Multicast: From JUNOS

  • IP address range: 224.0.0.0 to 239.255.255.255
  • First 4 bits of multicast IP address set to “1110”. 28 bits remaining to choose unique address.
  • IP to mac mapping: 01:00:5E:[0:last 23 bits from multicast IP address]. 5 bits from IP address becomes don’t care and hence 32(2^5) multicast IP addresses maps to same MC MAC address.
  • Reverse path Forwarding (RPF) check:
    • Each router after receiving multicast packet, it checks whether it comes via interface which is best path to reach the source IP present in this packet.
    • If this check is positive, packets are forwarded to all downstream interfaces. If the check is negative, packets are dropped to avoid flood.
  • JUNOS software performs RPF check by looking inet.0 routing table.
  • Dense-mode forwarding:
    • Packets are flooded from first-hop router, to all other routers.
    • Routers which do not have downstream interfaces, removes it from the source-based tree by sending ‘prune’ message. Above process repeats for every 3 minutes.
    • Best suited only when there are many receivers in the multicast domain.
  • Spare-mode forwarding:
    • Each router has to explicitly request to receive multicast traffic.
    • A router functions as rendezvous point (RP) which act like connecting point between source and destination. Source sends packets to RP and RP forwards packet to receiver.
    • RP act as root for this shared tree called “Rendezvous point tree (RPT)”
  • Multicast protocols:
    • IGMP: for communication between MC host and first-hop router.
    • PIM: for communication between routers in multicast domain.
  • Internet group management protocol (IGMP):
    • Host send request to designated router in the subnet and the router converts this request into multicast routing protocol packets (PIM join).
    • ‘Designated router’ is the router with lowest PIM priority value. If there is tie, router with highest interface IP address will be elected.
    • ‘Querier router’ is the router which sends group specific/general query. Router with the lowest interface IP address is elected as Querier router.
  • IGMP-v1:
    • Two message types are available. The packet format has following fields.
    • Version – 4 bits – set to 0x01
    • Type – 4 bits – value of 1 implies ‘Host membership query’ and value of 2 implies ‘host membership report’.
    • Unused – 1 octet – set to zero
    • Checksum – 2 octets
    • Group address – 4 octet – multicast group address is encoded in host membership report. In membership query packet this field is filled with all zeros.
    • Operation:
      • When a host joins a group, it sends membership report addressed to MC group.
      • Designated router on seeing this report, attempt to locate source and forward traffic.
      • ‘Querying router’ generates membership query addressed to 224.0.0.1(all hosts) every 125 seconds. Each host on receiving this starts a timer value between 0 and 10 and check for any report by other host. If it doesn’t receive one and its timer expired, it generates a membership report
      • No mechanism to notify when a host leaves a group. Multicast traffic was forwarded for 260 seconds until querying router knows no host is listening.
      • Timing value (260 sec) = (robustness variable[2] * query interval[125 sec])+ query response time[10 sec]
  • IGMPv2:
    • The packet field includes: Type – 1 octet:
      • 0x11 – membership query. Both general and group-specific. Generated by querier and addressed to 224.0.0.1 (for general) and group IP (for group-specific
      • 0x12 – V1 membership report. For backward compatible. Generated by host addressed to multicast group.
      • 0x16 – version 2 membership report. Generated by host addressed to multicast group.
      • 0x17 – Leave message. Generated by host when it leaves a group. addressed to 224.0.0.2
    • Max-response time – 1 octet – default set to 10 sec
    • Checksum – 2 octets
    • Group address – 4 octets – set to group address except general query (filled with zeros)
    • Operation:
      • Same as in IGMPv1. When a host leaves a group it sends leave message and the querying router sends a group-specific query with response timer set to 1 sec.
  • IGMPv3:
    • Host can request traffic from particular source and not from other set of sources.
    • Provides support for source-specific multicasting within 232.0.0.0/8 group.
  • Protocol Independent Multicast (PIM) :
    • To create a tree to pass multicast traffic. Three modes: spare, dense, spare-dense mode.
    • All PIM packets have common header which has:
      • Version – 4 bits – set to 0x02
      • Type – 4 bits – Possible values are:
      • 0 – PIM hello messages. Generated by all routers to 224.0.0.13 (all PIM routers)
      • 1 – PIM register message. Generated by source-router and unicast to RP.
      • 2 – PIM register-stop msg. Generated by RP and unicast to source-router.
      • 3 – PIM join/prune msg. Generated by routers, addressed to 224.0.0.13
