Multicast Virtual Private Networks

Similar documents
MULTI-VRF AND IP MULTICAST

ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL STUB ROUTER FUNCTIONALITY

END-OF-SALE AND END-OF-LIFE ANNOUNCEMENT FOR THE CISCO MEDIA CONVERGENCE SERVER 7845H-2400

Cisco CallManager 4.0-PBX Interoperability: Lucent/Avaya Definity G3 MV1.3 PBX using 6608-T1 PRI NI2 with MGCP

NEW CISCO IOS SOFTWARE RELEASE 12.2(25)EY FOR CISCO CATALYST 3750 METRO SERIES SWITCHES

Cisco Voice Services Provisioning Tool 2.6(1)

CISCO IP PHONE 7970G NEW! CISCO IP PHONE 7905G AND 7912G XML

Cisco 2651XM Gateway - PBX Interoperability: Avaya Definity G3 PBX using Analog FXO Interfaces to an H.323 Gateway

Cisco Extensible Provisioning and Operations Manager 4.5

THE POWER OF A STRONG PARTNERSHIP.

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

NEW JERSEY S HIGHER EDUCATION NETWORK (NJEDGE.NET), AN IP-VPN CASE STUDY

Cisco 3745 Gateway - PBX Interoperability: Avaya Definity G3 PBX using Q.931 PRI Network Side Interfaces to an H.323 Gateway

NEW METHOD FOR ORDERING CISCO 1700 SERIES MODULAR ACCESS ROUTERS AND CISCO 1800 SERIES INTEGRATED SERVICES ROUTERS SOFTWARE SPARE IMAGES

Cisco ONS SDH 12-Port STM-1 Electrical Interface Card

Cisco Catalyst 2950 Series Software Feature Comparison Standard Image (SI) and Enhanced Image (EI) Feature Comparison

CONFIGURING EPOLICY ORCHESTRATOR 3.0 AND MCAFEE 8.0i WITH CISCO CALLMANAGER

Cisco Unified CallConnector for Microsoft Office Quick Reference Guide 1

CISCO FAX SERVER. Figure 1. Example Deployment Scenario. The Cisco Fax Server solution consists of the following components:

Cisco MDS 9000 Family and EMC ECC Integration

ANNOUNCING NEW PRODUCT OFFERINGS FOR THE CISCO CATALYST 6500 SERIES

The second enhancement is the first step in a series of new commands, which will eliminate the potential for groups to transition from Sparse Mode int

Using TAPS with +E.164 Directory Numbers

USING MCAFEE VIRUSSCAN ENTERPRISE 8.0I WITH CISCO CALLMANAGER

High-Availability Solutions for SIP Enabled Voice-over-IP Networks

Traffic Offload. Cisco 7200/Cisco 7500 APPLICATION NOTE

USING TREND SERVERPROTECT5 WITH CISCO CALLMANAGER

END-OF-SALE AND END-OF-LIFE ANNOUNCEMENT FOR THE CISCO FLEXWAN MODULE FOR USE WITH THE CISCO 7600 SERIES ROUTERS AND CATALYST 6500 SERIES SWITCHES

Cisco CallManager Server Upgrade Program

CISCO SFP OPTICS FOR PACKET-OVER-SONET/SDH AND ATM APPLICATIONS

Cisco EtherChannel Technology

Cisco Aironet In-Building Wireless Solutions International Power Compliance Chart

Cisco Unified CallManager 4.0-PBX Interoperability: Mitel 3300 ICP Release 4.1 PBX to a Cisco 6608 Gateway using T1 QSIG with MGCP

Cisco AS5300 Gateway - PBX Interoperability: NEC NEAX 2400 PBX using T1 PRI Interfaces to an H.323 Gateway

CISCO NETWORK CONNECTIVITY CENTER BUSINESS DASHBOARD

E-Seminar. Voice over IP. Internet Technical Solution Seminar

CISCO 7304 SERIES ROUTER PORT ADAPTER CARRIER CARD

Cisco Systems Intelligent Storage Networking

Cisco Value Incentive Program Advanced Technologies: Period 7

Third party information provided to you courtesy of Dell

END-OF-SALE AND END-OF-LIFE ANNOUNCEMENT FOR THE CISCO CATALYST 6500 SERIES OC-12 ATM MODULE

IP Communications for Small Offices Using Cisco CallManager Express and Cisco Unity Express

Strategic IT Plan Improves NYCHA Resident Services While Reducing Costs US$150 Million

Cisco Unity 4.0(4) with Cisco Unified CallManager 4.1(2) Configured as Message Center PINX using Cisco WS-X6608-T1 using Q.SIG as MGCP Gateway

