目录
第五章 组播协议
实验 5-1 组播、IGMP及PIM DM协议
学习目的
·掌握路由器启动组播路由功能的配置方法
·掌握配置接口IGMP功能的方法
·掌握PIM DM的配置方法
·掌握查看和测试组播的方法
·掌握PIM一些高级特性的配置方法
拓扑图
图5-1 组播、IGMP及PIM DM协议
场景
你是公司的网络管理员。公司准备使用组播来进行一些业务的转发。在当前网络上,网络规模较小,你决定使用PIM的DM模式来实现组播路由信息的学习。组播转发的实现过程中,你需要考虑到主机应用对IGMP不同版本的兼容,同时需要考虑使用合适的方式测试网络中组播是否正常工作。为了提升网络的效率和安全性,你采用了PIM DM的一些手段,包括PIM邻居的控制、嫁接和其他安全措施。同时实现网络的组播转发之前,你也遇到了一些网络故障,经过一些故障排除步骤,最终网络正常工作了。
学习任务
步骤一.基础配置与IP编址
首先,如果采用真机的实验环境,为防止路由器收到其他网段的组播报文,建议对S2交换机(实现R1和R3的互联)做如下配置(如果是eNSP模拟器环境,则不需要进行下列配置):
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname S2
[S2]vlan 13
[S2-vlan13]quit
[S2]int GigabitEthernet 0/0/1
[S2-GigabitEthernet0/0/1]port link-t access
[S2-GigabitEthernet0/0/1]port default vlan 13
[S2-GigabitEthernet0/0/1]quit
[S2]int GigabitEthernet 0/0/3
[S2-GigabitEthernet0/0/3]port link-t access
[S2-GigabitEthernet0/0/3]port default vlan 13
[S2-GigabitEthernet0/0/3]quit
给所有路由器配置IP地址和掩码。配置时注意所有的Loopback接口配置掩码均为24位。
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R1
[R1]interface Serial 1/0/0
[R1-Serial1/0/0]ip address 10.0.12.1 24
[R1-Serial1/0/0]quit
[R1]interface Serial 3/0/0
[R1-Serial3/0/0]ip address 10.0.14.1 24
[R1-Serial3/0/0]quit
[R1]interface GigabitEthernet 0/0/2
[R1-GigabitEthernet0/0/2]ip address 10.0.13.1 24
[R1-GigabitEthernet0/0/2]quit
[R1]interface LoopBack 0
[R1-LoopBack0]ip address 10.0.1.1 32
[R1-LoopBack0]quit
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R2
[R2]interface Serial 1/0/0
[R2-Serial1/0/0]ip address 10.0.12.2 24
[R2-Serial1/0/0]quit
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]ip address 10.0.25.2 24
[R2-GigabitEthernet0/0/0]quit
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]ip address 10.0.24.2 24
[R2-GigabitEthernet0/0/1]quit
[R2]interface LoopBack 0
[R2-LoopBack0]ip address 10.0.2.2 32
[R2-LoopBack0]quit
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R3
[R3]interface GigabitEthernet 0/0/2
[R3-GigabitEthernet0/0/2]ip address 10.0.13.3 24
[R3-GigabitEthernet0/0/2]quit
[R3]interface Serial 3/0/0
[R3-Serial3/0/0]ip address 10.0.35.3 24
[R3-Serial3/0/0]quit
[R3]interface LoopBack 0
[R3-LoopBack0]ip address 10.0.3.3 32
[R3-LoopBack0]quit
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R4
[R4]interface Serial 1/0/0
[R4-Serial1/0/0]ip address 10.0.14.4 24
[R4-Serial1/0/0]quit
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]ip address 10.0.24.4 24
[R4-GigabitEthernet0/0/1]quit
[R4]interface LoopBack 0
[R4-LoopBack0]ip address 10.0.4.4 32
[R4-LoopBack0]quit
<Huawei>system-view
Enter system view, return user view with Ctrl+Z.
