Deploying IP Multicast

2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential. JMB. 1 ...... V - Virtual, Ac - Accounted towards access control limit,. M - SSM Mapping) ... U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel. Y - Joined ...
Télécharger le PDF
6MB taille 87 téléchargements 366 vues
commentaire
Report
Deploying IP Multicast

Jean-Marc Barozet Consulting System Engineer [email protected]

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

1

Multicast Advantages

Unicast Source Router

Multicast Source Router JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

2

Digital IP Video Surveillance Increasing Interest, and Deployment in progress …. 1. Commercial Security 2. Public law Enforcement 3. Traffic/Transportation monitoring 4. Manufacturing Processing 5. Residential security 6. Campus and K 12 School security 7. Retail Buyer behavior 8. Remote/Local Medical Monitoring

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

3

Next Generation Carrier Ethernet Multicast for IPTV delivery Portal

Monitoring

Billing

Mobile

Subscriber Database

Identity

Address Mgmt

Policy Definition

Policy Control Plane Residential

Access

Edge/Aggregation

Edge BSC

WIMAX STB Business

DSL Corporate

RNC

PSTN BRAS - 10K

Multicast deliver Multicast is is the the ONLY ONLY way way to to deliver cable cable style style 7600/SR broadcast broadcast video video content content to to million million of of homes homes for for IPTV IPTV MPLS/IP

MPLS/IP

CEoIP

DPI

7600 Deployment == Multicast Deployment IPTV IPTV Deployment == Multicast Deployment

Residential

IP

ETTx

7600/SR PE - 12K PON STB

Aggregation

Distribution VOD

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

TV

SIP 4

FUNDAMENTALS

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

5

IP Multicast Addressing (1/2)  Group Addresses (224.0.0.0 – 239.255.255.255) Class D address High-order 3 bits are set (224.0.0.0)

 Link-Local addresses designated by IANA Reserved use: 224.0.0.0 through 224.0.0.255 224.0.0.1—all multicast systems on subnet 224.0.0.2—all routers on subnet See “http://www.iana.org/assignments/multicast-addresses”

 Transient addresses, addresses assigned and reclaimed dynamically Global scope: 224.0.1.0-238.255.255.255 Limited Scope: 239.0.0.0-239.255.255.255 JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

6

IP Multicast Addressing (2/2)  Administratively Scoped Addresses 239.0.0.0 – 239.255.255.255 Private address space similar to RFC1918 unicast addresses Not used for global Internet traffic Used to limit “scope” of multicast traffic Same addresses may be in use at different locations for different multicast sessions

 SSM (Source Specific Multicast) Range 232.0.0.0 – 232.255.255.255 Primarily targeted for Internet style Broadcast

 RFC3180 – Glop Addressing in 233/8 Temporary method to meet immediate needs Static Global Group Address Assignment Group range: 233.0.0.0 – 233.255.255.255 Your AS number is inserted in middle two octets Remaining low-order octet used for group assignment JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

7

Multicast Distribution Trees Shortest Path or Source Distribution Tree Source 1 Notation: (S, G) S = Source G = Group Source 2 A

B

C

E

Receiver 1 JMB

© 2007 Cisco Systems, Inc. All rights reserved.

F

D

Receiver 2 Cisco Confidential

8

Multicast Distribution Trees Shared Distribution Tree Notation: (*, G) * = All Sources G = Group

A

B

D (RP)

E

C

F

(RP)

PIM Rendezvous Point Shared Tree

Receiver 1

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Receiver 2

Cisco Confidential

9

Multicast Distribution Trees Source AND Shared Distribution Tree Source 1

Notation: (*, G) * = All Sources G = Group Source 2

A

B

C

D (RP)

E

F

(RP)

PIM Rendezvous Point Shared Tree Source Tree

Receiver 1

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Receiver 2

Cisco Confidential

10

Multicast Forwarding  Multicast Routing is backwards from Unicast Routing Unicast Routing is concerned about where the packet is going. Multicast Routing is concerned about where the packet came from.

 Multicast Routing uses “Reverse Path Forwarding” (RPF) A router forwards a multicast datagram only if received on the up stream interface to the source (i.e. it follows the distribution tree).

 The RPF Check The routing table used for multicasting is checked against the “source” IP address in the packet. If the datagram arrived on the interface specified in the routing table for the source address; then the RPF check succeeds.

 Otherwise, the RPF Check fails.

