05-11-2012 05:31 AM
I have an SRX3400 cluster which peers MBGP with a number of external routers on inet unicast and inet multicast. The SRX is also a PIM RP on one of its interfaces, and it is receiving PIM joins from this network. The SRX also peers MSDP with two external routers and is receving SAs, so we get, for example:
# show msdp source-active group 184.108.40.206
Group address Source address Peer address Originator Flags
220.127.116.11 18.104.22.168 xxx.yy.zzz.251 22.214.171.124 Accept
xxx.yy.zzz.250 126.96.36.199 Reject
188.8.131.52 184.108.40.206 xxx.yy.zzz.251 220.127.116.11 Accept
xxx.yy.zzz.250 18.104.22.168 Reject
22.214.171.124 126.96.36.199 xxx.yy.zzz.251 188.8.131.52 Accept
xxx.yy.zzz.250 184.108.40.206 Reject
This is what I expect - I receive an SA announcement for each source from both MSDP peers (which are also the MBGP peers for the relevant sources). As we apply policy to prefer one upstream link, one of the MSDP SAs is rejected for failing the RPF check.
However, if we receive a PIM join for any groups that have active sources according to MSDP, we do not get any result.
I've done some digging around and found advice that we need to create rib-groups for multicast and interface routes, which I think I've done, but the results are not quite what I would expect. Before I applied this configuration, I could see all my routes (local, direct, static, bgp) in the output of "show multicast rpf". Now, all I can see are local and direct routes, plus one single default BGP route from the MSDP/BGP external peers, but no other BGP routes from my other BGP peers, or a (crucial) static route to internal networks.
Here is the rib-group configuration:
set routing-options interface-routes rib-group inet if-rib
set routing-options rib-groups mcast-rib export-rib inet.2
set routing-options rib-groups mcast-rib import-rib inet.2
set routing-options rib-groups if-rib import-rib inet.0
set routing-options rib-groups if-rib import-rib inet.2
set protocols msdp rib-group mcast-rib
set protocols pim rib-group inet mcast-rib
What am I doing wrong? How can I get MSDP, PIM and BGP to play properly?
I have BGP peering to the two external MSDP routers configured as:
# run show configuration protocols bgp | display set
set protocols bgp preference 20
set protocols bgp group EXTERNAL-SWITCHES type internal
set protocols bgp group EXTERNAL-SWITCHES connect-retry-interval 1
set protocols bgp group EXTERNAL-SWITCHES hold-time 20
set protocols bgp group EXTERNAL-SWITCHES minimum-hold-time 6
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 family inet unicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 family inet multicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 export OUT_IPv4
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 peer-as nnnnn
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 family inet unicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 family inet multicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 export OUT_IPv4
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 peer-as nnnnn
05-23-2012 06:54 AM
Just a quick check, do you have the pe and pd interface in your "show interface terse" listing?
05-31-2012 04:17 AM
Sorry for the delayed response - I have been on leave.
Actually, I resolved the problem just before I went away on leave. The SRX did not have PIM also enabled on its upstream interfaces to the external MSDP peers, so the joins were not being sent up the line to the outside world. All apepars to be working fine now.
Thanks for the response, though.