CISCO TRANSPORT MANAGER 4.7

Cisco Optimization Services

CISCO IOS SOFTWARE RELEASE 12.3(11)YK

CISCO 7200 SERIES NETWORK PROCESSING ENGINE NPE-G1

CISCO WDM SERIES OF CWDM PASSIVE DEVICES

THE CISCO SUCCESS BUILDER PROGRAM THE CISCO SMALL OFFICE COMMUNICATIONS CENTER: AFFORDABLE, PROVEN COMMUNICATIONS SOLUTIONS FOR SMALL ORGANIZATIONS

Introducing Cisco Catalyst 4500 Series Supervisor Engine II-Plus-10GE and Cisco Catalyst 4500 Series 48-Port 100BASE-X SFP Line Card

CiscoWorks Security Information Management Solution 3.1

Cisco 2651XM Gateway - PBX Interoperability: Ericsson MD-110 PBX using Q.931 BRI User Side Interfaces to an H.323 Gateway

The Cisco Unified Communications Planning and Design Service Bundle

CISCO CATALYST 6500 SERIES CONTENT SWITCHING MODULE

Cisco Unified CallManager Licensing Pricing Model

The information presented in this document was created from devices in a specific lab environment. All of the devices started with a cleared (default)

Cisco Router and Security Device Manager Intrusion Prevention System

Взято с сайта

NEW CISCO IOS SOFTWARE RELEASE 12.2(25)FY FOR CISCO CATALYST EXPRESS 500 SERIES SWITCHES

CISCO CENTRALIZED WIRELESS LAN SOFTWARE RELEASE 3.0

Cisco AVVID The Architecture for E-Business

Cisco 7304 Shared Port Adapter Modular Services Card

CISCO AC/DC POWER SOLUTION FOR USE WITH CISCO OPTICAL PLATFORMS

CISCO ONS SONET 12-PORT DS-3 TRANSMULTIPLEXER CARD

Cisco Unified Wireless IP Phone 7920 Multi-Charger

Cisco Unified Wireless Network Software Release 3.1

E-Seminar. Wireless LAN. Internet Technical Solution Seminar

Cisco ONS SONET 48-Port DS-3/EC-1 Interface Card

Cisco StackWise Technology

Cisco ubr7200-npe-g1 Network Processing Engine for the Cisco ubr7246vxr Universal Broadband Router

NETWORK ADMISSION CONTROL

CISCO 10GBASE XENPAK MODULES

Quick Start Guide Cisco CTE 1400 and Design Studio

Cisco Router and Security Device Manager Cisco Easy VPN Server

Innovation in Accessibility

Cisco Catalyst 4500 Series Power Supplies and External AC Power Shelf

CISCO CATALYST 6500 SERIES WITH CISCO IOS SOFTWARE MODULARITY

Cisco T3/E3 Network Module for Cisco 2600, 3600, and 3700 Series Routers

Cisco VIP6-80 Services Accelerator

Cisco IT Data Center and Operations Control Center Tour

Cisco MCS 7815-I2-UC1 Media Convergence Server

Portable Product Sheets Cat 4500 Supervisors last updated July 22, 2009

CISCO AIRONET 1230AG SERIES ACCESS POINT

CISCO GIGABIT INTERFACE CONVERTER

C ISCO INTELLIGENCE ENGINE 2100 SERIES M OUNTING AND CABLING

Cisco 7200VXR Series NPE-G2 Network Processing Engine

Avaya Definity CM 2.0 to a Cisco IAD243X using PRI T1 5ESS ISDN with SIP

WLAN Small Business Guide

New York University 3D Resilience

A New Services Aggregation Benchmark for the WAN and MAN The Cisco 7200VXR Series Router

Cisco MGX 8000 Series Multiservice Switch Broadband ATM Switching Module

Cisco ONS MA SONET Multiservice Platform

Cisco MDS 9000 Family Small Form-Factor Pluggable Devices

Cisco Helps Government of Catalonia, Spain, Improve Citizen Satisfaction Through Shared Services Portal

CISCO SERIES 8-PORT UNCHANNELIZED E3/T3 LINE CARD

Cisco Persistent Storage Device

DATA SHEET. Catalyst Inline Power Patch Panel

Cisco 7600 Multiprocessor WAN Application Module for Broadband Aggregation

End-of-Sale and End-of-Life Announcement for Select Cisco Catalyst 2950G and Catalyst 2950T Series Switches

Transcription:

