Rate and give feedback:  Feedback Received. Thank You!

Rate and give feedback: 

X

This document helped resolve my issue

Yes No

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:  

E-mail: 

Enter a valid Email ID

Need product assistance? Contact Juniper Support

Submit

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.

Example: Configuring Data MDTs and Provider Tunnels Operating in Source-Specific Multicast Mode

Requirements

• Make sure that the routing devices support multicast tunnel (mt) interfaces.

  A tunnel-capable PIC supports a maximum of 512 multicast tunnel interfaces. Both default and data MDTs contribute to this total. The default MDT uses two multicast tunnel interfaces (one for encapsulation and one for de-encapsulation). To enable an M Series or T Series router to support more than 512 multicast tunnel interfaces, another tunnel-capable PIC is required. See “Tunnel Services PICs and Multicast” in the Multicast Protocols Feature Guide for Routing Devices and “Load Balancing Multicast Tunnel Interfaces Among Available PICs” in the Multicast Protocols Feature Guide for Routing Devices.

• Make sure that the PE router has been configured for a draft-rosen Layer 3 multicast VPN operating in SSM mode in the provider core.

  In this type of multicast VPN, PE routers discover one another by sending MDT subsequent address family identifier (MDT-SAFI) BGP network layer reachability information (NLRI) advertisements. Key configuration statements for the master instance are highlighted in Table 1. Key configuration statements for the VRF instance to which your PE router is attached are highlighted in Table 2. For complete configuration details, see “Example: Configuring Source-Specific Multicast for Draft-Rosen Multicast VPNs” in the Multicast Protocols Feature Guide for Routing Devices.

Overview

• When a PE router that is directly connected to the multicast source (also called the source PE) receives Layer 3 VPN multicast traffic that exceeds a configured threshold, a new data MDT tunnel is established between the PE router connected to the source site and its remote PE router neighbors.
• The source PE advertises the new data MDT group as long as the source is active. The periodic announcement is sent over the default MDT for the VRF. Because the data MDT announcement is sent over the default tunnel, all the PE routers receive the announcement.
• Neighbors that do not have receivers for the multicast traffic cache the advertisement of the new data MDT group but ignore the new tunnel. Neighbors that do have receivers for the multicast traffic cache the advertisement of the new data MDT group and also send a PIM join message for the new group.
• The source PE encapsulates the VRF multicast traffic using the new data MDT group and stops the packet flow over the default multicast tree. If the multicast traffic level drops back below the threshold, the data MDT is torn down automatically and traffic flows back across the default multicast tree.
• If a PE router that has not yet joined the new data MDT group receives a PIM join message for a new receiver for which (S,G) traffic is already flowing over the data MDT in the provider core, then that PE router can obtain the new group address from its cache and can join the data-MDT immediately without waiting up to 59 seconds for the next data MDT advertisement.

By default, automatic creation of data MDTs is disabled.

• In the master instance, the PE router’s prerequisite draft-rosen PIM-SSM multicast configuration includes statements that directly support the data MDT configuration you will enable in this example. Table 1 highlights some of these statements^†.

  Table 1: Data MDTS—Key Prerequisites in the Master Instance

  Statement	Description
  [edit protocols] pim {interface interface-name <options>;}	Enables the PIM protocol on PE router interfaces.
  [edit protocols] bgp {group name {type internal;peer-as autonomous-system;neighbor address;family inet-mdt {signaling;}}} [edit routing-options]autonomous-system autonomous-system;	In the internal BGP full mesh between PE routers in the VRF instance, enables the BGP protocol to carry MDT-SAFI NLRI signaling messages for IPv4 traffic in Layer 3 VPNs.
  [edit routing-options] multicast {ssm-groups [ ip-addresses ];}	(Optional) Configures one or more SSM groups to use inside the provider network in addition to the default SSM group address range of 232.0.0.0/8. Note: For this example, it is assumed that you previously specified an additional SSM group address range of 239.0.0.0/8.
  † This table contains only a partial list of the PE router configuration statements for a draft-rosen multicast VPN operating in SSM mode in the provider core. For complete configuration information about this prerequisite, see “Example: Configuring Source-Specific Multicast for Draft-Rosen Multicast VPNs” in the Multicast Protocols Feature Guide for Routing Devices.

