From: Gupta, Gopal (NWCC) (gopal.gupta@hp.com)
Date: Mon Dec 10 2007 - 13:47:15 ART
you have to do "no ip mroute-cache" and then Clear ip cache
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dane Newman
Sent: Monday, December 10, 2007 22:02
To: George Goglidze
Cc: Grabler, Ross (IT); ccielab@groupstudy.com
Subject: Re: Multicast issue
Importance: Low
George,
Thanks for some reasons I can't get my debug to show up on R4 so even
after doing no ip route-cache on the interface so I would have not found
that.
That really is interesting behaviour with dense mode that it does not
care what interface you source it from it just floods it out everyone
and now it does make sense the why the router was able to respond to the
ping. Thanks a ton!
Dane
On 12/10/07, George Goglidze <goglidze@gmail.com> wrote:
>
> Hi Dane,
>
> I've done some homework, and here are the results.
>
> it works that way because you of the nature of DENSE mode pim.
>
> turn on the debug ip packet on R4 and make a ping, we'll see folloing
> (I've got deb ip packet):
>
> R4#ping 225.25.25.25 source f0/0
>
> Type escape sequence to abort.
> Sending 1, 100-byte ICMP Echos to 225.25.25.25, timeout is 2 seconds:
> Packet sent with a source address of 163.1.4.1
>
> *Mar 1 00:05:12.067: IP: s=163.1.4.1 (local),
> d=225.25.25.25(FastEthernet0/0), len 100, sending broad/multicast *Mar
> 1 00:05:12.067: IP: s=163.1.54.1 (local), d=225.25.25.25(Serial1/0),
> len 100, sending broad/multicast *Mar 1 00:05:12.067: IP: s=
> 163.1.45.1 (local), d=225.25.25.25(Serial1/1), len 100, sending
> broad/multicast *Mar 1 00:05:12.459: IP: s=163.1.4.1 (local), d=
> 224.0.1.40(FastEthernet0/0), len 28, sending broad/multicast
>
>
>
> As you see on R4, it's being sent out from all interfaces, and it
> actually takes as a source the interface IP address when it sends the
> packet, although we have done it with source f0/0.
>
> and now on R5 we see this at the same moment: (I've got deb ip packet,
> deb ip mpacket)
>
> *Mar 1 00:16:38.443: IP: tableid=0, s=163.1.45.2 (local), d=
> 163.1.45.1(Serial1/1), routed via RIB *Mar 1 00:16:38.447: IP:
> s=163.1.45.2 (local), d=163.1.45.1 (Serial1/1), len 100, sending *Mar
> 1 00:16:38.451 : IP(0): s=163.1.45.1 (Serial1/1)
> d=225.25.25.25(FastEthernet0/0) id=23, ttl=254, prot=1, len=100(100),
> mforward *Mar 1 00:16:38.523: IP: s= 163.1.54.1 (Serial1/0),
> d=225.25.25.25, len 100, unroutable
>
> As you see we received multicast traffic from two sources:
> 1) 163.1.45.1 and another 163.1.54.1
> and later we see unroutable for s 163.1.54.1 , now this happens
> because we have no PIM enabled on that interface.
>
> 2) we see that the answer is succesfully sent to 163.1.45.1 which is
> ok because it passed the RPF check.
>
>
> I think when in dense mode, and when you do ping with source whatever,
> router does not care about that source, and just sends mcast traffic
> out all interfaces with their corresponding IP addresses as the
> source.
> hence the behavior, the RPF check is fine.
>
> now try do the same on sparce-mode routers, and make one of the
> routers RP.
>
> it will definitely fail.
>
> Hope this helps,
>
> Regards,
>
>
>
>
>
>
>
>
> On Dec 10, 2007 4:06 PM, George Goglidze <goglidze@gmail.com> wrote:
>
> > Hi Mr. Newman,
> >
> > Sorry didn't notice pim config on R5 E0/0.
> > and as well that you did ping with source e0/1.
> >
> > Then it's fine, you're right it should've failed.
> >
> > although from debug output:
> >
> > Rack1R5#debug ip mpack
> > IP multicast packets debugging is on *Mar 2 11:31:25.119: IP(0):
> > s=163.1.45.4 (Serial0/1)
> > d=225.25.25.25(Ethernet0/0) id=127, ttl=254, prot=1, len=100(100),
> >
> >
> > for some reason it still sends multicast traffic with source
163.1.45.4which is your PTP link.
> >
> > that's why it's working.
> >
> > so the question doesn't lie in why RPF does not work, but the
> > question is why it sends traffic with source of Serial interface and
> > not the e0/1 interface.
