Re: Need Help on Multicast VRF

From: PANDI MOORTHY (moorthypandi@gmail.com)
Date: Mon Dec 24 2007 - 02:57:23 ART

Marc

Excellent, Thank you so much. It works now. MDT uses loopback-0 as the
source

Changes I have made:-

Reconfigured the VPN-V4 BGP peering between R1 and R3 to use loopback-0 for
peering. IPV4 peering still uses serial interface IP address.

Thank you

 Regards
Pandi

On Dec 23, 2007 9:35 PM, Marc <myfernandez@gmail.com> wrote:

> Hi Pandi.
>
> Have you tried using lo 0 interfaces as sources for the eBGP session ?
>
> http://www.cisco.com/en/US/docs/ios/12_3/sem2/system/messages/emgmbus.html#wp197743
>
>
> %MDT-4-LBSRC : MDT [chars] uses source address [IP_address] from a
> non-loopback interface
>
> Explanation The local peering interface used to set up an MDT tunnel is
> not a loopback interface. This condition may cause black holes if the
> interface is in the outgoing list of the MDT group.
>
> Recommended Action Change the configuration of the BGP update source
> and use a loopback interface as the local peering interface.
> Regards,
>
>
> On Dec 22, 2007 11:32 AM, PANDI MOORTHY <moorthypandi@gmail.com> wrote:
>
> > Hi,
> >
> > Thanks for your reply
> >
> >
> >
> > Not sure are you talking about Multicast support for MPLS VPN
> >
> >
> >
> > For MPLS VPN multicast solution, we do not need to include the PE
> > loopback
> > interfaces into the customer VRF. PE Loopback is already included into
> > core
> > ospf and multicast routing.
> >
> >
> >
> > You can verify the configuration on R3 and R5. Same configuration, only
> > on
> > R3 I am getting this error message
> >
> >
> >
> > On R5 once I configured the multicast for VRF 100, the VPN tunnel-0 is
> > automatically created and it pick-up the loopback -0 as the source IP,
> > this
> > is the good scenario
> >
> >
> >
> > On R3 once I configured the multicast for VRF 100, the VPN tunnel-0 is
> > automatically created but it pick-up the interface ser 2/1 as the source
> > IP.
> > Here is the problem started.
> >
> >
> >
> > My question is there way we can force the auto tunnel to use the
> > loopback-0
> > as the source IP address. Please help
> >
> >
> >
> >
> > Regards
> > pandi
> >
> > On Dec 22, 2007 4:13 AM, Cisco-Engineer.com Team <ciscosurplus@gmail.com
> > >
> > wrote:
> >
> > > silly question but did you enable ip forwarding vrf X on the loopback?
> > and
> > > also route it via the routing proccess?
> > >
> > > If you dont want to include it in the VRF forwaring then you need a
> > static
> > > route within the vrf and use of the global keyword, then redist that
> > to the
> > > routing proccess
> > >
> > >
> > > On 22/12/2007, PANDI MOORTHY <moorthypandi@gmail.com> wrote:
> > >
> > > > Hi All
> > > >
> > > >
> > > >
> > > > I need your help on Multicast VRF
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Setup:
> > > >
> > > > ====
> > > >
> > > >
> > > >
> > > > (R3) AS200
> > > >
> > > > |
> > > >
> > > > |[20.1.1.X]
> > > >
> > > > |
> > > >
> > > > |
> > > >
> > > > | s2/1
> > > >
> > > >
> > > >
> > > >
> > (R2)--------------(R1)-------------(R4)--------------------(R5)--------------
> > > > (R6)
> > > >
> > > >
> > > >
> > > > [192.168.1.x] [10.1.1.x] [10.2.2.x]
> > > > 192.168.2.x]
> > > >
> > > >
> > > >
> > > > [-----------------
> > AS100------------------]
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > 1) Data Setup
> > > >
