The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to configure Multicast Source Discovery Protocol (MSDP) on the Cisco Industrial Ethernet 2000U Series Switches, hereafter referred to as IE 2000U or switch. MSDP connects multiple Protocol-Independent Multicast sparse-mode (PIM-SM) domains.
MSDP is not fully supported in this software release because of a lack of support for Multicast Border Gateway Protocol (MBGP), which works closely with MSDP. However, it is possible to create default peers that MSDP can operate with if MBGP is not running.
To use this feature, the switch must be running the IP services image.
Note For complete syntax and usage information for the commands used in this chapter, see the documents listed in the “Related Documents” section.
MSDP allows multicast sources for a group to be known to all rendezvous points (RPs) in different domains. Each PIM-SM domain uses its own RPs and does not depend on RPs in other domains. An RP runs MSDP over the Transmission Control Protocol (TCP) to discover multicast sources in other domains.
An RP in a PIM-SM domain has an MSDP peering relationship with MSDP-enabled devices in another domain. The peering relationship occurs over a TCP connection, primarily exchanging a list of sources sending to multicast groups. The TCP connections between RPs are achieved by the underlying routing system. The receiving RP uses the source lists to establish a source path.
The purpose of this topology is to have domains discover multicast sources in other domains. If the multicast sources are of interest to a domain that has receivers, multicast data is delivered over the normal, source-tree building mechanism in PIM-SM. MSDP is also used to announce sources sending to a group. These announcements must originate at the domain’s RP.
MSDP depends heavily on the Border Gateway Protocol (BGP) or MBGP for interdomain operation. We recommend that you run MSDP in RPs in your domain that are RPs for sources sending to global groups to be announced to the Internet.
Figure 5-1 shows MSDP operating between two MSDP peers. PIM uses MSDP as the standard mechanism to register a source with the RP of a domain. When MSDP is configured, this sequence occurs.
When a source sends its first multicast packet, the first-hop router ( designated router or RP) directly connected to the source sends a PIM register message to the RP. The RP uses the register message to register the active source and to forward the multicast packet down the shared tree in the local domain. With MSDP configured, the RP also forwards a source-active (SA) message to all MSDP peers. The SA message identifies the source, the group the source is sending to, and the address of the RP or the originator ID (the IP address of the interface used as the RP address), if configured.
Each MSDP peer receives and forwards the SA message away from the originating RP to achieve peer reverse-path flooding (RPF). The MSDP device examines the BGP or MBGP routing table to discover which peer is the next hop toward the originating RP of the SA message. Such a peer is called an RPF peer (reverse-path forwarding peer). The MSDP device forwards the message to all MSDP peers other than the RPF peer. For information on how to configure an MSDP peer when BGP and MBGP are not supported, see the “Configuring a Default MSDP Peer” section.
Figure 5-1 MSDP Running Between RP Peers
If the MSDP peer receives the same SA message from a non-RPF peer toward the originating RP, it drops the message. Otherwise, it forwards the message to all its MSDP peers.
The RP for a domain receives the SA message from an MSDP peer. If the RP has any join requests for the group the SA message describes and if the (*,G) entry exists with a nonempty outgoing interface list, the domain is interested in the group, and the RP triggers an (S,G) join toward the source. After the (S,G) join reaches the source’s DR, a branch of the source tree has been built from the source to the RP in the remote domain. Multicast traffic can now flow from the source across the source tree to the RP and then down the shared tree in the remote domain to the receiver.
MSDP is not fully supported in this software release because of a lack of support for Multicast Border Gateway Protocol (MBGP), which works closely with MSDP. However, it is possible to create default peers that MSDP can operate with if MBGP is not running.
This section includes the following topics:
In this software release, because BGP and MBGP are not supported, you cannot configure an MSDP peer on the local switch by using the ip msdp peer global configuration command. Instead, you define a default MSDP peer (by using the ip msdp default-peer global configuration command) from which to accept all SA messages for the switch. The default MSDP peer must be a previously configured MSDP peer. Configure a default MSDP peer when the switch is not BGP- or MBGP-peering with an MSDP peer. If a single MSDP peer is configured, the switch always accepts all SA messages from that peer.
Figure 5-2 shows a network in which default MSDP peers might be used. In Figure 5-2, a customer who owns Switch B is connected to the Internet through two Internet service providers (ISPs), one owning Router A and the other owning Router C. They are not running BGP or MBGP between them. To learn about sources in the ISP’s domain or in other domains, Switch B at the customer site identifies Router A as its default MSDP peer. Switch B advertises SA messages to both Router A and Router C but accepts SA messages only from Router A or only from Router C. If Router A is first in the configuration file, it is used if it is running. If Router A is not running, only then does Switch B accept SA messages from Router C. This is the default behavior without a prefix list.
If you specify a prefix list, the peer is a default peer only for the prefixes in the list. You can have multiple active default peers when you have a prefix list associated with each. When you do not have any prefix lists, you can configure multiple default peers, but only the first one is the active default peer as long as the router has connectivity to this peer and the peer is alive. If the first configured peer fails or the connectivity to this peer fails, the second configured peer becomes the active default, and so on.