[Huawei]sysname R5
[R5]interface Serial 1/0/0
[R5-Serial1/0/0]ip address 10.0.35.5 24
[R5-Serial1/0/0]quit
[R5]interface GigabitEthernet 0/0/0
[R5-GigabitEthernet0/0/0]ip address 10.0.25.5 24
[R5-GigabitEthernet0/0/0]quit
[R5]interface LoopBack 0
[R5-LoopBack0]ip address 10.0.5.5 32
[R5-LoopBack0]quit
配置完成以后,验证路由器之间的连通性。
[R1]ping -c 1 10.0.13.3
PING 10.0.13.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.13.3: bytes=56 Sequence=1 ttl=255 time=5 ms
--- 10.0.13.3 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 5/5/5 ms
[R1]ping -c 1 10.0.12.2
PING 10.0.12.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.12.2: bytes=56 Sequence=1 ttl=255 time=37 ms
--- 10.0.12.2 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 37/37/37 ms
[R1]ping -c 1 10.0.14.4
PING 10.0.14.4: 56 data bytes, press CTRL_C to break
Reply from 10.0.14.4: bytes=56 Sequence=1 ttl=255 time=38 ms
--- 10.0.14.4 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 38/38/38 ms
[R5]ping -c 1 10.0.35.3
PING 10.0.35.3: 56 data bytes, press CTRL_C to break
Reply from 10.0.35.3: bytes=56 Sequence=1 ttl=255 time=33 ms
--- 10.0.35.3 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 33/33/33 ms
[R5]ping -c 1 10.0.25.2
PING 10.0.25.2: 56 data bytes, press CTRL_C to break
Reply from 10.0.25.2: bytes=56 Sequence=1 ttl=255 time=10 ms
--- 10.0.25.2 ping statistics ---
1 packet(s) transmitted
1 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/10/10 ms
步骤二.配置所有路由器启用组播路由功能
启用R1、R2、R3、R4及R5的组播路由功能。要开启组播功能,首先在系统视图下运行命令multicast routing-enable。
默认情况下,VRP平台的组播功能是关闭的。无论要使用PIM还是IGMP都需要先在全局下开启组播功能。
[R1]multicast routing-enable
对于要运行PIM DM的接口,在接口视图下运行pim dm开启组播路由协议。
[R1]interface GigabitEthernet 0/0/2
[R1-GigabitEthernet0/0/2]pim dm
[R1-GigabitEthernet0/0/2]quit
[R1]interface Serial 1/0/0
[R1-Serial1/0/0]pim dm
[R1-Serial1/0/0]quit
[R1]interface Serial 3/0/0
[R1-Serial3/0/0]pim dm
[R1-Serial3/0/0]quit
在R2、R3、R4、R5上进行相同的配置,注意在路由器与路由器的互联接口上开启PIM DM的功能。
[R2]multicast routing-enable
[R2]interface Serial 1/0/0
[R2-Serial1/0/0]pim dm
[R2-Serial1/0/0]quit
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]pim dm
[R2-GigabitEthernet0/0/0]quit
[R3]multicast routing-enable
[R3]interface GigabitEthernet 0/0/2
[R3-GigabitEthernet0/0/2]pim dm
[R3-GigabitEthernet0/0/2]quit
[R3]interface Serial 3/0/0
[R3-Serial3/0/0]pim dm
[R3-Serial3/0/0]quit
[R4]multicast routing-enable
[R4]interface Serial 1/0/0
[R4-Serial1/0/0]pim dm
[R4-Serial1/0/0]quit
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]pim dm
[R4-GigabitEthernet0/0/1]quit
[R5]multicast routing-enable
[R5]interface Serial 1/0/0
[R5-Serial1/0/0]pim dm
[R5-Serial1/0/0]quit
[R5]interface GigabitEthernet 0/0/0
[R5-GigabitEthernet0/0/0]pim dm
[R5-GigabitEthernet0/0/0]quit
配置完成后,查看路由器PIM在接口上的运行状态。
[R1]display pim interface
VPN-Instance: public net
Interface State NbrCnt HelloInt DR-Pri DR-Address
GE0/0/2 up 1 30 1 10.0.13.3
S1/0/0 up 1 30 1 10.0.12.2
S3/0/0 up 1 30 1 10.0.14.4
可以看到R1有3个接口运行了PIM,并且在每个接口上各有一个邻居(NbrCnt),同时我们还可以发现,在一个网段上接口IP地址较大的路由器将成为这个网段的DR。
查看R1上接口G0/0/2的PIM详细信息。
[R1]display pim interface GigabitEthernet 0/0/2 verbose
VPN-Instance: public net
Interface: GigabitEthernet0/0/2, 10.0.13.1
PIM version: 2
PIM mode: Dense
PIM state: up
PIM DR: 10.0.13.3
PIM DR Priority (configured): 1
PIM neighbor count: 1
PIM hello interval: 30 s
PIM LAN delay (negotiated): 500 ms
PIM LAN delay (configured): 500 ms