      • 4 – PIM bootstrap msg. Generated by BSR, addressed to 224.0.0.13.
      • 5 – PIM Assert msg. Addressed to 224.0.0.13 to determine which router forwards traffic in broadcast domain.
      • 6 – PIM Graft msg. Used in dense mode. To reconnect a router to forwarding tree. Addressed to 224.0.0.13
      • 7 – PIM Graft ACK msg. Used in dense mode. Unicast to ACK above message.
      • 8 – PIM RP candidate. Generated by RP candidate and unicast to BSR.
    • Reserved – 1 octet – set to all zeros.
    • Checksum – 2 octets – checksum to entire PIM message.
  • Unicast address is encoded within PIM in following format:
    • Address family – 1 octet – set to 0x01
    • Encoding type – 1 octet – set to 0x00
    • Address – 4 octets – contains unicast address
  • A multicast group address is encoded within PIM:
    • Address family – 1 octet – set to 0x01
    • Encoding type – 1 octet – set to 0x00
    • Reserved-  1 octet – set to 0x00
    • Mask length – 1 octet – displays length of subnet mask
    • Group address – 4 octets – multicast group address
  • A multicast source address is encoded within PIM:
    • Address family – 1 octet – set to 0x01
    • Encoding type – 1 octet – set to 0x00
    • S/W/R bits – 1 octet – 00000SWR
      • Sparse bit: set to 1 to represent spare-mode operation.
      • Wildcard bit: 0 when source is known (S,G). 1 when source is unknown (*,G).
      • RPT bit: 0 when router has to send packets to source, 1 for packets to RP.
    • Mask length – 1 octet – subnet mask of multicast source address
    • Source address – 4 octets – source address is displayed here.
  • Join and prune messages:
    • Upstream neighbor router – 4 octets – address of the upstream router.
    • Reserved –  1 octet – set to 0x00
    • Number of groups: number of MC groups for which we have join/prune messages.
    • Hold time: set to default 210 seconds.
    • Following fields will have MC group address, number of joins, number of prunes followed by join and prune source addresses
  • Register message:
    • First 4 octets: other bits except first 2 bits are set to 0x00. First 2 bits are:
      • B: Border bit: set to 0 when source is directly connected to router.
      • N: Null register bit: set to 0 for ordinary packets. When the RP sends register-stop message, the source router set this bit and periodically (every 60 seconds) send this message to RP without any multicast data packet fields.
    • Multicast data packet: multicast packets from source are placed in this field. The RP must have tunnel PIC installed to strip the multicast packets from this message. Check with “show chassis fpc pic-status”.
  • Register-stop message:
    • RP send this message to source router to stop sending multicast packets in register message. Various reasons are:
      • RP has not received any PIM join for this group.
      • RP received PIM prune from the last receiver.
      • RP itself may be receiving data from the source as native multicast packet.
    • It has multicast group address and multicast source address fields.
  • Spare-mode operation:
    • Connecting receiver to shared tree:
      • When receiver-end-router receives IGMP report from new host, the designated router generates a PIM join message and forwards to RP. All routers in between designated-router and RP installs (*,G), upstream and downstream interfaces.
      • When RP receives this join message, it installs (*,G). If a valid source is known, RP forwards native multicast packets to receiver along shared tree.
      • Each router along the path including the last-hop router installs (S,G) entry.
      • RPF check performed against the RP address as RP is root in shared tree.
    • Forwarding packets to RP:
      • When source-router receives MC traffic from the source host, it encapsulates in register message and sends it to RP. If RP has no (*,G) entry, all packets are dropped and register-stop will be sent to source. If it has entry, packets are sent to all downstream interfaces and RP sends PIM join for SPT between RP and SRC
      • If RP sends register-stop, source router keeps sending null register message until it stops receiving register-stop from RP or source stops sending packets.
    • Establishing the shortest path tree:
      • Once the receiver-end router get packets from RP and knows its source address, it tries to establish shortest path tree with source directly (S,G).
      • When it receives traffic from source directly, it sends PIM prune message towards RP and intermediate routers/RP removes (S,G) entry.
  • Steady state operation of the network:
    • Last-hop router (connected to MC receiver) keeps sending periodic PIM join to first-hop router (connected to MC source) to maintain SPT (shortest path tree)
    • Last-hop router keeps sending periodic PIM ‘join to group G, prune to source S’ to RP to maintain (*,G) RPT so that it can receive multicast packets from other sources.
    • RP keeps sending register-stop in response to null-register msg from first-hop router.