The ISP probably uses a prefix list to define which prefixes it accepts from the customer’s router.
Figure 5-2 Default MSDP Peer Network
Follow this procedure to specify a default MSDP peer. This procedure is required.
An MSDP default peer must be a previously configured MSDP peer. Before configuring a default MSDP peer, you must first configure an MSDP peer.
To remove the default peer, use the no ip msdp default-peer ip-address | name global configuration command.
This example shows a partial configuration of Router A and Router C in Figure 5-2. Each of these ISPs have more than one customer (like the customer in Figure 5-2) who use default peering (no BGP or MBGP). In that case, they might have similar configurations. That is, they accept SAs only from a default peer if the SA is permitted by the corresponding prefix list.
By default, the switch does not cache source/group pairs from received SA messages. When the switch forwards the MSDP SA information, it does not store it in memory. Therefore, if a member joins a group soon after a SA message is received by the local RP, that member needs to wait until the next SA message to hear about the source. This delay is known as join latency.
If you want to sacrifice some memory in exchange for reducing the latency of the source information, you can configure the switch to cache SA messages. This procedure is optional.
Note An alternative to this command is the ip msdp sa-request global configuration command, which causes the switch to send an SA request message to the MSDP peer when a new member for a group becomes active. For more information, see the next section.
To return to the default setting (no SA state is created), use the no ip msdp cache-sa-state global configuration command.
This example shows how to enable the cache state for all sources in 171.69.0.0/16 sending to groups 224.2.0.0/16:
Local RPs can send SA requests and get immediate responses for all active sources for a given group. By default, the switch does not send any SA request messages to its MSDP peers when a new member joins a group and wants to receive multicast traffic. The new member waits to receive the next periodic SA message.
If you want a new member of a group to learn the active multicast sources in a connected PIM sparse-mode domain that are sending to a group, configure the switch to send SA request messages to the specified MSDP peer when a new member joins a group. The peer replies with the information in its SA cache. If the peer does not have a cache configured, this command has no result. Configuring this feature reduces join latency but sacrifices memory.
Follow this procedure to configure the switch to send SA request messages to the MSDP peer when a new member joins a group and wants to receive multicast traffic. This procedure is optional.
To return to the default setting, use the no ip msdp sa-request { ip-address | name } global configuration command.
This example shows how to configure the switch to send SA request messages to the MSDP peer at 171.69.1.1:
You can control the multicast source information that originates with your switch:
For more information, see the “Redistributing Sources” section and the “Filtering Source-Active Request Messages” section.
SA messages originate on RPs to which sources have registered. By default, any source that registers with an RP is advertised. The A flag is set in the RP when a source is registered, which means the source is advertised in an SA unless it is filtered. Follow this procedure to further restrict which registered sources are advertised. This procedure is optional.
For best practice information related to configuring MSDP SA message filters, see the Multicast Source Discovery Protocol SA Filter Recommendations tech note.
To remove the filter, use the no ip msdp redistribute global configuration command.
The following example shows how to configure which (S, G) entries from the mroute table are advertised in SA messages originated from AS 64512:
By default, only switches that are caching SA information can respond to SA requests. By default, such a switch honors all SA request messages from its MSDP peers and supplies the IP addresses of the active sources.
However, you can configure the switch to ignore all SA requests from an MSDP peer. You can also honor only those SA request messages from a peer for groups described by a standard access list. If the groups in the access list pass, SA request messages are accepted. All other such messages from the peer for other groups are ignored.
Follow this procedure to configure one of these options. This procedure is optional.
To return to the default setting, use the no ip msdp filter-sa-request { ip-address | name } global configuration command.
This example shows how to configure the switch to filter SA request messages from the MSDP peer at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are accepted; all others are ignored.
By default, the switch forwards all SA messages it receives to all its MSDP peers. However, you can prevent outgoing messages from being forwarded to a peer by using a filter or by setting a time-to-live (TTL) value. These methods are described in the next sections.
By creating a filter, you can perform one of these actions:
Follow this procedure to apply a filter. This procedure is optional.
For best practice information related to configuring MSDP SA message filters, see the Multicast Source Discovery Protocol SA Filter Recommendations tech note.
To remove the filter, use the no ip msdp sa-filter out { ip-address | name } [ list access-list-number ] [ route-map map-tag ] global configuration command.
This example shows how to allow only (S,G) pairs that pass access list 100 to be forwarded in an SA message to the peer named switch.cisco.com :
You can use a TTL value to control what data is encapsulated in the first SA message for every source. Only multicast packets with an IP-header TTL greater than or equal to the ttl argument are sent to the specified MSDP peer. For example, you can limit internal traffic to a TTL of 8. If you want other groups to go to external locations, you must send those packets with a TTL greater than 8.
Follow this procedure to establish a TTL threshold. This procedure is optional.
