CCIE R&S Advanced Technologies Class v4.5 - PIM Sparse Mode RPF & RP Troubleshooting

Transcript

1	Introduction	0h 43m
2	Using the Cisco Documentation	0h 52m
3	Ethernet Overview, Layer 2 Switchports, Trunking, ISL, 802.1q, DTP	0h 47m
4	VTP, VTP Authentication, VTP Pruning	1h 02m
5	VTP Prune Eligible List, VTP Transparent, VTP Troubleshooting, Trunk Allowed List, Extended VLANs	0h 48m
6	VLAN and VTP Review	0h 19m
7	SVIs, Native Routed Interfaces, Router-on-a-Stick	0h 46m
8	Layer 2 EtherChannel, EtherChannel Load Balancing, Layer 3 EtherChannel	0h 57m
9	802.1q Tunneling, Layer 2 Protocol Tunneling, EtherChannel over 802.1q Tunneling	1h 03m
10	STP Root Bridge Election, STP Root Port Election, STP Designated Port Election, STP Priority, STP Cost, STP Port-Priority	1h 46m
11	STP Review	0h 12m
12	STP Timers, STP PortFast	0h 34m
13	STP UplinkFast	0h 11m
14	STP BackboneFast	0h 12m
15	STP BPDU Filter	0h 13m
16	STP BPDU Guard	0h 11m
17	STP Root Guard	0h 11m
18	STP Loop Guard, Unidirectional Link Detection (UDLD)	0h 11m
19	Multiple Spanning-Tree Protocol (MST)	0h 40m
20	Rapid Spanning-Tree Protocol (RSTP), Rapid-PVST	0h 18m
21	MST with Multiple Regions	0h 33m
22	Flex Links	0h 16m
23	Frame Relay	0h 39m
24	Frame Relay Configuration Part 1	0h 34m
25	Frame Relay Configuration Part 2	0h 41m
26	Frame Relay Switching	0h 27m
27	Back-to-Back Frame Relay	0h 08m
28	Frame-Relay End-to-End Keepalives	0h 18m
29	PPP, PPP PAP Authentication, PPP CHAP Authentication	0h 59m
30	PPPoFR, PPPoE	0h 40m
31	Transparent Bridging, IRB	0h 32m
32	Fallback Bridging	0h 14m
33	IP Routing Overview, Switching Paths, Static Routing	0h 42m
34	Static Routing Examples	0h 25m
35	IP Default-Gateway, IP Default-Network	0h 14m
36	On-Demand Routing (ODR)	0h 07m
37	Floating Static Routes	0h 10m
38	Backup Interface	0h 29m
39	Enhanced Object Tracking, IP SLA, Reliable Static Routing	0h 21m
40	Policy Routing	0h 43m
41	GRE Tunneling, GRE Recursive Routing Errors	0h 27m
42	Reliable Backup Interface with GRE	0h 25m
43	RIP Overview, RIP Versions, RIP Auto-Summary	0h 48m
44	RIP Split-Horizon, RIP Timers	0h 22m
45	RIP Broadcast Updates, IP Directed Broadcast, IP Broadcast-Address, Smurf Attacks, Fraggle Attacks	0h 16m
46	RIP Unicast Updates	0h 03m
47	RIP Offset-List	0h 18m
48	RIP Authentication	0h 11m
49	RIP Summarization	0h 10m
50	Prefix-Lists, RIP Distribute-List Filtering, RIP Administrative Distance Filtering	0h 48m
51	RIP Default Routing, RIP Conditional Default Routing	0h 18m
52	RIP Triggered, RIP Validate Update Source,	0h 12m
53	EIGRP Overview	0h 29m
54	EIGRP Auto-Summary	0h 07m