> > > > n R1, R4 and R5 in core mpls network. ospf and LDP is
> > configured
> > > > between them (R1 and R5 are PE routers)
> > > >
> > > > n Between R1 and R5 VPNV4 iMBGPAS100 is configured
> > > >
> > > > n R2 and R6 are the CE routers, communicating via AS100 using
> > VRF
> > > > 100
> > > >
> > > > n R2 and R6 able ping each other. IPV4 data connection works,
> > No
> > > > issue
> > > >
> > > >
> > > >
> > > > n Between R1 and R3 VPNV4 eMBGP is configured
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > 2) Next task is to configure multicast PIM-sparse-mode on AS100 core
> > > > network
> > > > with R1 as the RP. (I have configured no issues)
> > > >
> > > >
> > > >
> > > > 3) Next task is to configure multicast PIM-sparse-mode on AS200 with
> > R3
> > > > as
> > > > the RP for this domain (I have configured no issues)
> > > >
> > > >
> > > >
> > > > 4) Next task is to enable MSDP between R1 and R3, do not enable
> > > > multicast on
> > > > the interface between R1 and R3 (I have configured no issues)
> > > >
> > > >
> > > >
> > > > 5) Final task is to configure the multicast routing for the VRF 100,
> > R6
> > > > loopback-0 should be the RP. VRF 100 should use multicast address
> > > > 224.1.1.1when it tunnel across the AS100.
> > > >
> > > >
> > > >
> > > >
> > > > There is no issue when I configure the multicast on R6, R5 and R2.
> > But
> > > > when
> > > > I enable multicast routing for VRF 100 on R1, I am getting error
> > message
> > > > as
> > > > below
> > > >
> > > >
> > > >
> > > > Rack1R1(config)#ip vrf 100
> > > >
> > > > Rack1R1(config-vrf)#mdt default 224.1.1.1
> > > >
> > > > Rack1R1(config-vrf)#
> > > >
> > > > 00:08:46: %MDT-4-LBSRC: VRF 100: MDT Serial2/1 uses source address
> > > > 20.1.1.1from
> > > >
> > > > a non-loopback interface
> > > >
> > > > Rack1R1(config-vrf)#
> > > >
> > > >
> > > >
> > > > Looks like the multicast tunnel uses IP address of "serial 2/1" as
> > the
> > > > source IP address. The tunnel is up but I don't see any mroute entry
> > for
> > > > R1-loopback-0.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Rack1R1#i
> > > >
> > > > Interface IP-Address OK? Method Status
> > > > Protocol
> > > >
> > > > FastEthernet0/0 10.1.1.1 YES
> > > > NVRAM up up
> > > >
> > > > Serial2/0 unassigned YES
> > > > NVRAM up up
> > > >
> > > > Serial2/0.1 192.168.1.1 YES
> > > > NVRAM up up
> > > >
> > > > Serial2/1 20.1.1.1 YES
> > > > NVRAM up up
> > > >
> > > > Serial2/2 unassigned YES NVRAM administratively
> > down
> > > > down
> > > >
> > > > Serial2/3 unassigned YES NVRAM administratively
> > down
> > > > down
> > > >
> > > > ATM3/0 unassigned YES NVRAM administratively
> > down
> > > > down
> > > >
> > > > ATM4/0 unassigned YES NVRAM administratively
> > down
> > > > down
> > > >
> > > > Loopback0 1.1.1.1 YES
> > > > NVRAM up up
> > > >
> > > > Tunnel0 20.1.1.1 YES
> > > > unset up up
> > > >
> > > > Rack1R1#
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Rack1R1#show ip mroute
> > > >
> > > > IP Multicast Routing Table
> > > >
> > > > Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C -
> > > > Connected
> > > >
> > > > L - Local, P - Pruned, R - RP-bit set, F - Register flag,
> > > >
> > > > T - SPT-bit set, J - Join SPT, M - MSDP created entry,
> > > >
> > > > X - Proxy Join Timer Running, A - Candidate for MSDP
> > > > Advertisement,
> > > >