To return to the default setting, use the no ip msdp ttl-threshold { ip-address | name } global configuration command.
By default, the switch receives all SA messages that its MSDP RPF peers send to it. However, you can control the source information that you receive from MSDP peers by filtering incoming SA messages. In other words, you can configure the switch to not accept them.
You can perform one of these actions:
Follow this procedure to apply a filter. This procedure is optional.
For best practice information related to configuring MSDP SA message filters, see the Multicast Source Discovery Protocol SA Filter Recommendations tech note.
To remove the filter, use the no ip msdp sa-filter in { ip-address | name } [ list access-list-number ] [ route-map map-tag ] global configuration command.
An MSDP mesh group is a group of MSDP speakers that have fully meshed MSDP connectivity among one another. Any SA messages received from a peer in a mesh group are not forwarded to other peers in the same mesh group. Thus, you reduce SA message flooding and simplify peer-RPF flooding. Use the ip msdp mesh-group global configuration command when there are multiple RPs within a domain. It is especially used to send SA messages across a domain. You can configure multiple mesh groups (with different names) in a single switch. This procedure is optional.
To remove an MSDP peer from a mesh group, use the no ip msdp mesh-group name { ip-address | name } global configuration command.
The following example shows how to configure the MSDP peer at address 192.168.1.3 to be a member of the mesh group named internal:
If you want to configure many MSDP commands for the same peer and you do not want the peer to become active, you can shut down the peer, configure it, and later bring it up. When a peer is shut down, the TCP connection is terminated and is not restarted. You can also shut down an MSDP session without losing configuration information for the peer. This procedure is optional.
Administratively shut down the specified MSDP peer without losing configuration information. For peer-name | peer address, enter the IP address or name of the MSDP peer to shut down. |
||
To bring the peer back up, use the no ip msdp shutdown { peer-name | peer address } global configuration command. The TCP connection is reestablished.
You can configure MSDP on a switch that borders a PIM sparse-mode region with a dense-mode region. By default, active sources in the dense-mode region do not participate in MSDP.
Follow this procedure to configure the border router to send SA messages for sources active in the dense-mode region to the MSDP peers. This procedure is optional.
Configure the switch on the border between a dense-mode and sparse-mode region to send SA messages about active sources in the dense-mode region. For interface-id , specify the interface from which the IP address is derived and used as the RP address in SA messages. The IP address of the interface is used as the Originator-ID, which is the RP field in the SA message. |
||
ip msdp redistribute [ list access-list-name ] [ asn aspath-access-list-number ] [ route-map map ] |
Configure which (S,G) entries from the multicast routing table are advertised in SA messages. For more information, see the “Redistributing Sources” section. |
|
To return to the default setting (active sources in the dense-mode region do not participate in MSDP), use the no ip msdp border sa-address interface-id global configuration command.
In the following example, the local router is not an RP. It borders a PIM sparse mode region with a dense mode region. It uses the IP address of Ethernet interface 0 as the “RP” address in SA messages.
You can allow an MSDP speaker that originates an SA message to use the IP address of the interface as the RP address in the SA message by changing the Originator ID. You might change the Originator ID in one of these cases:
If both the ip msdp border sa-address and the ip msdp originator-id global configuration commands are configured, the address derived from the ip msdp originator-id command specifies the address of the RP.
Configures the RP address in SA messages to be the address of the originating device interface. For interface-id , specify the interface on the local switch. |
||
To prevent the RP address from being derived in this way, use the no ip msdp originator-id interface-id global configuration command.
To clear MSDP connections, statistics, or SA cache entries, use the following privileged EXEC commands:
This example shows a partial configuration of Router A and Router C in Figure 5-2. Each of these ISPs have more than one customer (like the customer in Figure 5-2) who use default peering (no BGP or MBGP). In that case, they might have similar configurations. That is, they accept SAs only from a default peer if the SA is permitted by the corresponding prefix list.
This example shows how to enable the cache state for all sources in 171.69.0.0/16 sending to groups 224.2.0.0/16:
This example shows how to configure the switch to send SA request messages to the MSDP peer at 171.69.1.1:
The following example shows how to configure which (S, G) entries from the mroute table are advertised in SA messages originated from AS 64512:
This example shows how to configure the switch to filter SA request messages from the MSDP peer at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are accepted; all others are ignored.
This example shows how to allow only (S,G) pairs that pass access list 100 to be forwarded in an SA message to the peer named switch.cisco.com :
The following example shows how to configure a TTL threshold of 8 hops:
This example shows how to filter all SA messages from the peer named switch.cisco.com :
The following example shows how to configure the MSDP peer at address 192.168.1.3 to be a member of the mesh group named internal:
The following example shows how to shut down the MSDP peer at IP address 192.168.7.20:
In the following example, the local router is not an RP. It borders a PIM sparse mode region with a dense mode region. It uses the IP address of Ethernet interface 0 as the “RP” address in SA messages.
The following example shows how to configure the IP address of Ethernet interface 1 as the RP address in SA messages: