From: Bit Gossip (bit.gossip@chello.nl)
Date: Thu Aug 16 2007 - 15:34:35 ART
Indeed the only way I can get it to work is the following: if I try to
squeeze the ACL with non consecutive statements it breaks
I agree that acl 99 is not elegant at all ....
BTW is it really necessary to deny aoto-rp groups? Certainly it doesn4t
arm....
Bit.
~~~~~~~~~~~~~~~~R1:
ip pim send-rp-announce Async65 scope 16 group-list 99
!
access-list 99 deny 224.0.1.39
access-list 99 deny 224.0.1.40
access-list 99 permit 224.0.0.0 0.255.255.255
access-list 99 permit 225.0.0.0 0.255.255.255
access-list 99 permit 226.0.0.0 0.255.255.255
access-list 99 permit 227.0.0.0 0.255.255.255
access-list 99 permit 228.0.0.0 0.255.255.255
access-list 99 permit 229.0.0.0 0.255.255.255
access-list 99 permit 230.0.0.0 0.255.255.255
access-list 99 permit 231.0.0.0 0.255.255.255
access-list 99 permit 232.0.0.0 0.255.255.255
access-list 99 permit 233.0.0.0 0.255.255.255
access-list 99 permit 234.0.0.0 0.255.255.255
access-list 99 permit 235.0.0.0 0.255.255.255
access-list 99 permit 236.0.0.0 0.255.255.255
access-list 99 permit 237.0.0.0 0.255.255.255
access-list 99 permit 238.0.0.0 0.255.255.255
access-list 99 permit 239.0.0.0 0.255.255.255
!
~~~~~~~~~~~~~~~R2
ip pim send-rp-announce Serial4/1 scope 16 group-list 99
!
access-list 99 deny 224.0.1.39
access-list 99 deny 224.0.1.40
access-list 99 permit 224.0.0.0 0.255.255.255
access-list 99 permit 225.0.0.0 0.255.255.255
access-list 99 permit 226.0.0.0 0.255.255.255
access-list 99 permit 227.0.0.0 0.255.255.255
access-list 99 permit 228.0.0.0 0.255.255.255
access-list 99 permit 229.0.0.0 0.255.255.255
access-list 99 permit 230.0.0.0 0.255.255.255
access-list 99 permit 231.0.0.0 0.255.255.255
access-list 99 permit 232.0.0.0 0.255.255.255
access-list 99 permit 233.0.0.0 0.255.255.255
access-list 99 permit 234.0.0.0 0.255.255.255
access-list 99 permit 235.0.0.0 0.255.255.255
access-list 99 permit 236.0.0.0 0.255.255.255
access-list 99 permit 237.0.0.0 0.255.255.255
access-list 99 permit 238.0.0.0 0.255.255.255
access-list 99 permit 239.0.0.0 0.255.255.255
~~~~~~~~~~~~~~~R3
ip pim send-rp-discovery Loopback0 scope 16
ip pim rp-announce-filter rp-list 1 group-list 11
ip pim rp-announce-filter rp-list 2 group-list 12
!
access-list 1 permit 1.1.1.1
access-list 2 permit 2.2.2.2
access-list 11 permit 1.0.0.0 254.255.255.255
access-list 12 permit 0.0.0.0 254.255.255.255
!
R3#show ip pim rp mapping
PIM Group-to-RP Mappings
This system is an RP-mapping agent (Loopback0)
Group(s) 224.0.0.0/8
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 00:33:11, expires: 00:02:46
Group(s) 225.0.0.0/8
RP 1.1.1.1 (?), v2v1
Info source: 1.1.1.1 (?), elected via Auto-RP
Uptime: 00:33:10, expires: 00:02:50
Group(s) 226.0.0.0/8
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 00:33:11, expires: 00:02:47
Group(s) 227.0.0.0/8
RP 1.1.1.1 (?), v2v1
Info source: 1.1.1.1 (?), elected via Auto-RP
Uptime: 00:33:10, expires: 00:02:50
Group(s) 228.0.0.0/8
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 00:33:11, expires: 00:02:45
Group(s) 229.0.0.0/8
RP 1.1.1.1 (?), v2v1
Info source: 1.1.1.1 (?), elected via Auto-RP
Uptime: 00:33:12, expires: 00:02:44
Group(s) 230.0.0.0/8
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 00:33:13, expires: 00:02:46
Group(s) 231.0.0.0/8
RP 1.1.1.1 (?), v2v1
Info source: 1.1.1.1 (?), elected via Auto-RP
Uptime: 00:33:12, expires: 00:02:44
Group(s) 232.0.0.0/8
RP 2.2.2.2 (?), v2v1
Info source: 2.2.2.2 (?), elected via Auto-RP
Uptime: 00:33:13, expires: 00:02:45
..........