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

11

Multicast Forwarding Example: RPF Checking

Source 151.10.3.21

RPF Check Fails Packet arrived on wrong interface! Mcast Packets

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

12

Types of Multicast Protocols  Dense mode Uses “push” model Traffic flooded throughout network Pruned back where it is unwanted Flood-and-prune behavior (every 3 minutes)

 Sparse mode Uses “pull” model Traffic sent only to where it is requested Explicit join behavior

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

13

Which Mode—Sparse or Dense  Sparse mode !!!!!!!! Must configure a Rendezvous Point (RP) Very efficient Uses Explicit Join model Traffic only flows to where it’s needed Separated control and data planes Router state only created along flow paths Deterministic topological behavior Scales well Works for both sparsely or densely populated networks

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

14

PIM-SM (RFC 2362)  Supports both source and shared trees Assumes no hosts want multicast traffic unless they specifically ask for it

 Uses a Rendezvous Point (RP) Senders and Receivers “rendezvous” at this point to learn of each others existence. Senders are “registered” with RP by their first-hop router. Receivers are “joined” to the Shared Tree (rooted at the RP) by their local Designated Router (DR).

 Appropriate for… Wide scale deployment for both densely and sparsely populated groups in the enterprise Optimal choice for all production networks regardless of size and membership density. JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

15

PIM Sparse Mode Explicit Join Mechanism

Source 1

1. No one receives group traffic until specific join 2. Rendezvous point queried 3. Sites pruned back permanently as needed 4. No periodic flooding as in dense-mode Rendezvous Point (Shared Root)

B

A

Receiver 1 © 2007 Cisco Systems, Inc. All rights reserved.

F

E

C

JMB

D

Cisco Confidential

Non Viewers

Uses “Shared Tree” Initially. Can Switch over to Shortest Path Tree if Needed/Defined.

Non Viewer 16

PIM Configuration Steps  Enable Multicast Routing on every router  Configure every interface for PIM  Configure the RP for ASM/Bidir Groups Highly consider Anycast-RP & MSDP Or using Auto-RP or BSR Configure certain routers as Candidate RP(s) All other routers automatically learn elected RP Or using Static RP addressing RP address must be configured on every router

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

17

Group Mode vs. Interface Mode  Group & Interface mode are independent.  Interface Mode Determines how the interface operates when sending/receiving multicast traffic.

 Group Mode Determines whether the group is Sparse or Dense.

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

18

Group Mode  Group mode is controlled by local RP info  Local RP Information Stored in the Group-to-RP Mapping Cache May be statically configured or learned via Auto-RP or BSR

 If RP info exists, Group = Sparse  If RP info does not exist, Group = Dense Trivia moment; if dm-fallback is enabled there will be a default 0.0.0.0 RP address

 Mode Changes are automatic. i.e. if RP info is lost, Group falls back to Dense. JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

19

Configuring Interface Mode  Interface Mode Configuration Commands Enables multicast forwarding on the interface. Controls the interface’s mode of operation. ip pim sparse-mode Interface mode is set to Sparse mode operation. Auto-RP groups can be an exception. ip pim sparse-dense-mode Interface mode is determined by the Group mode. If Group is Dense, interface operates in Dense mode. If Group is Sparse, interface operates in Sparse mode. ip pim dense-mode Interface mode is set to Dense mode operation.

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

20

RP Configuration Methods  Static  Auto-RP  BSR  Anycast-RP RFC 3446 Anycast RP mechanism using PIM and MSDP Give each RP the same IP address assignment Sources and receivers use closest RP Sources from one RP are made known to other RPs using MSDP When an RP goes down, sources and receivers are taken to new RP via unicast routing - Fast convergence JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

21

Anycast RP Configuration interface interface loopback loopback 00 ip address 10.0.0.2 255.255.255.255 ip address 10.0.0.2 255.255.255.255

Interface Interface loopback loopback 00 ip address ip address 10.0.0.3 10.0.0.3 255.255.255.255 255.255.255.255

interface loopback 1 interface loopback 1 ip address 10.1.1.1 255.255.255.255 ip address 10.1.1.1 255.255.255.255 !! ip ip msdp msdp peer peer 10.0.0.3 10.0.0.3 connect-source connect-source loopback0 loopback0 ip ip msdp msdp originator-id originator-id loopback loopback 00

Interface Interface loopback loopback 11 ip ip address address 10.1.1.1 10.1.1.1 255.255.255.255 255.255.255.255 !! ip ip msdp msdp peer peer 10.0.0.2 10.0.0.2 connect-source connect-source loopback0 loopback0 ip msdp originator-id loopback 0 ip msdp originator-id loopback 0

RP1

RP2

MSDP 10.1.1.1 ip ip pim pim rp-address rp-address 10.1.1.1 10.1.1.1

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

10.1.1.1 ip ip pim pim rp-address rp-address 10.1.1.1 10.1.1.1

Cisco Confidential

22

What are the considerations…  When Using Loopback interfaces – you can effect Router ID’s (RID) for routing protocols like OSPF & BGP  Duplicate IP addresses for RP redundancy is good  Duplicate IP addresses as RID for OSPF is bad…  Set your RID don’t let the router pick one

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

23

Avoiding DM Flooding  Use global command ip pim autorp listener

 Recommended

Added support for Auto-RP Environments. Modifies interface behavior. Forces interfaces to always use DM for Auto-RP groups. Use only if Auto-RP is to be used. Available 12.3(4)T, 12.2(28)S, 12.1(26)E

 Use with interface command.  Recommended

ip pim sparse-mode

Prevents DM Flooding. Does not prevent DM Fallback!