> >
> > I'll lab it up, hope will find something out.
> >
> > Will reply you as soon as I have some new info.
> >
> > Regards,
> >
> >
> > Now after you've added pim dense mode on R4 E0/0
> >
> >
> > On Dec 10, 2007 3:57 PM, Dane Newman <dnewman@datasc.com> wrote:
> >
> > > Mr Godlidze,
> > >
> > >
> > > Thank you for the response.
> > > R4:
> > > interface Ethernet0/1
> > > ip address 163.1.4.4 255.255.255.0 ip pim dense-mode
> > > half-duplex
> > >
> > > I thought ip pim dense-mode was all I needed to do to enable
> > > multicast on the e0/1 interface? Am I missing something? When i
> > > was pinging I was sourcing from e0/1 not e0/0 cause as per the lab
> > > multicast wass not enabled on e0/0 (vlan 42) only vlan 4 which is
e0/1.
> > >
> > >
> > > Also
> > >
> > > R5:
> > > interface Ethernet0/0
> > > ip address 163.1.5.5 255.255.255.0 ip pim dense-mode ip igmp
> > > join-group 225.25.25.25 half-duplex
> > >
> > > end
> > >
> > > Again I just have pim dense mode enabled and the igmp group joined
> > > to repond to pings. Was there something else I needed to do?
> > >
> > >
> > >
> > >
> > > On 12/10/07, George Goglidze <goglidze@gmail.com> wrote:
> > > >
> > > > Hi There,
> > > >
> > > > You don't have PIM neabled on the Ethernet interface of R4, so
> > > > when you make a ping 225.25.25.25 source e0/0 it does not really
> > > > do ping from e0/0 it makes ping from the point-to-point
> > > > interface, which is the one you have enabled pim dense-mode.
> > > >
> > > > and the other router does answer because RPF check is as a
> > > > matter of fact SUCCESSFULL, becuase your source is as we can
> > > > perfectly see from debug output:
> > > >
> > > > Rack1R5#debug ip mpack
> > > > IP multicast packets debugging is on *Mar 2 11:31:25.119:
> > > > IP(0): s=163.1.45.4 (Serial0/1)
> > > > d=225.25.25.25(Ethernet0/0) id=127, ttl=254, prot=1,
> > > > len=100(100),
> > > >
> > > >
> > > >
> > > > SOURCE: 163.1.45.4
> > > > and this is correct RPF through p-t-p link.
> > > >
> > > >
> > > > Regards,
> > > >
> > > >
> > > > On Dec 10, 2007 3:22 PM, Grabler, Ross (IT)
> > > > <Ross.Grabler@morganstanley.com
> > > > > wrote:
> > > >
> > > > > Send
> > > > > Sh ip mroute 225.25.25.25
> > > > > sh ip mroute 225.25.25.25 count and sh ip rpf (what ever the
> > > > > source is).
> > > > > Sh ip pim neig
> > > > >
> > > > > Also your point to point is not in mcast.
> > > > >
> > > > >
> > > > > Ross Grabler
> > > > > Technology
> > > > > 1 Pierrepont Plaza, 12th Floor | Brooklyn, NY 11201
> > > > > Phone: +1 718 754-5693
> > > > > Ross.Grabler@morganstanley.com
> > > > >
> > > > > -----Original Message-----
> > > > > From: nobody@groupstudy.com [mailto: nobody@groupstudy.com] On
> > > > > Behalf Of Dane Newman
> > > > > Sent: Monday, December 10, 2007 8:44 AM
> > > > > To: ccielab@groupstudy.com
> > > > > Subject: Multicast issue
> > > > >
> > > > > *Hello Experts*
> > > > > **
> > > > > **
> > > > > *My problem is I believe I should be having an RPF failure
> > > > > and have to create a static mroute. The problem is its
> > > > > working and I don't understand why its working when it should
> > > > > not which is a problem in itself. Its probably some silly
> > > > > error or just some concept I don't under/stand grasp yet.
