Announcement

Collapse
No announcement yet.

Multicast Simple Configuration between 3560 & 4948 Switch.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multicast Simple Configuration between 3560 & 4948 Switch.

    Hi,
    I need help to configure the multicast between the L3 switches. Attached is the proposed network setup and connectivity.

    Description: - We have a multicast streamer having Ethernet IP 192.168.10.1/24 assigned and is streaming multicast currently on three IPs (228.115.105.1, 228.115.105.2 & 228.115.105.3 as shown on UDP port (2200).The streamer is proposed to connected to a central L3 3560 switch directly, and this 3560 will be feeding multicast to two departments connected again by 4948 L3 switches on the proposed interfaces.
    Motive & Requirements:-
    1) The two deptt need to be on different VLANs (like VLAN 100 & 200)for isolations and will be feed with controlled multicast only (e.g Sales can join only 228.115.105.1 & Mkt can join all three multicast groups and rest any MC groups can be denied from joining…by using some igmp join ACL).
    2) No igmp-join requests from the receivers should hit 3560 and should be served by their respective switches (4948 only)…by using static-igmp-joins on 4948 switches.
    Can any body help me with the desired simple configuration for each switch to accomplish the above requirements? Any help in this regards will be highly appreciated.

    Thanks in advanced.
    Attached Files

  • #2
    Re: Multicast Simple Configuration between 3560 & 4948 Switch.

    You can run pim dense-mode to push the feed out to everyone or sparse-mode to let the hosts decide if they want the traffic. Sparse mode requires an RP if configured statically or an RP and Mapping agent if using Auto-RP. Since this is a small design I would say making the 3560 the RP.

    3560

    ip pim rp-address x.x.x.x RP_GROUPS

    ip access-list standard RP_GROUPS
    permit 228.115.105.1
    permit 228.115.105.2
    permit 228.115.105.3

    ip multicast-routing distributed

    enable pim on the required interfaces




    Other Switches

    Sales:

    ip mulitcast-routing

    ip access-list standard SALES
    permit 228.115.105.1

    Int vlan 100
    ip pim sparse-mode
    ip igmp access-group SALES (permits Sales to only send joins for that group)

    ip pim rp-address x.x.x.x RP_GROUPS

    ip access-list standard RP_GROUPS
    permit 228.115.105.1
    permit 228.115.105.2
    permit 228.115.105.3


    Marketing:

    ip multicast-routing

    ip pim rp-address x.x.x.x RP_GROUPS

    ip access-list standard RP_GROUPS
    permit 228.115.105.1
    permit 228.115.105.2
    permit 228.115.105.3


    ip access-list standard MARKETING
    permit 228.115.105.1
    permit 228.115.105.2
    permit 228.115.105.3


    int vlan 200
    ip pim sparse-mode
    ip igmp access-group MARKETING




    Thats just an example. Are your hosts not IGMP capable? Just wondering why your using static joins. Also not sure how this will work as PIM will not send multicast traffic out the same interface it was received on. Give it a try and see if it works.
    Last edited by auglan; 21st June 2010, 19:50.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Multicast Simple Configuration between 3560 & 4948 Switch.

      Hi auglan,
      Thanks for reply and your extended support. I tried but I am not able to configure "ip pim sparse-dense-mode" or ip pim sparse-mode" on the SVI I create on 3560 switch.It takes only "ip pim passive" command. But on the Gige interfaces of same switch I can use any of the pim commands.

      conf t
      int vl100
      ip address 192.168.10.4
      ip pim ?
      passive Enable PIM passive operation.

      Apart from this I would like you to help me to configure all the required commands on each interface on all the switches shown in the diagram. Below are my configuration done on 3560 & 4948 switches, but no luck. When I connect one Laptop on any 4948 switch running VLC player to join any multicast, I didn’t see any stream. But I can see multicast stream when I hooked this Laptop to 3560 directly. I haven’t done any other configuration apart from below. I want to have full control/restriction on any igmp joins from any clients on sales and mkt at 3560 switch only. So I think using ACL under respective VLANs of sales and mkt should work.