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

24

Avoiding DM Flooding  Prior to “listener” in IOS 12.3(4)T, 12.2(28)S, 12.1(26)E Must use ip pim sparse-dense mode interface command to support Auto-RP.

 Use RP-of-last-resort Assign local Loopback as RP-of-last-resort on each router. Example ip pim rp-address 10 access-list 10 deny 224.0.1.39 access-list 10 deny 224.0.1.40 access-list 10 permit any

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

25

Avoiding DM Flooding  New IOS global command no ip pim dm-fallback

 Recommended

 Totally prevents DM Fallback!! No DM Flooding since all state remains in SM

 Default RP Address = 0.0.0.0 [nonexistent] Used if all RP’s fail. Results in loss of Shared Tree. All SPT’s remain active.

 Available 12.3(4)T, 12.2(28)S

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

26

General RP Recommendations  Use combined Anycast-RP with Static: When rapid RP failover is critical When valid Group/RP cache is critical at all times No requirement for dynamic Group/RP cache

 Pros Fastest RP Convergence method With override option, Group/RP cache can not be impacted via Auto-RP or BSR Required when connecting to Internet

 Cons Manual Group/RP configuration change on routers Requires use of MSDP between RP’s

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

27

General RP Recommendations  Use combined Anycast-RP & Auto-RP with autorp listener: When rapid RP failover is critical When dynamic Group/RP cache required When Admin scoping is required

 Pros Fastest RP Convergence Most flexible and easy to maintain

 Cons No Group/RP cache until a MA packet is received Admin scoping can greatly increase complexity Requires use of MSDP between RP’s

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

28

General RP Recommendations  Use Auto-RP with autorp listener When minimum configuration is desired and/or When maximum flexibility is desired

 Pros Most flexible method Easiest to maintain

 Cons Increased RP Failover times vs Anycast-RP inclusive configurations No Group/RP cache until a MA packet is received

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

29

General RP Recommendations  Use BSR: When dynamic Group/RP cache is required and When maximum interoperability is needed

 Pros Interoperates with all Vendors

 Cons Some methods greatly increase configuration Does not support Admin. Scoping

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

30

USING ADMIN SCOPED ZONES

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

31

Administratively Scoped Address Range 239.0.0.0

• Address Range: 239.0.0.0/8 Private multicast address space.

RFC 2365 Org.-Local Expansion

• RFC 2365 Administratively Scoped Zones.

239.192.0.0 RFC 2365 Org-Local Scope

239.196.0.0 239.255.253.0

239.255.0.0 239.255.255.255

Similar to RFC1918 private unicast address space.

Unassigned RFC 2365 Local Scope Expansion RFC 2365 Local Scope

• Organization-Local Scope (239.192/14) – Largest scope within the Enterprise network (i.e. Enterprise-wide). – Expands downward in address range. • Local Scope (239.255/16) – Expands downward in address range. – Smallest possible scope within the Enterprise network. – Other scopes may be equal but not smaller.

(Not to scale.) JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

32

Example Scope Address Assignments 239.0.0.0 Org.-Local Expansion

• Allocate all ranges from the Org-Local space. • Keep Local space separate.

239.191.0.0

– Avoids moving applications when smaller scopes are added later.

239.192.0.0 239.193.0.0 239.194.0.0 239.195.0.0

Campus Scope (/16) Region Scope (/16) Enterprise Scope (/16)

RFC RFC2365 2365 Organization-Local Organization-LocalScope Scope

239.196.0.0 Local Expansion 239.255.0.0 239.255.255.255 JMB

RFC 2365 Local Scope

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

33

Address Ranges to Avoid 239.0.0.0/24

239.0.0.0

239.191.0.0 239.192.0.0 239.193.0.0 239.194.0.0 239.195.0.0

Org.-Local Scope Expansion Sub-Region Scope (/16) Building Scope (/16) Campus Scope (/16) Region Scope (/16) Enterprise Scope (/16)

239.128.0.0/24

• Avoid ranges that map to a MAC address of 0x0100-5E00-00xx! – i.e. 239.128.0/24 & 239.0.0/24 – These addresses are always flooded by Layer 2 switches!

239.196.0.0 Local Scope Expansion 239.255.0.0 239.255.255.255 JMB

RFC 2365 Local Scope

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

34

Adding Private SSM Space 239.0.0.0

Org.-Local Scope Expansion

• Allocate 239.232/16 from Local Scope Expansion range for private SSM space. – Subdivide SSM space into scoped zones.