> > > > U - URD, I - Received Source Specific Host Report, Z -
> > Multicast
> > > > Tun
> > > >
> > > > Y - Joined MDT-data group, y - Sending to MDT-data group
> > > >
> > > > Outgoing interface flags: H - Hardware switched, A - Assert winner
> > > >
> > > > Timers: Uptime/Expires
> > > >
> > > > Interface state: Interface, Next-Hop or VCD, State/Mode
> > > >
> > > >
> > > >
> > > > (*, 224.1.1.1), 01:31:07/00:03:08, RP 1.1.1.1, flags: S
> > > >
> > > > Incoming interface: Null, RPF nbr 0.0.0.0
> > > >
> > > > Outgoing interface list:
> > > >
> > > > FastEthernet0/0, Forward/Sparse, 01:31:07/00:03:08
> > > >
> > > >
> > > >
> > > > (5.5.5.5, 224.1.1.1), 01:30:57/00:01:00, flags: PTA
> > > >
> > > > Incoming interface: FastEthernet0/0, RPF nbr 10.1.1.4
> > > >
> > > > Outgoing interface list: Null
> > > >
> > > >
> > > >
> > > > (*, 224.0.1.40 ), 01:36:11/00:02:06, RP 0.0.0.0, flags: DCL
> > > >
> > > > Incoming interface: Null, RPF nbr 0.0.0.0
> > > >
> > > > Outgoing interface list:
> > > >
> > > > Loopback0, Forward/Sparse, 01:36:09/00:02:01
> > > >
> > > >
> > > >
> > > > Rack1R1#
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > My question: why the VRF tunnel on R1 takes the "interface ser 2/1"
> > IP
> > > > as
> > > > the source IP instead of loopback-0.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Is there way I can make the loopback IP address as the source IP for
> > > > this
> > > > tunnel? or any other solution to make the multicast between R2 and
> > R6 to
> > > > work
> > > >
> > > >
> > > >
> > > > Please take not that, we should not enable multicast on the
> > interface
> > > > between R1 and R3.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Thanks
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Configuration
> > > >
> > > > R1:-
> > > > -----
> > > >
> > > > ip vrf 100
> > > > rd 100:1
> > > > route-target export 100:1
> > > > route-target import 100:1
> > > > mdt default 224.1.1.1
> > > >
> > > > !
> > > > ip multicast-routing
> > > > ip multicast-routing vrf 100
> > > > mpls ldp router-id Loopback0
> > > > mpls label protocol ldp
> > > > !
> > > > interface Loopback0
> > > > ip address 1.1.1.1 255.255.255.255
> > > > ip pim sparse-mode
> > > > !
> > > > interface FastEthernet0/0
> > > > ip address 10.1.1.1 255.255.255.0
> > > > ip pim sparse-mode
> > > > !
> > > > interface Serial2/0
> > > > no ip address
> > > > encapsulation frame-relay
> > > > !
> > > > interface Serial2/0.1 point-to-point
> > > > ip vrf forwarding 100
> > > > ip address 192.168.1.1 255.255.255.0
> > > > ip pim sparse-mode
> > > > frame-relay interface-dlci 102
> > > > !
> > > > interface Serial2/1
> > > > ip address 20.1.1.1 255.255.255.0
> > > > mpls bgp forwarding
> > > > !
> > > > !
> > > > router ospf 1
> > > > log-adjacency-changes
> > > > network 1.1.1.1 0.0.0.0 area 0
> > > > network 10.1.1.1 0.0.0.0 area 0
> > > > !
> > > > router bgp 100
> > > > bgp router-id 1.1.1.1
> > > > no bgp default ipv4-unicast
> > > > bgp log-neighbor-changes
> > > > neighbor 5.5.5.5 remote-as 100
> > > > neighbor 5.5.5.5 update-source Loopback0
> > > > neighbor 20.1.1.3 remote-as 200
> > > > !
> > > > address-family ipv4
> > > > neighbor 20.1.1.3 activate
> > > > no auto-summary
> > > > no synchronization
> > > > exit-address-family
> > > > !
> > > > address-family vpnv4
> > > > neighbor 5.5.5.5 activate
> > > > neighbor 5.5.5.5 send-community extended