55	EIGRP Split-Horizon	0h 11m
56	EIGRP Update Types, EIGRP Neighbor, EIGRP Passive-Interface	0h 24m
57	EIGRP Hello-Interval, EIGRP Hold-Time	0h 05m
58	EIGRP Authentication	0h 11m
59	EIGRP Time Based Authentication	0h 25m
60	EIGRP Path Selection, EIGRP Metric Weights, EIGRP Traffic Engineering	0h 47m
61	EIGRP Unequal Cost Load Balancing, EIGRP Variance	0h 19m
62	EIGRP QUERY, EIGRP Summarization, EIGRP Leak-Map	0h 28m
63	EIGRP Stub Router Advertisement	0h 22m
64	EIGRP Default Routing	0h 13m
65	EIGRP Route Filtering	0h 11m
66	EIGRP Router-ID	0h 07m
67	Miscellaneous EIGRP Features	0h 02m
68	OSPF Overview	0h 27m
69	Establishing OSPF Adjacencies, Understanding the OSPF Database	0h 43m
70	OSPF Network Type Broadcast, OSPF DR/BDR Election, OSPF over NBMA, OSPF Network Type Non-Broadcast and Point-to-Multipoint	0h 56m
71	OSPF Network Type Point-to-Point, OSPF Network Type Mismatch	0h 13m
72	OSPF Network Type Point-to-Multipoint Non-Broadcast, OSPF Per Neighbor Cost	0h 17m
73	OSPF Network Type Loopback	0h 02m
74	OSPF Path Selection	0h 27m
75	OSPF Convergence Timers	0h 09m
76	OSPF Authentication	0h 12m
77	OSPF Summarization	0h 32m
78	OSPF Stub Areas, OSPF Totally Stubby Areas, OSPF NSSAs, OSPF Totally NSSAs	0h 40m
79	Controlling OSPF NSSA Redistribution	0h 02m
80	OSPF Type 7 to 5 Translator Election, OSPF LSA Type 3 Filter, OSPF Forwarding Address Suppression	0h 24m
81	Route Redistribution Overview	0h 36m
82	Route Redistribution Configuration & Verification, Connected Redistribution	0h 22m
83	OSPF External Path Selection, TCL PING Scripting	0h 33m
84	Routing Loops Overview, EIGRP Route Loop Prevention	0h 55m
85	Metric Based Routing Loops, Route Tagging	0h 46m
86	Administrative Distance Based Routing Loops, Debug IP Routing, IP Route Profile	0h 58m
87	BGP Overview, BGP Peering Types	0h 51m
88	Establishing BGP Peerings, EBGP Multihop, BGP Neighbor Disable Connected Check, BGP TTL Security	0h 49m
89	BGP 4-Byte ASNs	0h 20m
90	BGP Local AS, BGP Peer Groups	0h 30m
91	BGP Next-Hop Self, BGP Next-Hop Processing	0h 30m
92	BGP Route Reflectors	0h 37m
93	Large Scale BGP Route Reflectors with Clusters	0h 34m
94	BGP Confederation	0h 37m
95	BGP NLRI Advertisements, BGP Network Statement, BGP Redistribution	0h 43m
96	BGP Aggregation, BGP Aggregation & Summary-Only, BGP Aggregation & Unsuppress-Map	0h 46m
97	BGP Origin, BGP Aggregation & AS-Set, BGP Aggregation & Advertise-Map	0h 22m
98	BGP Conditional Route Injection	0h 21m
99	BGP Bestpath Selection, BGP Multipath, BGP Weight	0h 53m
100	BGP Local Preference, BGP Local Preference and Communities, BGP AS-Path Prepending,	0h 30m