239.192.0.0 239.193.0.0 239.194.0.0 239.195.0.0

Campus Scope (/16) Region Scope (/16) Enterprise Scope (/16)

239.232.0.0

Expansion

239.196.0.0 239.232.0.0 239.232.255.255

Private SSM (/16)

Campus SSM Scope (/24) Region SSM Scope (/24) Enterprise SSM Scope (/24)

Local Scope Expansion 239.255.0.0 239.255.255.255 JMB

RFC 2365 Local Scope

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

239.232.252.255 239.232.253.0 239.232.253.255 239.232.254.0 239.232.254.255 239.232.255.0 239.232.255.255 35

Scoping – TTL Thresholds • What is a TTL Threshold? A “TTL Threshold” may be set on a multicast router interface to limit the forwarding of multicast traffic to outgoing packets with TTLs greater than the Threshold.

• The TTL Threshold Check 1) All incoming IP packets first have their TTL decremented by one. If Source S

Set Top Box (STB) JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

49

SSM mapping for MoH  Used when the Corporate Standard is SSM globally Provides interim configuration for non-IGMPv3 hosts

 No RPs to configure Simplifies control plane across routers

 Simple configuration on LHRs SSM mapping is configured only on the LHRs Same configurations on all LHRs

 SSM mapping was first introduced in 12.3(2)T

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

50

SSM DNS Mapping – Configuration Enabling SSM Mapping ip ip igmp igmp ssm-map ssm-map enable enable ip igmp ssm-map query ip igmp ssm-map query dns dns !! ip ip pim pim ssm ssm range range SSM-GROUP SSM-GROUP !! ip ip access-list access-list standard standard SSM-GROUP SSM-GROUP permit 239.0.0.0 0.255.255.255 permit 239.0.0.0 0.255.255.255 !! ip ip name-server name-server 10.151.1.103 10.151.1.103 ip domain multicast ip domain multicast ssm.cisco.fr ssm.cisco.fr ip domain-name cisco.fr ip domain-name cisco.fr

JMB

IN IN IN IN

AA AA

© 2007 Cisco Systems, Inc. All rights reserved.

Specific DNS Server zone for SSM

cat-3#sh cat-3#sh ip ip igmp igmp ssm-mapping ssm-mapping 239.1.1.2 239.1.1.2 Group Group address: address: 239.1.1.2 239.1.1.2 Database :: DNS Database DNS DNS :: 2.1.1.239.ssm.cisco.fr DNS name name 2.1.1.239.ssm.cisco.fr Expire time : 604623026 Expire time : 604623026 Source list : 10.151.1.102 Source list : 10.151.1.102 cat-3# cat-3#

cat-3#sh ip igmp ssm-mapping cat-3#sh ip igmp ssm-mapping SSM SSM Mapping Mapping :: Enabled Enabled DNS Lookup : Enabled DNS Lookup : Enabled Mcast Mcast domain domain :: ssm.cisco.fr ssm.cisco.fr Name servers : 10.151.1.103 Name servers : 10.151.1.103 cat-3# cat-3#

1.1.1.239 1.1.1.239 2.1.1.239 2.1.1.239

Enabling DNS Mapping

10.151.1.104 10.151.1.104 10.151.1.102 10.151.1.102

Cisco Confidential

DNS zone for SSM

51

IGMP Report Received 001959: 001959: 3w4d: 3w4d: IGMP(0): IGMP(0): Received Received v2 v2 Report Report on on Vlan100 Vlan100 from from 10.149.3.3 10.149.3.3 for for 239.1.1.2 239.1.1.2 001960: 3w4d: IGMP(0): Convert IGMPv2 report (*, 239.1.1.2) to IGMPv3 with 001960: 3w4d: IGMP(0): Convert IGMPv2 report (*, 239.1.1.2) to IGMPv3 with 11 source(s) source(s) using using DNS DNS

cat-3#sh cat-3#sh ip ip igmp igmp groups groups 239.1.1.2 239.1.1.2 detail detail Flags: Flags: LL -- Local, Local, UU -- User, User, SG SG -- Static Static Group, Group, VG VG -- Virtual Virtual Group, Group, SS Static Source, VS Virtual Source SS - Static Source, VS - Virtual Source Interface: Vlan100 Interface: Vlan100 Group: 239.1.1.2 Group: 239.1.1.2 Flags: SSM Flags: SSM Uptime: 00:01:04 Uptime: 00:01:04 Group mode: INCLUDE Group mode: INCLUDE Last reporter: 0.0.0.0 Last reporter: 0.0.0.0 CSR 00:02:28 CSR Grp Grp Exp: Exp: 00:02:28 Group source list: Group source list: (C (C -- Cisco Cisco Src Src Report, Report, UU -- URD, URD, RR -- Remote, Remote, SS -- Static, Static, VV -- Virtual, Ac Accounted towards access control Virtual, Ac - Accounted towards access control limit, limit, MM -- SSM Mapping) SSM Mapping) Source Address Uptime v3 Source Address Uptime v3 Exp Exp CSR CSR Exp Exp Fwd Fwd Flags Flags 10.151.1.102 00:01:04 stopped 00:02:28 Yes 10.151.1.102 00:01:04 stopped 00:02:28 Yes CM CM cat-3# cat-3# JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

