MVPN

11 November, 2009 Posted by Zarar As CCIE, CCIE SP, MVPN, Multicast (0) Comment

Overview

An SP determines whether a particular VPN is multicast-enabled. If it is, it corresponds to a “Multicast Domain”. A PE which attaches to a particular multicast-enabled VPN is said to belong to the corresponding Multicast Domain. For each Multicast Domain, there is a default “Multicast Distribution Tree (MDT)” through the backbone, connecting ALL of the PEs that belong to that Multicast Domain. A given PE may be in as many Multicast Domains as there are VPNs attached to that PE. However, each Multicast Domain has its own MDT. The MDTs are created by running PIM in the backbone.

In a departure from the usual multicast tree distribution procedures, the Default MDT for a Multicast Domain is constructed automatically as the PEs in the domain come up. Construction of the Default MDT does not depend on the existence of multicast traffic in the domain; it will exist before any such multicast traffic is seen. Default MDTs correspond to the “MI-PMSIs” of [MVPN-ARCH].

Inclusive and Selective PMSIs

We will distinguish between two different kinds of PMSI(there is a third type of PMSI but I haven’t covered it here):

“Multidirectional Inclusive” PMSI (MI-PMSI) – [Also known as default mdt]: A Multidirectional Inclusive PMSI is one that enables ANY PE attaching to a particular MVPN to transmit a message such that it will be received by EVERY other PE attaching to that MVPN. There is at most one MI-PMSI per MVPN. An MI-PMSI can be thought of as an overlay broadcast network connecting the set of PEs supporting a particular MVPN.

“Selective” PMSI (S-PMSI) [Also known as data mdt]: A Selective PMSI is one that provides a mechanism wherein a particular PE in an MVPN can multicast messages so that they will be received by a subset of the other PEs of that MVPN. There may be an arbitrary number of S-PMSIs per PE per MVPN.

In BGP/IP MPLS VPNs, each CE router is a unicast routing adjacency of a PE router, but CE routers at different sites do NOT become unicast routing adjacencies of each other. This important characteristic is retained for multicast routing — a CE router becomes a PIM adjacency of a PE router, but CE routers at different sites do NOT become PIM adjacencies of each other. Multicast packets from within a VPN are received from a CE router by an ingress PE router. The ingress PE encapsulates the multicast packets and (initially) forwards them along the Default MDT tree to all the PE routers connected to sites of the given VPN. Every PE router attached to a site of the given VPN thus receives all multicast packets from within that VPN. If a particular PE routers is not on the path to any receiver of that multicast group, the PE simply discards that packet.

If a large amount of traffic is being sent to a particular multicast group, but that group does not have receivers at all the VPN sites it can be wasteful to forward that group’s traffic along the Default MDT. Therefore, we also specify a method for establishing individual MDTs for specific multicast groups. We call these “Data MDTs”. A Data MDT delivers VPN data traffic for a particular multicast group only to those PE routers which are on the path to receivers of that multicast group. Using a Data MDT has the benefit of reducing the amount of multicast traffic on the backbone, as well reducing the load on some of the PEs; it has the disadvantage of increasing the amount of state that must be maintained by the P routers. The SP has complete control over this tradeoff. Data MDTs correspond to the S-PMSIs.

Multicast VRFs

The notion of a “VRF”, defined in [RFC4364], is extended to include multicast routing entries as well as unicast routing entries. Each VRF has its own multicast routing table. When a multicast data or control packet is received from a particular CE device, multicast routing is done in the associated VRF. Each PE router runs a number of instances of PIM-SM, as many as one per VRF. In each instance of PIM-SM, the PE maintains a PIM adjacency with each of the PIM-capable CE routers associated with that VRF. The multicast routing table created by each instance is specific to the corresponding VRF. We will refer to these PIM instances as “VPN-specific PIM instances”, or “PIM C-instances”.