101	BGP MED, BGP MED Missing As Worst, BGP Deterministic MED	0h 17m
102	BGP Communites, BGP Regular Expressions	0h 43m
103	BGP Filtering, BGP Convergence Timers, BGP Default Routing, Miscellaneous BGP Features	0h 24m
104	MPLS Overview, MPLS Label Distribution Protocol (LDP)	1h 05m
105	MPLS Tunnels, MPLS Penultimate Hop Popping (PHP)	0h 40m
106	MPLS Layer 3 VPNs Overview, VRF Lite	0h 36m
107	MPLS Layer 3 VPNs and VPNv4 BGP	1h 08m
108	MPLS Layer 3 VPN Verification & Troubleshooting	0h 49m
109	MPLS Layer 3 VPN OSPF PE-CE Routing Overview	0h 06m
110	MPLS Layer 3 VPN OSPF PE-CE Routing Path Selection & Sham-Links	2h 01m
111	MPLS Layer 3 VPN OSPF PE-CE Routing Loop Prevention & Down-Bit, OSPF Capability VRF-Lite	0h 40m
112	IPv6 Overview, IPv6 ICMPv6 ND, IPv6 over NBMA	0h 44m
113	IPv6 Routing Overview, IPv6 Static Routing	0h 28m
114	IPv6 RIPng	0h 20m
115	IPv6 EIGRPv6	0h 09m
116	IPv6 OSPFv3	0h 31m
117	MP-BGP for IPv6	0h 26m
118	IPv6 Tunneling	1h 13m
119	Multicast Overview, IGMP	0h 34m
120	PIM Overview	0h 18m
121	PIM Dense Mode	1h 03m
122	PIM Sparse Mode	0h 30m
123	PIM Sparse Mode Configuration	0h 36m
124	PIM Sparse Mode RPF & RP Troubleshooting	0h 27m
125	Auto-RP, Multicast over GRE Tunnels	0h 53m
126	Bootstrap Router (BSR), Bidirectional PIM, Source Specific Multicast (SSM)	0h 40m
127	MSDP, Anycast RP	0h 27m
128	IPv6 Multicast Routing	0h 24m
129	QoS Overview, IntServ QoS, DiffServ QoS, IP Precedence, DSCP, MQC, HQF	0h 41m
130	MQC Classification	0h 44m
131	FIFO, FQ, WFQ, CBWFQ, HQF	0h 50m
132	LLQ	0h 23m
133	WRED	0h 31m
134	Traffic Shaping, Traffic Policing	0h 40m
135	Frame Relay Traffic Shaping (FRTS)	0h 33m
136	RSVP	0h 07m
137	Catalyst 3560 QoS	1h 00m
138	IOS Security Overview, Access Lists (ACLs)	0h 58m
139	Time Based ACLs, Dynamic ACLs	0h 33m
140	Reflexive ACLs	0h 21m
141	TCP Intercept, Content Based Access Control (CBAC)	0h 34m
142	Zone Based Policy Firewall (ZBPF)	1h 09m
143	AAA, Local Authentication, Local Authorization, Role Based CLI Access	0h 43m
144	Port Security, Static CAM Entries, Storm Control, 802.1X Authentication, PACLs, RACLs, VLAN Access Maps (VACLs)	0h 48m
145	DHCP Snooping, Dynamic ARP Inspection (DAI), IP Source Guard	0h 12m
146	Protected Ports, Private VLANs	0h 25m
147	IP Services Overview, HSRP	1h 10m
148	VRRP, GLBP	0h 28m
149	NAT	0h 42m
150	DHCP, DNS	0h 30m
151	NetFlow	0h 09m
152	WCCP, Miscellaneous IP Services	0h 06m
153	System Management Overview, NTP, NTP Authentication	0h 24m
154	SNMP, RMON	0h 38m
155	Syslog, Telnet, SSH, Banners	0h 21m
156	EEM Scripting, Miscellaneous System Management	0h 26m
Total Duration		81h 42m

