Table Of Contents
Internet Protocol (IP) Multicast
BackgroundIP Multicast is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a single stream of information to thousands of corporate recipients and homes. Applications that take advantage of multicast include video conferencing, corporate communications, distance learning, and distribution of software, stock quotes, and news.
IP Multicast delivers source traffic to multiple receivers without adding any additional burden on the source or the receivers while using the least network bandwidth of any competing technology. Multicast packets are replicated in the network by Cisco routers enabled with Protocol Independent Multicast (PIM) and other supporting multicast protocols resulting in the most efficient delivery of data to multiple receivers possible. All alternatives require the source to send more than one copy of the data. Some even require the source to send an individual copy to each receiver. If there are thousands of receivers, even low-bandwidth applications benefit from using Cisco IP Multicast. High-bandwidth applications, such as MPEG video, may require a large portion of the available network bandwidth for a single stream. In these applications, the only way to send to more than one receiver simultaneously is by using IP Multicast. Figure 1 demonstrates how data from one source is delivered to several interested recipients using IP Multicast.
Figure 1 Multicast transmission: source sends single multicast packet addressed to all intended recipients.
Multicast Group ConceptMulticast is based on the concept of a group. An arbitrary group of receivers expresses an interest in receiving a particular data stream. This group does not have any physical or geographical boundaries—the hosts can be located anywhere on the Internet. Hosts that are interested in receiving data flowing to a particular group must join the group using Internet Group Management Protocol (IGMP). Hosts must be a member of the group to receive the data stream.
IP Multicast AddressesMulticast addresses specify an arbitrary group of IP hosts that have joined the group and wish to receive traffic sent to this group.
IP Class D AddressesThe Internet Assigned Numbers Authority (IANA) controls the assignment of IP Multicast Addresses. IANA has assigned the old Class D address space to be used for IP Multicast. This means that all IP Multicast-group addresses will fall in this range:
184.108.40.206 - 220.127.116.11
Note: This address range is only for the group address or destination address of IP Multicast traffic. The source address for multicast datagrams is always the unicast source address.
Reserved Link Local AddressesThe IANA has reserved addresses in the 18.104.22.168 through 22.214.171.124 to be used by network protocols on a local network segment. Packets with these addresses should never be forwarded by a router. They remain local on a particular LAN segment. They are always transmitted with a time-to-live (TTL) of 1.
Network protocols use these addresses for automatic router discovery and to communicate important routing information. For example, OSPF uses 126.96.36.199 and 188.8.131.52 to exchange link state information. Below is a table of some well known addresses:
Table 1 Link Local Addresses
All Systems on this subnet
All Routers on this subnet
OSPF Designated Routers
DHCP Server/Relay Agent
Globally Scoped AddressThe range of addresses from 184.108.40.206 through 220.127.116.11 are called Globally Scoped Address. They can be used to multicast data between organizations and across the Internet.
Some of these addresses have been reserved for use by multicast applications through IANA. For example, 18.104.22.168 has been reserved for Network Time Protocol (NTP).
More information about reserved Multicast addresses can be found here:
Limited Scope AddressesThe range of addresses from 22.214.171.124 through 126.96.36.199 are called Limited Scope Addresses or Administratively Scoped Addresses. These are defined by RFC 2365 to be constrained to a local group or organization. Routers are typically configured with filters to prevent multicast traffic in this address range from flowing outside of an Autonomous System (AS) or any user defined domain. Within an Autonomous System or domain the Limited Scope address range can be further subdivided so that local multicast boundaries can be defined. This will also allow for address reuse between these smaller domains.
Glop AddressingRFC 2770 proposes that the 188.8.131.52/8 address range be reserved for statically defined addresses by organizations that already have an AS number reserved. The AS number of the domain is embedded into the second and third octets of the 184.108.40.206/8 range.
For example, the AS 62010 is written in hex as F23A. Separating out the two octets F2 and 3A we get 242 and 58 in decimal. This would give us a subnet of 220.127.116.11 that would be globally reserved for AS 62010 to use.
Layer 2 Multicast AddressesNormally, Network Interface Cards (NICs) on a LAN segment will only receive packets destined for their burned in MAC address or the broadcast MAC address. Some means had to be devised so that multiple hosts could receive the same packet and still be able to differentiate between multicast groups.