52

IP MROUTE for 239.1.1.2 cat-3#sh cat-3#sh ip ip mroute mroute IP Multicast IP Multicast Routing Routing Table Table Flags: Flags: DD -- Dense, Dense, SS -- Sparse, Sparse, BB -- Bidir Bidir Group, Group, ss -- SSM SSM Group, Group, CC -- Connected, Connected, LL -- Local, P Pruned, R RP-bit set, F Register flag, Local, P - Pruned, R - RP-bit set, F - Register flag, TT -- SPT-bit SPT-bit set, set, JJ -- Join Join SPT, SPT, MM -- MSDP MSDP created created entry, entry, XX -- Proxy Proxy Join Join Timer Timer Running, Running, AA -- Candidate Candidate for for MSDP MSDP Advertisement, Advertisement, UU -- URD, I Received Source Specific Host Report, Z URD, I - Received Source Specific Host Report, Z - Multicast Multicast Tunnel Tunnel YY -- Joined Joined MDT-data MDT-data group, group, yy -- Sending Sending to to MDT-data MDT-data group group Outgoing Outgoing interface interface flags: flags: HH -- Hardware Hardware switched, switched, AA -- Assert Assert winner winner Timers: Uptime/Expires Timers: Uptime/Expires Interface Interface state: state: Interface, Interface, Next-Hop Next-Hop or or VCD, VCD, State/Mode State/Mode (10.151.1.102, 239.1.1.2), 00:00:21/00:02:57, flags: sTI (10.151.1.102, 239.1.1.2), 00:00:21/00:02:57, flags: sTI Incoming interface: GigabitEthernet1/0/1, RPF nbr 10.149.35.5 Incoming interface: GigabitEthernet1/0/1, RPF nbr 10.149.35.5 Outgoing interface list: Outgoing interface list: Vlan100, Forward/Sparse, 00:00:21/00:02:38 Vlan100, Forward/Sparse, 00:00:21/00:02:38 (*, 224.0.1.40), 01:29:37/00:03:15, RP 10.149.149.149, flags: SJCL (*, 224.0.1.40), 01:29:37/00:03:15, RP 10.149.149.149, flags: SJCL Incoming Incoming interface: interface: GigabitEthernet1/0/1, GigabitEthernet1/0/1, RPF RPF nbr nbr 10.149.35.5 10.149.35.5 Outgoing Outgoing interface interface list: list: GigabitEthernet1/0/2, GigabitEthernet1/0/2, Forward/Sparse, Forward/Sparse, 00:03:13/00:03:15 00:03:13/00:03:15 Vlan100, Forward/Sparse, 01:29:35/00:02:05 Vlan100, Forward/Sparse, 01:29:35/00:02:05 cat-3# cat-3#

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

53

SOURCE REDUNDANCY

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

54

Multicast Source Redundancy  What Is It? Anything that deals with redundant sources!

 Benefits: High availability for video stream(s) Video stream(s) not subject to single point of failure User experience unaffected during video failures

 Approaches: Duplicate Streams Server Heartbeat Source Specific Multicast (SSM) Anycast Sources

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

Application Solutions Network Solutions

55

Source Redundancy : Two Approaches Primary-Backup

Hot-Hot

Two sources, One is active and src’ing content, Second is in standby mode (not src’ing content)

Two sources, both are active and src’ing multicast into the network

Heartbeat mechanism used to communicate with each other

No Protocol between the two sources

Only one copy is on the network at any instant

Two copies of the multicast packets will be in the network at any instant

Single Multicast tree is built per the unicast routing table

Two Multicast tree on almost redundant Infrastructure

Uses required bandwidth

Uses 2x network bandwidth

Receiver’s functionality simpler:

Receiver is smarter:

Aware of only one src, fail-over logic handled between sources.

Is aware/configured with two feeds (s1,g1), (s2,g2) / (*,g1), (*,g2) Joins both and receives both feeds

This approach requires the network to have fast IGP and PIM convergence JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

This approach does not require fast IGP and PIM convergence 56

Multicast Source Redundancy Application Solutions Duplicate Streams

Server Heartbeat

X

S1,G

S2,G

S1,G

I’m responsible for dropping duplicate packets JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

S2,G

I will only receive one stream at a time 57

Multicast Source Redundancy Network Solutions Source Specific Multicast

Anycast Sources

X

X S1,G

S2,G

S2,G Join

1.1.1.1

v2 join

S2,G IGMPv3 Report It appears the Primary source failed. I’ll switch to the Secondary source, S2,G.

JMB

1.1.1.1

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

I will send join to the nearest 1.1.1.1/32

58

Multicast Source Redundancy Using Anycast Sources How is source redundancy achieved in the network?

