The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Your software release may not support all the features documented in this module. For the latest caveats and feature information,
see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented
in this module, and to see a list of the releases in which each feature is supported, see the feature information table at
the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature
Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Information About
Configuring MSDP
This section describes
how to configure the Multicast Source Discovery Protocol (MSDP on the switch.
The MSDP connects multiple Protocol-Independent Multicast sparse-mode (PIM-SM)
domains.
MSDP is not fully
supported in this software release because of a lack of support for Multicast
Border Gateway Protocol (MBGP), which works closely with MSDP. However, it is
possible to create default peers that MSDP can operate with if MBGP is not
running.
Note
To use this feature, the active switch must be running the IP services feature set.
MSDP
Overview
MSDP allows multicast
sources for a group to be known to all rendezvous points (RPs) in different
domains. Each PIM-SM domain uses its own RPs and does not depend on RPs in
other domains. An RP runs MSDP over the Transmission Control Protocol (TCP) to
discover multicast sources in other domains.
An RP in a PIM-SM
domain has an MSDP peering relationship with MSDP-enabled devices in another
domain. The peering relationship occurs over a TCP connection, primarily
exchanging a list of sources sending to multicast groups. The TCP connections
between RPs are achieved by the underlying routing system. The receiving RP
uses the source lists to establish a source path.
The purpose of this
topology is to have domains discover multicast sources in other domains. If the
multicast sources are of interest to a domain that has receivers, multicast
data is delivered over the normal, source-tree building mechanism in PIM-SM.
MSDP is also used to announce sources sending to a group. These announcements
must originate at the domain’s RP.
MSDP depends heavily
on the Border Gateway Protocol (BGP) or MBGP for interdomain operation. We
recommend that you run MSDP in RPs in your domain that are RPs for sources
sending to global groups to be announced to the Internet.
MSDP
Operation
When a source sends
its first multicast packet, the first-hop router (designated router or RP)
directly connected to the source sends a PIM register message to the RP. The RP
uses the register message to register the active source and to forward the
multicast packet down the shared tree in the local domain. With MSDP
configured, the RP also forwards a source-active (SA) message to all MSDP
peers. The SA message identifies the source, the group the source is sending
to, and the address of the RP or the originator ID (the IP address of the
interface used as the RP address), if configured.
Each MSDP peer
receives and forwards the SA message away from the originating RP to achieve
peer reverse-path flooding (RPF). The MSDP device examines the BGP or MBGP
routing table to discover which peer is the next hop toward the originating RP
of the SA message. Such a peer is called an
RPF peer
(reverse-path forwarding peer). The MSDP device forwards the message to all
MSDP peers other than the RPF peer. For information on how to configure an MSDP
peer when BGP and MBGP are not supported, see the
Configuring a Default MSDP Peer.
If the MSDP peer
receives the same SA message from a non-RPF peer toward the originating RP, it
drops the message. Otherwise, it forwards the message to all its MSDP peers.
The RP for a domain
receives the SA message from an MSDP peer. If the RP has any join requests for
the group the SA message describes and if the (*,G) entry exists with a
nonempty outgoing interface list, the domain is interested in the group, and
the RP triggers an (S,G) join toward the source. After the (S,G) join reaches
the source’s DR, a branch of the source tree has been built from the source to
the RP in the remote domain. Multicast traffic can now flow from the source
across the source tree to the RP and then down the shared tree in the remote
domain to the receiver.
By default, the switch
does not cache source or group pairs from received SA messages. When the switch
forwards the MSDP SA information, it does not store it in memory. Therefore, if
a member joins a group soon after an SA message is received by the local RP,
that member needs to wait until the next SA message to hear about the source.
This delay is known as join latency.
Local RPs can send SA requests and get immediate responses for all
active sources for a given group. By default, the switch does not send any SA
request messages to its MSDP peers when a new member joins a group and wants to
receive multicast traffic. The new member waits to receive the next periodic SA
message.
If you want a new member of a group to learn the active multicast
sources in a connected PIM sparse-mode domain that are sending to a group,
configure the switch to send SA request messages to the specified MSDP peer
when a new member joins a group.