Slides - Diagrams

Slides - Introduction

Slides - Ethernet Switching

Slides - Advanced Ethernet Switching

Slides - Frame Relay

Slides - PPP

Slides - Transport Bridging

Slides - Redistribution

Slides - IOS Security

Slides - Layer 2 Security

Slides - IP Services

Slides - System Management

0:00:13	So again with the current topology, we simply have
0:00:16	PIM and sparse mode everywhere, we have EIGRP on all of the interfaces.
0:00:20	Router 1 is configured as the rendezvous point.
0:00:23	I said it had a loopback 1.2.3.4
0:00:27	that's advertised into EIGRP
0:00:30	so whatever our dynamic route is to 1.2.3.4 that's how we are
0:00:34	routing to get to the rendezvous point.
0:00:38	Now again, there's two portions that the rendezvous point needs to
0:00:40	know in the network here. It needs to know who are the senders
0:00:43	who are the receivers.
0:00:45	To figure out who the senders are, the first thing it's going to
0:00:49	do is listen for the registration message coming in
0:00:54	so previously we looked at the case where Switch 2
0:00:57	was sending traffic out to Router 5
0:00:59	Router 5 was then sending the register message
0:01:04	it was going to Router 1, Router 1 was replying back with
0:01:07	the register stop.
0:01:10	Now this is only going to occur correctly if Router 1 can do an
0:01:15	RPF lookup on the source, not necessarily on the
0:01:20	designated router who is doing the registration
0:01:23	but about the address that is being registered.
0:01:28	So let's look at this process on Router 1
0:01:32	Let's go to the command line on Router 1 and look at the debug
0:01:35	ip pim
0:01:39	Next on Switch 2 let's do another ping
0:01:42	we'll ping 224.1.1.14
0:01:52	Extended commands yes it's going out VLAN 58
0:01:55	it's coming from 155.28.58.8
0:02:04	what we should see on Router 1 is that a register message came
0:02:07	in from Router 5
0:02:13	because Router 5 is the DR here
0:02:19	it says the register message was received on serial 0/1
0:02:22	from 155.28.0.5
0:02:26	The reason it's coming from that address is that is the
0:02:30	outgoing interface that Router 5 is using to reach the rendezvous point.
0:02:35	So basically in this topology it means that Router 5 is using
0:02:37	the frame relay to get to 1
0:02:42	Next Router 1 looks at what is the specific source and group
0:02:45	pair that is being registered.
0:02:50	So we should see that it is specifically about 224.1.1.14
0:03:00	where it's actually not going to show in the output here because
0:03:03	we did previous registrations, so what I need to do now
0:03:08	actually no, there it is. Ok, we received the register.
0:03:10	Sometimes what you'll have to do is clear out the multicast
0:03:14	routing table to remove the old entries.
0:03:18	So if I were pinging 224.1.1.14 and it was not working
0:03:23	then I'd fix whatever the design problem is and then try it again later.
0:03:28	It may not actually work until I remove the old entry out of the routing table
0:03:31	and then try to install the new one.
0:03:34	So if you're having trouble with the -- with anything in the multicast
0:03:37	one of the first things you may want to do is to
0:03:43	to clear out the multicast routing table.
0:03:46	So let's do this again before sending any of these packets.
0:03:54	So from the access server
0:03:56	we'll say to everyone clear ip mroute *
0:04:01	so similar syntax to the clear ip route * this is just talking about the
0:04:04	multicast routing table.
0:04:07	Now on one let's look at the debug ip pim
0:04:12	From Switch 2 we'll do another ping.
0:04:14	Ping 224.1.1.15
0:04:20	Extended commands yes
0:04:21	it's coming from VLAN 58
0:04:26	It's coming from 155.28.58.8
0:04:36	Router 1 received the register in.
0:04:40	It says it came from 5, it's about this specific source
0:04:43	and group. Source is 155.28.58.8
0:04:47	the group is 224.1.1.15
0:04:52	Now since Router 1 agrees that it is the rendezvous point
0:04:56	and it does have a correct reverse route
0:05:00	back to the source
0:05:04	where in the case the source is 155.28.58.8
