DMVPN and Multicast (Use NBMA Mode)
HQ:R11 Multicast Source BRANCH-A:R22 Multicast Receiver-A
R33 is NOT Multicast Receiver.
R1
interface Tunnel0 ip address 10.0.0.1 255.255.255.0 ip nhrp map multicast dynamic ip nhrp network-id 123
ip nhrp redirect
ip ospf network point-to-multipoint
tunnel mode gre multipoint
tunnel source FastEthernet0/0
interface FastEthernet0/0 ip address 155.0.0.1 255.255.255.0
interface FastEthernet0/1 ip address 192.168.1.1 255.255.255.0
router ospf 123 router-id 1.1.1.1 network 10.0.0.1 0.0.0.0 area 0 network 192.168.1.1 0.0.0.0 area 0
R2
interface Tunnel0 ip address 10.0.0.2 255.255.255.0 no ip redirects ip nhrp map multicast 155.0.0.1 ip nhrp map 10.0.0.1 155.0.0.1 ip nhrp network-id 123 ip nhrp nhs 10.0.0.1
ip nhrp shortcut ip ospf network point-to-multipoint tunnel mode gre multipoint
tunnel source FastEthernet0/0
interface FastEthernet0/0 ip address 155.0.0.2 255.255.255.0
interface FastEthernet0/1 ip address 192.168.2.2 255.255.255.0
router ospf 123 router-id 2.2.2.2 network 10.0.0.2 0.0.0.0 area 0 network 192.168.2.2 0.0.0.0 area 0
R3 interface Tunnel0 ip address 10.0.0.3 255.255.255.0 no ip redirects ip nhrp map multicast 155.0.0.1 ip nhrp map 10.0.0.1 155.0.0.1 ip nhrp network-id 123 ip nhrp nhs 10.0.0.1
ip nhrp shortcut ip ospf network point-to-multipoint tunnel mode gre multipoint
tunnel source FastEthernet0/0
interface FastEthernet0/0 ip address 155.0.0.3 255.255.255.0
interface FastEthernet0/1 ip address 192.168.3.3 255.255.255.0
router ospf 123 router-id 3.3.3.3 network 10.0.0.3 0.0.0.0 area 0 network 192.168.3.3 0.0.0.0 area 0
R1/R2/R3
ip multicast-routing
crypto isakmp policy 123
encr 3des hash sha256 authentication pre-share group 2
crypto isakmp key CCIE address 0.0.0.0
crypto ipsec transform-set TRANS esp-3des esp-sha256-hmac mode transport
crypto ipsec profile PROFILE set transform-set TRANS
interface Tunnel0 tunnel protection ipsec profile PROFILE ip pim sparse-mode
interface FastEthernet0/1 ip pim sparse-mode
ip pim rp-address 10.0.0.1
R11 interface FastEthernet0/0 ip address 192.168.1.11 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.1.1
R22 interface FastEthernet0/0 ip address 192.168.2.22 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.2.2
R33 interface FastEthernet0/0 ip address 192.168.3.33 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.3.3
R1#show dmvpn
Interface: Tunnel0, IPv4 NHRP Details Type:Hub, NHRP Peers:2,
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb ----- --------------- --------------- ----- -------- ----- 1 155.0.0.2 10.0.0.2 UP 00:00:29 D 1 155.0.0.3 10.0.0.3 UP 00:00:34 D
Configure ip igmp join-group command on R22 only.
R22 interface FastEthernet0/0 ip igmp join-group 239.255.1.1
show ip mroute
R2#sh ip mroute IP Multicast Routing Table
(*, 239.255.1.1), 00:00:07/00:02:52, RP 10.0.0.1, flags: SJC Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:01:11/00:02:44
(*, 224.0.1.40), 00:17:17/00:02:53, RP 10.0.0.1, flags: SJPCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: Null
R3#sh ip mroute
(*, 224.0.1.40), 00:00:27/00:02:39, RP 10.0.0.1, flags: SJCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:00:27/00:02:39
R11#ping 239.255.1.1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.255.1.1, timeout is 2 seconds:
Reply to request 0 from 192.168.2.22, 756 ms
show ip mroute
R2#sh ip mroute IP Multicast Routing Table
(*, 239.255.1.1), 00:03:00/stopped, RP 10.0.0.1, flags: SJC Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:03:00/00:02:57
(192.168.1.11, 239.255.1.1), 00:00:20/00:02:39, flags: JT Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:00:20/00:02:57
(*, 224.0.1.40), 00:03:23/00:02:55, RP 10.0.0.1, flags: SJPCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1 FastEthernet0/1, Forward/Sparse, 00:03:23/00:02:55
R3#sh ip mroute
(*, 224.0.1.40), 00:06:40/00:02:24, RP 10.0.0.1, flags: SJCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:06:40/00:02:24
Remove IPsec tunnel protection to check into the packet
R1/R2/R3
interface Tunnel0 no tunnel protection ipsec profile PROFILE
R11#ping 239.255.1.1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.255.1.1, timeout is 2 seconds:
Reply to request 0 from 192.168.2.22, 756 ms
Capture F0/0 interface on R1
R1 sent multicast packets to R3 as well.