  • Rendezvous point options:
    • Static:
      • Configure a single router as RP in all routers. No redundancy.
    • Auto-RP:
      • Cisco proprietary implemented in Juniper. A router is assigned as ‘Mapping-agent’ which selects an RP for a group and advertises this result to all routers.
      • Routers configured as RP, announce this via ‘cisco-RP-announce’ message destined to 224.0.0.39. This message flows in dense-mode fashion.
      • Mapping agent listens for above address and elects a single RP which has highest IP address, for each group. Then it advertises this result in ‘cisco-RP-discovery’ message addressed to 224.0.0.40 in dense-mode fashion.
      • When mapping agent fails to receive announce message from RP, it changes the RP and advertise the new RP in discovery message. Redundancy.
      • Both cisco-RP-announce and discovery messages share same packet format. The message field includes:
        • Version – 4 bits – set to constant value of 0x01
        • Type – 4 bits – 1 implies announce msg and 2 implies discovery
        • RP count – 1 octet – total number of RPs contained in this packet.
        • Hold time – 2 octets – time this message is active. 0 implies always valid.
        • Reserved – 4 octets- set to 0x00
        • RP address – 4 octets – IP address of the RP.
        • RP version – 1 octet – 000000xx. xx= 0 implies PIM version is unknown. 1 implies v1 only. 2 imply v2 only. 3 implies RP can support both v1,v2.
        • Group count – 1 octet – total number of groups associated with this RP.
        • Encoded group address – 6 octets which has N-bit(1 octet) , Mask length (1 octet) and group address(4 octet). In the first octet, all 7 bits set to 0. Last bit N: 0 implies routers to use sparse to forward data packets.
    • Bootstrap router:
      • PIM-v2 specifies this method. Many routers can be configured as BSR candidate and the one with highest priority value is elected as BSR for the MC domain.
      • If there is tie in above election, highest IP address is elected as BSR.
      • Once elected, BSR listen for candidate-RP-advertisement. BSR then sends ‘RP-set’ message which has all RPs-group mapping to 224.0.0.13.
      • Each router on receiving RP-set selects based on below criteria:
        • Choose RP advertising most specific range of addresses
        • Lowest Priority. (Note: Highest priority preferred for BSR. Lowest priority preferred for RP)
        • Highest Hash algorithm output.
        • Highest IP address.
    • JUNOS prefers RP selected via bootstrap, than Auto-RP, than static configuration.
  • Configuration:
    • PIM automatically enables IGMPv2 on broadcast interface. P2P interfaces generally do not connect to receiver host and hence showed as ‘Disabled’ by default.
    • Configure IGMP with in [edit protocols igmp] mode. To set an interface to version-3, configure “set interface xxxx version 3”. To disable configure “set interface fxp0 disable’
    • Dense mode:
      • Before JUNOS 5.5 version, dense-mode is the default. Later changed to spare.
    • Sparse-dense mode:
      • Configure “set pim interface all mode spare-dense”. Each interface operates in sparse mode unless specifically specified with “set pim dense-groups x.x.x.x”
    • Sparse mode:
      • Configure “set pim interface all mode sparse”.
    • To set local router as RP:
      • “set pim rp local address x.x.x.x”
    • Static RP:
      • On all routers, configure “set pim rp static address x.x.x.x”
    • Auto-RP:
      • Need more configuration steps.
      • Configure all pim interface as sparse-dense mode.
      • Each router should have 224.0.0.39/224.0.0.40 operate in dense group.
      • Inside “set protocols pim rp auto-rp” command there are three options:
        • ‘discovery’ : Routers to listen for 224.0.0.40 from mapping-agent.
        • ‘announce’ : Local router listen for 224.0.0.40 and generates RP-announcement to 224.0.0.39.
        • ‘mapping’ : Performs all operations.
    • Bootstrap router:
      • Configure local router as RP using “set pim rp local address x.x.x.x”
      • Configure priority with “set pim rp bootstrap-priority xx” command.
      • Default priority is 0 which makes then ineligible to become BSR.
  • Show commands:
    • Show igmp interface – to view igmp enabled interfaces, state, timers, Querier.
    • Show pim interface – to view pim interfaces, state, neighbors, priority.
    • Show pim rps – to view RP interface and mapping
    • Show pim neighbors – to view PIM neighbors
    • Show pim join extensive – Most used command: to view about multicast tree.
    • Show pim source –  to view active multicast sources
    • Show pim bootstrap – to view information about bootstrap protocol.
    • Show multicast rpf – to view RPF table from inet.0
    • Show multicast route – shows groups, source and interfaces
    • Show multicast usage – packet statistics for each group
    • Show route table inet.1 – to view group address and the sources.