• In the VRF instance to which the PE router is attached—at the [edit routing-instances name] hierarchy level—the PE router’s prerequisite draft-rosen PIM-SSM multicast configuration includes statements that directly support the data MDT configuration you will enable in this example. Table 2 highlights some of these statements^‡.

  Table 2: Data MDTs—Key Prerequisites in the VRF Instance

  Statement	Description
  [edit routing-instances name]instance-type vrf;vrf-target community;	Creates a VRF table (instance-name.mdt.0) that contains the routes originating from and destined for the Layer 3 VPN. Creates a VRF export policy that automatically accepts routes from the instance-name.mdt.0 routing table. ensures proper PE autodiscovery using the inet-mdt address family You must also configure the interface and route-distinguisher statements for this type of routing instance.
  [edit routing-instances name] protocols {mvpn {autodiscovery-only {intra-as {inclusive;}}}}	Enables the MVPN control plane for autodiscovery only, using intra-AS autodiscovery routes over an inclusive provider multicast service interface (PMSI).
  [edit routing-instances name] protocols {pim {mvpn {autodiscovery {inet-mdt;}}}}	Configures the PE router in a VPN to use an MDT-SAFI NLRI for autodiscovery of other PE routers:
  [edit routing-instances name] provider-tunnel {pim-ssm {group-address address;}}	Configures the PIM-SSM provider tunnel default MDT group address. Note: For this example, it assumed that you previously configured the PIM-SSM provider tunnel default MDT for the VPN instance ce1 with the group address 239.1.1.1. To verify the configuration of the default MDT tunnel for the VRF instance to which the PE router is attached, use the show pim mvpn operational mode command.
  ‡ This table contains only a partial list of the PE router configuration statements for a draft-rosen multicast VPN operating in SSM mode in the provider core. For complete configuration information about this prerequisite, see “Example: Configuring Source-Specific Multicast for Draft-Rosen Multicast VPNs” in the Multicast Protocols Feature Guide for Routing Devices.

• For a rosen 7 MVPN—a draft-rosen multicast VPN with provider tunnels operating in SSM mode—you configure data MDT creation for a tunnel multicast group by including statements under the PIM-SSM provider tunnel configuration for the VRF instance associated with the multicast group. Because data MDTs are specific to VPNs and VRF routing instances, you cannot configure MDT statements in the master routing instance. Table 3 summarizes the data MDT configuration statements for PIM-SSM provider tunnels.

  Table 3: Data MDTs for PIM-SSM Provider Tunnels in a Draft-Rosen MVPN

  Statement	Description
  [edit routing-instances name] provider-tunnel {mdt {group-range multicast-prefix;}}	Configures the IP group range used when a new data MDT needs to be created in the VRF instance on the PE router. This address range cannot overlap the default MDT addresses of any other VPNs on the router. If you configure overlapping group ranges, the configuration commit fails. This statement has no default value. If you do not set the multicast-prefix to a valid, nonreserved multicast address range, then no data MDTs are created for this VRF instance. Note: For this example, it is assumed that you previously configured the PE router to automatically select an address from the 239.10.10.0/24 range when a new data MDT needs to be initiated.
  [edit routing-instances name] provider-tunnel {mdt {tunnel-limit limit;}}	Configures the maximum number of data MDTs that can be created for the VRF instance. The default value is 0. If you do not configure the limit to a non-zero value, then no data MDTs are created for this VRF instance. The valid range is from 0 through 1024 for a VRF instance. There is a limit of 8000 tunnels for all data MDTs in all VRF instances on a PE router. If the configured maximum number of data MDT tunnels is reached, then no new tunnels are created for the VRF instance, and traffic that exceeds the configured threshold is sent on the default MDT. Note: For this example, you limit the number of data MDTs for the VRF instance to 10.
  [edit routing-instances name] provider-tunnel {mdt {threshold {group group-address {source source-address {rate threshold-rate;}}}}}	Configures a data rate for the multicast source of a default MDT. When the source traffic in the VRF instance exceeds the configured data rate, a new tunnel is created. group group-address—Multicast group address of the default MDT that corresponds to a VRF instance to which the PE router is attached. The group-address explicit (all 32 bits of the address specified) or a prefix (network address and prefix length specified). This is typically a well-known address for a certain type of multicast traffic. source source-address—Unicast IP prefix of one or more multicast sources in the specified default MDT group. rate threshold-rate—Data rate for the multicast source to trigger the automatic creation of a data MDT. The data rate is specified in kilobits per second (Kbps). The default threshold-rate is 10 kilobits per second (Kbps). For this example, you configure the following data MDT threshold: Multicast group address or address range to which the threshold limits apply—224.0.9.0/32 Multicast source address or address range to which the threshold limits apply—10.1.1.2/32 Data rate—10 Kbps When the traffic stops or the rate falls below the threshold value, the source PE router switches back to the default MDT.