      3560:--
      ip routing
      !
      ip multicast-routing distributed
      !
      interface GigabitEthernet0/13
      description ***Connected to Streamer***
      ip address 192.168.10.2 255.255.255.0 <<< Is this fine or need to be a access port.
      ip pim sparse-mode
      !
      interface GigabitEthernet0/25
      description ***Connected to SALES***
      switchport access vlan 100
      switchport mode access
      speed nonegotiate
      !
      interface GigabitEthernet0/27
      description ***Connected to MKT***
      switchport access vlan 200
      switchport mode access
      speed nonegotiate
      !
      interface Vlan100
      ip address 10.11.102.1 255.255.255.252
      ip pim passive <<<< Cannot configure pim-sparse
      ip igmp access-group SALES
      load-interval 30
      !
      interface Vlan200
      ip address 10.12.102.1 255.255.255.252
      ip pim passive <<<< Cannot configure pim-sparse
      ip igmp access-group MARKETING
      load-interval 30
      !
      ip access-list standard SALES
      permit 228.115.105.1

      !
      ip access-list standard MARKETING
      permit 228.115.105.1
      permit 228.115.105.2
      permit 228.115.105.3


      Other Switches

      Sales:

      ip mulitcast-routing
      !
      interface GigabitEthernet1/45

      no switchport
      ip address 10.11.102.2 255.255.255.252
      ip pim sparse-mode
      load-interval 30
      speed nonegotiate
      !
      interface GigabitEthernet1/2
      description ***CLIENT-1 of SALES***<< Laptop with IP 192.168.10.2 & GW as 192.168.10.1
      switchport access vlan 400
      switchport mode access
      !
      interface Vlan400

      description ***For Clients of SALES ***
      ip address 192.168.10.1 255.255.255.0
      ip pim sparse-mode
      load-interval 30


      Marketing:

      ip multicast-routing
      !
      interface GigabitEthernet1/2

      description ***CLIENT-1 of MKT*** << Laptop with IP 192.168.10.2 & GW as 192.168.10.1
      switchport access vlan 300
      switchport mode access
      !
      interface Vlan300

      description ***For Clients of MKT ***
      ip address 192.168.10.1 255.255.255.0
      ip pim sparse-mode
      load-interval 30

      Please help me to configure each interface so there is no problem left.

      Comment


      • #4
        Re: Multicast Simple Configuration between 3560 &amp; 4948 Switch.

        Did you try remove the ip pim passive command? Not sure why you cant enable pim on the SVI's. What version of IOS are you running? Yes you can use the routed port to the streamer. Take the igmp access-group commands off the 3560. They should go on the other switches SVI's.The acl permits IGMP joins only to the groups permitted on the acl, Again not sure why you cant use pim on the SVI's. Does it take spare-dense or just dense? You can always loose the SVI's and use routed interfaces to your other switches. It didnt seem to have a problem on the routed ports. Also I dont see the static rp assignment on any of the switches. PIM Spares mode requires an RP if just using static RP or an RP and Mapping Agent if using Auto-RP. That may be the issue right there.


        int gi0/13
        no switchport
        "ip address" "mask"
        ip pim sparse-mode
        Last edited by auglan; 22nd June 2010, 13:01.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: Multicast Simple Configuration between 3560 &amp; 4948 Switch.

          Hi Auglan,

          Thanks !!! My IOS is c3560-ipbase-mz.12.2(53)SE2 and I dont know why on SVI I cant enable other PIM modes..just only "pim passive", though on other routed ports I can configure all PIM modes.

          I managed to see & get multicast(using the same configurations as posted)by additionally enabled eigrp on all the switches and configured RP statically on all switches. But my utmost requirement of having control on the desired multicast to be forwarded to SALES & MKT to be managed from 3560 Switch only, is missing.

          Since I dont want this control(using ACL) resides on these 4948 switches which doesnt belongs to us, as they considered as CE device on which we have no control.I was seeking the solution to be modified so that the control using ACL is from 3560 ONLY.

          Comment


          • #6
            Re: Multicast Simple Configuration between 3560 &amp; 4948 Switch.

            The issue is that the IGMP joins from the hosts on your vlans will go to the other switches. That switch will process the join and forward a PIM join towards the RP, so the 3560 never sees the IGMP join as IGMP is between hosts and routers and PIM is between routers and routers.

            The only other thing I can think of is configuring stub multicast routing. Its almost like the ip helper-address command used for fowarding dhcp requests.

            ip igmp helper-address <upstream-ip> (configure this on the other switches layer 3 interfaces)

            This pretty much will exempt the other 2 switches from IGMP and PIM message processing. The 3560 will handle the IGMP and PIM messaging on behalf of the other two switches, its like a proxy for multicast. You then should be able to filter you vlan/groups with the ip igmp access-group config. You will run sparse-mode on the 3560 and dense-mode on the other two switches. Also you will have to make sure the 3560 and the other 2 switches dont become pim neighbors.

            ip pim neighbor-filter <acl>
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: Multicast Simple Configuration between 3560 &amp; 4948 Switch.

