MSDP

Multicast Source Discovery Protocol

MSDP-speaking routers in a PIM-SM domain have MSDP peering relationship with MSDP peers in another domain. The peering relationship is made up of a TCP connection in which control information is exchanged. Each domain has one or more connections to this virtual topology.

When a PIM-SM rendezvous point (RP) learns about a new multicast source within its own domain from a standard PIM register mechanism, it encapsulates the first data packet in an MSDP source-active message and sends it to all MSDP peers.

The source-active message is flooded (after an RPF check) by each peer to its MSDP peers until the source-active message reaches every MSDP router in the interconnected networks. If the receiving MSDP peer is an RP, and the RP has a (*.G) entry (receiver) for the group, the RP creates a state for the source and joins to the shortest path tree for the source. The encapsulated data is de-encapsulated and forwarded down the shared tree of that RP. When the packet is received by the last hop router of the receiver, the last hop router also may join the shortest path tree to the source.

The MSDP speaker periodically sends source-active messages that include all sources.

Anycast RP for MSDP

MSDP is a mechanism that allows RPs to share information about active sources. When RPs in remote domains learn about the active sources, they can pass on that information to the local receivers and multicast data can be forwarded between the domains. MSDP allows each domain to maintain an independent RP that does not rely on other domains but enables RPs to forward traffic between domains. PIM-SM is used to forward the traffic between the multicast domains.

Using PIM-SM, multicast sources and receivers register with their local RP by the closest multicast router. The RP maintains information about the sources and receivers for a specific group. RPs in other domains do not have any knowledge about sources located in other domains.

MSDP is required to provide inter-domain multicast services using Any Source Multicast (ASM). Anycast RP for MSDP enables fast convergence when an MSDP/PIM PR router fails by allowing receivers and sources to rendezvous at the closest RP.

MSDP procedure

When an RP in a PIM-SM domain first learns of a new sender, for example, by PIM register messages, it constructs a source-active (SA) message and sends it to its MSDP peers. The SA message contains the following fields:

  • source address of the data source

  • group address the data source sends to

  • IP address of the RP

Note: An RP that is not a designated router on a shared network does not originate SAs for directly-connected sources on that shared network. It only originates in response to receiving register messages from the designated router.

Each MSDP peer receives and forwards the message away from the RP address in a peer-RPF flooding fashion. The peer-RPF flooding applies to forwarding SA messages. The Multicast Routing Information Base (MRIB) is examined to determine which peer toward the originating RP of the SA message is selected. Such a peer is called an RPF peer.

If the MSDP peer receives the SA message from a non-RPF peer toward the originating RP, it drops the message. Otherwise, it forwards the message to all its MSDP peers (except the one from which it received the SA message).

When an MSDP peer that is also an RP for its own domain receives a new SA message, it determines if any group members within the domain are interested in any group described by an (S,G) entry within the SA message. That is, the RP checks for a (*,G) entry with a non-empty outgoing interface list. This implies that some system in the domain is interested in the group. In this case, the RP triggers an (S,G) join event toward the data source as if a join/prune message addressed to the RP was received. This sets up a branch of the source-tree to this domain. Subsequent data packets arrive at the RP by this tree branch and are forwarded down the shared-tree inside the domain. If leaf routers choose to join the source-tree, they have the option to do so according to existing PIM-SM conventions. If an RP in a domain receives a PIM join message for a new group G, the RP must trigger an (S,G) join event for each active (S,G) for that group in its SA cache.

This procedure is called flood-and-join because if any RP is not interested in the group, the SA message can be ignored; otherwise, they join a distribution tree.

MSDP peering scenarios

RFC 4611, Multicast Source Discovery Protocol (MSDP) Deployment Scenarios, describes how protocols work together to provide intra- and inter-domain ASM service.

Inter-domain peering:

  • peering between PIM border routers (single-hop peering)

  • peering between non-border routers (multihop peering)

  • MSDP peering without BGP

  • MSDP peering between mesh groups

  • MSDP peering at a multicast exchange

Intra-domain peering:

  • peering between routers configured for both MSDP and MBGP

  • MSDP peer is not BGP peer (meaning, no BGP peer)

Peer-RPF check

Unlike the normal multicast RPF checks, the peer-RPF check stops SA messages from looping. An MSDP router validates SA messages originated from other routers in a deterministic fashion. When the router receives an SA message, it applies a set of rules to validate the SA message, and the first rule that applies determines the peer-RPF neighbor. All SA messages from other routers are rejected. The rules applied to SA messages originating at Router S received at Router R from Router N are as follows:

  1. If Router N and Router S are one and the same, the message is originated by a direct peer-RPF neighbor and is accepted.