> > > > neighbor 20.1.1.3 activate
> > > > neighbor 20.1.1.3 send-community extended
> > > > exit-address-family
> > > > !
> > > > address-family ipv4 vrf 100
> > > > neighbor 192.168.1.2 remote-as 65002
> > > > neighbor 192.168.1.2 activate
> > > > no auto-summary
> > > > no synchronization
> > > > exit-address-family
> > > > !
> > > > ip pim bsr-candidate Loopback0 0
> > > > ip pim rp-candidate Loopback0
> > > > ip pim vrf 100 rp-address 6.6.6.6
> > > > ip msdp peer 20.1.1.3
> > > > ip msdp cache-sa-state
> > > > !
> > > > !
> > > >
> > > >
> > > > R5:
> > > > ----
> > > >
> > > >
> > > > Rack1R5#sh run
> > > > !
> > > > ip vrf 100
> > > > rd 100:1
> > > > route-target export 100:1
> > > > route-target import 100:1
> > > > mdt default 224.1.1.1
> > > > !
> > > > ip multicast-routing
> > > > ip multicast-routing vrf 100
> > > > no ip ips deny-action ips-interface
> > > > !
> > > > mpls label protocol ldp
> > > > tag-switching tdp router-id Loopback0
> > > > no ftp-server write-enable
> > > > !
> > > > !
> > > > interface Loopback0
> > > > ip address 5.5.5.5 255.255.255.255
> > > > ip pim sparse-mode
> > > > !
> > > > interface Ethernet0/0
> > > > ip vrf forwarding 100
> > > > ip address 192.168.2.5 255.255.255.0
> > > > ip pim sparse-mode
> > > > half-duplex
> > > > !
> > > > interface Ethernet0/1
> > > > ip address 10.2.2.5 255.255.255.0
> > > > ip pim sparse-mode
> > > > half-duplex
> > > > tag-switching ip
> > > > !
> > > >
> > > > router ospf 1
> > > > log-adjacency-changes
> > > > network 5.5.5.5 0.0.0.0 area 0
> > > > network 10.2.2.5 0.0.0.0 area 0
> > > > !
> > > > router bgp 100
> > > > bgp router-id 5.5.5.5
> > > > no bgp default ipv4-unicast
> > > > bgp log-neighbor-changes
> > > > neighbor 1.1.1.1 remote-as 100
> > > > neighbor 1.1.1.1 update-source Loopback0
> > > > !
> > > > address-family vpnv4
> > > > neighbor 1.1.1.1 activate
> > > > neighbor 1.1.1.1 send-community extended
> > > > exit-address-family
> > > > !
> > > > address-family ipv4 vrf 100
> > > > neighbor 192.168.2.6 remote-as 65001
> > > > neighbor 192.168.2.6 activate
> > > > no auto-summary
> > > > no synchronization
> > > > exit-address-family
> > > > !
> > > > !
> > > > ip pim vrf 100 rp-address 6.6.6.6
> > > >
> > > >
> > > > R3:
> > > > ----
> > > >
> > > > ip multicast-routing
> > > >
> > > > interface Loopback0
> > > > ip address 3.3.3.3 255.255.255.255
> > > > ip pim sparse-mode
> > > > !
> > > > interface Ethernet0/0
> > > > ip address 33.33.33.3 255.255.255.0
> > > > half-duplex
> > > > !
> > > > interface Serial1/2
> > > > ip address 20.1.1.3 255.255.255.0
> > > > serial restart-delay 0
> > > > clockrate 64000
> > > > no dce-terminal-timing-enable
> > > > !
> > > > !
> > > > router bgp 200
> > > > no synchronization
> > > > bgp log-neighbor-changes
> > > > neighbor 20.1.1.1 remote-as 100
> > > > no auto-summary
> > > > !
> > > > address-family vpnv4
> > > > neighbor 20.1.1.1 activate
> > > > neighbor 20.1.1.1 send-community extended
> > > > exit-address-family
> > > > !
> > > > ip msdp peer 20.1.1.1
> > > > !
> > > >
> > > > Please let me know if you need config of other routers as well
> > > >
> > > > Regards
> > > > Pandi
> > > >
> > > >
> > _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > >
> > >
> > >
> > > --
> > > Thanks
> > >
> > > Graham Clarke
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Tue Jan 01 2008 - 12:04:32 ARST