MSDP Benefits
MSDP has these benefits:
It breaks up the shared multicast distribution tree. You can make the shared tree local to your domain. Your local members
join the local tree, and join messages for the shared tree never need to leave your domain.
PIM sparse-mode domains can rely only on their own RPs, decreasing reliance on RPs in another domain. This increases security
because you can prevent your sources from being known outside your domain.
Domains with only receivers can receive data without globally advertising group membership.
Global source multicast routing table state is not required, saving memory.
How to Configure MSDP
Default MSDP Configuration
MSDP is not enabled, and no default MSDP peer exists.
Configuring a
Default MSDP Peer
Before you begin
Configure an MSDP
peer.
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp default-peerip-address |
name
[prefix-listlist]
Example:
Router(config)# ip msdp default-peer 10.1.1.1 prefix-list site-a
Defines a
default peer from which to accept all MSDP SA messages.
For
ip-address |
name, enter the IP address or Domain Name System (DNS) server
name of the MSDP default peer.
(Optional)
For
prefix-listlist, enter the list name that specifies the peer
to be the default peer only for the listed prefixes. You can have multiple
active default peers when you have a prefix list associated with each.
When you
enter multiple
ip msdp
default-peer commands with the
prefix-list
keyword, you use all the default peers at the same time for different RP
prefixes. This syntax is typically used in a service provider cloud that
connects stub site clouds.
When you
enter multiple
ip msdp
default-peer commands without the
prefix-list
keyword, a single active peer accepts all SA messages. If that peer fails, the
next configured default peer accepts all SA messages. This syntax is typically
used at a stub site.
Step 4
ip prefix-listname
[descriptionstring] |
seqnumber
{permit |
deny}
networklength
(Optional)
Creates a prefix list using the name specified in Step 2.
(Optional)
For
descriptionstring, enter a description of up to 80 characters
to describe this prefix list.
For
seqnumber, enter the sequence number of the entry.
The range is 1 to 4294967294.
The
deny keyword
denies access to matching conditions.
The
permit keyword
permits access to matching conditions.
For
network length,
specify the network number and length (in bits) of the network mask that is
permitted or denied.
Step 5
ip msdp description
{peer-name |
peer-address}
text
Example:
Router(config)# ip msdp description peer-name site-b
(Optional)
Configures a description for the specified peer to make it easier to identify
in a configuration or in
show command
output.
By default, no
description is associated with an MSDP peer.
Step 6
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 7
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 8
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Caching
Source-Active State
If you want to
sacrifice some memory in exchange for reducing the latency of the source
information, you can configure the
Device
to cache SA messages. Perform the following steps to enable the caching of
source/group pairs:
Follow these steps to enable the caching of source/group pairs:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp cache-sa-state
[listaccess-list-number]
Example:
Device(config)# ip msdp cache-sa-state 100
Enables the
caching of source/group pairs (create an SA state). Those pairs that pass the
access list are cached.
For
listaccess-list-number, the range is 100 to 199.
Note
An alternative
to this command is the
ip msdp
sa-reques global configuration command, which causes the
Device
to send an SA request message to the MSDP peer when a new member for a group
becomes active.
Device(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.2.0.0 0.0.255.255
Creates an IP
extended access list, repeating the command as many times as necessary.
For
access-list-number, the range is 100 to 199. Enter
the same number created in Step 2.
The
deny keyword
denies access if the conditions are matched. The
permit keyword
permits access if the conditions are matched.
For
protocol, enter
ip as the
protocol name.
For
source, enter
the number of the network or host from which the packet is being sent.
For
source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
For
destination,
enter the number of the network or host to which the packet is being sent.
For
destination-wildcard, enter the wildcard bits in
dotted decimal notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that the
access list is always terminated by an implicit deny statement for everything.
Step 5
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 6
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 7
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Controlling Source
Information that Your Switch Originates
You can control the
multicast source information that originates with your
Device:
Sources you
advertise (based on your sources)
Receivers of
source information (based on knowing the requestor)
SA messages
originate on RPs to which sources have registered. By default, any source that
registers with an RP is advertised. The
A flag is set
in the RP when a source is registered, which means the source is advertised in
an SA unless it is filtered.
