Identifying a Port with the ANCP Protocol
To make the Catalyst 4500 series switch operate as an ANCP client and to build and initialize its relevant data, enter the ancp mode client command. The no version of this command disables ANCP. This command disconnects the ANCP client from the ANCP server and terminates any existing multicast streams that have been enabled with ANCP.
To configure a switch to communicate with a single ANCP server, use the [no] ancp client server interface command. This command directs the ANCP client to initiate a TCP connection to the remote ANCP server identified with the IP address. If the TCP connection fails, the connection times out and retries for the connection every 120 seconds until it succeeds. The interface command specifies the interface from which the local ANCP client obtains its IP address. The no command terminates the TCP connection to the ANCP server but retains any existing ANCP activated multicast stream.
Separate commands enable the ANCP client and configure the IP address of the ANCP server. You can reconfigure the IP address of the remote ANCP server without losing existing ANCP activated multicast streams.
To identify a port with the ANCP protocol, follow these steps:
Step 1 Enable ANCP as follows:
Switch(config)> ancp mode client
Step 2 Configure the IP address of the remote server as the interface to acquire the source IP address:
Switch(config)> ancp client server ipaddress of server interface interface
The interface might be a loopback; this allows the client to reach the server using the interface.
Step 3 (Optional) Enable the ANCP multicast client to identify this VLAN interface using the port-identifier as opposed to the Option 82 circuit-id:
Switch(config)> ancp client port identifier [port-identifier] vlan [number] interface [interface]
The no version of this command prompts a warning message if any multicast stream is activated by ANCP using the port-identifier on a port:
Switch(config)# no ancp client port identifier bbb vlan 10 interface GigabitEthernet3/5 Warning: Multicast flows seems to exist for this port, remove mapping and delete flows anyway?[confirm]y
The ANCP client tries to connect to the server. If it fails, it tries again 10 seconds later. If it fails again, it tries at 20 seconds intervals, until it reaches the timeout setting (120 seconds). It remains timed out until it reconnects.
Note If the connection fails again and the client attempts to reconnect and it fails, the wait time returns to 10 seconds (and so on).
To determine whether the ANCP client is successfully connected to the server, enter the
show ancp status command, which displays the status of the ANCP TCP connection with the remote ANCP server.
ANCP enabled on following interfaces ANCP end point(s) on this interface: ==================================== Neighbor 10.1.1.1 Neighbor port 6068 Hello interval 100 Sender instance 1 Sender name 372F61C Sender port 0 Partition ID 0 TCB 36E27E8 Capabilities negotiated: Transactional Multicast
In the preceding example, only one capability (transactional multicast) is negotiated (or supported). This capability is the only one that the ANCP client supports. Because the server also supports this capability, the two entities can now communicate.
The server can send ANCP multicast commands (join, leave, leave all requests, and request for active flows report) as defined in the multicast portion of the ANCP protocol. At any time, an administrator can use to the show ancp multicast [interface vlan] [group | source] command to see the information the ANCP client has obtained about the current multicast flows.
Identifying a Port with DHCP Option 82
Note To use DHCP option 82, you need to enable DHCP and DHCP snooping (see
Chapter 45, “Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts”).
If you identify the port with DHCP option 82, you need to configure the Catalyst 4500 series switch as a DHCP relay to insert the DHCP option 82. This action adds a tag in the DHCP packet from the DHCP client so that the DHCP server knows the port connected to this specific DHCP client. The DHCP server can then map the IP address it is providing to the client with the DHCP option 82 it received from the switch. The DHCP server only needs to lookup the DHCP option 82 associated with a given IP address and provide it to the ANCP server. This allows the ANCP client on the switch to identify the proper port using an identifier the switch understands. The configure DHCP snooping on the Catalyst 4500 series switch, use the following commands:
Switch(config)# ip dhcp snooping Switch(config)# ip dhcp snooping vlan vlan-range
By default, DHCP option 82 is inserted when DHCP snooping is activated. Turning this default off could cause ANCP to function improperly with the DHCP circuit-id; it must remain active. To activate it, enter this command:
Switch(config)# ip dhcp snooping information option
Note The DHCP option 82 circuit-ID is inserted in the Active-Flow report (when queried for all multicast flows) even if a configured circuit-ID exists.
ANCP allows a remote server to request the list of active flows from the ANCP client (Catalyst 4500 series switch is the ANCP client). This list is very similar to the output from the show ancp multicast command except that it follows the ANCP protocol packet format (see IETF.org). Observe that the
show ancp multicast command provides the flows that have been activated with the
ancp port client identifier command while the ANCP active flow request only reports the client ID in DHCP option 82 circuit-ID format, regardless of the activation mechanism.
Refer to Chapter 45, “Configuring DHCP Snooping, IP Source Guard, and IPSG for Static Hosts” for details on the CLI.