0:05:08	it means that Router 1 can accept this and reply back
0:05:10	with the register stop.
0:05:12	If I now look at the show ip mroute for 224.1.1.15
0:05:17	Router 1 should install that
0:05:20	which it did.
0:05:22	Now the group is pruned because we don't have any
0:05:24	actual receivers so we didn't try to join the tree back to the source.
0:05:32	But at least we have the S,G entry in the table.
0:05:37	Now let's look at a case where the register comes in
0:05:40	for a source that Router 1 does not know.
0:05:45	So on Switch 2
0:05:48	I'm going to go to
0:05:52	a new interface let's say loopback 8
0:05:59	Loopback 8 has an IP address of 8.8.8.8/32
0:06:07	Now assuming under the EIGRP process that I'm not
0:06:09	running routing on every single link
0:06:12	than this should be fine so I'm advertising into EIGRP
0:06:17	only links that start with 155.28
0:06:20	and 150.28 so no one should have a route to this
0:06:24	source 8.8.8.8
0:06:28	On Router 1 again let's look at the debug ip pim
0:06:32	on Switch 2 we're not going to source multicast
0:06:35	going to 224.1.1.16
0:06:46	This is going out VLAN 58
0:06:49	the source is 8.8.8.8
0:07:04	Now what may have happened here is actually the DR now
0:07:12	the DR doesn't have a route back to this, so on Router 5
0:07:18	if we were to look at the debug ip pim and the debug ip mpacket
0:07:24	debug ip mpacket
0:07:34	we see this message here Router 5 says I'm receiving
0:07:37	traffic from 8.8.8.8
0:07:39	it came in Fast Ethernet 0/0
0:07:41	since I don't have a route back to this, this is not the
0:07:45	RPF interface.
0:07:50	So again, this is one way that you can verify that the
0:07:52	RPF failure is occurring if you look at the debug ip mpacket
0:07:57	The problem with this though again is that you're going to have to
0:07:59	process switch all of the packets so you'd have to go to
0:08:02	the links and say no ip mroute cache
0:08:05	which in production for multicast is not going to be feasible.
0:08:10	Another way you could see this would be to look at the
0:08:12	show ip mroute count
0:08:15	that shows the individual S,G pairs how many packets are
0:08:20	being received in from them and whether you're actually
0:08:23	forwarding them or dropping them.
0:08:29	In this case if we look for
0:08:34	224.1.1.16 so this is the group that's getting dropped.
0:08:40	It says 41 packets were received in, none of them were forwarded
0:08:46	though. Packets forwarded 0
0:08:48	it says under the other counter, 41 is between those two slashes
0:08:55	it says these are packets that are being dropped because of
0:08:58	RPF failure.
0:09:05	So this output here is generally a little bit easier to read
0:09:08	if we look at show ip mroute count, it's just going to show us
0:09:11	what are the sources, what are their destinations
0:09:14	and am I dropping packets because of the RPF failure.
0:09:18	Now basically in order to get Router 5 to do the registration to
0:09:21	Router 1, I'm going to have to give it a route back to the source
0:09:24	because Router 5 knows if I were to register this route
0:09:29	anyways or register this group anyways, when traffic goes to
0:09:33	forward to the final destination, I'm going to have to drop
0:09:36	it because I don't have a route back to the source.
0:09:38	So this means that the designated router will not even perform the
0:09:43	registration if it does not have a correct reverse route back to the source.
0:09:51	So to fix this on Router 5 I'm just going to put a static route in.
0:09:54	We'll say to get to 8.8.8.8
0:10:00	/32
0:10:02	go to 155.28.58.8
0:10:14	Once this updates,
0:10:19	we should see that the register message is then going to be sent
0:10:22	on Router 5
0:10:38	It says Router 5 is sending the null register to 1.2.3.4
0:10:41	Basically this is just a refresh of the other groups
0:10:46	so what I'm going to have to do now is again
0:10:48	flush out the -- or actually no, the traffic stopped. Let me
0:10:51	do the ping again.
0:10:54	But actually in reality I want to flush out the routing table anyways.
0:10:57	On the devices that are also joining the groups