Follow these steps
to further restrict which registered sources are advertised:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp redistribute
[listaccess-list-name] [asnaspath-access-list-number] [route-mapmap]
Example:
Device(config)# ip msdp redistribute list 21
Configures which
(S,G) entries from the multicast routing table are advertised in SA messages.
By default, only
sources within the local domain are advertised.
(Optional)
listaccess-list-name— Enters the name or number of an
IP standard or extended access list. The range is 1 to 99 for standard access
lists and 100 to 199 for extended lists. The access list controls which local
sources are advertised and to which groups they send.
(Optional)
asnaspath-access-list-number—Enters the IP standard
or extended access list number in the range 1 to 199. This access list number
must also be configured in the
ip as-path
access-list command.
(Optional)
route-mapmap—Enters the IP standard or extended access list
number in the range 1 to 199. This access list number must also be configured
in the
ip as-path
access-list command.
The
Device
advertises (S,G) pairs according to the access list or autonomous system path
access list.
Device(config)# access list 21 permit ip 194.1.22.0 1.1.1.1 194.3.44.0 1.1.1.1
Creates an IP
standard access list, repeating the command as many times as necessary.
or
Creates an IP
extended access list, repeating the command as many times as necessary.
access-list-number—Enters the same number created
in Step 2. The range is 1 to 99 for standard access lists and 100 to 199 for
extended lists.
deny—Denies
access if the conditions are matched. The
permit keyword
permits access if the conditions are matched.
protocol—Enters
ip as the
protocol name.
source—Enters
the number of the network or host from which the packet is being sent.
source-wildcard—Enters the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
destination—Enters the number of the network or
host to which the packet is being sent.
destination-wildcard—Enters the wildcard bits in
dotted decimal notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that
the access list is always terminated by an implicit deny statement for
everything.
Step 5
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 6
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 7
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Filtering
Source-Active Request Messages
By default, only
Device
that are caching SA information can respond to SA requests. By default, such a
Device
honors all SA request messages from its MSDP peers and supplies the IP
addresses of the active sources.
However, you can
configure the
Device
to ignore all SA requests from an MSDP peer. You can also honor only those SA
request messages from a peer for groups described by a standard access list. If
the groups in the access list pass, SA request messages are accepted. All other
such messages from the peer for other groups are ignored.
To return to the default setting, use the
no ip msdp filter-sa-request{ip-address|
name} global configuration command.
Follow these steps
to configure one of these options:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
Use one of the
following:
ip msdp filter-sa-request {ip-address | name}
ip msdp filter-sa-request {ip-address | name}list
access-list-number
Example:
Device(config)# ip msdp filter sa-request 171.69.2.2
Filters all SA
request messages from the specified MSDP peer.
or
Filters SA
request messages from the specified MSDP peer for groups that pass the standard
access list. The access list describes a multicast group address. The range for
the access-list-number is 1 to 99.
Creates an IP
standard access list, repeating the command as many times as necessary.
For
access-list-number, the range is 1 to 99.
The
deny keyword
denies access if the conditions are matched. The
permit keyword
permits access if the conditions are matched.
For
source, enter
the number of the network or host from which the packet is being sent.
(Optional)
For
source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
Recall that the
access list is always terminated by an implicit deny statement for everything.
Step 5
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 6
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 7
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Controlling Source
Information that Your Switch Forwards
By default, the
Device
forwards all SA messages it receives to all its MSDP peers. However, you can
prevent outgoing messages from being forwarded to a peer by using a filter or
by setting a time-to-live (TTL) value.
Using a
Filter
By creating a
filter, you can perform one of these actions:
Filter all
source/group pairs
Specify an IP
extended access list to pass only certain source/group pairs
Filter based on
match criteria in a route map
Follow these steps
to apply a filter:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
Use one of the
following:
ip msdp sa-filter
out
{ip-address
| name}
ip msdp sa-filter
out
{ip-address
| name}list
access-list-number
ip msdp sa-filter
out
{ip-address
| name}route-map
map-tag
Example:
Device(config)# ip msdp sa-filter out switch.cisco.com
or
Device(config)# ip msdp sa-filter out list 100
or
Device(config)# ip msdp sa-filter out switch.cisco.com route-map 22
Filters all
SA messages to the specified MSDP peer.
