多播配置向导

领测软件测试网

　　 
　　Multicast Configuration Guide
　　Members should implement the following:
　　
　　BGP and MBGP to RNO router
　　PIM sparse mode
　　local RP (auto RP ?)
　　MSDP to RNO router
　　no static mroute

　　IGMP snooping (or equivalent) on all switches
　　rate limiting (if/as required)
　　Notes
　　CGMP for all-cisco sites. Needs to be enabled on switches and interfaces of routers attached to switches. Low impact on CPU of switch.
　　IGMP snooping in mixed and/or non-cisco sites. Can have high impact on CPU of switch.
　　MSDP uses TCP port 639, so check that this is allowed in (to your RP, from your MSDP peers) through firewalls, access lists, etc.
　　Design Issues
　　RP - use a loopback address so you can move it around.
　　RP location - on the border router or nearby/on the core router.
　　Final Goal - Implementation details
　　Configuration examples based on Cisco IOS.
　　
　　Border Router
　　Enable multicast (use "distributed" mode when using "distributed cef" for less CPU impact/better performance on Cisco 7500 platforms):
　　
　　ip multicast-routing distributed
　　
　　Create a multicast boundary on your router interface connected to the RNO router, and set PIM sparse on this boundary:
　　
　　! create an RNO multicast ACL
　　! This allows AARNet wide multicast address space to pass,
　　! and local RNO address space to pass,
　　! but blocks address space reserved for members private use.
　　! Use this on all links between an RNO and a members,
　　! and between members.
　　ip access-list standard MULTICASTRNOADMIN
　　remark block Cisco auto-RP
　　deny 224.0.1.39
　　deny 224.0.1.40
　　remark reserved rfc2365
　　deny 239.0.0.0 0.127.255.255
　　deny 239.128.0.0 0.63.255.255
　　remark member only usage
　　deny 239.224.0.0 0.15.255.255
　　remark reserved rfc2365
　　deny 239.253.0.0 0.0.255.255
　　deny 239.254.0.0 0.0.255.255
　　deny 239.255.0.0 0.0.255.255
　　remark allow all remaining multicast
　　remark including RNO and AARNet scope
　　permit 224.0.0.0 15.255.255.255
　　interface gigabitethe.net 1/0/0
　　ip pim bsr-border
　　ip pim sparse-mode
　　ip multicast boundary MULTICASTRNOADMIN
　　
　　Also enable the session directory facility (turn it on on one interface is all that is required):
　　
　　interface loopback0
　　ip address A.B.C.D
　　ip pim sparse-mode
　　ip sdr listen
　　
　　Turn on MBGP for your networks (assuming you run BGP, if not make sure the RNO does this on your behalf).
　　
　　router bgp 65536
　　network 130.155.0.0 nlri unicast multicast
　　
　　Enable MBGP to the RNO BGP peer:
　　
　　router bgp 65536
　　neighbor 203.15.123.37 remote-as 7570 nlri unicast multicast
　　
　　Create a local Rendezvous Point (assumes you want to use the loopback mentioned above as the RP address, you might want to create a separate loopback for the RP - which you can move to another router if desired). Specify an access list to stop incorrect multicast sessions from being registered.
　　
　　ip access-list extended pim-register-filter
　　deny ip any 224.0.0.0 0.0.0.255
　　deny ip any 232.0.0.0 0.255.255.255
　　deny ip 10.0.0.0 0.255.255.255 any
　　deny ip 127.0.0.0 0.255.255.255 any
　　deny ip 172.16.0.0 0.15.255.255 any
　　deny ip 192.168.0.0 0.0.255.255 any
　　permit ip any any
　　ip pim rp-address A.B.C.D
　　ip pim register-rate-limit 2
　　ip pim accept-register list pim-register-filter
　　
　　Establish MSDP between local RP and RNO RP
　　! Create an RNO MSDP filter
　　! This allows AARNet wide multicast advertisements to pass,
　　! and allows local RNO advertisements to pass,
