multicast traffic is being flooded!

hi guys;

 

 

i have a 3 routers on a broadcast domain as follows:

 

 

r1-3560x------Aggregator1-3560G---------Aggregator2-3560G----r2-3560x

                                                                   |

                                                                   |

                                                                   |

                                                                Aggregator-3-3560G

                                                                      :

                                                                      :

                                                                      :

                                                                     r3-3560x

 

all 3 routers have teh follwoing config:

 

r1

ip multicast-routing distributed


        quit

license boot level ipservices

spanning-tree mode pvst

spanning-tree extend system-id

!

!

!

!

vlan internal allocation policy ascending

!

lldp run

!

!

!

!

!

!

interface Loopback0

 ip address 10.10.10.2 255.255.255.0

!

interface FastEthernet0

 no ip address

 no ip route-cache cef

 no ip route-cache

!         

interface GigabitEthernet0/1

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 999

 switchport trunk allowed vlan 100,999

 switchport mode trunk

 load-interval 30

 no ip igmp snooping tcn flood

!         

interface GigabitEthernet0/2

!         

interface GigabitEthernet0/3

!         

interface GigabitEthernet0/4

!         

interface GigabitEthernet0/5

 switchport access vlan 101

 load-interval 30

!         

interface GigabitEthernet0/6

!         

interface GigabitEthernet0/7

!         

interface GigabitEthernet0/8

!         

interface GigabitEthernet0/9

!         

interface GigabitEthernet0/10

 --More-- 

 

 

vlan 100

name WAN-Primary

vlan 101

name Video-Primary

 

interface vlan 100


ip address 10.224.100.2 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip ospf hello-interval 1

 

 


nterface Vlan101

 ip address 192.168.1.1 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip igmp version 3

 

 

 


router ospf 900

 router-id 10.224.1.2

 network 10.10.10.2 0.0.0.0 area 0

 network 10.224.100.0 0.0.0.255 area 0

 network 192.168.1.0 0.0.0.255 area 0

!         

!

ip http server

ip http secure-server

!         

no ip pim autorp

ip pim ssm range 99

!

ip sla enable reaction-alerts

logging esm config

access-list 99 permit 231.0.0.0 0.255.255.255

access-list 99 permit any log

 

----------------------------------------

 

 

r2

 


ip multicast-routing distributed

 

 

license boot level ipservices

spanning-tree mode pvst

spanning-tree extend system-id

!

!

!

!

vlan internal allocation policy ascending

!

lldp run

!

!

!

!

!

!

interface Loopback0

 ip address 10.10.10.1 255.255.255.0

!

interface FastEthernet0

 no ip address

 no ip route-cache cef

 no ip route-cache

!         

interface GigabitEthernet0/1

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 999

 switchport trunk allowed vlan 100,999

 switchport mode trunk

 load-interval 30

 no ip igmp snooping tcn flood

!         

interface GigabitEthernet0/2

!         

interface GigabitEthernet0/3

!         

interface GigabitEthernet0/4

!         

interface GigabitEthernet0/5

 switchport access vlan 101

 load-interval 30

!         

interface GigabitEthernet0/6

!         

interface GigabitEthernet0/7

!         

interface GigabitEthernet0/8

!         

interface GigabitEthernet0/9

!         

interface GigabitEthernet0/10

 --More-- 

 

 

 

vlan 100

name WAN-Primary

vlan 101

name Video-Primary

 

interface vlan 100

 

ip address 10.224.100.3 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip ospf hello-interval 1

 

 

 

 

nterface Vlan101

 ip address 192.168.1.3 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip igmp version 3

 

 

 

 

 

router ospf 900

 router-id 10.224.1.2

 network 10.10.10.2 0.0.0.0 area 0

 network 10.224.100.0 0.0.0.255 area 0

 network 192.168.1.0 0.0.0.255 area 0

!         