Topology

Figure 1 shows a default MDT.

Figure 1: Default MDT

Figure 2 shows a data MDT.

Figure 2: Data MDT

Configuration

The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see the CLI User Guide.

• Enabling Data MDTs and PIM-SSM Provider Tunnels on the Local PE Router Attached to a VRF
• (Optional) Enabling Logging of Detailed Trace Information for Multicast Tunnel Interfaces on the Local PE Router
• Results

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

Enabling Data MDTs and PIM-SSM Provider Tunnels on the Local PE Router Attached to a VRF

Step-by-Step Procedure

1. Enable configuration of provider tunnels operating in SSM mode.

   [edit]user@host# edit routing-instances ce1 provider-tunnel

2. Configure the range of multicast IP addresses for new data MDTs.

   [edit routing-instances ce1 provider-tunnel]user@host# set mdt group-range 239.10.10.0/24
3. Configure the maximum number of data MDTs for this VRF instance.
   [edit routing-instances ce1 provider-tunnel]user@host# set mdt tunnel-limit 10

4. Configure the data MDT-creation threshold for a multicast group and source.

   [edit routing-instances ce1 provider-tunnel]user@host# set mdt threshold group 224.0.9.0/32 source 10.1.1.2/32 rate 10

5. If you are done configuring the device, commit the configuration.

   [edit]user@host# commit

Results

Note: The show routing-instances command output above does not show the complete configuration of a VRF instance in a draft-rosen MVPN operating in SSM mode in the provider core.

(Optional) Enabling Logging of Detailed Trace Information for Multicast Tunnel Interfaces on the Local PE Router

Step-by-Step Procedure

1. Enable configuration of PIM tracing options.

   [edit]user@host# set protocols pim traceoptions

2. Configure the trace file name, maximum number of trace files, maximum size of each trace file, and file access type.

   [edit protocols pim traceoptions]set file trace-pim-mdtset file files 5set file size 1mset file world-readable

3. Specify that messages related to multicast data tunnel operations are logged.

   [edit protocols pim traceoptions]set flag mdt detail

4. If you are done configuring the device, commit the configuration.

   [edit]user@host# commit

Results

Verification

To verify that the local PE router is managing data MDTs and PIM-SSM provider tunnels properly, perform the following tasks:

• Monitor Data MDTs Initiated for the Multicast Group
• Monitor Data MDT Group Addresses Cached by All PE Routers in the Multicast Group
• (Optional) View the Trace Log for Multicast Tunnel Interfaces

Monitor Data MDTs Initiated for the Multicast Group

Purpose

For the VRF instance ce1, check the incoming and outgoing tunnels established by the local PE router for the default MDT and monitor the data MDTs initiated by the local PE router.

Action

Use the show pim mdt instance ce1 detail operational mode command.

For the default MDT, the command displays details about the incoming and outgoing tunnels established by the local PE router for specific multicast source addresses in the multicast group using the default MDT and identifies the tunnel mode as PIM-SSM.

For the data MDTs initiated by the local PE router, the command identifies the multicast source using the data MDT, the multicast tunnel logical interface set up for the data MDT tunnel, the configured threshold rate, and current statistics.

Monitor Data MDT Group Addresses Cached by All PE Routers in the Multicast Group

Purpose

For the VRF instance ce1, check the data MDT group addresses cached by all PE routers that participate in the VRF.

Action

Use the show pim mdt data-mdt-joins instance ce1 operational mode command. The command output displays the information cached from MDT join TLV packets received by all PE routers participating in the specified VRF instance, including the current timeout value of each entry.

(Optional) View the Trace Log for Multicast Tunnel Interfaces

Purpose

If you configured logging of trace Information for multicast tunnel interfaces, you can trace the creation and tear-down of data MDTs on the local router through the mt interface-related activity in the log.

Action

To view the trace file, use the file show /var/log/trace-pim-mdt operational mode command.