PIM hello override interval (negotiated): 2500 ms
PIM hello override interval (configured): 2500 ms
PIM Silent: disabled
PIM neighbor tracking (negotiated): disabled
PIM neighbor tracking (configured): disabled
PIM join attribute (negotiated): disabled
PIM generation ID: 0X53201C1B
PIM require-GenID: disabled
PIM hello hold interval: 105 s
PIM assert hold interval: 180 s
PIM triggered hello delay: 5 s
PIM J/P interval: 60 s
PIM J/P hold interval: 210 s
PIM state-refresh processing: enabled
PIM state-refresh interval: 60 s
PIM graft retry interval: 3 s
PIM state-refresh capability on link: capable
PIM BFD: disabled
PIM dr-switch-delay timer: not configured
Number of routers on link not using DR priority: 0
Number of routers on link not using LAN delay: 0
Number of routers on link not using neighbor tracking: 2
Number of routers on link not using join attribute: 2
ACL of PIM neighbor policy: -
ACL of PIM ASM join policy: -
ACL of PIM SSM join policy: -
ACL of PIM join policy: -
可以看到PIM DM默认的Hello间隔是30秒,Hello的保持时间是Hello间隔的3.5倍,也就是105秒。
查看R1的邻居列表,共有3台路由器与R1形成PIM邻居关系,邻居默认的DR优先级均为1。
[R1]display pim neighbor
VPN-Instance: public net
Total Number of Neighbors = 3
Neighbor Interface Uptime Expires Dr-Priority BFD-Session
10.0.13.3 GE0/0/2 00:09:02 00:01:16 1 N
10.0.12.2 S1/0/0 00:17:01 00:01:43 1 N
10.0.14.4 S3/0/0 00:16:08 00:01:37 1 N
查看邻居R3的详细信息,Uptime表示邻居关系已经建立的时间,Expiry time表示PIM邻居还有多少时间就要超时,LAN delay表示传递Prune剪枝消息的延迟时间,Override interval表示否决Prune剪枝的时间间隔。
[R1]display pim neighbor 10.0.13.3 verbose
VPN-Instance: public net
Neighbor: 10.0.13.3
Interface: GigabitEthernet0/0/2
Uptime: 00:40:11
Expiry time: 00:01:37
DR Priority: 1
Generation ID: 0X9AF72165
Holdtime: 105 s
LAN delay: 500 ms
Override interval: 2500 ms
State refresh interval: 60 s
Neighbor tracking: Disabled
PIM join attribute: Disabled
PIM BFD-Session: N
步骤三.配置IGMP
在这个实验中,我们模拟组播用户连接在交换机S1上。在R2和R4的G0/0/1接口开启IGMP功能。要开启IGMP的功能,在接口模式下运行igmp enable。
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]igmp enable
[R2-GigabitEthernet0/0/1]quit
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]igmp enable
[R4-GigabitEthernet0/0/1]quit
为了实验需要,在R2和R4的G0/0/1接口添加静态组播组。这样,该接口始终会转发目的地址为225.1.1.1的组播流量。
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]igmp static-group 225.1.1.1
[R2-GigabitEthernet0/0/0]quit
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]igmp static-group 225.1.1.1
[R4-GigabitEthernet0/0/1]quit
默认情况下,VRP平台使用的IGMP版本为v2。从下面的输出中可以看到现在G0/0/1接口所在网段的查询器是10.0.24.2,即为R2。对于IGMP v2来说,选取网段上IP地址较小的那台路由器作为查询器。
[R2]display igmp interface GigabitEthernet 0/0/1
Interface information of VPN-Instance: public net
GigabitEthernet0/0/1(10.0.24.2):
IGMP is enabled
Current IGMP version is 2
IGMP state: up
IGMP group policy: none
IGMP limit: -
Value of query interval for IGMP (negotiated): -
Value of query interval for IGMP (configured): 60 s
Value of other querier timeout for IGMP: 0 s
Value of maximum query response time for IGMP: 10 s
Querier for IGMP: 10.0.24.2 (this router)
[R4]display igmp interface GigabitEthernet 0/0/1
Interface information of VPN-Instance: public net
GigabitEthernet0/0/1(10.0.24.4):
IGMP is enabled
Current IGMP version is 2
IGMP state: up
IGMP group policy: none
IGMP limit: -
Value of query interval for IGMP (negotiated): -
Value of query interval for IGMP (configured): 60 s
Value of other querier timeout for IGMP: 104 s