----- Original Message -----
From: "Derek Pocoroba" <dpocoroba@gmail.com>
To: "Bajo" <bajoalex@gmail.com>
Cc: "Joseph Brunner" <joe@affirmedsystems.com>; "Prasad Shemrudkar
(pshemrud)" <pshemrud@cisco.com>; "Cisco certification"
<ccielab@groupstudy.com>
Sent: Thursday, August 16, 2007 5:55 AM
Subject: Re: AutoRP filter-list
> Consecutive ACL's will work for auto-rp, yes
>
> ip access-list standard PIM
> per 224.0.0.0 3.255.255.255
>
> is a valid example
>
> -Derek
>
> On 8/15/07, Bajo <bajoalex@gmail.com> wrote:
>>
>> Agree Derek,
>>
>> Am about to lab this but according to Williamson's Multicast book, the
>> hash value for the group has to be consecutive.......
>>
>> On 8/15/07, Derek Pocoroba <dpocoroba@gmail.com> wrote:
>> > I dont think you can get this granular when it comes to filtering the
>> > announcements with auto-rp. Basically the RP will announce itself for
>> > 224.0.0.0/4. I have seen other tasks asking to use the minimal amount
>> > of
>> > lines needed on the ACL. In those cases though you they were usually
>> > sequential groups. however in this case you cant use the ODD / EVEN
>> ACL's.
>> >
>> > -Derek
>> > CCIE #18559
>> >
>> > On 8/15/07, Joseph Brunner <joe@affirmedsystems.com> wrote:
>> > >
>> > > Are 150.1.1.1, and 150.1.2.2 known via the routing table on R3?
>> > >
>> > > Do all loopback interfaces have "ip pim sparse-mode" configured?
>> > >
>> > > Do a debug ip mpacket detail on R3, keep it running for a bit and
>> > > post
>> it.
>> > >
>> > > thanks
>> > >
>> > > Joe
>> > >
>> > >
>> > > -----Original Message-----
>> > > From: Prasad Shemrudkar (pshemrud) [mailto:pshemrud@cisco.com]
>> > > Sent: Wednesday, August 15, 2007 6:19 PM
>> > > To: Joseph Brunner; Cisco certification
>> > > Subject: RE: AutoRP filter-list
>> > >
>> > > Hey Joseph,
>> > >
>> > > Sorry, my fault I should have given the whole picture at the first
>> > > instance itself, but thought I was messing it up in some very basic
>> ACL
>> > > config, hence limited myself. Any case, below the full picture:
>> > >
>> > > Running sparse mode, with autorp-listner on all the 3 routers.
>> > >
>> > > R3:
>> > >
>> > > !
>> > > ip pim autorp listener
>> > > ip pim send-rp-discovery Loopback0 scope 32
>> > > ip pim rp-announce-filter rp-list R1 group-list EVEN
>> > > ip pim rp-announce-filter rp-list R2 group-list ODD
>> > > !
>> > > !
>> > > ip access-list standard EVEN
>> > > permit 0.0.0.0 254.255.255.255
>> > > ip access-list standard ODD
>> > > permit 1.0.0.0 254.255.255.255
>> > > ip access-list standard R1
>> > > permit 150.1.1.1
>> > > ip access-list standard R2
>> > > permit 150.1.2.2
>> > > !
>> > > !
>> > >
>> > > R2:
>> > >
>> > > !
>> > > ip pim autorp listener
>> > > ip pim send-rp-announce Loopback0 scope 16 group-list ODD
>> > > !