　　! but blocks members private advertisements.
　　! Use this on all MSDP peerings between an AARNet RNO and a member,
　　! or between two members.
　　ip access-list extended MSDPRNOFILTER
　　remark SGI-Dogfight
　　deny ip any host 224.0.1.2
　　remark Rwhod
　　deny ip any host 224.0.1.3
　　remark SVRLOC
　　deny ip any host 224.0.1.22
　　remark microsoft-ds
　　deny ip any host 224.0.1.24
　　remark Cisco auto-RP
　　deny ip any host 224.0.1.39
　　deny ip any host 224.0.1.40
　　remark SVRLOC-DA
　　deny ip any host 224.0.1.35
　　remark hp-device-discovery
　　deny ip any host 224.0.1.60
　　remark unknown ...
　　deny ip any host 224.0.2.2
　　remark reserved RFC2365
　　deny ip any 239.0.0.0 0.127.255.255
　　deny ip any 239.128.0.0 0.63.255.255
　　deny ip any 239.253.0.0 0.0.255.255
　　deny ip any 239.254.0.0 0.0.255.255
　　deny ip any 239.255.0.0 0.0.255.255
　　remark member scope multicast
　　deny ip any 239.224.0.0 0.15.255.255
　　remark bad source RFC3330
　　deny ip 127.0.0.0 0.255.255.255 any
　　remark bad source RFC1918
　　deny ip 10.0.0.0 0.255.255.255 any
　　deny ip 172.16.0.0 0.15.255.255 any
　　deny ip 192.168.0.0 0.0.255.255 any
　　remark Source Specific Multicast
　　deny ip any 232.0.0.0 0.255.255.255
　　remark all the rest might be OK
　　remark including RNO and AARNet scope
　　permit ip any any
　　ip msdp peer 203.15.123.37
　　ip msdp description 203.15.123.37 MSDP multicast with NSW RNO
　　ip msdp sa-filter in 203.15.123.37 list MSDPRNOFILTER
　　ip msdp sa-filter out 203.15.123.37 list MSDPRNOFILTER
　　ip msdp cache-sa-state
　　Turn on pim-sparse mode to internal network interfaces.
　　
　　interface FastEthernet2/0
　　ip pim sparse-mode
　　interface FastEthernet3/0
　　ip pim sparse-mode
　　
　　Internal Routers
　　Do the following on all internal routers.
　　
　　Enable multicast (use "distributed" mode when using "distributed cef" for less CPU impact/better performance on Cisco 7500 platforms):
　　
　　ip multicast-routing distributed
　　
　　put pim sparse-mode on all interfaces:
　　
　　interface FastEthernet 1/0
　　ip pim sparse-mode
　　interface FastEthernet 2/0
　　ip pim sparse-mode
　　
　　Also enable the session directory facility (turn it on on one interface is all that is required):
　　
　　interface loopback0
　　ip pim sparse-mode
　　ip sdr listen
　　
　　Specify your RP (using the address mentioned above):
　　
　　ip pim rp-address A.B.C.D
　　
　　Internal Switches
　　Choose one of the following on all internal switches.
　　
　　CGMP
　　Enable CGMP on your switches
　　
　　set cgmp enable
　　
　　Turn on CGMP on router interfaces connected to your switches:
　　
　　interface FastEthernet 1/0
　　ip cgmp
　　interface FastEthernet 2/0
　　ip cgmp
　　
　　IGMP
　　Enable IGMP on your switches
　　
　　set igmp enable
　　
　　Local RP
　　In a large site (many layer 3 routers) you may choose to use auto-RP (Cisco proprietary), or anycast RP, or BSR (but note that BSR does not support scoped addresses properly) to set up your Rendezvous Point. It would also be good to configure a redundant RP.
　　
　　Rate Limiting
　　Rate limiting should be applied on any small link to prevent unwanted flooding of the link by multicast traffic. Care should be paid to shared infrastructure (such as an RNO switch) to ensure the rate limits for all members are the same, and favour the member with the fullest link, otherwise that member will suffer link saturation. On a per-interface basis you can apply the following (units are kilobits per second):
　　
　　interface XYZ0/0
　　ip multicast rate-limit in 600

文章来源于领测软件测试网 https://www.ltesting.net/