Junos OS

last person joined: 5 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  Please help- confounded by Draft-Rosen (6 or 7)

    Posted 02-16-2016 03:52
      |   view attached

    I am trying to understand the understand the configuration options for Draft-rosen Multicast in VPN within JUNOS. I am somewhat clear about the basic but a little thrown back by different configuration examples across multiple papers. I would really appreciate any help on this. My primary confusions are

     

    1. The exact purpose of MTI interfaces: To give an example, if CE2 wants to send join messages towards the RP which is located on PE1. Due to the GRE encapsulation with destionation MDT-multicast-Group would the join message travel to all PEs (PE1 and PE3) or somehow using the MTI interface adjacency with PE1 the join will only go to PE1.

     

    2. Configuration variation#1 on JunOS: On some configuration papers the following statements are present

     

                      a)

         family inet-mdt {
                    signaling;
                }

     

                     b) Under VRF hierarchy 

       provider-tunnel {
                pim-ssm {
                    group-address 232.1.1.1;
                }

     

       mvpn {
                        autodiscovery {
                            inet-mdt;
                        }
                    }

     

    3. Configuration variation#2 on JunOS: other configuration papers only describe the required config as 

     

                       pim {
                                    vpn-group-address 232.0.0.1; ------ Default MDT Address
                                 rp {
                                        local { ---------- PE1 is configured as RP for VPN
                                                     address 7.0.0.2; --------- Loopback address of PE1
                                                  }
                                     }

                                 }

    Here there's no provider tunnel not any BGP signalling specified (which is in line with my understanding of draft-rosen).

     

     

    Please can someone explain how Configuration variation#1 is different from Configuration variation#2



  • 2.  RE: Please help- confounded by Draft-Rosen (6 or 7)

    Posted 02-16-2016 04:59

    First of all, there are two flavours of MTIs, the default MDT and the data MDTs. The default MDT connects all PE routers belonging to the same VPN with each other, i.e. there is exactly one default MDT per VPN. The default MDT is used for all multicast signaling within the VPN. The C-PIM messages are encapsulated into GRE and sent across the default MDT. In addition, multicast packets are also sent across the default MDT unless there is a trigger to setup one or more data MDTs to optimize traffic forwarding for specific C-multicast groups.

     

    Second, when it comes to the default MDT there are also two options in draft Rosen, using either ASM or SSM. If you want to use ASM for the default MDT, then configuration variation #2 is the right one, so the vpn-group-address represents the ASM provider tunnel. 

     

    In case you want to use SSM for the default MDT, the configuration option #1 is correct. In SSM, there are no rendezvous points, so PE routers won't know the source address of the other PE routers within the same MVPN. Therefore, BGP is used for autodiscovery.


    By the way, you can combine ASM with BGP auto-discovery as well. In that case, you need to configure provider-tunnel pim-asm instead of vpn-group address.

     

    Cheers,
    Carsten



  • 3.  RE: Please help- confounded by Draft-Rosen (6 or 7)

    Posted 02-16-2016 12:32

    Thank you Carsten! That was really helpful. Could you also elaborate on the statement

    "The C-PIM messages are encapsulated into GRE and sent across the default MDT."

     

    What are the C-PIM messages that need to be encapsulated and transported across the core?

     

    Am I right in thinking C-PIM means C-initiated PIM not necessarily C-Generated PIM. For instance if C-PIM initiates a join then it will be sent to 224.0.0.13 with TTL 1. Subsequently, the PE hosting the VPN and connecting the CE will generate a PIM-join over MTI for this VPN. This C-initiated PIM will be encapsulated in Default MDT group and sent to all PEs that are part of this multicast VPN. Eventually only the VPN-RP that is aware of a source will send traffic down the tree over default MTI.

     

    Is my understanding correct? On that note, is it possible for a CE<-->CE adjacency over draft rosen? Or is it more lileky to be CE<-->PE---PE(MTI)<-->PE(MTI)----PE<-->CE neighbourship?

     

    thanks again for giving me a good direction.



  • 4.  RE: Please help- confounded by Draft-Rosen (6 or 7)
    Best Answer

    Posted 02-16-2016 13:30

    In ASM for instance, PIM join messages are sent from the receivers towards the RP and from the RP towards the source.

     

    It's the same here. Customer sents PIM Join messages to the VRF instance of the PE router using the ALL_PIM_ROUTER address. The local PE router then sents a PIM Join to the PE router where the RP is connected to (in case the PE router is the RP itself, then it sents a Join towards the source). This PIM Join between the PE routers is encapsulated into GRE and uses the default MDT address instead of the the ALL_PIM_ROUTERS in order to seperate the MVPNs. The default MDT acts similar to a LAN connecting the VRF instances across the backbone.

     

    So, it's a peer model as in unicast scenario (CE->PE->PE->CE). There's no way to build a CE-CE PIM adjacency directly (unless you use L2VPN instead of L3VPN or a tunnel). 

     

    Cheers,

    Carsten



  • 5.  RE: Please help- confounded by Draft-Rosen (6 or 7)

    Posted 02-16-2016 14:02

    Many thanks Carsten!


    #draft-rosen