0:11:01	I'm going to look at the show run include ip igmp join
0:11:08	I want to remove these because these are going to
0:11:12	show up in the multicast routing table of the RP
0:11:16	and it's going to show me the periodic debug output for that
0:11:19	for when those entries are getting refreshed
0:11:24	so just to cut down on the debug output, I'm going to remove
0:11:26	all of these entries on Router 4
0:11:46	because remember the key with the join group
0:11:49	is that this is going to trigger the router to send a
0:11:52	PIM join up to the rendezvous point
0:11:55	so for every one of these entries, all the devices on the
0:11:59	reverse path up to the rendezvous point, they
0:12:02	should all have the *,G entries.
0:12:05	And that's one way that we can quickly test the reverse
0:12:08	path from the receiver to the RP
0:12:12	is to send the -- configure IGMP join
0:12:15	then look at the multicast routing on the way up to the RP
0:12:19	and make sure that everyone has the *,G installed.
0:12:23	So we'll come back to that in a minute and look at that
0:12:27	but I also want to remove here on Switch 3
0:12:31	I believe that is on VLAN 9 which it is.
0:12:35	Ok, so on VLAN 9 no ip igmp join
0:12:41	so now I should be able to go to all of the routers
0:12:45	say clear ip mroute *
0:12:51	then on the rendezvous point if I look at Router 1
0:12:54	and show ip mroute
0:13:00	it says I still have one entry 224.1.1.3
0:13:06	which means someone else is still joining that. Let's say
0:13:09	show run include ip igmp join
0:13:33	which is Switch 4
0:13:35	this must be Switch 4's interface VLAN 10 which it is.
0:13:42	So again, I could leave these on it's just going to -- to add to the debug output
0:13:47	that it's going to show us
0:13:49	and unless you already know exactly what you're looking
0:13:53	for, you pretty much want the minimum output that
0:13:56	you can sort through to get the useful information, so on
0:14:01	everyone one last time, let's clear out the multicast routing table
0:14:08	then when we look at the rendezvous point let's say
0:14:10	show ip mroute
0:14:12	the only thing we should see now is that particular auto RP group.
0:14:16	So 224.0.1.40 this is going to be installed on everyone by default.
0:14:31	Next on Router 1 let's look at the debug ip pim again.
0:14:36	The same thing on Router 5 we're going to debug ip pim
0:14:40	and debug ip mpacket
0:14:45	On Switch 2 who is the sender
0:14:51	we'll ping a new group let's say 225.0.0.1
0:14:59	Extended commands yes I want this to come out VLAN 58
0:15:03	but from the address 8.8.8.8
0:15:08	so what we should see now is that Router 5 is going to perform
0:15:11	the registration
0:15:26	and Router 1 is not receiving it. What this means is that
0:15:32	5 is not going to perform registration for an address
0:15:35	that's not directly connected on its link.
0:15:38	So what I'm going to need to do is let's look back at the
0:15:42	topology. Since I'm sourcing the packet out VLAN 58
0:15:49	I'm trying to get Router 5 to do the registration
0:15:51	what I need to do now instead is basically withdraw this
0:15:56	link from the EIGRP topology.
0:15:58	So if Router 1 does not have a route to that
0:16:03	it means that 5 should still be able to do the registration
0:16:06	but 1 is not going to accept it inbound.
0:16:09	So on Router 5
0:16:12	I need to look at the
0:16:16	Router 5 says this is still not the RPF interface, let's say
0:16:20	show ip route static
0:16:24	it says 8.8.8.8 is via 155.28.58.8
0:16:31	let's look at the show ip cef for 8.8.8.8
0:16:40	this does point to Fast Ethernet 0/0
0:16:46	let's look at this, let's say show ip rpf for 8.8.8.8
0:16:56	it says information is from a static route
0:17:01	RPF interface is Fast Ethernet 0/0
0:17:06	I think it's just because that this is not an address that's actually
0:17:09	connected on that interface because normally when the
0:17:11	Router does the registration, it wouldn't make sense that the
0:17:15	server has an IP address that's not in the same subnet
0:17:18	as the router.
0:17:20	So if Router 5 is actually connected to the media server