Fortunately, the IEEE LAN specifications made provisions for the transmission of broadcast and/or multicast packets. In the 802.3 standard, bit 0 of the first octet is used to indicate a broadcast and/or multicast frame. Figure 2 shows the location of the Broadcast/Multicast bit in an Ethernet frame.
Figure 2 IEEE 802.3 MAC Address Format
This bit indicates that the frame is destined for an arbitrary group of hosts or all hosts on the network (in the case of the broadcast address, 0xFFFF.FFFF.FFFF).
IP Multicast makes use of this capability to transmit IP packets to a group of hosts on a LAN segment.
Ethernet MAC Address MappingThe IANA owns a block of Ethernet MAC addresses that start with 01:00:5E in hexadecimal. Half of this block is allocated for multicast addresses. This creates 0100.5e00.0000 through 0100.5e7f.ffff as the range of available Ethernet MAC addresses.
This allocation allows for 23 bits in the Ethernet Address to correspond to the IP Multicast group address. The mapping places the lower 23 bits of the IP Multicast group address into these available 23 bits in the Ethernet address (shown in Figure 3).
Figure 3 IP Multicast to Ethernet/FDDI MAC Address Mapping
Because the upper five bits of the IP Multicast address are dropped in this mapping the resulting address is not unique. In fact, 32 different multicast group IDs all map to the same Ethernet address (see Figure 4).
Figure 4 MAC Address Ambiguities
Internet Group Management Protocol (IGMP)IGMP is used to dynamically register individual hosts in a multicast group on a particular LAN. Hosts identify group memberships by sending IGMP messages to their local multicast router. Under IGMP, routers listen to IGMP messages and periodically send out queries to discover which groups are active or inactive on a particular subnet.
IGMP Version 1RFC 1112 defines the specification for IGMP Version 1. A diagram of the packet format is below (see Figure 5):
Figure 5 IGMPv1 Message Format
In Version 1, there are just two different types of IGMP messages:- Membership Query- Membership ReportHosts send out IGMP Membership Reports corresponding to a particular multicast group to indicate they are interested in joining that group. The router periodically sends out an IGMP Membership Query to verify that at least one host on the subnet is still interested in receiving traffic directed to that group. When there is no reply to three consecutive IGMP Membership Queries the router will timeout the group and stop forwarding traffic directed toward that group.
IGMP Version 2RFC 2236 defines the specification for IGMP Version 2.
A diagram of the packet format is below (see Figure 6):
Figure 6 IGMPv2 Message Format
In Version 2, there are four types of IGMP messages:- Membership Query- Version 1 Membership Report- Version 2 Membership Report- Leave GroupIGMP Version 2 works basically the same as Version 1. The main difference is that there is a Leave Group message. The hosts now can actively communicate to the local multicast router their intention to leave the group. The router then sends out a group specific query and determines if there are any remaining hosts interested in receiving the traffic. If there are no replies, the router will time out the group and stop forwarding the traffic. This can greatly reduce the leave latency compared to IGMP Version 1. Unwanted and unnecessary traffic can be stopped much sooner.
Multicast in the Layer 2 Switching EnvironmentThe default behavior for a Layer 2 switch would be to forward all multicast traffic to every port that belongs to the destination LAN on the switch. This would defeat the purpose of the switch, which is to limit traffic to the ports that need to receive the data.
There are two methods to deal with multicast in a Layer 2 switching environment efficiently—Cisco Group Management Protocol (CGMP) and IGMP Snooping.
Cisco Group Management Protocol (CGMP)CGMP is a Cisco developed protocol that allows Catalyst switches to leverage IGMP information on Cisco routers to make Layer 2 forwarding decisions. CGMP has to be configured both on the multicast routers and the Layer 2 switches. The net result is that with CGMP, IP Multicast traffic is delivered only to those Catalyst switch ports that are interested in the traffic. All other ports that have not explicitly requested the traffic will not receive it.
The basic concept of CGMP is shown in Figure 7. When a host joins a multicast group (part A), it multicasts an unsolicited IGMP Membership Report message to the target group (18.104.22.168, in this example). The IGMP Report is passed through the switch to the router for the normal IGMP processing. The router (which must have CGMP enabled on this interface) receives the IGMP report and processes it as it normally would, but in addition, creates a CGMP Join message and sends it to the switch.