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

X

 Enable SSM on all routers  Have R1 and R2 advertise same prefix for each source segment.  R3 and R4 follow best path towards source based on IGP metrics.  Let’s say R3’s best path to SF is through R1. The source in SF now suddenly fails.  R3’s IGP will reconverge and trigger SSM joins towards R2 in NY.

Anycast Sources 1.1.1.1

1.1.1.1

R1

R2

v2 join R3

R4

I will send join to the nearest 1.1.1.1/32

59

ADMISSION CONTROL

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

60

Multicast CAC Managing Oversubscription 1. 1. 250 250 –– 1000 1000 end end users users need need to to be be supported on a 1 Gbps DSLAM supported on a 1 Gbps DSLAM uplink. uplink.

250-1000 users per DSLAM

Aggregation 10GE

Access GE

2. 2. Triple Triple Play Play Services Services need need to to support 250 – 1000 users support 250 – 1000 users 1. 1. 2. 2. 3. 3. 4. 4.

...

Cisco 7600

1 GE may not be enough BW for all the Triple Play Services

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

-- Voice Voice :: 22 IP IP phone phone connections connections per per home home -- Video : 200 – 500 Video : 200 – 500 cable cable channels channels -- Data Data :: Internet Internet VOD VOD :: 10 10 % % users users using using VOD VOD

3. 3. IfIf 250 250 homes homes on on aa single single DSLAM DSLAM are all watching a different channel, are all watching a different channel, the the total total BW BW required required for for video video alone would be 250 x 4Mbps alone would be 250 x 4Mbps == 1Gbps! 1Gbps!

Multicast Multicast CAC CAC is is the the Solution Solution to to Manage Manage Video Video Broadcast Broadcast Oversubscription! Oversubscription! 61

Multicast Call Admission Control (Single) Per Interface IGMP State Limit Cisco IOS® IGMP State Limit

MCAC Use Case Phase 1

interface Gig0/0 description --- Interface towards DSLAM --... ip igmp limit 125 …

300 SDTV channels M

3. 50% of each outgoing 1Gbps link (500Mbps) needs to be provisioned for multicast video leaving the remaining 50% for Voice, Internet & VoD.

10GE

as tic l u

eo id V t

& SI H , IP Vo

D Vo

0% (5

)

1GE Cisco 7600

4. The required CAC needed per interface comes out to:

...

2. Each SDTV channel is approximately 4Mbps.

) 0% (5

...

1. Say the total number of SDTV channels offered by a Service Provider is 300.

500Mbps/4Mbps = 125 mroutes

300 channels x 4Mbps = 1.2Gbps > 1GE JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

62

Route Limits Global / per-VRF Route Limits ip multicast route-limit [ ] ip ip multicast multicast route-limit route-limit 1500 1500 1460 1460 rtr-a> rtr-a> show show ip ip mroute mroute count count IP Multicast Statistics IP Multicast Statistics 1460 1460 routes routes using using 471528 471528 bytes bytes of of memory memory 404 groups, 2.61 average sources per 404 groups, 2.61 average sources per group group

%MROUTE-4-ROUTELIMITWARNING %MROUTE-4-ROUTELIMITWARNING :: multicast route-limit warning 1461 threshold 1460 multicast route-limit warning 1461 threshold 1460 %MROUTE-4-ROUTELIMIT %MROUTE-4-ROUTELIMIT :: 1501 1501 routes routes exceeded exceeded multicast multicast route-limit route-limit of of 1500 1500

rtr-a PIM Join

rtr-b

 No state created beyond State triggering packets still punted, but discarded

 Syslog warnings created beyond JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

63

Multicast Call Admission Control (Multiple) Per Interface Mroute State Limits MCAC Use Case Phase 2 1. Say the total number of SDTV channels offered by a Service Provider is 300. 2. Each SDTV channel is ca. 4Mbps. 3. Service Provider will offer three TV bundles (Basic, Premium, Gold). Each bundle will have 100 channels. 4. 50% of each outgoing 1Gbps link (500Mbps) needs to be provisioned for multicast video leaving the remaining 50% for Voice, Internet & VoD.

Cisco IOS® Per Interface Mroute State Limit with support for ingress, egress, PIM/IGMP, ASM/SSM interface Gig0/0 description --- Interface towards DSLAM --... ip multicast limit out 75 Basic ip multicast limit out 25 Premium ip multicast limit out 25 Gold Basic (100 channels) Premium (100 channels) Gold (100 channels)

Vo

10GE

I HS , IP

&

D Vo

) 0% 5 (

& SI H , IP Vo

D Vo

0% (5

)

• 60% will be for Basic (300Mbps) • 20% will be for Premium (100Mbps) • 20% will be for Gold (100Mbps)

Cisco 7600

...

5. Within this provisioned 50%:

...