Value of maximum query response time for IGMP: 10 s
Querier for IGMP: 10.0.24.2
在R2上查看接口的静态IGMP组,可以看到225.1.1.1这个组是刚才我们手工添加的组播组。
[R2]display igmp group static
Static join group information
Total 1 entry, Total 1 active entry
Group Address Source Address Interface State Expires
225.1.1.1 0.0.0.0 GE0/0/1 UP never
在接口下查看IGMP路由表。
[R2]display igmp routing-table
Routing table of VPN-Instance: public net
Routing table
Total 1 entry
00001. (*, 225.1.1.1)
List of 1 downstream interface
GigabitEthernet0/0/1 (10.0.24.2),
Protocol: STATIC
若在接口上只配置了IGMP,没有配置PIM,且接口为查询器的情况下,才会生成IGMP路由表项。该路由表条目在R4上是看不到的,因为现在R2是网段10.0.24.0/24的查询器。
默认情况下,查询器的查询周期为60秒,为了加快用户加入组播组的速度,我们可以通过igmp timer query修改发送查询报文的时间间隔。
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]igmp timer query 20
[R2-GigabitEthernet0/0/1]quit
配置完成以后,验证配置已生效。
[R2]display igmp interface GigabitEthernet 0/0/1
Interface information of VPN-Instance: public net
GigabitEthernet0/0/1(10.0.24.2):
IGMP is enabled
Current IGMP version is 2
IGMP state: up
IGMP group policy: none
IGMP limit: -
Value of query interval for IGMP (negotiated): -
Value of query interval for IGMP (configured): 20 s
Value of other querier timeout for IGMP: 0 s
Value of maximum query response time for IGMP: 10 s
Querier for IGMP: 10.0.24.2 (this router)
开启Debugging后可以看到接口每隔20秒发送一次成员关系查询(general query)。
<R2>terminal monitor
<R2>terminal debugging
<R2>debugging igmp query send
Nov 17 2016 12:33:03.390.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
Nov 17 2016 12:33:23.380.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
Nov 17 2016 12:33:43.360.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
<R2>undo debugging all
Info: All possible debugging has been turned off
路由器的健壮系数描述了IGMP路由器的健壮程度。路由器默认的健壮系数为2,这里通过关闭接口的方式测试健壮系数。首先观察默认情况下IGMP查询消息的间隔。
<R2>terminal monitor
<R2>terminal debugging
<R2>debugging igmp query send
Nov 17 2016 14:26:13.880.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
<R2>
Nov 17 2016 14:26:33.890.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
<R2>system-view
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]shutdown
[R2-GigabitEthernet0/0/1]undo shutdown
Nov 17 2016 14:26:51.810.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:26:56.790.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:27:16.790.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:27:36.770.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
在没有关闭接口之前,路由器的接口仍按照每20秒一次的间隔发送普遍查询消息,当接口被关闭又重新打开之后,前面2个查询报文的时间间隔为5秒。当路由器启动时会发送“健壮系数”次的“普遍组查询消息”,发送间隔是“IGMP普遍组查询消息的发送间隔”的1/4。
执行命令robust-count可配置IGMP健壮系数,注意该参数只有在IGMP v2和IGMP v3中才有效,在R2的G0/0/1上将健壮系数修改为3。
[R2-GigabitEthernet0/0/1]igmp robust-count 3
再使用Debugging观察普遍查询消息的发送。
[R2-GigabitEthernet0/0/1]shutdown
[R2-GigabitEthernet0/0/1]undo shutdown
Nov 17 2016 14:33:07.420.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:33:12.340.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:33:17.340.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]
Nov 17 2016 14:33:37.420.1+00:00 R2 IGMP/7/QUERY:(public net): Send version 2 general query on GigabitEthernet0/0/1(10.0.24.2) to destination 224.0.0.1 (G073969)
[R2-GigabitEthernet0/0/1]return
<R2>undo debugging all
Info: All possible debugging has been turned off
可以看到当健壮系数修改为3以后,当接口启用后前3个普遍组查询消息的时间间隔为5秒,从第四个普遍组查询消息开始时间间隔为20秒。
步骤四.观察组播路由表
为了观察组播路由的传递,在该拓扑上启用OSPF作为单播路由协议。