!

ip http server

ip http secure-server

!         

no ip pim autorp

ip pim ssm range 99

!

ip sla enable reaction-alerts

logging esm config

access-list 99 permit 231.0.0.0 0.255.255.255

access-list 99 permit any log

 

 

--------------------------------------

r3

 


ip multicast-routing distributed

 

 

license boot level ipservices

spanning-tree mode pvst

spanning-tree extend system-id

!

!

!

!

vlan internal allocation policy ascending

!

lldp run

!

!

!

!

!

!

interface Loopback0

 ip address 10.10.10.1 255.255.255.0

!

interface FastEthernet0

 no ip address

 no ip route-cache cef

 no ip route-cache

!         

interface GigabitEthernet0/1

 switchport trunk encapsulation dot1q

 switchport trunk native vlan 999

 switchport trunk allowed vlan 100,999

 switchport mode trunk

 load-interval 30

 no ip igmp snooping tcn flood

!         

interface GigabitEthernet0/2

!         

interface GigabitEthernet0/3

!         

interface GigabitEthernet0/4

!         

interface GigabitEthernet0/5

 switchport access vlan 101

 load-interval 30

!         

interface GigabitEthernet0/6

!         

interface GigabitEthernet0/7

!         

interface GigabitEthernet0/8

!         

interface GigabitEthernet0/9

!         

interface GigabitEthernet0/10

 --More-- 

 

 

 

vlan 100

name WAN-Primary

vlan 101

name Video-Primary

 

interface vlan 100

 

ip address 10.224.100.4 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip ospf hello-interval 1

 

 

 

 

nterface Vlan101

 ip address 192.168.1.4 255.255.255.0

 ip pim query-interval 1

 ip pim sparse-mode

 ip igmp version 3

 

 

 

 

 

router ospf 900

 router-id 10.224.1.2

 network 10.10.10.2 0.0.0.0 area 0

 network 10.224.100.0 0.0.0.255 area 0

 network 192.168.1.0 0.0.0.255 area 0

!         

!

ip http server

ip http secure-server

!         

no ip pim autorp

ip pim ssm range 99

!

ip sla enable reaction-alerts

logging esm config

access-list 99 permit 231.0.0.0 0.255.255.255

access-list 99 permit any log

 

 

----------------------------------------

 

 

Now the problem is that when r1's connected source generates a stream, and when only r2 has an active subscriber, our r3 is also seeing multicast traffic on the aggregator 3 and on r3 itself even though it does not have an active subscriber/reporter.

 

 

This leads me to think that multicast is being broad cast on vlan 100 (teh wan vlan). Can somebody point out what is wrong.

 

regadrs

 

 

 

 

 

 

Comments

  • This leads me to think that multicast is being broad cast on vlan 100 (teh wan vlan). Can somebody point out what is wrong.

    OK there is fair bit of configuration to dig through here!

    My questions would be -

    • Can we see the output of show ip pim neighbor on all three routers?
    • Can we see the output of show ip mroute on all three routers for the relevant G?
    • I'm assuming vlan 100 is a common broadcast domain between the three routers?
    • I assume you are running SSM?

    My first pass of this would be that both R2 and R3 vlan 100 interfaces would see multicast traffic from a source behind R1 assuming a that a host had joined the group downstream of R2.  Remember this is a broadcast media.

    R3 would silently discard this traffic as it wouldn't have any state for the (S,G).

    Are you expecting the aggregator switches to stop this happening? At L2 this would required IGMP to be running on VLAN 100 which it wouldn't in this particular scenario - so how would the switches know that the L2 interface down to R3 could be pruned?  This scenario would only work if you propagation multicast beyond R2 or R3 via a L2 switch.  You design is using multicast routing where this isn't relevant.

    Does this make sense - comment back and I can explain further?

    HTH

     

    *
    * UPDATE

    *

    Of course if you wanted to prevent this behaviour - you could also implement separate point to point VLANs down to the two routers!

     

  • In addition to what welshydragon suggested, can you also paste result of the following commands:

    show ip igmp snooping

    show ip igmp snooping groups

Sign In or Register to comment.