> > > > > This is from internetwork expert lab 9 problem
> > > > > 6.1.*
> > > > > **
> > > > > **
> > > > > *I have R5 which and R4 connected between the frame relay
> > > > > network
> > > > > 163.1.54.0/24 and a point to point link 163.1.45.0/24 *
> > > > > **
> > > > > *vlan 4 is connected to e0/1 on R4 and vlan 5 is connected to
> > > > > e0/0 on
> > > > > R5*
> > > > > **
> > > > > *Below is the show ip route to each of the vlans from the
> > > > > other respective router. Traffic is going across the frame
> > > > > relay link from the output. *
> > > > >
> > > > > Rack1R4#show ip route 163.1.5.0 Routing entry for 163.1.5.0/24
> > > > > Known via "ospf 1", distance 110, metric 74, type intra area
> > > > > Redistributing via rip Advertised by rip metric 5 Last
> > > > > update from 163.1.54.5 on Serial0/0, 00:27:00 ago Routing
> > > > > Descriptor Blocks:
> > > > > * 163.1.54.5, from 5.5.5.5, 00:27:00 ago, via Serial0/0
> > > > > Route metric is 74, traffic share count is 1
> > > > >
> > > > > Rack1R5#show ip route 163.1.4.0 Routing entry for 163.1.4.0/24
> > > > > Known via "ospf 1", distance 110, metric 74, type intra area
> > > > > Last update from 163.1.54.4 on Serial0/0.54, 00:20:34 ago
> > > > > Routing Descriptor Blocks:
> > > > > * 163.1.54.4, from 4.4.4.4, 00:20:34 ago, via Serial0/0.54
> > > > > Route metric is 74, traffic share count is 1
> > > > >
> > > > >
> > > > >
> > > > > *When I ping from R4 to the group it pings back but it should
> > > > > be an RPF failure because it should use the frame relay link
> > > > > but the debug below after the ping shows it used the point to
> > > > > point link*
> > > > >
> > > > >
> > > > > Rack1R4#ping 225.25.25.25 source e0/1
> > > > >
> > > > > Type escape sequence to abort.
> > > > > Sending 1, 100-byte ICMP Echos to 225.25.25.25, timeout is 2
> > > > > seconds:
> > > > > Packet sent with a source address of 163.1.4.4
> > > > >
> > > > > Reply to request 0 from 163.1.45.5, 40 ms
> > > > >
> > > > >
> > > > >
> > > > > Rack1R5#debug ip mpack
> > > > > IP multicast packets debugging is on *Mar 2 11:31:25.119 :
> > > > > IP(0): s=163.1.45.4 (Serial0/1)
> > > > > d=225.25.25.25(Ethernet0/0) id=127, ttl=254, prot=1,
> > > > > len=100(100), mforward
> > > > >
> > > > > *I thought from my limited knowledge multicast routing follows
> > > > > the unicast routing table but how is it then going through the
> > > > > point to point link?*
> > > > > **
> > > > > **
> > > > > **
> > > > > *Here are the full configs*
> > > > >
> > > > >
> > > > > R4
> > > > > version 12.4
> > > > > service timestamps debug datetime msec service timestamps log
> > > > > datetime msec no service password-encryption !
> > > > > hostname Rack1R4
> > > > > !
> > > > > boot-start-marker
> > > > > boot-end-marker
> > > > > !
> > > > > enable password cisco
> > > > > !
> > > > > no aaa new-model
> > > > > !
> > > > > !
> > > > > ip cef
> > > > > no ip domain lookup
> > > > > !
> > > > > !
> > > > > ip multicast-routing
> > > > > !
> > > > > !
> > > > > !
> > > > > key chain 1
> > > > > key 1
> > > > > key-string CISCO
> > > > > !
> > > > > username Rack1R5 password 0 CISCO !
> > > > >
> > > > > !
> > > > > interface Loopback0
> > > > > ip address 150.1.4.4 255.255.255.0 ip ospf network
> > > > > point-to-point ip ospf 1 area 0 !
> > > > > interface Ethernet0/0
> > > > > ip address 192.10.1.4 255.255.255.0 ip rip authentication
> > > > > mode md5 ip rip authentication key-chain 1 no ip route-cache
> > > > > cef no ip route-cache ip summary-address rip 163.1.0.0
> > > > > 255.255.192.0 ip summary-address rip 150.1.0.0 255.255.240.0
> > > > > half-duplex !
> > > > > interface Serial0/0
> > > > > ip address 163.1.54.4 255.255.255.0 encapsulation
> > > > > frame-relay ip ospf network point-to-point frame-relay map
> > > > > ip 163.1.54.5 405 broadcast frame-relay interface-dlci
> > > > > 405
> > > > > class KEEPALIVE
> > > > > no frame-relay inverse-arp
> > > > > !
> > > > > interface Ethernet0/1
> > > > > ip address 163.1.4.4 255.255.255.0 ip pim dense-mode
> > > > > half-duplex !
> > > > > interface Serial0/1
> > > > > ip address 163.1.45.4 255.255.255.0 ip pim dense-mode
> > > > > encapsulation ppp clock rate 56000 ppp authentication pap
> > > > > ppp pap sent-username Rack1R4 password 0 CISCO !