Figure 7 Basic CGMP Operation
The switch receives this CGMP Join message and then adds the port to its CAM (Content Addressable Memory) table for that multicast group. All subsequent traffic directed to this multicast group will be forwarded out the port for that host. The router port is also added to the entry for the multicast group. Multicast routers must listen to all multicast traffic for every group since the IGMP control messages are also sent as multicast traffic. With CGMP, the switch only has to listen to CGMP Join and CGMP Leave messages from the router. The rest of the multicast traffic is forwarded using its CAM table exactly the way the switch was designed.
IGMP SnoopingIGMP Snooping requires the LAN switch to examine, or "snoop" some Layer 3 information in the IGMP packets sent between the hosts and the router. When the switch hears the IGMP Host Report from a host for a particular multicast group, the switch adds the host's port number to the associated multicast table entry. When the switch hears the IGMP Leave Group message from a host, it removes the host's port from the table entry.
Since IGMP control messages are transmitted as multicast packets they are indistinguishable from multicast data at Layer 2. A switch running IGMP Snooping must examine every multicast data packet to check if it contains any pertinent IGMP control information. If IGMP Snooping is implemented on a low end switch with a slow CPU this could have a severe performance impact when data is transmitted at high rates. The solution is to implement IGMP Snooping on high-end switches with special ASICs that can perform the IGMP checks in hardware. CGMP is ideal for low-end switches without special hardware.
Multicast Distribution TreesMulticast capable routers create distribution trees that control the path which IP Multicast traffic takes through the network in order to deliver traffic to all receivers. The two basic types of multicast distribution trees are source trees and shared trees.
Source TreesThe simplest form of a multicast distribution tree is a source tree with its root at the source and branches forming a spanning tree through the network to the receivers. Because this tree uses the shortest path through the network, it is also referred to as a shortest path tree (SPT).
Figure 8 Host A Shortest Path Tree
The diagram above (see Figure 8) shows an example of an SPT for group 22.214.171.124 rooted at the source, Host A, and connecting two receivers, Hosts B and C.
The special notation of (S,G), pronounced "S comma G", enumerates an SPT where S is the IP address of the source and G is the multicast group address. Using this notation, the SPT for the example in the figure above would be (126.96.36.199, 188.8.131.52).
The (S,G) notation implies that a separate SPT exists for each individual source sending to each group—which is correct. For example, if Host B is also sending traffic to group 184.108.40.206 and Hosts A and C are receivers, then a separate (S,G) SPT would exist with a notation of (220.127.116.11, 18.104.22.168).
Shared TreesUnlike source trees that have their root at the source, shared trees use a single common root placed at some chosen point in the network. This shared root is called a Rendezvous Point (RP).
Figure 9 Shared Distribution Tree
Figure 9 above shows a shared tree for the group 22.214.171.124 with the root located at Router D. When using a shared tree, sources must send their traffic to the root and then the traffic is forwarded down the shared tree to reach all receivers.
In this example, multicast traffic from the sources, Hosts A and D, travels to the root (Router D) and then down the shared tree to the two receivers, Hosts B and C. Since all sources in the multicast group use a common shared tree, a wildcard notation written as (*, G), pronounced "star comma G", represents the tree. In this case, * means all sources, and G represents the multicast group. Therefore, the shared tree shown in the figure above would be written as (*, 126.96.36.199).
Both SPTs and Shared Trees are loop-free. Messages are replicated only where the tree branches.
Members of multicast groups can join or leave at any time, therefore the distribution trees must be dynamically updated. When all the active receivers on a particular branch stop requesting the traffic for a particular multicast group the routers prune that branch from the distribution tree and stop forwarding traffic down that branch. If one receiver on that branch becomes active and requests the multicast traffic the router will dynamically modify the distribution tree and start forwarding traffic again.
Shortest Path Trees have the advantage of creating the optimal path between the source and the receivers. This will guarantee the minimum amount of network latency for forwarding multicast traffic. This optimization does come with a price. The routers must maintain path information for each source. In a network that has thousands of sources and thousands of groups this can quickly become a resource issue on the routers. Memory consumption from the size of the multicast routing table is a factor that network designers must take into consideration.