[R1]ospf 1 router-id 10.0.1.1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 10.0.1.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.14.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.13.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]network 10.0.12.1 0.0.0.0
[R1-ospf-1-area-0.0.0.0]quit
[R1-ospf-1]quit
[R2]ospf 1 router-id 10.0.2.2
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 10.0.2.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.25.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]network 10.0.12.2 0.0.0.0
[R2-ospf-1-area-0.0.0.0]quit
[R2-ospf-1]quit
[R3]ospf 1 router-id 10.0.3.3
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 10.0.3.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.13.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]network 10.0.35.3 0.0.0.0
[R3-ospf-1-area-0.0.0.0]quit
[R3-ospf-1]quit
[R4]ospf 1 router-id 10.0.4.4
[R4-ospf-1]area 0
[R4-ospf-1-area-0.0.0.0]network 10.0.4.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]network 10.0.14.4 0.0.0.0
[R4-ospf-1-area-0.0.0.0]quit
[R4-ospf-1]quit
[R5]ospf 1 router-id 10.0.5.5
[R5-ospf-1]area 0
[R5-ospf-1-area-0.0.0.0]network 10.0.5.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 10.0.25.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]network 10.0.35.5 0.0.0.0
[R5-ospf-1-area-0.0.0.0]quit
[R5-ospf-1]quit
配置完成以后,检查各路由器已能学习到其他路由器的Loopback地址。
[R2]display ip routing-table protocol ospf
Route Flags: R - relay, D - download to fib
----------------------------------------------------------------------------
Public routing table : OSPF
Destinations : 7 Routes : 8
OSPF routing table status : <Active>
Destinations : 7 Routes : 8
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.0.1.1/32 OSPF 10 1562 D 10.0.12.1 Serial1/0/0
10.0.3.3/32 OSPF 10 1563 D 10.0.12.1 Serial1/0/0
OSPF 10 1563 D 10.0.25.5 GigabitEthernet0/0/0
10.0.4.4/32 OSPF 10 3124 D 10.0.12.1 Serial1/0/0
10.0.5.5/32 OSPF 10 1 D 10.0.25.5 GigabitEthernet0/0/0
10.0.13.0/24 OSPF 10 1563 D 10.0.12.1 Serial1/0/0
10.0.14.0/24 OSPF 10 3124 D 10.0.12.1 Serial1/0/0
10.0.35.0/24 OSPF 10 1563 D 10.0.25.5 GigabitEthernet0/0/0
OSPF routing table status : <Inactive>
Destinations : 0 Routes : 0
为了模拟组播信息的传递,我们在R3上以自己的Loopback接口作为源地址,向目的地址225.1.1.1发送Ping数据包,模拟组播源。
[R3]ping -a 10.0.3.3 -c 300 225.1.1.1
间隔几分钟后,我们可以在其他所有路由器上看到组播路由表。在R2上查看组播路由表。
[R2]display pim routing-table
VPN-Instance: public net
Total 1(*, G) entry; 1 (S, G) entry
(*, 225.1.1.1)
Protocol: pim-dm, Flag: WC EXT
UpTime: 00:09:04
Upstream interface: NULL
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information: None
(10.0.3.3, 225.1.1.1)
Protocol: pim-dm, Flag:
UpTime: 00:00:52
Upstream interface: GigabitEthernet0/0/0
Upstream neighbor: 10.0.25.5
RPF prime neighbor: 10.0.25.5
Downstream interface(s) information: None
可以看到2个条目。
第一个条目(*, 225.1.1.1)为该接口配置了静态IGMP组产生的。
第二个条目(10.0.3.3, 225.1.1.1)为组播流量进行扩散后在该路由器上产生的条目。
从输出中我们还可以看到对于R2来说,该组播流的上游路由器为10.0.25.5。
启用了PIM以后,路由器会采用单播路由表进行RPF检查,从下面的输出中可以看到,对于组播源10.0.3.3,RPF的邻居是10.0.25.5。
[R2]display multicast rpf-info 10.0.3.3
VPN-Instance: public net
RPF information about source: 10.0.3.3
RPF interface: GigabitEthernet0/0/0, RPF neighbor: 10.0.25.5
Referenced route/mask: 10.0.3.3/32
Referenced route type: unicast
Route selection rule: preference-preferred
Load splitting rule: disable
步骤五.调整PIM DM参数