> > > > > router ospf 1
> > > > > router-id 4.4.4.4
> > > > > log-adjacency-changes
> > > > > redistribute rip metric 50 subnets network 163.1.4.4 0.0.0.0
> > > > > area 0 network 163.1.54.4 0.0.0.0 area 0 !
> > > > > router rip
> > > > > version 2
> > > > > redistribute ospf 1 metric 5
> > > > > passive-interface default
> > > > > no passive-interface Ethernet0/0 no passive-interface
> > > > > Ethernet0/1 no passive-interface Serial0/1 network 163.1.0.0
> > > > > network 192.10.1.0 distribute-list prefix SUM out Ethernet0/0
> > > > > distribute-list 8 in Ethernet0/0 distance 109 163.1.45.5
> > > > > 0.0.0.0 4 no auto-summary !
> > > > > router bgp 65004
> > > > > no synchronization
> > > > > bgp log-neighbor-changes
> > > > > bgp confederation identifier 200 bgp confederation peers
> > > > > 65005 65007 neighbor 163.1.45.5 remote-as 65005 neighbor
> > > > > 192.10.1.254 remote-as 254 neighbor 192.10.1.254 password
> > > > > CISCO no auto-summary !
> > > > > ip http server
> > > > > no ip http secure-server
> > > > > !
> > > > > ip forward-protocol nd
> > > > > !
> > > > > !
> > > > > !
> > > > > ip prefix-list FILTER seq 5 permit 163.1.45.5/32 !
> > > > > ip prefix-list SUM seq 5 permit 150.1.0.0/20 ip prefix-list
> > > > > SUM seq 10 permit 163.1.0.0/18 !
> > > > > map-class frame-relay KEEPALIVE frame-relay end-to-end
> > > > > keepalive mode reply access-list 4 permit 150.1.7.0
> > > > > access-list 4 permit 163.1.7.0 access-list 4 permit 10.3.3.0
> > > > > 0.0.0.255 access-list 4 permit 163.1.0.0 0.0.0.255 access-list
> > > > > 4 permit 163.1.3.0 0.0.0.255 access-list 4 permit 163.1.7.0
> > > > > 0.0.0.255
> > > > > access-list 6 deny 10.3.3.3
> > > > > access-list 6 deny 163.1.0.0 0.0.0.255
> > > > > access-list 6 deny 163.1.3.0 0.0.0.255
> > > > > access-list 6 permit any
> > > > > access-list 8 deny any
> > > > > access-list 50 permit 163.1.57.0 !
> > > > > route-map OSPF->RIP deny 10
> > > > > match tag 120 20
> > > > > !
> > > > > route-map OSPF->RIP permit 20
> > > > > set tag 10
> > > > > !
> > > > > route-map RIP->OSPF deny 10
> > > > > match tag 110 10
> > > > > !
> > > > > route-map RIP->OSPF permit 20
> > > > > set tag 20
> > > > > !
> > > > > !
> > > > > !
> > > > > control-plane
> > > > > !
> > > > >
> > > > > line con 0
> > > > > exec-timeout 0 0
> > > > > privilege level 15
> > > > > logging synchronous
> > > > > line aux 0
> > > > > exec-timeout 0 0
> > > > > privilege level 15
> > > > > line vty 0 4
> > > > > password cisco
> > > > > login
> > > > > !
> > > > > !
> > > > > end
> > > > >
> > > > >
> > > > > R5:
> > > > > version 12.4
> > > > > service timestamps debug datetime msec service timestamps log
> > > > > datetime msec no service password-encryption !
> > > > > hostname Rack1R5
> > > > > !
> > > > > boot-start-marker
> > > > > boot-end-marker
> > > > > !
> > > > > enable password cisco
> > > > > !
> > > > > no aaa new-model
> > > > > !
> > > > > !
> > > > > ip cef
> > > > > no ip domain lookup
> > > > > !
> > > > > !
> > > > > ip multicast-routing
> > > > > !
> > > > > username Rack1R4 password 0 CISCO !
> > > > > !
> > > > > interface Loopback0
> > > > > ip address 150.1.5.5 255.255.255.0 ip ospf network
> > > > > point-to-point ip ospf 1 area 0 !
> > > > > interface Tunnel15
> > > > > ip address 163.1.15.5 255.255.255.0 ip ospf mtu-ignore
> > > > > tunnel source Serial0/0.35 tunnel destination 150.1.1.1 !
> > > > > interface Ethernet0/0
> > > > > ip address 163.1.5.5 255.255.255.0 ip pim dense-mode ip
> > > > > igmp join-group 225.25.25.25 half-duplex !
