuration : 2174 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ROUTER03
!
logging queue-limit 100
!
ip subnet-zero
!
!
no ip domain lookup
!
ip multicast-routing
ip audit notify log
ip audit po max-events 100
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.33.3 <http://192.168.33.3> 255.255.255.0
<http://255.255.255.0>
ip broadcast-address 192.168.33.255 <http://192.168.33.255>
ip directed-broadcast
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial1/0
ip address 164.1.0.3 <http://164.1.0.3> 255.255.255.0
<http://255.255.255.0>
ip pim dense-mode
ip multicast helper-map 224.11.11.11 <http://224.11.11.11> 192.168.33.255
<http://192.168.33.255> 100
encapsulation frame-relay
ip ospf hello-interval 2
ip ospf dead-interval 4
no ip mroute-cache
serial restart_delay 0
frame-relay map ip 164.1.0.1 <http://164.1.0.1> 301 broadcast
no frame-relay inverse-arp
frame-relay lmi-type cisco
!
interface Serial1/1
no ip address
shutdown
serial restart_delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart_delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart_delay 0
!
router ospf 1
log-adjacency-changes
network 164.1.0.3 <http://164.1.0.3> 0.0.0.0 <http://0.0.0.0> area 0
network 192.168.33.3 <http://192.168.33.3> 0.0.0.0 <http://0.0.0.0> area 3
!
ip http server
no ip http secure-server
ip classless
!
!
!
access-list 100 permit udp any any eq domain
access-list 100 deny udp any any
Please mind that I have no "ip forward protocol udp 53" statement in the
configuration because this is default configuration.
I've tested the above configuration with the following setup:
switch#host
Translating "host"...domain server (255.255.255.255 <http://255.255.255.255>
)
% Unknown command or computer name, or unable to find computer address
switch#sh log | i Vlan
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan1), len 50,
sending broad/multicast
1d01h: IP: s= 192.168.11.8 <http://192.168.11.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan1), len 50,
sending full packet
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d= 255.255.255.255
<http://255.255.255.255> (Vlan3), len 50,
sending broad/multicast
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 50,
sending full packet
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (Vlan3), d=255.255.255.255
<http://255.255.255.255> , len 50, unroutable
The switch is attached with VLAN1 to ROUTER1 and with VLAN3 to ROUTER3. The
switch tries to translate "host" and sends a broadcast on all VLANS.
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan1), len 50,
sending broad/multicast
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan1), len 50,
sending full packet
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 50,
sending broad/multicast
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 50,
sending full packet
After a split second the following entry appears in the debug information:
1d01h: IP: s= 192.168.11.8 <http://192.168.11.8> (Vlan3), d=255.255.255.255
<http://255.255.255.255> , len 50, unroutable
IP packets of VLAN1 are "wandering" on VLAN3, this means that ROUTER3 has
forwarded the broadcast address. To make this absolutely sure, I've
performed another test:
Switch# debug ip packet det dump
Switch#GROUPSTUDY <----------------------------
switch#SH LOG | b Vlan3
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 56,
sending broad/multicast
1d01h: UDP src=54593, dst=53
074042D0: 45000038 00000000 E..8....
074042E0: FF11DA04 C0A82108 FFFFFFFF D5410035 ..Z.@(!.....UA.5
074042F0: 00240000 005E0100 00010000 00000000 .$...^..........
07404300: 0A47524F 55505354 55445900 00010001 .GROUPSTUDY.....
<--------------------------------------------------------------
07404310:
I was looking in the log file and saw that the destination ip address is
255.255.255.255 <http://255.255.255.255> . I the configuration of ROUTER3
I've configured the
helper-map to send traffic to address 192.168.33.255 <http://192.168.33.255>
, ip multicast
helper-map 224.11.11.11 <http://224.11.11.11> 192.168.33.255
<http://192.168.33.255> 100.
I have to change the ip broadcast-address of the egress interface on
ROUTER3,
ROUTER03#show ip int fa0/0
FastEthernet0/0 is up, line protocol is up
Internet address is 192.168.33.3/24 <http://192.168.33.3/24>
Broadcast address is 255.255.255.255 <http://255.255.255.255>
ROUTER03#conf
*Mar 1 04:31:28.106 : %SYS-5-CONFIG_I: Configured from console by console t
Enter configuration commands, one per line. End with CNTL/Z.
ROUTER03(config)#int fa0/0
ROUTER03(config-if)#ip broad
ROUTER03(config-if)#ip broadcast-address 192.168.33.255
<http://192.168.33.255>
ROUTER03(config-if)#
ROUTER03(config-if)#do sh ip int fa0/0
FastEthernet0/0 is up, line protocol is up
Internet address is 192.168.33.3/24 <http://192.168.33.3/24>
Broadcast address is 192.168.33.255 <http://192.168.33.255>
switch#clear log
Clear logging buffer [confirm]
switch#end
Translating "end"...domain server ( 255.255.255.255 <http://255.255.255.255>
)
% Unknown command or computer name, or unable to find computer address
switch#sh log | i Vlan3
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending broad/multicast
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d= 255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending full packet
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (Vlan3), d=192.168.33.255
<http://192.168.33.255> (Vlan3), len 49, rcvd
local pkt
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending broad/multicast
1d01h: IP: s= 192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending full packet
1d01h: IP: s=192.168.11.8 <http://192.168.11.8> (Vlan3), d= 192.168.33.255
<http://192.168.33.255> (Vlan3), len 49, rcvd
local pkt
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending broad/multicast
1d01h: IP: s=192.168.33.8 <http://192.168.33.8> (local), d=255.255.255.255
<http://255.255.255.255> (Vlan3), len 49,
sending full packet
1d01h: IP: s= 192.168.11.8 <http://192.168.11.8> (Vlan3), d=192.168.33.255
<http://192.168.33.255> (Vlan3), len 49, rcvd
local pkt
The switch now receives broadcasts send to 192.168.33.255
<http://192.168.33.255> .
The ip broadcast-address of the Ethernet interface overrules the helper-map
statement, so if you are asked to send packets to x.x.x.255 you have to
change the interface broadcast address.
The Doc CD doesn't help us much out,
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr
<http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fip
r>
_c/ipcpt3/1cfmulti.htm#wp1003511
<
<http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fip
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fip
r_c/ipcpt3/1cfmulti.htm#wp1003511>
For the ones who have IEWB version 2.0, LAB 8 task 7.8 - 7.9 doesn't have
the ip broadcast address entry as well.
If I'm totally wrong on this one please let me know,
Regards,
Henk
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3