MSDP
Multicast Source Discovery Protocol
MSDP-speaking routers in a PIM-SM domain have MSDP peering relationship with MSDP peers in another domain. The peering relationship is made up of a TCP connection in which control information is exchanged. Each domain has one or more connections to this virtual topology.
When a PIM-SM rendezvous point (RP) learns about a new multicast source within its own domain from a standard PIM register mechanism, it encapsulates the first data packet in an MSDP source-active message and sends it to all MSDP peers.
The source-active message is flooded (after an RPF check) by each peer to its MSDP peers until the source-active message reaches every MSDP router in the interconnected networks. If the receiving MSDP peer is an RP, and the RP has a (*.G) entry (receiver) for the group, the RP creates a state for the source and joins to the shortest path tree for the source. The encapsulated data is de-encapsulated and forwarded down the shared tree of that RP. When the packet is received by the last hop router of the receiver, the last hop router also may join the shortest path tree to the source.
The MSDP speaker periodically sends source-active messages that include all sources.
Anycast RP for MSDP
MSDP is a mechanism that allows RPs to share information about active sources. When RPs in remote domains learn about the active sources, they can pass on that information to the local receivers and multicast data can be forwarded between the domains. MSDP allows each domain to maintain an independent RP that does not rely on other domains but enables RPs to forward traffic between domains. PIM-SM is used to forward the traffic between the multicast domains.
Using PIM-SM, multicast sources and receivers register with their local RP by the closest multicast router. The RP maintains information about the sources and receivers for a specific group. RPs in other domains do not have any knowledge about sources located in other domains.
MSDP is required to provide inter-domain multicast services using Any Source Multicast (ASM). Anycast RP for MSDP enables fast convergence when an MSDP/PIM PR router fails by allowing receivers and sources to rendezvous at the closest RP.
MSDP procedure
When an RP in a PIM-SM domain first learns of a new sender, for example, by PIM register messages, it constructs a source-active (SA) message and sends it to its MSDP peers. The SA message contains the following fields:
-
source address of the data source
-
group address the data source sends to
-
IP address of the RP
Each MSDP peer receives and forwards the message away from the RP address in a peer-RPF flooding fashion. The peer-RPF flooding applies to forwarding SA messages. The Multicast Routing Information Base (MRIB) is examined to determine which peer toward the originating RP of the SA message is selected. Such a peer is called an RPF peer.
If the MSDP peer receives the SA message from a non-RPF peer toward the originating RP, it drops the message. Otherwise, it forwards the message to all its MSDP peers (except the one from which it received the SA message).
When an MSDP peer that is also an RP for its own domain receives a new SA message, it determines if any group members within the domain are interested in any group described by an (S,G) entry within the SA message. That is, the RP checks for a (*,G) entry with a non-empty outgoing interface list. This implies that some system in the domain is interested in the group. In this case, the RP triggers an (S,G) join event toward the data source as if a join/prune message addressed to the RP was received. This sets up a branch of the source-tree to this domain. Subsequent data packets arrive at the RP by this tree branch and are forwarded down the shared-tree inside the domain. If leaf routers choose to join the source-tree, they have the option to do so according to existing PIM-SM conventions. If an RP in a domain receives a PIM join message for a new group G, the RP must trigger an (S,G) join event for each active (S,G) for that group in its SA cache.
This procedure is called flood-and-join because if any RP is not interested in the group, the SA message can be ignored; otherwise, they join a distribution tree.
MSDP peering scenarios
RFC 4611, Multicast Source Discovery Protocol (MSDP) Deployment Scenarios, describes how protocols work together to provide intra- and inter-domain ASM service.
Inter-domain peering:
peering between PIM border routers (single-hop peering)
peering between non-border routers (multihop peering)
MSDP peering without BGP
MSDP peering between mesh groups
MSDP peering at a multicast exchange
Intra-domain peering:
peering between routers configured for both MSDP and MBGP
MSDP peer is not BGP peer (meaning, no BGP peer)
Peer-RPF check
Unlike the normal multicast RPF checks, the peer-RPF check stops SA messages from looping. An MSDP router validates SA messages originated from other routers in a deterministic fashion. When the router receives an SA message, it applies a set of rules to validate the SA message, and the first rule that applies determines the peer-RPF neighbor. All SA messages from other routers are rejected. The rules applied to SA messages originating at Router S received at Router R from Router N are as follows:
-
If Router N and Router S are one and the same, the message is originated by a direct peer-RPF neighbor and is accepted.
-
If Router N is a configured peer, or a member of the Router R mesh group, its SA messages are accepted.