有时我们希望流量不按照单播路由的路径流向目的地,就可以通过rpf-route-static静态修改RPF路径。这个试验中,我们把RPF路径由原来的10.0.25.5修改为10.0.12.1。
[R2]ip rpf-route-static 10.0.3.0 255.255.255.0 10.0.12.1
配置完成以后,可验证RPF邻居已变成了10.0.12.1。
[R2]display multicast rpf-info 10.0.3.3
VPN-Instance: public net
RPF information about source: 10.0.3.3
RPF interface: Serial1/0/0, RPF neighbor: 10.0.12.1
Referenced route/mask: 10.0.3.0/24
Referenced route type: mstatic
Route selection rule: preference-preferred
Load splitting rule: disable
为了观察PIM的剪枝及嫁接消息,我们通过删除及添加IGMP静态组的方式来模拟用户的离开及加入。首先在R2上打开Debugging。
<R1>terminal monitor
<R2>terminal debugging
<R2>debugging pim join-prune
然后把R2的静态IGMP组225.1.1.1删除。
<R2>system-view
[R2]interface GigabitEthernet 0/0/1
[R2-GigabitEthernet0/0/1]undo igmp static-group 225.1.1.1
Nov 17 2016 15:00:05.300.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 JP sending 10.0.12.2 -> 224.0.0.13 on Serial1/0/0 (P012689)
Nov 17 2016 15:00:05.300.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 210 (P012693)
Nov 17 2016 15:00:05.300.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 0 joins 1 prunes (P012701)
Nov 17 2016 15:00:05.310.1+00:00 R2 PIM/7/JP:(public net): Prune: 10.0.3.3/32 (P012707)
Nov 17 2016 15:00:05.350.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 JP receiving 10.0.12.1 -> 224.0.0.13 on Serial1/0/0 (P012689)
Nov 17 2016 15:00:05.350.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 207 (P012693)
Nov 17 2016 15:00:05.350.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 0 joins 1 prunes (P012701)
Nov 17 2016 15:00:05.350.4+00:00 R2 PIM/7/JP:(public net): Prune: 10.0.3.3/32 (P012707)
可以看到R2立刻以组播地址224.0.0.13向上游接口发送剪枝消息,上游路由器的地址为10.0.12.1,此时225.1.1.1这个组播组已被剪枝。随后R1向R2发送消息确认剪枝。
然后再把刚才删除的静态IGMP组播组添加回去。
[R2-GigabitEthernet0/0/1]igmp static-group 225.1.1.1
Nov 17 2016 15:00:19.440.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 GFT sending 10.0.12.2 -> 10.0.12.1 on Serial1/0/0 (P012633)
Nov 17 2016 15:00:19.440.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.1, Groups 1, Holdtime 0 (P012639)
Nov 17 2016 15:00:19.440.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 1 joins 0 prunes (P012648)
Nov 17 2016 15:00:19.440.4+00:00 R2 PIM/7/JP:(public net): Join: 10.0.3.3/32 (P012654)
Nov 17 2016 15:00:19.480.1+00:00 R2 PIM/7/JP:(public net): PIM ver 2 GAK receiving 10.0.12.1 -> 10.0.12.2 on Serial1/0/0 (P012633)
Nov 17 2016 15:00:19.480.2+00:00 R2 PIM/7/JP:(public net): Upstream 10.0.12.2, Groups 1, Holdtime 0 (P012639)
Nov 17 2016 15:00:19.480.3+00:00 R2 PIM/7/JP:(public net): Group: 225.1.1.1/32 --- 1 joins 0 prunes (P012648)
Nov 17 2016 15:00:19.480.4+00:00 R2 PIM/7/JP:(public net): Join: 10.0.3.3/32 (P012654)
[R2-GigabitEthernet0/0/1]return
<R2>undo debugging all
Info: All possible debugging has been turned off
这时R2立刻向上游以单播的形式发送了嫁接消息,加入225.1.1.1,同时R1也以单播的形式向R2回应了嫁接确认。
从这里可以总结出:剪枝消息是以组播地址224.0.0.13发送的,而嫁接消息是以单播向上游发送的。
有时我们希望组播流量只在规定的范围内传递,这时候可以在接口下通过multicast boundary为某个特定的组播组或组播地址段定界。
控制组播组225.1.1.2的流量不要传递到R4上,在R1连接到R4的接口上增加如下配置。
[R1]interface Serial 3/0/0
[R1-Serial3/0/0]multicast boundary 225.1.1.2 255.255.255.255
[R1-Serial3/0/0]quit
在R3上模拟目的地址为225.1.1.2的组播流量。
[R3]ping -a 10.0.3.3 -c 300 225.1.1.2
等待在R2和R4上分别查看组播路由表,可以看到在R2上存在表项(10.0.3.3, 225.1.1.2),而在R4上没有该组播组路由条目,说明组播流量并没有扩散到R4上。
[R2]display pim routing-table
VPN-Instance: public net
Total 1 (*, G) entry; 2 (S, G) entries
(*, 225.1.1.1)
Protocol: pim-dm, Flag: WC EXT
UpTime: 00:09:04