Shared Trees have the advantage of requiring the minimum amount of state in each router. This will lower the overall memory requirements for a network that only allows shared trees. The disadvantage of shared trees is that under certain circumstances the paths between the source and receivers might not be the optimal paths—which might introduce some latency in packet delivery. Network designers must carefully consider the placement of the RP when implementing a shared tree only environment.
Multicast ForwardingIn unicast routing, traffic is routed through the network along a single path from the source to the destination host. A unicast router does not really care about the source address—only the destination address and how to forward the traffic towards that destination. The router scans through its routing table and then forwards a single copy of the unicast packet out the correct interface in the direction of the destination.
In multicast routing, the source is sending traffic to an arbitrary group of hosts that are represented by a multicast group address. The multicast router must determine which direction is upstream (towards the source) and which direction (or directions) is downstream. If there are multiple downstream paths the router will replicate the packet and forward it down the appropriate downstream paths—which is not necessarily all paths. The concept of forwarding multicast traffic away from the source, rather than to the receiver, is called Reverse Path Forwarding.
Reverse Path Forwarding (RPF)RPF is a fundamental concept in multicast routing that enables routers to correctly forward multicast traffic down the distribution tree. RPF makes use of the existing unicast routing table to determine the upstream and downstream neighbors. A router will only forward a multicast packet if it is received on the upstream interface. This RPF check helps to guarantee that the distribution tree will be loop free.
RPF CheckWhen a multicast packet arrives at a router, the router will perform an RPF check on the packet. If the RPF check is successful, the packet will be forwarded. Otherwise it will be dropped.
For traffic flowing down a source tree, the RPF check procedure works as follows:
Step 1. Router looks up the source address in the unicast routing table to determine if it has arrived on the interface that is on the reverse path back to the source.
Step 2. If packet has arrived on the interface leading back to the source, the RPF check is successful and the packet will be forwarded.
Step 3. If the RPF check in 2 fails, the packet is dropped.Figure 10 shows an example of an unsuccessful RPF check.
Figure 10 RPF Check Fails
A multicast packet from source 188.8.131.52 is received on interface S0. A check of the unicast route table shows that the interface this router would use to forward unicast data to 184.108.40.206 is S1. Since the packet has arrived on S0 the packet will be discarded.
Figure 11 is an example of a successful RPF check.
Figure 11 RPF Check Succeeds
This time the multicast packet has arrived on S1. The router checks the unicast routing table and finds that S1 is the correct interface. The RPF check passes and the packet will be forwarded.
Protocol Independent Multicast (PIM)PIM gets its name from the fact that it is IP routing protocol independent. PIM can leverage whichever unicast routing protocols are used to populate the unicast routing table including EIGRP, OSPF, BGP or static routes. PIM uses this unicast routing information to perform the multicast forwarding function, therefore it is IP protocol independent. Although PIM is called a multicast routing protocol it actually uses the unicast routing table to perform the Reverse Path Forwarding (RPF) check function instead of building up a completely unrelated multicast routing table. PIM does not send and receive multicast routing updates between routers like other routing protocols.
PIM Dense Mode (PIM-DM)PIM-DM uses a push model to flood multicast traffic to every corner of the network. This is a brute force method for delivering data to the receivers but in certain applications this might be an efficient mechanism if there are active receivers on every subnet in the network.
PIM-DM initially floods multicast traffic throughout the network. Routers that do not have any downstream neighbors prune back the unwanted traffic. This process repeats every three minutes.
The flood and prune mechanism is how the routers accumulate their state information—by receiving the data stream. These data streams contain the source and group information so that downstream routers can build up their multicast forwarding table. PIM-DM can only support source trees—(S,G) entries. It cannot be used to build a shared distribution tree.
PIM Sparse Mode (PIM-SM)PIM-SM uses a pull model to deliver multicast traffic. Only network segments that have active receivers which have explicitly requested the data will be forwarded the traffic. PIM-SM is defined in RFC 2362.
PIM-SM uses a shared tree to distribute the information about active sources. Depending on the configuration options the traffic can remain on the shared tree or switch over to an optimized source distribution tree. The latter is the default behavior for PIM-SM on Cisco routers. The traffic starts to flow down the shared tree and then routers along the path determine if there is a better path to the source. If a better, more direct path exists the designated router (router closest to the receiver) will send a "join" message towards the source and then re-route the traffic along this path.