R1#sh ip mroute
(*, 239.255.1.1), 00:00:17/00:03:14, RP 10.0.0.1, flags: S Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, Forward/Sparse, 00:00:15/00:03:14
(192.168.1.11, 239.255.1.1),00:00:17/00:02:42, flags: T Incoming interface: FastEthernet0/1, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, Forward/Sparse, 00:00:15/00:03:16
(*, 224.0.1.40), 00:01:15/00:03:24, RP 10.0.0.1, flags: SJCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, Forward/Sparse, 00:01:07/00:03:24 FastEthernet0/1, Forward/Sparse, 00:01:15/00:01:56
Tun0 interface is included OIL.
R1 sent multicast packets not only for R2 but also for R3
because they use same interface, tunnel 0.
Configure ip pim nbma-mode command for tunnel 0 interface on R1
R1
interface Tunnel0 ip pim nbma-mode
R11#ping 239.255.1.1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.255.1.1, timeout is 2 seconds:
Reply to request 0 from 192.168.2.22, 108 ms
As R1 was configured ip pim nbma-mode command,
it sent multicast packets to ONLY R2.
R1#sh ip mroute
(*, 239.255.1.1), 00:00:37/stopped, RP 10.0.0.1, flags: S Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.2, Forward/Sparse, 00:00:37/00:02:52
(192.168.1.11, 239.255.1.1), 00:00:14/00:02:45, flags: T Incoming interface: FastEthernet0/1, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.2, Forward/Sparse, 00:00:14/00:03:15
(*, 224.0.1.40), 00:01:00/00:02:40, RP 10.0.0.1, flags: SJCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.3, Forward/Sparse, 00:00:48/00:02:41 Tunnel0, 10.0.0.2, Forward/Sparse, 00:00:51/00:02:38 FastEthernet0/1, Forward/Sparse, 00:01:00/00:02:40
The OIL on R1 have also information of IP address for neighbor that sent join message.
Even if a router has some neighbors via same interface, it can send multicast pakets only for neighbor who sent join message.
Configure ip igmp joing-group command on R33.
R33 interface FastEthernet0/0 ip igmp join-group 239.255.1.1
R3#sh ip mroute (*, 239.255.1.1), 00:00:07/00:02:52, RP 10.0.0.1, flags: SJC Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:00:07/00:02:52
(*, 224.0.1.40), 00:01:31/00:02:37, RP 10.0.0.1, flags: SJCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1
FastEthernet0/1, Forward/Sparse, 00:01:29/00:02:37
R11#ping 239.255.1.1 Type escape sequence to abort. Sending 1, 100-byte ICMP Echos to 239.255.1.1, timeout is 2 seconds:
Reply to request 0 from 192.168.2.22, 108 ms
Reply to request 0 from 192.168.3.33, 112 ms
R3#sh ip mroute IP Multicast Routing Table
(*, 239.255.1.1), 00:02:27/stopped, RP 10.0.0.1, flags: SJC Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:02:27/00:02:31
(192.168.1.11, 239.255.1.1), 00:00:43/00:02:16, flags: JT Incoming interface: Tunnel0, RPF nbr 10.0.0.1 Outgoing interface list: FastEthernet0/1, Forward/Sparse, 00:00:43/00:02:31
(*, 224.0.1.40), 00:02:30/00:02:34, RP 10.0.0.1, flags: SJCL Incoming interface: Tunnel0, RPF nbr 10.0.0.1 FastEthernet0/1, Forward/Sparse, 00:02:29/00:02:34
R1#sh ip mroute
(*, 239.255.1.1), 00:42:26/00:03:20, RP 10.0.0.1, flags: S Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.2, Forward/Sparse, 00:00:09/00:03:20 Tunnel0, 10.0.0.3, Forward/Sparse, 00:00:17/00:03:12
(192.168.1.11, 239.255.1.1), 00:00:47/00:02:12, flags: T Incoming interface: FastEthernet0/1, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.2, Forward/Sparse, 00:00:09/00:03:20 Tunnel0, 10.0.0.3, Forward/Sparse, 00:00:17/00:03:12
(*, 224.0.1.40), 00:42:47/00:02:55, RP 10.0.0.1, flags: SJCL Incoming interface: Null, RPF nbr 0.0.0.0 Outgoing interface list: Tunnel0, 10.0.0.3, Forward/Sparse, 00:00:14/00:03:15 FastEthernet0/1, Forward/Sparse, 00:42:47/00:02:55
R1 was configured ip pim nbma-mode command,
so it correctly send multicast packets for Receiver.