>> > > !
>> > > ip access-list standard ODD
>> > > permit 1.0.0.0 254.255.255.255
>> > > !
>> > >
>> > > R1:
>> > >
>> > > !
>> > > ip pim autorp listener
>> > > ip pim send-rp-announce Loopback0 scope 16 group-list EVEN
>> > > !
>> > > !
>> > > ip access-list standard EVEN
>> > > permit 0.0.0.0 254.255.255.255
>> > > !
>> > > !
>> > >
>> > > Below a few debug and show commands output:
>> > >
>> > > Rack1R3(config-std-nacl)#
>> > > 05:14:09: Auto-RP(0): Received RP-announce, from 150.1.1.1, RP_cnt 1,
>> ht
>> > > 181
>> > > 05:14:09: Auto-RP(0): Received RP-announce, from 150.1.1.1, RP_cnt 1,
>> ht
>> > > 181
>> > > Rack1R3(config-std-nacl)#
>> > > 05:14:23: Auto-RP(0): Build RP-Discovery packet
>> > > Rack1R3(config-std-nacl)#
>> > > 05:14:39: Auto-RP(0): Received RP-announce, from 150.1.2.2, RP_cnt 1,
>> ht
>> > > 181
>> > > 05:14:39: Auto-RP(0): Filtered 224.0.0.0/4 for RP 150.1.2.2
>> > > 05:14:39: Auto-RP(0): Received RP-announce, from 150.1.2.2, RP_cnt 1,
>> ht
>> > > 181
>> > > 05:14:39: Auto-RP(0): Filtered 224.0.0.0/4 for RP 150.1.2.2
>> > >
>> > > Rack1R3(config-std-nacl)#do sh ip pim rp ma
>> > > PIM Group-to-RP Mappings
>> > > This system is an RP-mapping agent (Loopback0)
>> > >
>> > > Rack1R3(config-std-nacl)#
>> > >
>> > > TIA,
>> > > Prasad
>> > > -----Original Message-----
>> > > From: Joseph Brunner [mailto:joe@affirmedsystems.com]
>> > > Sent: Thursday, August 16, 2007 3:37 AM
>> > > To: Prasad Shemrudkar (pshemrud); 'Cisco certification'
>> > > Subject: RE: AutoRP filter-list
>> > >
>> > > Please post the rest of the config... we'll hammer it out and see
>> what's
>> > > wrong... those are first octet odd/evens...
>> > >
>> > > Are you running sparse mode, dense mode, or sparse-dense mode on the
>> > > interfaces?
>> > >
>> > > If you are running sparse-mode did you remember to add
>> > > "ip pim auto-rp listener"?
>> > >
>> > > How are you seeing failure?
>> > >
>> > > Did you do "show ip pim rp" from the MA?
>> > >
>> > > -Joe
>> > >
>> > > -----Original Message-----
>> > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
>> Of
>> > > Prasad Shemrudkar (pshemrud)
>> > > Sent: Wednesday, August 15, 2007 5:39 PM
>> > > To: Cisco certification
>> > > Subject: AutoRP filter-list
>> > >
>> > > Hi,
>> > >
>> > > R1, R2 and R3 are running auto-rp. R3 is the MA with R1 and R2 being
>> the
>> > > candidate RPs. Task requires you to configure R3 to map first octet
>> odd
>> > > to R2 and first octet even to R1.
>> > >
>> > > I am using the following group-list on all 3:
>> > >
>> > > ip access-list standard EVEN
>> > > permit 0.0.0.0 254.255.255.255
>> > > ip access-list standard ODD
>> > > permit 1.0.0.0 254.255.255.255
>> > >
>> > > but the MA fails to map the discovery packets. I do not understand
>> > > what's wrong with the ACL?
>> > >
>> > > Prasad
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> > >
>> > >
>> _______________________________________________________________________
>> > > Subscription information may be found at:
>> > > http://www.groupstudy.com/list/CCIELab.html
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>>
>>
>> --
>> Kind Regards,
>>
>> Bajo
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Sep 01 2007 - 11:32:11 ART