White Paper Multicast Virtual Private Networks Executive Summary The purpose of this paper is to provide an understanding and background to IP Multicast in relation to Virtual Private Networks (VPNs) and to describe in detail the Cisco architecture for a Multicast VPN solution. This is aimed toward service providers providing an MVPN for Enterprise customers only. Virtual Private Networks A VPN is network connectivity across a shared infrastructure (such as an ISP). It aims to provide the same policies and performance as a private network, at a reduced cost of ownership, thus creating many opportunities for cost savings through operations and infrastructure. Tunnels through VPNs Historically, IP in IP / Generic Route Encapsulation (GRE) tunnels was the only way to connect through a service provider network. While such tunnelled networks tend to have scalability issues, they do represent the only means of passing IP multicast traffic through a VPN. MPLS Multiprotocol Label Switching (MPLS) was originally derived from Tag Switching, and various other vendor methods of IP-switching support enhancements in the scalability and performance of IP-routed networks by combining the intelligence of routing with the high performance of switching. MPLS is now used for VPNs, which is an appropriate combination because MPLS decouples information used for forwarding of the IP packet (the label) from the information carried in the IP header. MPLS VPNs can combine any of the following: Globally unique and routable addresses Globally unique, non-routable addresses Private addresses (RFC1918) Addresses that are neither globally unique nor private. Label Switched Paths are bound to VPN-IP routes and are confined to the VPN Service Provider. Multicast Overview Multicast vs. Unicast IP Multicast is part of the TCP/IP suite of protocols. While IP Unicast uses Class A, B, and C address, IP Multicast uses Class D addresses. Multicast is an efficient paradigm for transmitting the same data to multiple receivers, because of its concert of a Group address. This allows a group of receivers to listen to the single address. IP Multicast packets are replicated by routers within the network when there is more than one sub-network requiring a copy of the data. IP Unicast makes the source responsible for creating an individual IP stream for each receiver. All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 1 of 10

Multicast is a robust and scalable solution for group communication because of this distributed replication of data and because only 1 copy of the packet needs to traverse a link For example, suppose a company president sends a presentation to all employees. IP Multicast: bandwidth for one viewer equates bandwidth for all viewers IP Unicast: it would be impossible, due to the cost of network infrastructure, if each receiver were to have a unique data stream Applications areas that take advantage of IP Multicast include, but are not limited to, corporate communications, distance learning, and the distribution of software. Following are some basic IP Multicast concepts (not an exhaustive explanation of IP multicast technology). Please refer to the appendix of this document for details Trees Only one packet is transmitted by the source, so the Network is responsible for replicating the packet at each bifurcation point in the network. This results in a multicast distribution tree. There are two main types of trees: Source Trees/Shortest Path Trees Uni-directional trees rooted at the data source. They are the only types of tree in a dense mode flood and prune network, but are also used in Sparse Mode networks. Shared Trees Uni-directional trees rooted at a common point. Shared trees are used in protocols where receivers are sparsely populated and it would be inefficient to learn about active sources by flooding the data. In Protocol Independent Multicast Sparse Mode (PIM SM), the common root of the shared tree is called the Rendezvous Point. This is the point where receivers join to learn of active sources. Multicast Routing protocols Historic Several routing protocols were designed to work with IP Multicast. These were a ships in the night approach, which required a separate Routing table for IP Multicast traffic. Distance Vector Multicast Routing Protocol (DVMRP) DVMRP was the first Multicast routing Protocol, and is an example of a source tree routing protocol. Multicast Open Shortest Path First (MOSPF) MOSPF attempted to use OSPF with multicast routing. It is also an example of a Source tree routing protocol. Core Base Trees (CBT) CBTs were designed to use a shared tree to deliver multicast data, but they were never implemented beyond the experimental networks. All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 2 of 10