Since PIM-SM does use shared trees—at least initially—it does have the concept of a Rendezvous Point (RP). The RP must be administratively configured in the network. Sources register with the RP and then data is forwarded down the shared tree to the receivers. If the shared tree is not an optimal path between the source and the receiver the routers will dynamically create a source tree and stop traffic from flowing down the shared tree. This is the default behavior in IOS. Network Administrators can force traffic to stay on the shared tree by using a configuration option (ip pim spt-threshold infinity).
PIM-SM scales well to a network of any size including those with WAN links. The explicit join mechanism will prevent unwanted traffic from flooding the WAN links.
Sparse-dense ModeCisco has implemented an alternative to choosing just dense mode or just sparse mode on a router interface. This was necessitated by a change in the paradigm for forwarding multicast traffic via PIM that became apparent during its development. It turned out that it was more efficient to choose sparse or dense on a per group basis rather than a per router interface basis. Sparse-dense mode facilitaitates this ability.
Network Administrators can also configure "sparse-dense" mode. This configuration option will allow individual groups to be run in either sparse or dense mode depending on whether RP information is available for that group. If the router learns RP information for a particular group it will be treated as sparse mode, otherwise that group will be treated as dense.
Multiprotocol Border Gateway Protocol (MBGP)MBGP provides a method for providers to distinguish which route prefixes they will use for performing multicast RPF checks. The RPF check is the fundamental mechanism that routers use to determine the paths that multicast forwarding trees will follow and successfully deliver multicast content from sources to receivers.
MBGP is based on RFC 2283, Multiprotocol Extensions for BGP-4. Since MBGP is an extension of BGP it brings along all the administrative machinery that providers and customers like in their inter-domain routing environment. Including all the inter-AS tools to filter and control routing (e.g. route maps). Therefore, by using MBGP, any network utilizing internal or external BGP can apply the multiple policy control knobs familiar in BGP to specify routing (and thereby forwarding) policy for multicast.
Two path attributes, MP_REACH_NLRI and MP_UNREACH_NLRI have been introduced in BGP4+. These new attributes create a simple way to carry two sets of routing information—one for unicast routing and one for multicast routing. The routes associated with multicast routing are used to build the multicast distribution trees.
The main advantage of MBGP is that an Internet can support non-congruent unicast and multicast topologies. When the unicast and multicast topologies are congruent MBGP can support different policies for each. MBGP provides a scalable policy based inter-domain routing protocol.
Multicast Source Discovery Protocol (MSDP)In the PIM Sparse mode model, multicast sources and receivers must register with their local Rendezvous Point (RP). Actually, the closest router to the sources or receivers registers with the RP but the point is that the RP knows about all the sources and receivers for any particular group. RPs in other domains have no way of knowing about sources located in other domains. MSDP is an elegant way to solve this problem. MSDP is a mechanism that connects PIM-SM domains and allows RPs to share information about active sources. When RPs in remote domains know about the active sources they can pass on that information to their local receivers and multicast data can be forwarded between the domains. A nice feature of MSDP is that it allows each domain to maintain an independent RP which does not rely on other domains but it does enable RPs to forward traffic between domains.
The RP in each domain establishes an MSDP peering session using a TCP connection with the RPs in other domains or with border routers leading to the other domains. When the RP learns about a new multicast source within its own domain (through the normal PIM register mechanism), the RP encapsulates the first data packet in a Source Active (SA) message and sends the SA to all MSDP peers. The SA is forwarded by each receiving peer using a modified RPF check, until it reaches every MSDP router in the interconnected networks—theoretically the entire multicast internet. If the MSDP peer is an RP, and the RP has a (*,G) entry for the group in the SA (there is an interested receiver), the RP will create (S,G) state for the source and join to the shortest path tree for the source. The encapsulated data is decapsulated and forwarded down that RP's shared tree. When the packet is received by a receiver's last hop router, the last-hop may also join the shortest path tree to the source. The source's RP periodically sends SAs which include all sources within that RP's own domain. Figure 12 shows how data would flow between a source in domain A to a receiver in domain E.
MSDP was developed for peering between Internet Service Providers (ISPs). ISPs did not want to reply on an RP maintained by a competing ISP to service to their customers. MSDP allows each ISP to have their own local RP and still forward and receive multicast traffic to the Internet.