Advanced Multicast concepts:

  • Bootstrap message format:
    • Bootstrap message is used by all C-BSR to advertise its priority (before election) and used by BSR to advertise RP-set. The fields available in bootstrap message includes:
    • PIM header:
      • version – 4 bits – set to 0x02
      • Type – 4 bits – set to value of 4
      • Reserved – 1 octet – set to 0x00
      • Checksum – 2 octet – standard checksum
    • Fragment tag – 2 octets – if individual message is too large, it is fragmented into small packets and router generates a random number and place in all fragmented packets.
    • Hash Mask length – 1 octet – length in bits each router should use in hash algorithm. Set to value of 30
    • BSR priority – 1 octet – priority value of local router. If an msg with higher value is received, local router stops transmitting its own bootstrap message.
    • BSR address – 6 octets – Address of BSR encoded in unicast address format.
    • Group address – 8 octets – MC group address in encoded format.
    • RP count – 1 octet – Total RPs available for above MC group
    • Fragment RP count – 1 octet – RPs available in present fragment.
    • RP address – 6 octets – RP address encoded in unicast format.
    • RP hold time – 1 octet – amount of time this RP is valid.
    • RP priority – 1 octet – priority value above RP. Possible values are 0-255, 0 being best.
  • Each RP candidate router unicast its information to BSR using ‘candidate-RP-advertisement’
    • PIM header
    • Prefix count: number of multicast groups current RP supports. 0 implies 224.0.0.0/32
    • Priority – 1 octet – set to default 0 (best). Lower value is preferred in RP election.
    • Hold time – 2 octets – amount of time BSR should retain this RP information.
    • RP address – 6 octets – local RP address in encoded unicast format.
    • Group address – 8 octets – MC group address in encoded format.

Multicast source discovery protocol: (MSDP)

  • If the multicast domain size increases, scalability issues arise for RP in the domain.
  • So, we need to have more than single RP and to sync between that RPs, MSDP is used.
  • Protocol to advertise active multicast source from one RP to another.
  • RPs can be within same administrative domain or between AS networks.
  • Operation theory:
    • Two routers (RPs) form TCP connection on well known port number – 639
    • Higher peer IP waits for other peer to initiate the connection. To avoid collision.
    • TCP connection is maintained by exchanging keep alive messages or source active (SA) messages within 75-sec hold timer.
    • When a MSDP router learns new MC source, it generates a SA and forwards to all peers.
    • Other MSDP peer on receiving SA (after some set of rules- Peer-RFP flooding) creates (*,G) if one doesn’t exist. If there is already a (*,G) entry, it generates PIM join to first-hop router to join SPT and forward native MC traffic down to RPT for listeners.
    • Last-hop router (listener) on receiving this packet, attempt to create SPT directly to source and prune from the RPT for that specific source.
  • SA packet format:
    • Type – 1 octet – set to 0x01
    • Length – 2 octets – total packet length
    • Entry count – 1 octets – number of unique (S,G) in this message
    • RP address – 4 octets – IP address of RP which originates this SA packet.
    • Source prefix length –  1 octet – for source host address, use value of 32.
    • Group address – 4 octets- MC group address
    • Source address – 4 octets – MC source address
    • Encapsulated data packet – may not contain in SA.
  • Configuration:
    • Create a group inside [edit protocol msdp]
    • Assign ‘local-address’ and ‘peer’ addresses.
  • Show commands:
    • Show msdp – to view local, peer address and state.
    • Show msdp source-active – to view current (S,G) info shared with peers.
  • Mesh-group:
    • To avoid flooding when MSDP routers are connected in mesh-format.
    • Configure ‘mode mesh-group’ inside msdp group.
  • Peer-RPF flooding – Rules to dictate whether received flooded SA message can be accepted:
    • 1 – If SA received peer belongs to mesh group, accept the message
    • 2 – If  SA received peer configured as default group, then accept
    • 3 – If  SA received peer is same as RP in the packet, then accept
    • 4 – Perform route-lookup for the RP address in the packet
      • If BGP, check peer IP same as next-hop IP to the BGP route- RP address
      • If IGP, check next-hop interface of RP and peer are same. If yes, accept.
    • 5- Reject.