0:17:23	and Router 5's LAN interface is 155.28.58.0/24
0:17:30	it doesn't really make sense that the server has the address
0:17:33	8.8.8.8 normally the router and its end host would be in the
0:17:37	same subnet so what I'm going to do here just
0:17:39	under EIGRP
0:17:41	I need to withdraw this advertisement.
0:17:44	So let's look at the show ip alias that's going to
0:17:48	show me what are all my connected interfaces
0:17:53	and what I'm going to do is change the EIGRP network statements
0:17:58	so that I'm not including that particular interface.
0:18:02	So I want my loopback
0:18:06	I want the frame relay
0:18:11	my other interfaces are fine, but not that one.
0:18:20	So eigrp 100 I don't want network 150.28.0.0
0:18:26	or network 155.28.0.0
0:18:34	so you can see it's actually kind of hard cause this problem
0:18:37	to begin with because if IGP is on, all of the interfaces
0:18:41	that are running PIM, the you should never have a
0:18:43	reverse path forwarding issue to begin with.
0:18:46	It's only the case where not all interfaces are advertised
0:18:49	into IGP, not all interfaces are running PIM
0:18:54	or maybe you're doing some sort of static routing that is
0:18:56	overriding what your normal dynamic information would be
0:19:01	on the link that's running multicast.
0:19:08	So let's see now on Router 1 if we look at the
0:19:10	show ip route 155.28.58.0
0:19:15	Router 1 now it no longer has that route.
0:19:19	So I should be able to go to Switch 2 now
0:19:24	do just a regular ping let's say 225.0.0.2
0:19:37	Extended commands yes this is going out VLAN 58
0:19:41	it's coming from that same address 155.28.58.8
0:19:49	On Router 5 let's look at the show debug
0:19:51	Ok, I want to debug ip mpacket again
0:19:55	and debug ip pim
0:20:01	so what I want to see here is that Router 5 is going to do
0:20:04	the registration which it is
0:20:06	sending the register to 1
0:20:08	Router 1 though should reject this because of the wrong
0:20:14	route back to the source which is right there.
0:20:19	So it says I'm receiving the registration in from Router 5
0:20:26	but when I look at the source that they're trying to register
0:20:29	I don't actually have a route back to that.
0:20:35	So in order to protect against the traffic failing when we actually
0:20:38	go to send it in the data plane, Router 1 is
0:20:41	simply going to reject the registration.
0:20:44	Now the way that we can tell this on the RP is that if we
0:20:47	look at the show ip mroute for 225.0.0.2
0:20:53	it's not going to show up installed in a routing table.
0:20:56	So in reality you shouldn't really have to go through
0:20:59	all of these debugs to figure out that's the problem
0:21:02	the reason I'm just showing this is that you can see
0:21:05	that's the specific problem that the RPF lookup is
0:21:07	failing on the source. Simply based on the fact that the
0:21:11	rendezvous point is not installing the S,G that is being registered
0:21:17	it means it's not agreeing with the designated router.
0:21:25	Now another case that this could happen is that if
0:21:28	for some reason the rendezvous point does not know that
0:21:30	itself is the RP, so right now on Router 1 if we look at the
0:21:36	show run include rp
0:21:43	statically we have configured address 1.2.3.4 as the
0:21:48	rendezvous point's address
0:21:51	so not only does Router 1 agree on this, everyone else in the topology does.
0:21:57	This should now mean on Router 5
0:21:59	if under EIGRP
0:22:02	I were to advertise that link again
0:22:04	so let's add the network statement for the 58.5
0:22:21	Router 1 eventually should get another registration for this.
0:22:27	I may be able to retrigger this on Router 5 if I clear the multicast
0:22:31	routing table
0:22:37	So now we got a new registration
0:22:39	we should see that Router 1 is going to accept this, so if
0:22:43	we show ip mroute 225.0.0.2
0:22:45	we now see the S,G is installed.
0:22:51	So this again it told me two things.
0:22:55	It told me that the DR did the registration
0:22:58	and that the rendezvous point accepted it.