Figure 12 MSDP Example: MSDP shares source information between RPs in each domain. PIM-SM is used to setup the multicast forwarding tree.
Anycast RP—Logical RPA very useful application of MSDP is called Anycast RP. This is a technique for configuring a multicast Sparse Mode network to provide for fault tolerance and load sharing within a single multicast domain.
Two or more RPs are configured with the same IP address on loopback interfaces, say 10.0.0.1 for example (refer to Figure 13). The loopback address should be configured as a 32 bit address. All the downstream routers are configured so that they know that their local RP's address is 10.0.0.1. IP routing automatically selects the topologically closest RP for each source and receiver. Since some sources might end up using one RP, and some receivers a different RP there needs to be some way for the RPs to exchange information about active sources. This is done with MSDP. All the RPs are configured to be MSDP peers of each other. Each RP will know about the active sources in the other RP's area. If any of the RPs was to fail, IP routing will converge and one of the RPs would become the active RP in both areas.
Figure 13 Anycast RP
Note: The RPs are only used to setup the initial connection between sources and receivers. After the last hop routers join the shortest path tree the RP is no longer necessary.
Multicast Address Dynamic Client Allocation Protocol (MADCAP)MADCAP is defined in RFC 2730 as a protocol that will allow hosts to request a multicast address allocation dynamically from a MADCAP server. The concept is very similar to the way DHCP works for unicast and is built on a client server model.
Multicast-Scope Zone Announcement Protocol (MZAP)MZAP is defined in RFC 2776 as a protocol that will allow networks to automatically discover administratively scoped zones relative to a particular location.
Reliable Multicast—Pragmatic General Multicast (PGM)PGM is a reliable multicast transport protocol for applications that require ordered, duplicate-free, multicast data delivery from multiple sources to multiple receivers. PGM guarantees that a receiver in a multicast group either receives all data packets from transmissions and retransmissions, or can detect unrecoverable data packet loss.
The PGM Reliable Transport Protocol itself is implemented on the sources and the receivers. The source maintains a transmit window of outgoing data packets and will retransmit individual packets when it receives a NAK (Negative Acknowledgement). The network elements (routers) assist in suppressing an implosion of NAKs (when a failure does occur) and in efficient forwarding of the retransmitted data just to the networks that need it.
PGM is intended as a solution for multicast applications with basic reliability requirements. The specification for PGM is network-layer independent. The Cisco implementation of PGM Router Assist supports PGM over IP.
Today, the specification for PGM is an Internet Draft that can be found on the IETF web site (http://www.ietf.org) under the name "PGM Reliable Transport Protocol".
Q. What is the range of available IP Multicast addresses?
A. 220.127.116.11 - 18.104.22.168
Q. What is the purpose of IGMP?
A. IGMP is used between the hosts and their local multicast router to join and leave multicast groups.
Q. What is an advantage of IGMPv2 over IGMPv1?
A. IGMPv2 has a Leave Group message that can greatly reduce the latency of unwanted traffic on a LAN.
Q. What is a potential disadvantage of IGMP Snooping over CGMP on a low end Layer 2 switch?
A. IGMP Snooping requires the switch to examine every multicast packet for an IGMP control message. On a low end switch this might have a severe performance impact.
Q. What is an advantage of Shortest Path Trees compared to Shared Trees?
A. Source trees guarantee an optimal path between each source and each receiver which will minimize network latency.
Q. What is an advantage of using Shared Trees?
A. Shared Trees require very little state to be kept in the routers which requires less memory.
Q. What information does the router use to do an RPF check?
A. The unicast routing table.
Q. Why is Protocol Independent Multicast called Independent?
A. PIM works with any underlying IP unicast routing protocol—RIP, EIGRP, OSPF, BGP, or static routes.
Q. What is the main advantage of MBGP?
A. Providers can have non-congruent unicast and multicast routing topologies.
Q. How do RPs learn about sources from other RPs with MSDP?
A. RPs are configured to be MSDP peers with other RPs. Each RP forwards source Active (SA) messages to each other.
Q. What is the purpose of the Anycast RP?
A. Load Balancing and Fault Tolerance.
Further ReadingDeveloping IP Multicast Networks, Cisco PressMulticast Quick-Start Configuration Guide