Upstream interface: NULL
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information: None
(10.0.3.3, 225.1.1.1)
Protocol: pim-dm, Flag: EXT
UpTime: 00:02:11
Upstream interface: Serial1/0/0
Upstream neighbor: 10.0.12.1
RPF prime neighbor: 10.0.12.1
Downstream interface(s) information: None
(10.0.3.3, 225.1.1.2)
Protocol: pim-dm, Flag:
UpTime: 00:00:08
Upstream interface: Serial1/0/0
Upstream neighbor: 10.0.12.1
RPF prime neighbor: 10.0.12.1
Downstream interface(s) information: None
[R4]display pim routing-table
VPN-Instance: public net
Total 1 (*, G) entry; 1 (S, G) entry
(*, 225.1.1.1)
Protocol: pim-dm, Flag: WC
UpTime: 00:08:03
Upstream interface: NULL
Upstream neighbor: NULL
RPF prime neighbor: NULL
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet0/0/1
Protocol: static, UpTime: 00:08:03, Expires: never
(10.0.3.3, 225.1.1.1)
Protocol: pim-dm, Flag:
UpTime: 00:02:43
Upstream interface: Serial1/0/0
Upstream neighbor: 10.0.14.1
RPF prime neighbor: 10.0.14.1
Downstream interface(s) information:
Total number of downstreams: 1
1: GigabitEthernet0/0/1
Protocol: pim-dm, UpTime: 00:02:43, Expires: -
默认情况下PIM DM选取接口IP地址较大的路由器作为DR。
[R2]display pim interface
VPN-Instance: public net
Interface State NbrCnt HelloInt DR-Pri DR-Address
GE0/0/0 up 1 30 1 10.0.25.5
S1/0/0 up 1 30 1 10.0.12.2 (local)
在R2上查看接口状态可以看到在与R5连接的接口上,R5是DR。我们可以通过修改接口的优先级来影响DR的选举,该优先级值是一个32bit长度的数值,默认值为1。在下面的例子中,将R2连接到R5的接口的优先级改成100。
[R2]interface GigabitEthernet 0/0/0
[R2-GigabitEthernet0/0/0]pim hello-option dr-priority 100
[R2-GigabitEthernet0/0/0]quit
[R2]display pim interface
VPN-Instance: public net
Interface State NbrCnt HelloInt DR-Pri DR-Address
GE0/0/0 up 1 30 100 10.0.25.2 (local)
S1/0/0 up 1 30 1 10.0.12.2 (local)
可以看到当把路由器接口优先级更改到100以后,R2立刻抢占了DR的位置。
有时为了安全需要,我们希望面向用户侧的接口上不再收发PIM的Hello包,使用pim silent可实现该功能。
[R4]interface GigabitEthernet 0/0/1
[R4-GigabitEthernet0/0/1]pim silent
[R4-GigabitEthernet0/0/1]quit
配置完成以后检查PIM Silent已生效。
[R4]display pim interface GigabitEthernet 0/0/1 verbose
VPN-Instance: public net
Interface: GigabitEthernet0/0/1, 10.0.24.4
PIM version: 2
PIM mode: Dense
PIM state: up
PIM DR: 10.0.24.4 (local)
PIM DR Priority (configured): 1
PIM neighbor count: 0
PIM hello interval: 30 s
PIM LAN delay (negotiated): 500 ms
PIM LAN delay (configured): 500 ms
PIM hello override interval (negotiated): 2500 ms
PIM hello override interval (configured): 2500 ms
PIM Silent: enabled
PIM neighbor tracking (negotiated): disabled
PIM neighbor tracking (configured): disabled
PIM join attribute (negotiated): disabled
PIM generation ID: 0X1420A003
PIM require-GenID: disabled
PIM hello hold interval: 105 s
PIM assert hold interval: 180 s
PIM triggered hello delay: 5 s
PIM J/P interval: 60 s
PIM J/P hold interval: 210 s
PIM state-refresh processing: enabled
PIM state-refresh interval: 60 s
PIM graft retry interval: 3 s
PIM state-refresh capability on link: capable
PIM BFD: disabled
PIM dr-switch-delay timer: not configured
Number of routers on link not using DR priority: 0
Number of routers on link not using LAN delay: 0
Number of routers on link not using neighbor tracking: 1
Number of routers on link not using join attribute: 1
ACL of PIM neighbor policy: -
ACL of PIM ASM join policy: -
ACL of PIM SSM join policy: -
ACL of PIM join policy: -
附加实验: 思考并验证
PIM的DM模式适合于用户比较多,比较密集的场景。
思考一下生活中哪些网络应用适合使用PIM DM模式的组播来实现数据转发?它们的特点是什么?