Each PE router also runs a “provider-wide” instance of PIM-SM (a “PIM P-instance”), in which it has a PIM adjacency with each of its IGP neighbors (i.e., with P routers), but NOT with any CE routers, and not with other PE routers (unless they happen to be adjacent in the SP’s network). The P routers also run the P-instance of PIM, but do NOT run a C-instance.

In order to help clarify when we are speaking of the PIM P-instance and when we are speaking of a a PIM C-instance, we will also apply the prefixes “P-” and “C-” respectively to control messages, addresses, etc. Thus a P-Join would be a PIM Join which is processed by the PIM P-instance, and a C-Join would be a PIM Join which is processed by a C-instance. A P-group address would be a group address in the SP’s address space, and a C-group address would be group address in a VPN’s address space.

Multicast Domains

Model of Operation

A “Multicast Domain (MD)” is essentially a set of VRFs associated with interfaces that can send multicast traffic to each other. From the standpoint of PIM C-instance, a multicast domain is equivalent to a multi-access interface. The PE routers in a given MD become PIM adjacencies of each other in the PIM C-instance.

Each multicast VRF is assigned to one MD. Each MD is configured with a distinct, multicast P-group address, called the “Default MDT group address”. This address is used to build the Default MDT for the MD.

When a PE router needs to send PIM C-instance control traffic to the other PE routers in the MD, it encapsulates the control traffic, with its own IPv4 address as source IP address and the Default MDT group address as destination IP address. Note that the Default MDT is part of P-instance of PIM, whereas the PEs that communicate over the Default MDT are PIM adjacencies in a C-instance. Within the C-instance, the Default MDT appears to be a multi-access network to which all the PEs are attached.

The Default MDT does not only carry the PIM control traffic of the MD’s PIM C-instance. It also, by default, carries the multicast data traffic of the C-instance. In some cases though, multicast data traffic in a particular MD will be sent on a Data MDT rather than on the Default MDT.

Multicast Tunnels

An MD can be thought of as a set of PE routers connected by a “multicast tunnel (MT)”. From the perspective of a VPN-specific PIM instance, an MT is a single multi-access interface. In the SP network, a single MT is realized as a Default MDT combined with zero or more Data MDTs.

Auto-Discovery

Any of the variants of PIM may be used to set up the Default MDT: PIM-SM, Bidirectional PIM [BIDIR], or PIM-SSM [SSM]. Except in the case of PIM-SSM, the PEs need only know the proper P-group address in order to begin setting up the Default MDTs. The PEs will then discover each others’ addresses by virtue of receiving PIM control traffic, e.g., PIM Hellos, sourced (and encapsulated) by each other. However, in the case of PIM-SSM, the necessary MDTs for an MD cannot be set up until each PE in the MD knows the source address of each of the other PEs in that same MD. This information needs to be auto-discovered.

A new BGP Address Family, MDT-SAFI is defined. The NLRI for this address family consists of an:

  • RD
  • IPv4 unicast address
  • multicast group address

A given PE router in a given MD constructs an NLRI in this family from:

  • Its own IPv4 address. If it has several, it uses the one which it will be placing in the IP source address field of multicast packets that it will be sending over the MDT.
  • An RD which has been assigned to the MD.
  • The P-group address, an IPv4 multicast address which is to be used as the IP destination address field of multicast packets that will be sent over the MDT.

When a PE distributes this NLRI via BGP, it may include a Route Target Extended Communities attribute. This RT must be an “Import RT” [RFC4364] of each VRF in the MD. The ordinary BGP distribution procedures used by [RFC4364] will then ensure that each PE learns the MDT-SAFI “address” of each of the other PEs in the MD, and that the learned MDT-SAFI addresses get associated with the right VRFs.

The encoding of the MDT-SAFI is specified in the following

subsection:

MDT-SAFI

BGP messages in which:-

  • AFI=1 and
  • SAFI=66

are “MDT-SAFI” messages.