Defacto Standard Protocol Independent Multicast (PIM) PIM does not use a ships in the night approach; rather, it is designed to forward IP Multicast traffic using the standard Unicast routing table. PIM uses the Unicast routing table to decide if the source of the IP multicast packet has arrived on the optimal path from the source. This process, the RPF check, is Protocol Independent because it is based on the contents of the Unicast Routing table and not any particular routing protocol. There are two types of PIM protocols: Dense Mode (DM) and Sparse Mode (SM). PIM Dense Mode (DM) PIM DM is no longer a widely deployed protocol because PIM SM has proven to be the more efficient multicast PIM SM PIM sparse mode has been enhanced over the years, evolving from an experimental standard to a draft standard. It is now the most widely deployed multicast protocol. It initially uses a shared tree, but then allows the last hop router to join a Source tree if it so chooses. This is an efficient methodology, as it prevents the flooding of data and associated waste of resources, while forwarding data along the optimal path. The growing deployment of IP Multicast by applications has necessitated two new distribution paradigms. Bi-directional PIM (PIM Bi-Dir) PIM Bi-Dir will create a two-way forwarding tree, which. will allow the efficient transmission of low bandwidth many-to-many communication; for example, a financial trading application. Source Specific Multicast (SSM) SSM is a solution where the knowledge of the source is acquired out of band. SSM uses only a source tree, but there is no flooding of data, because learning the source is out of band. SSM is most useful for applications such as Internet broadcasting or corporate communications Three Proposed MVPN Solutions Draft-rosen-vpn-mcast-03.txt extends the IETF VPN specification by describing the protocols and procedures required to support an IP Multicast VPN. Multicast Domains This solution requires the provider to enable IP Multicast within its network. On each Provider Edge () router, the provider creates a Multicast Tunnel Interface (MTI) and Multicast VPN routing / forwarding (VRF) for each customer. The MTI encapsulates customers Multicast data within its own Multicast packet with a destination group that is unique for a particular customer and to which all for that customer belong. All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 3 of 10

Figure 1 MTI Encapsulation C-packet SRC = PC1 DST = 225.1.1.1 P-packet SRC = Lo1 DST = 234.10.10.10.1 C-packet SRC = PC1 DST = 225.1.1.1 Lo1 VPN-IP PIM VPN-IP PM requires that customers multicast data be delivered natively through the provider s network. Each customer VRF is leaked into a global table. This solution requires that the source of the Multicast tree is noted and the VRF of that tree is used to create a route distinguisher. This becomes RD:S,G or RD: *,G, which makes the mroute entry unique for that customer. While this RD does allow the provider to uniquely identify the multicast data, the packet must be encapsulated with MPLS multicast labels in order to forward the data. Multicast Domain (MD) Using PIM Non-Broadcast Multi-Access (NBMA) Techniques This solution uses a tunnel interface on the. Unlike GRE tunneling, this is no a point-to-point tunnel. This tunnel interface tracks the remote and Unicasts the multicast packets to the remote s. This solution is initially attractive, because it keeps multicast state out of the core; however, it requires a large amount of replication by the router and creates a great deal of additional to Unicast traffic. Figure 2 Unicast Forwarding of Multicast using NBMA Technique IP Unicast 3 2 1 IP Multicast 4 IP Multicast All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 4 of 10

Cisco MVPN Details While there are significant deployment obstacles to each of the preceding MVPN solutions, Multicast Domains is the most attractive alternative because: The provider must configure a native IP multicast network within their core network; this includes both the P and routers. IP Multicast is a mature technology that has been deployed since Cisco IOS Software 10.0. This minimizes risk for the provider network, because a new feature will not have to be introduced into its core to support MVPNs. Multicast Domain Solution This method originally had less than optimal performance, because it requires that all routers connected to a customer receive all of that customer s Multicast data regardless of the presence of an interested receiver in that location. When enhancements resolved this characteristic with a new methodology, it became a truly attractive solution. Figure 3 Default MDT Concept Service Provider Default MDT The aforementioned enhancement is the addition of ephemeral trees that are created on the fly. These trees distribute multicast group data that exceeds a certain configured threshold of Bandwidth (BW) to only those who have joined this new tree. These are tress are called MDT-data trees. The word data is appended as these groups are designed to be used for groups that will require a higher amount of bandwidth to deliver their data. All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 5 of 10

Figure 4 Data MDT Concept Service Provider Data MDT This diagram indicates that the Data MDT is only joined by those routers that have routers who are intended recipients of the data. routers signal use of Data-MDT via a UDP packet on port number 3232, which is sent via the default MDT. This packet contains an all-pim routers message, indicating the group to be joined if required. Interaction of Customer and Providers Multicast Network It is important to remember that the customer s IP Multicast network has no relationship to the provider s multicast network. From the perspective of the provider, the customer s IP Multicast packets are merely data to the provider s distinctive IP Multicast network. It is important to understand that PIM, and in particular PIM-SM, are the only supported multicast protocols for MVPN. Bi-Dir PIM may be supported in the future, when it is deemed stable enough for the core of a provider network. All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 6 of 10