0:23:03	If either the designated router did not send the unicast register
0:23:07	to Router 1 or Router 1 had a problem with it
0:23:10	like it doesn't know the route back to the source or it
0:23:13	doesn't know itself as the RP, it's not going to install
0:23:16	that entry, but based on the fact that it is in the routing table
0:23:20	I know that this step is correct.
0:23:25	But now let's look at the case where Router 1 does
0:23:27	not know it's the rendezvous point.
0:23:31	So let's say that when we're typing in the ip pim rp address
0:23:35	it was supposed to be 1.2.3.4
0:23:38	maybe we just typed the wrong address on Router 1
0:23:41	we typed 1.2.3.5
0:23:42	If we show ip route 1.2.3.5
0:23:49	we don't actually have this address so it's an incorrect assignment for
0:23:51	the rendezvous point.
0:23:58	If we now go to Switch 2 and generate packets towards a
0:24:02	new destination let's say 225.0.0.3
0:24:11	the traffic is still going to go out VLAN 58 coming from
0:24:16	155.28.58.8
0:24:22	When we look at Router 1 it should say
0:24:25	that the registration was rejected because I'm not
0:24:29	willing to be the rendezvous point.
0:24:33	Now this message here this is not a debug, this is
0:24:36	a regular log message, so you would not have to be
0:24:39	debugging ip pim to see this.
0:24:41	On any router in the topology, if you see this log come up that
0:24:46	it says that I'm not willing to be the rendezvous point
0:24:49	it means that someone has configured me as the RP
0:24:53	but I do not agree on that.
0:24:57	So it could be either they have the wrong address configured
0:25:00	or maybe in either auto RP or BSR we're using the wrong
0:25:04	address, but if Router 1 does not say that I am also the
0:25:09	rendezvous point for this particular group, it's not
0:25:11	going to accept a registration and it's also not going to
0:25:15	accept a join.
0:25:19	So if I were to go to Switch 3 let's say we want to generate
0:25:21	an IGMP join
0:25:25	ip igmp join 225.0.0.3
0:25:30	When Router 1 gets this, it says it's ignored because
0:25:34	it's an invalid rendezvous point.
0:25:45	So now let's look at these two messages without the debug on.
0:25:47	So with debug ip pim, it's obvious that this is the problem
0:25:50	because the debug is saying we're ignoring the join because
0:25:54	the RP is invalid, it also said we ignored the register
0:25:59	the register was rejected.
0:26:02	But without the debugging on, for any invalid join
0:26:09	we should see a log message here
0:26:19	or for an invalid register
0:26:25	so it says received the register from Router 5, we're not willing to be the
0:26:28	rendezvous point
0:26:31	we received an invalid join
0:26:35	from Router 5 about 224.0.1.40 so that's for the auto RP group
0:26:42	that Router 5 is attached to Router 1 who's trying to join
0:26:44	we eventually would see another one from Switch 3
0:26:50	let's say 225.0.0.5
0:26:55	so this is just going to be based on how long it takes to generate
0:26:58	the regular syslog message
0:27:01	but in either of these cases, it basically means the rendezvous point
0:27:06	has not configured itself as the RP
0:27:10	Now if you're doing some sort of complex rendezvous point assignment
0:27:13	this could possibly be that if you're doing like a filter
0:27:16	that is an RP announce filter or you have multiple auto RPs
0:27:20	you have multiple BSRs, it could mean that your
0:27:22	access list is wrong for your group to rendezvous point mappings
0:27:27	but in the end again it simply means Router 1 has not configured
0:27:31	itself to be the rendezvous point for those particular groups.

Now Viewing

CCIE R&S Advanced Technologies Class v4.5
Title:	CCIE R&S Advanced Technologies Class v4.5
Duration:	81h 42m
The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab will be described in detail using an instructor led hands on demonstration. The class consists of over 80 hours of in depth explanations and examples.
Get instant access to our entire library!
	Sign Up
Download this Course
$299.00	Add to Cart

PIM Sparse Mode RPF & RP Troubleshooting

Create Bookmark