  2. If Router N is a configured peer, or a member of the Router R mesh group, its SA messages are accepted.

  3. If Router N is the Border Gateway Protocol (BGP) next hop of the active multicast RPF route toward Router S, Router N is the peer-RPF neighbor, and its SA messages are accepted.

  4. If Router N is an external BGP peer of Router R and the last autonomous system (AS) number in the BGP AS-path to Router S is the same as the AS number of Router N, Router N is the peer-RPF neighbor, and its SA messages are accepted.

  5. If Router N uses the same next hop as the next hop to Router S, Router N is the peer-RPF neighbor, and its SA messages are accepted.

  6. If Router N fits none of the preceding rules, Router N is not a peer-RPF neighbor, and its SA messages are rejected.

When a peer is configured as a default peer, all SA messages received from the peer are accepted without performing the preceding peer-RPF check.

Use the following commands to configure a default peer:

configure router msdp peer default-peer
configure router msdp group peer default-peer

MSDP peer groups

MSDP peer groups are typically created when multiple peers have a set of common operational parameters. Group parameters not specifically configured are inherited from the global level.

MSDP mesh groups

MSDP mesh groups are used to reduce SA flooding primarily in intra-domain configurations. When a number of speakers in an MSDP domain are fully meshed, they can be configured as a mesh group. The originator of the SA message forwards the message to all members of the mesh group. Because of this, forwarding the SA between non-originating members of the mesh group is not necessary.

MSDP routing policies

MSDP routing policies allow for filtering of inbound or outbound, or both, active source messages. Policies can be configured at different levels:

  • global level

    Global level applies to all peers.

  • group level

    Group level applies to all peers in the peer-group.

  • neighbor level

    Neighbor level applies only to a specified peer.

The most specific level is used. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If no policy is applied, SA messages are passed.

Match conditions include the following:

  • neighbor - matches on a neighbor address is the source address in the IP header of the SA message

  • route filter - matches on a multicast group address embedded in the SA message

  • source address filter - matches on a multicast source address embedded in the SA message

Multicast in virtual private networks

Draft Rosen

RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs), describes a method of providing a VPN service. A VPN provides secure connections to the network, allowing more efficient service to remote users without compromising the security of firewalls. The Rosen draft specifies the protocols and procedures which must be implemented for a service provider to provide a unicast VPN. The draft extends that specification by describing the protocols and procedures that a service provider must implement to support multicast traffic in a VPN, assuming that PIM [PIMv2] is the multicast routing protocol used within the VPN, and the SP network can provide PIM.

IGMP is not supported for receivers or senders directly attached to the PE.

For more information, see the ‟Virtual Private Routed Network Service” section of the 7450 ESS, 7750 SR, 7950 XRS, and VSR Layer 3 Services Guide: IES and VPRN.

Configuring MSDP with CLI

This section provides information to configure MSDP using the CLI.

Basic MSDP configuration

Perform the following basic MSDP configuration tasks:

  • enable MSDP (required)

  • configure peer

  • configure local address

Configuring MSDP

Use the commands in the following context to configure and enable basic MSDP.

configure router msdp

The following example shows a basic MSDP configuration with default values and the peer and peer local addresses specified.

Note: When you configure a peer for MDSP the default state is enabled. Only the info detail command displays the default enabled state.

MD-CLI

[ex:/configure router "Base" msdp]
A:admin@node-2# info
    ... 
    peer 10.20.1.1 {
        local-address 10.20.1.6
    }
    ...

classic CLI

A:node-2>config>router>msdp# info
----------------------------------------------
            ...
            peer 10.20.1.1
                local-address 10.20.1.6
            exit
            ...
----------------------------------------------

Disabling MSDP

MSDP is enabled by default. Use the following commands to disable MSDP.

  • MD-CLI
    configure router msdp admin-state disable
  • classic CLI
    configure router msdp shutdown

The following example shows an MSDP configuration that is shutdown.

MD-CLI

[ex:/configure router "Base" msdp]
A:admin@node-2# info
    admin-state disable
    group "test" {
        active-source-limit 50000
        export-policy ["LDP-export"]
        import-policy ["LDP-import"]
        local-address 10.10.10.103
        mode mesh-group
        receive-message-rate {
            rate 100
            time 300
            threshold 5000
        }
        peer 10.10.10.104 {
        }
    }
    peer 10.20.1.1 {
        local-address 10.20.1.6
    }

classic CLI

A:node-2config>router# info
----------------------------------------------
...
#------------------------------------------
echo "MSDP Configuration"
#--------------------------------------------------
        msdp
            shutdown
            peer 10.20.1.1
                local-address 10.20.1.6
            exit
            group "test"
                active-source-limit 50000
                receive-msdp-msg-rate 100 interval 300 threshold 5000
                export "LDP-export"
                import "LDP-import"
                local-address 10.10.10.103
                mode mesh-group
                peer 10.10.10.104
                exit
            exit
        exit