Passes only
those SA messages that pass the IP extended access list to the specified peer.
The range for the extended
access-list-number is 100 to 199.
If both the
list and the
route-map
keywords are used, all conditions must be true to pass any (S,G) pair in
outgoing SA messages.
Passes only
those SA messages that meet the match criteria in the route map
map-tag to the
specified MSDP peer.
If all match
criteria are true, a
permit from the
route map passes routes through the filter. A
deny filters
routes.
Device(config)# access list 100 permit ip 194.1.22.0 1.1.1.1 194.3.44.0 1.1.1.1
(Optional)
Creates an IP extended access list, repeating the command as many times as
necessary.
For
access-list-number, enter the number specified in
Step 2.
The
deny keyword
denies access if the conditions are matched. The
permit keyword
permits access if the conditions are matched.
For
protocol, enter
ip as the
protocol name.
For
source, enter
the number of the network or host from which the packet is being sent.
For
source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
For
destination,
enter the number of the network or host to which the packet is being sent.
For
destination-wildcard, enter the wildcard bits in
dotted decimal notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that
the access list is always terminated by an implicit deny statement for
everything.
Step 5
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 6
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 7
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Using TTL to Limit
the Multicast Data Sent in SA Messages
You can use a TTL
value to control what data is encapsulated in the first SA message for every
source. Only multicast packets with an IP-header TTL greater than or equal to
the
ttl argument
are sent to the specified MSDP peer. For example, you can limit internal
traffic to a TTL of 8. If you want other groups to go to external locations,
you must send those packets with a TTL greater than 8.
Follow these steps
to establish a TTL threshold:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp ttl-threshold
{ip-address |
name}
ttl
Example:
Device(config)# ip msdp ttl-threshold switch.cisco.com 0
Limits which
multicast data is encapsulated in the first SA message to the specified MSDP
peer.
For
ip-address |
name, enter the IP address or name of the MSDP
peer to which the TTL limitation applies.
For
ttl, enter the
TTL value. The default is 0, which means all multicast data packets are
forwarded to the peer until the TTL is exhausted. The range is 0 to 255.
Step 4
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 5
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 6
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Controlling Source
Information that Your Switch Receives
By default, the
Device
receives all SA messages that its MSDP RPF peers send to it. However, you can
control the source information that you receive from MSDP peers by filtering
incoming SA messages. In other words, you can configure the
Device
to not accept them.
You can perform one
of these actions:
Filter all
incoming SA messages from an MSDP peer
Specify an IP
extended access list to pass certain source/group pairs
Filter based on
match criteria in a route map
Follow these steps
to apply a filter:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
Use one of the
following:
ip msdp sa-filter
in
{ip-address
| name}
ip msdp sa-filter
in
{ip-address
| name}list
access-list-number
ip msdp sa-filter
in
{ip-address
| name}route-map
map-tag
Example:
Device(config)# ip msdp sa-filter in switch.cisco.com
or
Device(config)# ip msdp sa-filter in list 100
or
Device(config)# ip msdp sa-filter in switch.cisco.com route-map 22
Filters all
SA messages to the specified MSDP peer.
Passes only
those SA messages from the specified peer that pass the IP extended access
list. The range for the extended
access-list-number is 100 to 199.
If both the
list and the
route-map
keywords are used, all conditions must be true to pass any (S,G) pair in
outgoing SA messages.
Passes only
those SA messages from the specified MSDP peer that meet the match criteria in
the route map
map-tag.
If all match
criteria are true, a
permit from the
route map passes routes through the filter. A
deny filters
routes.
Device(config)# access list 100 permit ip 194.1.22.0 1.1.1.1 194.3.44.0 1.1.1.1
(Optional)
Creates an IP extended access list, repeating the command as many times as
necessary.
access-list-number, enter the number specified in
Step 2.
The
deny keyword
denies access if the conditions are matched. The
permit keyword
permits access if the conditions are matched.
For
protocol,
enter
ip as the
protocol name.
For
source, enter
the number of the network or host from which the packet is being sent.
For
source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
For
destination,
enter the number of the network or host to which the packet is being sent.