1GE

6. The required CAC needed per interface comes out to: • Basic mroute limit = 300/4 = 75 • Premium mroute limit = 100/4 = 25 • Gold mroute limit = 100/4 = 25 JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

300 channels offered 300 channels x 4Mbps = 1.2Gbps 64

Multicast Call Admission Control Cost factor for per-interface Mroute State Limits

1. Consider the following. Three

Content Providers (CPs) are providing multicast content. 2. Multiple CP will have TV • MPEG2 SDTV: 4 Mbps • MPEG2 HDTV: 18 Mbps • MPEG4 SDTV: 1.6 Mbps • MPEG4 HDTV: 6 Mbps

3. Service Provider (SP) would like to provision fair sharing of bandwidth between these three content providers to its consumers across 1Gbps links.

Content Provider 2

4. 250Mbps for each CP, 250 Mbps

Content Provider 3

MPEG2 SDTV MPEG2 HDTV MPEG4 SDTV MPEG4 SDTV

MPEG2 SDTV MPEG2 HDTV MPEG4 SDTV MPEG4 SDTV

5. Simple extension of multicast limits: global cost factor config.

© 2007 Cisco Systems, Inc. All rights reserved.

bp

MPEG2 SDTV MPEG2 HDTV MPEG4 SDTV MPEG4 SDTV

for Voice/Internet/VoD.

Cisco Confidential

Paying Customers

! Global ip multicast limit cost acl-MP2SD-channels 4000 ! from any provider ip multicast limit cost acl-MP2HD-channels 18000 ! from any provider ip multicast limit cost acl-MP4SD-channels 1600 ! from any provider ip multicast limit cost acl-MP4HD-channels 6000 ! from any provider

Content Provider 1

programs w/ different BW:

JMB

Service Provider

10GE

s)

) 0M ps 25 ( b -1 0M s) CP 25 ( ) bp 2 0M 5% P 5 2 C ( (2 -2 oD P V C & SI H , IP Vo

1GE Cisco 7600

... ...

MCAC Use Case Phase 3

Content Providers

interface Gig0/1 description --- Interface towards DSLAM --... ! CAC ip multicast limit out 250000 acl-CP1-channels ip multicast limit out 250000 acl-CP2-channels ip multicast limit out 250000 acl-CP3-channels

65

CONCLUSION

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

66

ASM vs. SSM summary  SSM solves all three ASM issues … but does provide of course a different type of service

 Both ASM and SSM are essential Many-to-Many applications in well controlled networks scale/operate better with ASM Resource discovery applications MUST have ASM Interdomain and broadcast style application scale/operate best with SSM SSM is simpler than ASM for the network, ASM is simpler but more unsecure for application developers

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

67

CONCLUSION  Multicast applications are there Lots of deployment in France for Enterprises More and more used in IP Communications deployment (MoH, IPICS) IP Video Surveillance Corporate Communications via Video Streaming Multicast File Transfer, Data and File Replication

 Multicast for IPTV Delivery (example – Triple Play Networks) Scalable (national deployment) Dynamic (no provisioning necessary) And forwarding performance (~400 Mbps)

 Both ASM and SSM are essential Many-to-Many applications in well controlled networks scale/operate better with ASM Interdomain and broadcast style application scale/operate best with SSM

 More informations on CCO Multicast page: http://www.cisco.com/go/ipmulticast JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

68

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

69

APPENDIX

PIM SSM Mapping Configuration

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

70

SSM Static Mapping – Configuration Enabling SSM Mapping ip ip igmp igmp ssm-map ssm-map enable enable no ip igmp ssm-map no ip igmp ssm-map query query dns dns ip igmp ssm-map static SSM-SERVER2 ip igmp ssm-map static SSM-SERVER2 10.151.1.102 10.151.1.102 !! ip ip pim pim ssm ssm range range SSM-GROUP SSM-GROUP !! ip ip access-list access-list standard standard SSM-GROUP SSM-GROUP permit 239.0.0.0 0.255.255.255 permit 239.0.0.0 0.255.255.255 !! ip ip access-list access-list standard standard SSM-SERVER2 SSM-SERVER2 permit 239.1.0.0 0.0.255.255 permit 239.1.0.0 0.0.255.255 !!

Enabling Static Mapping (no DNS) Defining SSM Range

cat-3#sh cat-3#sh ip ip igmp igmp ssm-mapping ssm-mapping 239.1.1.2 239.1.1.2 Group address: 239.1.1.2 Group address: 239.1.1.2 Database :: Static Database Static Source list : 10.151.1.102 Source list : 10.151.1.102 cat-3# cat-3#

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

71

APPENDIX

Multicast CAC

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

72

Host Receiver Side Admission Control ip igmp limit [ except ] ipv6 mld limit [ except ]  Always per interface  Global command sets per-interface default  Counts entries in IGMP cache ip ip access-list access-list extended extended channel-guides channel-guides permit ip any host 239.255.255.254 permit ip any host 239.255.255.254 !! SDR SDR announcements announcements deny ip any any deny ip any any !! ip ip igmp igmp limit limit 11 except except channel-guides channel-guides !! interface interface ethernet ethernet 00 ip ip igmp igmp limit limit 22 except except channel-guides channel-guides

JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

73

Example Usage of igmp Limit Admission Control on Agg-DSLAM Link interface interface Gig0/0 Gig0/0 description description Interface Interface towards towards DSLAM DSLAM ip ip igmp igmp limit limit 125 125

 300 SDTV channels ) ) 0% 0% 5 5 ( ( 250-500 eo oD id V E V DSLAM 1Gcast net & i r t ul Inte M , e ic Vo

 4Mbps each  Gbps link to DSLAM 500 Mbps for TV rest for Internet etc.

300 SDTV channels

10GE

users per DLAM

1GE PE Cat7600

 500Mbps/4Mbps = 125 IGMP states

DSLAM

1G E DSLAM

IGMP/MLD = Receiver side only No PIM JMB

© 2007 Cisco Systems, Inc. All rights reserved.

300 channels x 4Mbps = 1.2Gbps > 1GE Cisco Confidential

74

Route Limits Global / per-VRF Route Limits ip multicast route-limit [ ] ip ip multicast multicast route-limit route-limit 1500 1500 1460 1460 rtr-a> rtr-a> show show ip ip mroute mroute count count IP Multicast Statistics IP Multicast Statistics 1460 1460 routes routes using using 471528 471528 bytes bytes of of memory memory 404 groups, 2.61 average sources per 404 groups, 2.61 average sources per group group

%MROUTE-4-ROUTELIMITWARNING %MROUTE-4-ROUTELIMITWARNING :: multicast route-limit warning 1461 threshold 1460 multicast route-limit warning 1461 threshold 1460 %MROUTE-4-ROUTELIMIT %MROUTE-4-ROUTELIMIT :: 1501 1501 routes routes exceeded exceeded multicast multicast route-limit route-limit of of 1500 1500

rtr-a PIM Join

rtr-b

 No state created beyond State triggering packets still punted, but discarded

 Syslog warnings created beyond JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

75

Per Interface mroute Limits Multicast Lookup/ingress states Accounted against s0 Ingress (rpf/connected)

 ip multicast limit [ rpf | out | connected ]  Per interface mroute state (PIM/IGMP)  Input: Rpf, connected = (S,G) with S connected

s0 S1,G1

 Output: Out  Multiple limits allowed per interface  Each establishes one limiter  Input / Output state accounted against first limiter permitting state in

s1

s2

Multicast Egress/Replication states, accounted Against s1, s2 egress (out) JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

76

Example Use of per Interface mroute Limits Admission Control on Agg-DSLAM Link interface interface Gig0/0 Gig0/0 description description Interface Interface towards towards DSLAM DSLAM ip multicast limit out 75 acl-basic ip multicast limit out 75 acl-basic ip ip multicast multicast limit limit out out 25 25 acl-ext acl-ext ip multicast limit out 25 acl-premium ip multicast limit out 25 acl-premium

 300 SD channels with 4 Mbps each

Basic (100 channels)

 Basic, Extended, Premium bundles 100 channels ea.

Premium (100 channels)

 Want to allow:

10GE

Gold (100 channels)

) ) 0% 0% 5 5 ( ( E D DSLAM eo 1G t Vid & Vo as et tic tern l u n M ,I ce i Gig0/0 Vo

250-500 users per DLAM

1GE

PE

60%/300Mbps Basic 20%/100Mbps Extended 20%/100Mbps Premium

Cat7600

DSLAM

1G E DSLAM

 Need to limit: Basic 75 states Premium 25 states Gold 25 states JMB

© 2007 Cisco Systems, Inc. All rights reserved.

300 channels offered 300 channels x 4Mbps = 1.2Gbps Generic interface multicast route limit feature with support for Ingress, egress, PIM/IGMP, ASM/SSM. Cisco Confidential

77

Example Use of per Interface mroute Limits Input admission control interface interface Gig0/0 Gig0/0 description description Interface Interface towards towards DSLAM DSLAM ip multicast limit rpf 75 acl-basic ip multicast limit rpf 75 acl-basic ip ip multicast multicast limit limit rpf rpf 25 25 acl-ext acl-ext ip multicast limit rpf 25 acl-premium ip multicast limit rpf 25 acl-premium

 Instead of ‘out’ limit on the upstream devices outbound interface:  use ‘rpf’ limits on the downstream devices RPF interface – same result!

IOS-Rtr

E 1G

Gig0/0

10GE

 Example:

Eg: FTTH

1GE

Rtr Non-Cisco?

IOS-Rtr

Eg: FTTH

1G E

IOS routers instead of DSLAMs (FTTH) (shown) RPF-interface to content providers. JMB

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

IOS-Rtr

Eg: FTTH

78