The NLRI format is 8-byte-RD:IPv4-address followed by the MDT group address. i.e. The MP_REACH attribute for this SAFI will contain one or more tuples of the following form :

+——————————-+

|                                                       |

| RD:IPv4-address (12 octets) |

|                                                       |

+——————————-+

| Group Address (4 octets) |

+——————————-+

The IPv4 address identifies the PE that originated this route, and the RD identifies a VRF in that PE. The group address must be an IPv4 multicast group address, and is used to build the P-tunnels. All PEs attached to a given MVPN must specify the same group-address, even if the group is an SSM group. MDT-SAFI routes do not carry RTs, and the group address is used to associated a received MDT-SAFI route with a VRF.

More detail in MVPN can be found in draft-rosen-vpn-mcast-12.txt

Bookmark and Share
Categories : CCIE, CCIE SP, MVPN, Multicast

No comments yet.

Leave a comment

(required)

(required)


temporal
pcos
loved
farsi
whole
nom
meats
integrating
outfit
grinders
giant
investigation
choose
southport
baths
k2
witt
freedman
norelco
norstar
units
wink
kevin
obstacle
cali
peninsula
ballistic
bensalem
warehouse
tidewater
antigone
crepes
mayer
rx7
right
bakersfield
bach
sb
duplicator
hippies
pampered
keg
halliburton
challenge
sato
burleson
clients
drawers
camaro
mucus
quo
kleen
phillip
chair
ds
juggling
televison
billard
kemp
submarine
manners
mich
pedals
epson
banyan
wii
kline
lyics
toile
nero
aces
turnkey
mormon
actuators
yang
topping
saddleback
alkaline
brides
user
avondale
borax
telecharger
hobbs
tumbling
rove
amphibian
ssl
ministries
bead
mania
hough
failures
lm
reformat
ssn
adviser
mott
emission
whos
synagogue
kamloops
alterations
rollercoaster
cough
mario
month
minorities
kidz
tie
trail
hayward
cemetaries
srx
fantasia
garda
mozambique
dinners
nations
martha
inferno
centers
root
waves
votive
ova
kirkpatrick
racing
bus
migrant
matthews
brokeback
yorba
course
jonathon
brand
humor
ophthalmology
hillsong
klux
clippers
rockville
circa
decoder
institutional
watchdog
sales
intensity
loans
collier
email
crain
stations
involved
turkish
great
ottumwa
retailer
nad
antennas
boundaries
seater
porter
longbow
williamstown
gillian
swiss
hospice
awnings
corning
supplies
convertibles
examinations
plath
paranormal
sg
request
immigrants
mask
treadmills
persuasion
transition
greystone
baritone
ralph
come
radiant
iss
shook
lable
steele
outlines
descartes
lavasoft
cushions
c2
uhf
tenn
rotisserie
crusader
platt
riverfront
legged
shear
petticoat
excalibur
trolling
timelines
turkish
greenbelt
beets
chatroom
dolphins
qualified
keira
waterfront
documentaries
cardiologist
dim
schweiz
minot
streetcar
gum
creole
organized
macau
flor
cowell
marino
dor
arapahoe
roundtable
shielding
charitable
outboards
brick
co
machines
blouse
virus
cruising
extras
bicycles
whirlwind
che
comic
canoe
lexi
hybrid
bonnie
daniela
prop
ki
gloucestershire
earliest
libertarian
springtime
caring
last
covina
fillings
pillow
tos
tatto
marshalls
sante
reporters
luke
cutaway
salamander
bisque
belgian
tips
lancer
hemorrhoids
semester
astoria
goebel
staffing
speeches
arrangement
tourism
cav
fill
lake
glens
taurus
cimarron
gnc
clermont
chisel
intended
drowning
realism
clarkston
sharp
borders
witnesses
silent
environments
option
radiologic
themes
coby
orthodontic
vibration
twilight
lulu