-
If Router N is the Border Gateway Protocol (BGP) next hop of the active multicast RPF route toward Router S, Router N is the peer-RPF neighbor, and its SA messages are accepted.
-
If Router N is an external BGP peer of Router R and the last autonomous system (AS) number in the BGP AS-path to Router S is the same as the AS number of Router N, Router N is the peer-RPF neighbor, and its SA messages are accepted.
-
If Router N uses the same next hop as the next hop to Router S, Router N is the peer-RPF neighbor, and its SA messages are accepted.
-
If Router N fits none of the preceding rules, Router N is not a peer-RPF neighbor, and its SA messages are rejected.
When a peer is configured as a default peer, all SA messages received from the peer are accepted without performing the preceding peer-RPF check.
Use the following commands to configure a default peer:
configure router msdp peer default-peer
configure router msdp group peer default-peer
MSDP peer groups
MSDP peer groups are typically created when multiple peers have a set of common operational parameters. Group parameters not specifically configured are inherited from the global level.
MSDP mesh groups
MSDP mesh groups are used to reduce SA flooding primarily in intra-domain configurations. When a number of speakers in an MSDP domain are fully meshed, they can be configured as a mesh group. The originator of the SA message forwards the message to all members of the mesh group. Because of this, forwarding the SA between non-originating members of the mesh group is not necessary.
MSDP routing policies
MSDP routing policies allow for filtering of inbound or outbound, or both, active source messages. Policies can be configured at different levels:
global level
Global level applies to all peers.
group level
Group level applies to all peers in the peer-group.
neighbor level
Neighbor level applies only to a specified peer.
The most specific level is used. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If no policy is applied, SA messages are passed.
Match conditions include the following:
-
neighbor - matches on a neighbor address is the source address in the IP header of the SA message
-
route filter - matches on a multicast group address embedded in the SA message
-
source address filter - matches on a multicast source address embedded in the SA message
Multicast in virtual private networks
Draft Rosen
RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs), describes a method of providing a VPN service. A VPN provides secure connections to the network, allowing more efficient service to remote users without compromising the security of firewalls. The Rosen draft specifies the protocols and procedures which must be implemented for a service provider to provide a unicast VPN. The draft extends that specification by describing the protocols and procedures that a service provider must implement to support multicast traffic in a VPN, assuming that PIM [PIMv2] is the multicast routing protocol used within the VPN, and the SP network can provide PIM.
IGMP is not supported for receivers or senders directly attached to the PE.
For more information, see the ‟Virtual Private Routed Network Service” section of the 7450 ESS, 7750 SR, 7950 XRS, and VSR Layer 3 Services Guide: IES and VPRN.
Configuring MSDP with CLI
This section provides information to configure MSDP using the CLI.
Basic MSDP configuration
Perform the following basic MSDP configuration tasks:
-
enable MSDP (required)
-
configure peer
-
configure local address
Configuring MSDP
Use the commands in the following context to configure and enable basic MSDP.
configure router msdp
The following example shows a basic MSDP configuration with default values and the peer and peer local addresses specified.
MD-CLI
[ex:/configure router "Base" msdp]
A:admin@node-2# info
...
peer 10.20.1.1 {
local-address 10.20.1.6
}
...
classic CLI
A:node-2>config>router>msdp# info
----------------------------------------------
...
peer 10.20.1.1
local-address 10.20.1.6
exit
...
----------------------------------------------
Disabling MSDP
MSDP is enabled by default. Use the following commands to disable MSDP.
- MD-CLI
configure router msdp admin-state disable
- classic
CLI
configure router msdp shutdown
The following example shows an MSDP configuration that is shutdown.
MD-CLI
[ex:/configure router "Base" msdp]
A:admin@node-2# info
admin-state disable
group "test" {
active-source-limit 50000
export-policy ["LDP-export"]
import-policy ["LDP-import"]
local-address 10.10.10.103
mode mesh-group
receive-message-rate {
rate 100
time 300
threshold 5000
}
peer 10.10.10.104 {
}
}
peer 10.20.1.1 {
local-address 10.20.1.6
}
classic CLI
A:node-2config>router# info
----------------------------------------------
...
#------------------------------------------
echo "MSDP Configuration"
#--------------------------------------------------
msdp
shutdown
peer 10.20.1.1
local-address 10.20.1.6
exit
group "test"
active-source-limit 50000
receive-msdp-msg-rate 100 interval 300 threshold 5000
export "LDP-export"
import "LDP-import"
local-address 10.10.10.103
mode mesh-group
peer 10.10.10.104
exit
exit
exit