PIM的DM模式在应用在大规模网络上,有哪些劣势?
最终设备配置
<R1>display current-configuration
[V200R007C00SPC600]
#
sysname R1
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.12.1 255.255.255.0
pim dm
#
interface Serial3/0/0
link-protocol ppp
ip address 10.0.14.1 255.255.255.0
pim dm
multicast boundary 225.1.1.2 32
#
ip address 10.0.13.1 255.255.255.0
pim dm
#
interface LoopBack0
ip address 10.0.1.1 255.255.255.255
#
ospf 1 router-id 10.0.1.1
area 0.0.0.0
network 10.0.1.1 0.0.0.0
network 10.0.14.1 0.0.0.0
network 10.0.13.1 0.0.0.0
network 10.0.12.1 0.0.0.0
#
return
<R2>display current-configuration
[V200R007C00SPC600]
#
sysname R2
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.12.2 255.255.255.0
pim dm
#
interface GigabitEthernet0/0/0
ip address 10.0.25.2 255.255.255.0
pim hello-option dr-priority 100
pim dm
#
interface GigabitEthernet0/0/1
ip address 10.0.24.2 255.255.255.0
igmp enable
igmp robust-count 3
igmp timer query 20
igmp static-group 225.1.1.1
#
interface LoopBack0
ip address 10.0.2.2 255.255.255.255
#
ospf 1 router-id 10.0.2.2
area 0.0.0.0
network 10.0.2.2 0.0.0.0
network 10.0.25.2 0.0.0.0
network 10.0.12.2 0.0.0.0
#
ip rpf-route-static 10.0.3.0 24 10.0.12.1
#
return
<R3>display current-configuration
[V200R007C00SPC600]
#
sysname R3
#
interface Serial3/0/0
link-protocol ppp
ip address 10.0.35.3 255.255.255.0
pim dm
#
interface GigabitEthernet0/0/2
ip address 10.0.13.3 255.255.255.0
pim dm
#
interface LoopBack0
ip address 10.0.3.3 255.255.255.255
#
ospf 1 router-id 10.0.3.3
area 0.0.0.0
network 10.0.3.3 0.0.0.0
network 10.0.13.3 0.0.0.0
network 10.0.35.3 0.0.0.0
#
return
<R4>display current-configuration
[V200R007C00SPC600]
#
sysname R4
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.14.4 255.255.255.0
pim dm
#
interface GigabitEthernet0/0/1
ip address 10.0.24.4 255.255.255.0
pim silent
igmp enable
igmp static-group 225.1.1.1
#
interface LoopBack0
ip address 10.0.4.4 255.255.255.255
#
ospf 1 router-id 10.0.4.4
area 0.0.0.0
network 10.0.4.4 0.0.0.0
network 10.0.14.4 0.0.0.0
#
return
<R5>display current-configuration
[V200R007C00SPC600]
#
sysname R5
#
interface Serial1/0/0
link-protocol ppp
ip address 10.0.35.5 255.255.255.0
pim dm
#
interface GigabitEthernet0/0/0
ip address 10.0.25.5 255.255.255.0
pim dm
#
interface LoopBack0
ip address 10.0.5.5 255.255.255.255
#
ospf 1 router-id 10.0.5.5
area 0.0.0.0
network 10.0.5.5 0.0.0.0
network 10.0.25.5 0.0.0.0
network 10.0.35.5 0.0.0.0
#
return