For
destination-wildcard, enter the wildcard bits in
dotted decimal notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that
the access list is always terminated by an implicit deny statement for
everything.
Step 5
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 6
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 7
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Configuring an MSDP
Mesh Group
An MSDP mesh group
is a group of MSDP speakers that have fully meshed MSDP connectivity among one
another. Any SA messages received from a peer in a mesh group are not forwarded
to other peers in the same mesh group. Thus, you reduce SA message flooding and
simplify peer-RPF flooding. Use the
ip msdp
mesh-group global configuration command when there are multiple
RPs within a domain. It is especially used to send SA messages across a domain.
You can configure multiple mesh groups (with different names) in a single
Device.
Follow these steps
to create a mesh group:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp mesh-groupname
{ip-address |
name}
Example:
Device(config)# ip msdp mesh-group 2 switch.cisco.com
Configures an
MSDP mesh group, and specifies the MSDP peer belonging to that mesh group.
By default, the
MSDP peers do not belong to a mesh group.
For
name, enter the
name of the mesh group.
For
ip-address |
name, enter the IP address or name of the MSDP
peer to be a member of the mesh group.
Repeat this
procedure on each MSDP peer in the group.
Step 4
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 5
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 6
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Shutting Down an
MSDP Peer
If you want to
configure many MSDP commands for the same peer and you do not want the peer to
become active, you can shut down the peer, configure it, and later bring it up.
When a peer is shut down, the TCP connection is terminated and is not
restarted. You can also shut down an MSDP session without losing configuration
information for the peer.
Follow these steps
to shut down a peer:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp shutdown {peer-name |
peer
address}
Example:
Device(config)# ip msdp shutdown switch.cisco.com
Shuts down the
specified MSDP peer without losing configuration information.
For
peer-name |
peer
address, enter the IP address or name of the MSDP peer to shut
down.
Step 4
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 5
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 6
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Including a
Bordering PIM Dense-Mode Region in MSDP
You can configure
MSDP on a
Device
that borders a PIM sparse-mode region with a dense-mode region. By default,
active sources in the dense-mode region do not participate in MSDP.
Note
We do not
recommend using the
ip msdp border
sa-address global configuration command. It is better to
configure the border router in the sparse-mode domain to proxy-register sources
in the dense-mode domain to the RP of the sparse-mode domain and have the
sparse-mode domain use standard MSDP procedures to advertise these sources.
The
ip msdp
originator-id global configuration command also identifies an
interface to be used as the RP address. If both the
ip msdp border
sa-address and the
ip msdp
originator-id global configuration commands are configured, the
address derived from the
ip msdp
originator-id command specifies the RP address.
Follow these steps
to configure the border router to send SA messages for sources active in the
dense-mode region to the MSDP peers:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp border sa-addressinterface-id
Example:
Device(config)# ip msdp border sa-address 0/1
Configures the
switch on the border between a dense-mode and sparse-mode region to send SA
messages about active sources in the dense-mode region.
For
interface-id,
specifies the interface from which the IP address is derived and used as the RP
address in SA messages.
The IP address
of the interface is used as the Originator-ID, which is the RP field in the SA
message.
Step 4
ip msdp redistribute
[listaccess-list-name] [asnaspath-access-list-number] [route-mapmap]
Example:
Device(config)# ip msdp redistribute list 100
Configures which
(S,G) entries from the multicast routing table are advertised in SA messages.
(Optional) Saves your entries
in the configuration file.
Configuring an
Originating Address other than the RP Address
You can allow an
MSDP speaker that originates an SA message to use the IP address of the
interface as the RP address in the SA message by changing the Originator ID.
You might change the Originator ID in one of these cases:
If you configure
a logical RP on multiple
Device
in an MSDP mesh group.
If you have a
Device
that borders a PIM sparse-mode domain and a dense-mode domain. If a
Device
borders a dense-mode domain for a site, and sparse-mode is being used
externally, you might want dense-mode sources to be known to the outside world.
Because this
Device
is not an RP, it would not have an RP address to use in an SA message.
Therefore, this command provides the RP address by specifying the address of
the interface.
If both the
ip msdp bordersa-address and the
ip msdp
originator-id global configuration commands are configured, the
address derived from the
ip msdp
originator-id command specifies the address of the RP.
