Routing
Reply
Contributor
papageno
Posts: 91
Registered: ‎07-08-2011
0

SRX receives MSDP SAs and PIM joins but no traffic flows

I have an SRX3400 cluster which peers MBGP with a number of external routers on inet unicast and inet multicast.  The SRX is also a PIM RP on one of its interfaces, and it is receiving PIM joins from this network.  The SRX also peers MSDP with two external routers and is receving SAs, so we get, for example:

 

# show msdp source-active group 224.2.127.254
Group address   Source address  Peer address    Originator      Flags
224.2.127.254   18.138.1.71     xxx.yy.zzz.251  18.255.255.48   Accept
                                xxx.yy.zzz.250  18.255.255.48   Reject
224.2.127.254   18.160.0.26     xxx.yy.zzz.251  18.255.255.48   Accept
                                xxx.yy.zzz.250  18.255.255.48   Reject
224.2.127.254   64.104.132.50   xxx.yy.zzz.251  64.103.36.20    Accept
                                xxx.yy.zzz.250  64.103.36.20    Reject
...

 

This is what I expect - I receive an SA announcement for each source from both MSDP peers (which are also the MBGP peers for the relevant sources).  As we apply policy to prefer one upstream link, one of the MSDP SAs is rejected for failing the RPF check.

 

However, if we receive a PIM join for any groups that have active sources according to MSDP, we do not get any result.

 

I've done some digging around and found advice that we need to create rib-groups for multicast and interface routes, which I think I've done, but the results are not quite what I would expect.  Before I applied this configuration, I could see all my routes (local, direct, static, bgp) in the output of "show multicast rpf".  Now, all I can see are local and direct routes, plus one single default BGP route from the MSDP/BGP external peers, but no other BGP routes from my other BGP peers, or a (crucial) static route to internal networks. 

 

Here is the rib-group configuration:

 

set routing-options interface-routes rib-group inet if-rib
set routing-options rib-groups mcast-rib export-rib inet.2
set routing-options rib-groups mcast-rib import-rib inet.2
set routing-options rib-groups if-rib import-rib inet.0
set routing-options rib-groups if-rib import-rib inet.2
set protocols msdp rib-group mcast-rib
set protocols pim rib-group inet mcast-rib

 

What am I doing wrong?  How can I get MSDP, PIM and BGP to play properly?

 

 

 

 

I have BGP peering to the two external MSDP routers configured as:

 

# run show configuration protocols bgp | display set
set protocols bgp preference 20
set protocols bgp group EXTERNAL-SWITCHES type internal
set protocols bgp group EXTERNAL-SWITCHES connect-retry-interval 1
set protocols bgp group EXTERNAL-SWITCHES hold-time 20
set protocols bgp group EXTERNAL-SWITCHES minimum-hold-time 6
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 family inet unicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 family inet multicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 export OUT_IPv4
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.250 peer-as nnnnn
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 family inet unicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 family inet multicast
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 export OUT_IPv4
set protocols bgp group EXTERNAL-SWITCHES neighbor xxx.yy.zzz.251 peer-as nnnnn

 

 

Trusted Contributor
Posts: 54
Registered: ‎08-03-2009
0

Re: SRX receives MSDP SAs and PIM joins but no traffic flows

Hi!

Just a quick check, do you have the pe and pd interface in your "show interface terse" listing?

 

Patrik

 

//Patrik
JNCIS-M, JNCIS-ES
System Engineer
Juniper Networks
Contributor
papageno
Posts: 91
Registered: ‎07-08-2011
0

Re: SRX receives MSDP SAs and PIM joins but no traffic flows

Hi Patrik

 

Sorry for the delayed response - I have been on leave.

 

Actually, I resolved the problem just before I went away on leave.  The SRX did not have PIM also enabled on its upstream interfaces to the external MSDP peers, so the joins were not being sent up the line to the outside world.  All apepars to be working fine now.

 

Thanks for the response, though.

 

 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.