              Hi Auglan,

              Thanks for all support and guidance and below are the desired working configurations and would like to share with everybody for a simple & a secured multicast for a small network.

              On 3750 Switch:-

              ip subnet-zero
              no ip source-route
              ip routing
              no ip domain-lookup
              !
              !
              ip multicast-routing distributed
              !
              !
              interface Loopback0
              ip address 10.10.10.10 255.255.255.255
              ip pim sparse-mode
              !
              interface GigabitEthernet0/13
              description ***Connected to Streamer***
              switchport access vlan 700
              switchport mode access
              load-interval 30
              !
              !
              interface GigabitEthernet0/25
              description ***Connected to SALES***
              no switchport
              ip address 10.X.X.1 255.255.255.252
              ip access-group 101 in
              no ip redirects
              no ip unreachables
              no ip proxy-arp
              ip pim dr-priority 100
              ip pim sparse-mode
              ip multicast boundary 13
              load-interval 30
              speed nonegotiate
              !
              interface GigabitEthernet0/27
              description ***Connected to MKT***
              no switchport
              ip address 10.X.X.5 255.255.255.252
              ip access-group 101 in
              no ip redirects
              no ip unreachables
              no ip proxy-arp
              ip pim dr-priority 100
              ip pim sparse-mode
              ip multicast boundary 14
              load-interval 30
              speed nonegotiate
              !
              ip classless
              no ip http server
              ip pim rp-address 10.10.10.10
              !
              access-list 13 deny 224.0.1.35 log
              access-list 13 deny 224.0.1.60 log
              access-list 13 deny 224.0.1.3 log
              access-list 13 deny 224.0.1.2 log
              access-list 13 remark Multicast_filtering_ACL_SALES
              access-list 13 deny 239.150.151.4 log
              access-list 13 deny 224.0.1.22 log
              access-list 13 deny 224.0.1.24 log
              access-list 13 deny 224.0.0.0 0.0.0.255 log
              access-list 13 permit 228.115.105.1 log
              !
              access-list 14 deny 224.0.1.35 log
              access-list 14 deny 224.0.1.60 log
              access-list 14 deny 224.0.1.3 log
              access-list 14 deny 224.0.1.2 log
              access-list 14 remark Multicast_filtering_ACL_MKT
              access-list 14 deny 239.150.151.4 log
              access-list 14 deny 224.0.1.22 log
              access-list 14 deny 224.0.1.24 log
              access-list 14 deny 224.0.0.0 0.0.0.255 log
              access-list 14 permit 228.115.105.1 log
              access-list 14 permit 228.115.105.2 log
              access-list 14 permit 228.115.105.3 log
              !
              access-list 101 deny icmp any any log-input
              access-list 101 permit ip any any log-input

              On SALES Switches:-

              ip multicast-routing
              ip pim rp-address 10.10.10.10
              !
              interface GigabitEthernetX/X
              description ***Connected to Provider***
              no switchport
              ip address 10.X.X.2 255.255.255.252
              no ip redirects
              no ip unreachables
              no ip proxy-arp
              ip pim dr-priority 10
              ip pim sparse-mode
              load-interval 30
              speed nonegotiate
              !
              interface VlanX
              ip address X.X.X.X X.X.X.X
              ip pim sparse-mode
              ip igmp static-group 228.115.105.1
              load-interval 30
              !
              ip route 10.10.10.10 255.255.255.255 GigabitEthernetX/X 10.X.X.1

              On MKT Switches:-

              ip multicast-routing
              ip pim rp-address 10.10.10.10
              !
              interface GigabitEthernetX/X
              description ***Connected to Provider***
              no switchport
              ip address 10.X.X.6 255.255.255.252
              no ip redirects
              no ip unreachables
              no ip proxy-arp
              ip pim dr-priority 10
              ip pim sparse-mode
              load-interval 30
              speed nonegotiate
              !
              interface VlanX
              ip address X.X.X.X X.X.X.X
              ip pim sparse-mode
              ip igmp static-group 228.115.105.1
              ip igmp static-group 228.115.105.2
              ip igmp static-group 228.115.105.3
              load-interval 30
              !
              ip route 10.10.10.10 255.255.255.255 GigabitEthernetX/X 10.X.X.5

              Comment

              Working...
              X