> > > > > interface Serial0/0
> > > > > no ip address
> > > > > encapsulation frame-relay
> > > > > no ip route-cache cef
> > > > > no ip route-cache
> > > > > no frame-relay inverse-arp
> > > > > !
> > > > > interface Serial0/0.35 point-to-point ip address 163.1.35.5
> > > > > 255.255.255.0 no ip route-cache frame-relay interface-dlci
> > > > > 503 !
> > > > > interface Serial0/0.54 point-to-point ip address 163.1.54.5
> > > > > 255.255.255.0 no ip route-cache frame-relay interface-dlci
> > > > > 504 class KEEPALIVE !
> > > > > interface Ethernet0/1
> > > > > ip address 163.1.57.5 255.255.255.0 half-duplex !
> > > > > interface Serial0/1
> > > > > ip address 163.1.45.5 255.255.255.0 ip pim dense-mode
> > > > > encapsulation ppp ppp authentication pap ppp pap
> > > > > sent-username Rack1R5 password 0 CISCO !
> > > > > router ospf 1
> > > > > router-id 5.5.5.5
> > > > > log-adjacency-changes
> > > > > area 0 range 150.1.4.0 255.255.254.0 redistribute rip
> > > > > network 163.1.5.5 0.0.0.0 area 0 network 163.1.15.5 0.0.0.0
> > > > > area 0 network 163.1.35.5 0.0.0.0 area 1 network 163.1.54.5
> > > > > 0.0.0.0 area 0 !
> > > > > router rip
> > > > > version 2
> > > > > passive-interface default
> > > > > no passive-interface Ethernet0/1 no passive-interface
> > > > > Serial0/1 network 163.1.0.0 default-information originate
> > > > > distribute-list prefix DEFAULTROUTE out Ethernet0/1 distance
> > > > > 109
> > > > >
> > > > > 0.0.0.0 255.255.255.255 4 no auto-summary !
> > > > > router bgp 65005
> > > > > no synchronization
> > > > > bgp log-neighbor-changes
> > > > > bgp confederation identifier 200 bgp confederation peers
> > > > > 65004 65007 neighbor 163.1.35.3 remote-as 300 neighbor
> > > > > 163.1.45.4 remote-as 65004 neighbor 163.1.57.7 remote-as
> > > > > 65007 no auto-summary !
> > > > > ip http server
> > > > > no ip http secure-server
> > > > > !
> > > > > ip forward-protocol nd
> > > > > !
> > > > > !
> > > > > !
> > > > > ip prefix-list DEFAULTROUTE seq 5 permit 0.0.0.0/0 !
> > > > > map-class frame-relay KEEPALIVE frame-relay end-to-end
> > > > > keepalive mode request access-list 4 permit 150.1.7.0
> > > > > access-list 4 permit 163.1.7.0 access-list 4 permit 192.10.1.0
> > > > > access-list 4 permit 10.3.3.0 0.0.0.255 access-list 4 permit
> > > > > 163.1.0.0
> > > > > 0.0.0.255 access-list 4 permit 163.1.3.0 0.0.0.255 access-list
> > > > > 4 permit 163.1.7.0 0.0.0.255 !
> > > > > route-map DEFAULTROUTE permit 10 match interface Ethernet0/1
> > > > > !
> > > > > !
> > > > > !
> > > > > control-plane
> > > > >
> > > > > !
> > > > > !
> > > > > line con 0
> > > > > exec-timeout 0 0
> > > > > privilege level 15
> > > > > logging synchronous
> > > > > line aux 0
> > > > > exec-timeout 0 0
> > > > > privilege level 15
> > > > > line vty 0 4
> > > > > password cisco
> > > > > login
> > > > > !
> > > > > !
> > > > > end
> > > > >
> > > > > ______________________________________________________________
> > > > > _________
> > > > >
> > > > > Subscription information may be found at:
> > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > >
> > > > > --------------------------------------------------------
> > > > >
> > > > > NOTICE: If received in error, please destroy and notify
sender.
> > > > > Sender does not intend to waive confidentiality or privilege.
> > > > > Use of this email is prohibited when received in error.
> > > > >
> > > > >
> > > > > ______________________________________________________________
> > > > > _________ Subscription information may be found at:
> > > > > http://www.groupstudy.com/list/CCIELab.html
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> > >
> > > --
> > >
> > > Dane Newman
> > > MCSE: Messaging, CCNP, CCEA
> > >
> >
> >
> >
>
>
-- Dane Newman MCSE: Messaging, CCNP, CCEA
This archive was generated by hypermail 2.1.4 : Tue Jan 01 2008 - 12:04:30 ARST