Follow these steps to allow an MSDP speaker that originates an SA
message to use the IP address on the interface as the RP address in the SA
message:
Procedure
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
ip msdp originator-idinterface-id
Example:
Device(config)# ip msdp originator-id 0/1
Configures the
RP address in SA messages to be the address of the originating device
interface.
For
interface-id,
specify the interface on the local
Device.
Step 4
end
Example:
Device(config)# end
Returns to
privileged EXEC mode.
Step 5
show running-config
Example:
Device# show running-config
Verifies your entries.
Step 6
copy running-config
startup-config
Example:
Device# copy running-config startup-config
(Optional) Saves your entries
in the configuration file.
Monitoring and Maintaining MSDP
Commands that monitor MSDP SA messages, peers, state, and peer status:
Table 1. Commands for Monitoring and Maintaining MSDP
Command
Purpose
debug ip msdp [peer-address | name]
[detail] [routes]
Debugs an MSDP activity.
debug ip msdp resets
Debugs MSDP peer reset reasons.
show ip msdp count
[autonomous-system-number]
Displays the number of sources and groups originated in SA messages from
each autonomous system. The ip msdp cache-sa-state
command must be configured for this command to produce any output.
show ip msdp peer [peer-address |
name]
Displays detailed information about an MSDP peer.
show ip msdp sa-cache [group-address |
source-address | group-name |
source-name]
[autonomous-system-number]
Displays (S,G) state learned from MSDP peers.
show ip msdp summary
Displays MSDP peer status and SA message counts.
Commands that clear MSDP connections, statistics, and SA cache entries:
Table 2. Commands for Clearing MSDP Connections, Statistics, or SA Cache Entries
Command
Purpose
clear ip msdp peerpeer-address | name
Clears the TCP connection to the specified MSDP peer, resetting all MSDP message counters.
clear ip msdp statistics [peer-address |
name]
Clears statistics counters for one or all the MSDP peers without resetting the sessions.
clear ip msdp sa-cache [group-address |
name]
Clears the SA cache entries for all entries, all sources for a specific group, or all entries for a specific source/group
pair.
Configuration Examples for Configuring MSDP
Configuring a Default MSDP Peer: Example
This example shows a partial configuration of Router A and Router C in . Each of these ISPs have more than one customer (like the customer in ) who use default peering (no BGP or MBGP). In that case, they might have similar configurations. That is, they accept SAs
only from a default peer if the SA is permitted by the corresponding prefix list.
Router A
Router(config)# ip msdp default-peer 10.1.1.1
Router(config)# ip msdp default-peer 10.1.1.1 prefix-list site-a
Router(config)# ip prefix-list site-b permit 10.0.0.0/1
Router C
Router(config)# ip msdp default-peer 10.1.1.1 prefix-list site-a
Router(config)# ip prefix-list site-b permit 10.0.0.0/1
Caching Source-Active State: Example
This example shows how to enable the cache state for all sources in 171.69.0.0/16 sending to groups 224.2.0.0/16:
Device(config)# ip msdp cache-sa-state 100Device(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.2.0.0 0.0.255.255
Controlling Source Information that Your Switch Originates: Example
This example shows how to configure the switch to filter SA request messages from the MSDP peer at 171.69.2.2. SA request
messages from sources on network 192.4.22.0 pass access list 1 and are accepted; all others are ignored.
Device(config)# ip msdp filter sa-request 171.69.2.2 list 1Device(config)# access-list 1 permit 192.4.22.0 0.0.0.255
Controlling Source Information that Your Switch Forwards: Example
This example shows how to allow only (S,G) pairs that pass access list 100 to be
forwarded in an SA message to the peer named
switch.cisco.com:
Device(config)# ip msdp peer switch.cisco.com connect-source gigabitethernet1/0/1Device(config)# ip msdp sa-filter out switch.cisco.com list 100Device(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.20 0 0.0.255.255
Controlling Source Information that Your Switch Receives: Example
This example shows how to filter all SA messages from the peer named
switch.cisco.com:
Device(config)# ip msdp peer switch.cisco.com connect-source gigabitethernet1/0/1Device(config)# ip msdp sa-filter in switch.cisco.com