Anycast RP:

  • There is disadvantage when a RP for a group goes down. Packets are not forwarded till next dynamic RP is elected /advertised. To minimize this effect, a virtual router called “anycast RP” is used by sharing knowledge about sources among multiple routers.
  • Operation theory:
    • Each RP routers are configured with same shared local RP address.
    • This RP address is configured as static in all other routers. IGP advertise this shared IP.
    • Other routers on receiving IGMP report, forwards PIM join to IGP metrically nearest RP.
    • When an RP router receives a register message, along with checking its (*,G) entry, it forwards this info to all other RPs (MSDP peers) via SA message.
    • If other RPs already has (*,G) entry, it generates PIM join to source available in de-encapsulated register message and form SPT with source and forwards native multicast traffic from source to last-hop router which again try to form SPT directly with SRC.
  • Configuration:
    • Configure another IP address in loopback in addition to ‘primary’ address and include that IP as local RP. Configure same IP address in other RPs and include as local RP.
    • Configure above IP address is static in all other routers.
    • Configure MSDP among RPs
  • Inter-domain MSD:
    • Same concept as anycast RP. MSDP session follow the external BGP peering between AS

Reverse path forwarding:

  • By default, JUNOS uses inet.0 routing table as RPF table.
  • Disadvantage: both unicast and multicast traffic flows via same link and other links are unused.
  • JUNOS has set aside ‘inet.2’ table for RPF usage.
  • To populate inet.2 table, we need to invoke ‘rib-group’ which is set of routing tables to which information are downloaded from route-source or protocol.
  • To add routes to inet.2 table:
    • Create a rib-group inside [edit routing-options] as “import-rib [inet.0 inet.2]” to download routes to both inet.0 table (default) and inet.2 table.
    • Invoke this rib-group inside protocols global mode.
  • To add local/direct routes:
    • Invoke the rib-group within “interface-routes” option inside routing-options mode.
  • To add static routes:
    • Invoke the rib-group within “static” option inside routing-options mode.
  • To add OSPF routes to inet.2 table:
    • Invoke the rib-group as ‘rib-group <group-name>’ inside [edit protocols ospf] mode.
  • To add ISIS routes:
    • Invoke the rib-group as ‘rib-group <group-name>’ inside [edit protocols isis] mode.
    • By enabling multi-topology TLV. These TLVs are used to support MC traffic forwarding.
      • Add local routes in inet.2 table and make ISIS to find operational ISIS interfaces.
      • Configure ‘multicast-topology’ command inside [edit protocols isis] mode.
      • Multicast IS neighbors and TLVs are exchanged and routes are to added to inet.2
      • Now all ISIS routes will be available in both inet.0 and inet.2 table.
      • Useless, unless we make some changes to inet.2 table routes.
      • To make changes only to inet.2 table, configure ‘level 2 ipv4-multicase-metric xx’ command under IS-IS interface mode.
  • To add BGP routes:
    • Invoke the rib-group as ‘rib-group <group-name>’ inside [edit protocols bgp] mode.
    • By configuring BGP to support MBGP.
      • Configure ‘family inet any’ inside BGP mode. ‘any’ implies both ‘unicast’ and ‘multicast’. Routes from/to inet.0 and inet.2 are advertised.
      • To make inet.2 (RPF) to differ from inet.0 routing table, change any BGP attribute for inet.2, like LP by using route-policy match statement “to rib inet.2”.
  • To instruct multicast process to use inet.2 table for RPF check, configure another rib-group which has ‘import-rib inet.2’ statement and invoke this rib-group in both PIM and MSDP.
  • Sample Multicast configuration.
Advertisements
This entry was posted in jncis, Junos, multicast and tagged , . Bookmark the permalink.

One Response to Multicast: From JUNOS

  1. Your post is top notch.Will book mark your website for additional visits,In addition,where did you get this fantastic theme for your blog?

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s