Figure 5 Customer PIM Adjacencies PIM Adjacency Customer Customer Service Provider PIM Adjacency P Customer PIM Adjacency routers do not have a PIM adjacency across the provider network with remote routers, but rather have an adjacency with their local routers and the router. When the router receives an MDT packet, it performs an RPF check. During the transmission of the packet through the Provider network, the normal RPF rules apply. However, at the remote s, the router needs to ensure that the originating router was the correct one for that. It does this by checking the BGP next hop address of the customer s packet s source address. This next hop address should be the source address of the MDT packet. The also checks that there is a PIM neighbourship with the remote. Currently, only a single MVRF is supported per customer. This limitation precludes the customer also receiving Internet or any other outside domain s Multicast traffic A unique Group address is required to be used as MDT for each particular customer. A unique source address for the Multicast packet in the provider network is also required. This source address is recommended to be the address of the loopback interface, which is used as the source for the IBGP, as this address is used for the RPF check at remote. If the provider uses MDT-data groups, then these will also need to be configured. These MDT-data groups must be unique for each customer. The routers must have a PIM adjacency to each other. No other routing protocols may use these MTIs. Figure 6 Provider s PIM Adjacencies P Lo1 PIM Adjacency All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 7 of 10

BGP Requirements routers are the only routers that need to be MVPN aware and able to signal to remote 's information regarding the MVPN. It is therefore fundamental that all routers have a BGP relationship with each other. Either directly or via a Route Reflector. The source address of the Default-MDT will be the same address used to source the ibgp sessions with the remote routers that belong to the same VPN and MVRF. When PIM-SSM is used for transport inside the provider core, it is via this BGP relationship that the s indicate that they are MVPN capable and provide for source discovery. This capability is indicated via the updated BGP message. When a receives a BGP update, which includes the RD and the group information, it joins the root of that tree, thereby joining the MDT. The RPF check on the is satisfied when the following conditions are met: 1. The next hop for the source of the data is the BGP neighbor, which is the source of the MDT 2. The Source of the MDT is a PIM neighbor (M)VPN-IPv4 address (12 bytes) Route Distinguisher - 8 bytes type-field: 2 bytes value-field: 6 bytes New type for Multicast-VPN: 2 Its value field (AS format must be used): 2 bytes ASN 4 bytes assigned number IPv4 address - 4 bytes Extended community attribute - 8 bytes Type Field: 2 bytes Value Field: 6 bytes New type: 0x06 (AS format) Its Value Field: 2 bytes ASN 4 bytes assigned number (MDT Group address) OR (currently not supported) New type: 0x0106 (Address format) Its Value Field: 4 bytes IPv4 address (MDT Group address) 2 bytes assigned number All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 8 of 10

Terminology Virtual Private Network VPN Multicast VPN MVPN VPN Routing and Forwarding VRF Multicast VRF MVRF Provider Network Interface PNI Customer Network Interface CNI Multicast Tunnel Interface MTI Provider Edge Customer Edge Multicast Distribution Tree MDT Tree created statically to connect ALL routers Default MDT Tree created dynamically to only interested routers Data MDT Protocol Independent Multicast PIM PIM-SM Sparse Mode PIM SM PI-DM Dense Mode PIM DM Bi-directional PIM PIM Bi-Dir Reverse Path Forwarding RPF Rendezvous Point RP References http://search.ietf.org/internet-drafts/draft-rosen-vpn-mcast-03.txt http://www.cisco.com/go/ipmulticast http://www.ietf.org/html.charters/idmr-charter.html Developing IP Multicast Networks, Volume I Beau Williamson, CCIE ISBN:1578700779 All contents are Copyright 1992 2002 All rights reserved. Important Notices and Privacy Statement. Page 9 of 10

Corporate Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters Capital Tower 168 Robinson Road #22-01 to #29-01 Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions. Addresses, phone numbers, and fax numbers are listed on the Cisco Web site at www.cisco.com/go/offices Argentina Australia Austria Belgium Brazil Bulgaria Canada Chile China PRC Colombia Costa Rica Croatia Czech Republic Denmark Dubai, UAE Finland France Germany Greece Hong Kong SAR Hungary India Indonesia Ireland Israel Italy Japan Korea Luxembourg Malaysia Mexico The Netherlands New Zealand Norway Peru Philippines Poland Portugal Puerto Rico Romania Russia Saudi Arabia Scotland Singapore Slovakia Slovenia South Africa Spain Sweden Switzerland Taiwan Thailand Turkey Ukraine United Kingdom United States Venezuela Vietnam Zimbabwe All contents are Copyright 1992 2003 All rights reserved. Cisco, Cisco Systems, the Cisco Systems logo, Catalyst, and EtherChannel are registered trademarks or trademarks of and/ or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0303R) 203031.E/ETMG_05/03

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback