No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CX11x, CX31x, CX710 (Earlier Than V6.03), and CX91x Series Switch Modules V100R001C10 Configuration Guide 12

The documents describe the configuration of various services supported by the CX11x&CX31x&CX91x series switch modules The description covers configuration examples and function configurations.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring MSDP

Configuring MSDP

This section describes the procedures for configuring MSDP.

Configuring Basic MSDP Functions

MSDP allows you to set up MSDP peers between the PIM-SM domains, and the MSDP peers exchange SA messages to share multicast source information.

Pre-configuration Tasks
Before configuring the basic MSDP functions, complete the following task:
  • Configuring multicast in each PIM-SM domain
Configuration Process

Enabling MSDP and Configuring MSDP Peers are mandatory and other tasks are optional.

Enabling MSDP

Context

To ensure that all RPs on a network share source information and the number of devices configured with MSDP is minimized, it is recommended that you configure MSDP only on the RPs on the network.

After MSDP is enabled, the MSDP view is displayed. You can perform other MSDP configurations in the MSDP view. Enabling MSDP is the prerequisite for other MSDP configurations.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    MSDP is enabled and the MSDP view is displayed.

  3. Run:

    commit

    The configuration is committed.

Configuring MSDP Peers

Context

An MSDP peer relationship is identified by the addresses of the local and remote MSDP peers. You must create an MSDP peer relationship on both the local and remote ends.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    peer peer-address connect-interface interface-type interface-number

    MSDP peers are created.

    • peer-address: specifies the address of the remote MSDP peer.

    • interface-type interface-number: specifies the local interface connected to the remote MSDP peer.

  4. (Optional) Run:

    peer peer-address description text

    The description of a remote MSDP peer is added.

    This configuration helps to differentiate remote MSDP peers and manage the connections to the remote MSDP peers.

  5. (Optional) Run:

    timer retry interval

    The interval at which MSDP peers retry to set up a connection with each other is set.

    A TCP connection needs to be quickly established between MSDP peers in one of the following situations:

    • An MSDP peer is created.
    • The disconnected MSDP peers need to be reconnected.
    • A faulty MSDP peer attempts to restore works.

    You can run this command to adjust the interval at which MSDP peers retry to set up a connection.

  6. (Optional) Configure an MSDP authentication mode.

    To improve the security of a TCP connection, MSDP supports two authentication modes: MD5 and keychain. MD5 authentication and keychain authentication are mutually exclusive on an MSDP peer. You must configure the same password on both ends in MD5 authentication or configure the same encryption algorithm and password on both ends in keychain authentication. Otherwise, the TCP connection cannot be set up. Note that MD5 encryption algorithm cannot ensure security. Keychain authentication is recommended.

    • Run:

      peer peer-address password { cipher cipher-password | simple simple-password }

      MSDP MD5 authentication is configured.

      If simple is selected, the password is saved in the configuration file in plain text. This brings security risks. It is recommended that you select cipher to save the password in cipher text.

    • Run:

      peer peer-address keychain keychain-name

      MSDP keychain authentication is configured.

      keychain-name in this command is defined in the keychain command. For details, see "Keychain Configuration" in the CX11x&CX31x&CX91x Series Switch Modules Configuration Guide-Security.

  7. (Optional) Run:

    shutdown peer-address

    The session with the remote MSDP peer is closed.

    After the session with the remote MSDP peer is closed, SA messages are not exchanged between the MSDP peers. The configuration, however, is saved. You can run the undo shutdown peer-address command to set up a session with the remote MSDP peer and to reestablish a TCP connection.

  8. Run:

    commit

    The configuration is committed.

(Optional) Configuring Static RPF Peers

Prerequisites

MSDP peers have been configured. For details, see Configuring MSDP Peers.

Context

The device does not perform RPF checks on SA messages received from static RPF peers. Therefore, SA messages are not discarded.

If a device has only one remote MSDP peer, the remote MSDP peer automatically becomes the static RPF peer.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    static-rpf-peer peer-address [ rp-policy ip-prefix-name ]

    The remote MSDP peer is specified as the RPF peer.

    • peer-address: specifies the address of the remote MSDP peer.

    • rp-policy ip-prefix-name: specifies a policy for filtering SA messages based on the source RP address.

      When you specify multiple static RPF peers for a switch modules, pay attention to the following points:

      • If rp-policy is set for all peers, after receiving SA messages from multiple active static RPF peers, the local switch modules filters the SA messages based on the configured rp-policy for each static RPF peer. Only the SA messages that match policy rules are accepted.

      • If no rp-policy is set for the peers, the switch modules accepts all SA messages from the active static RPF peers.

  4. Run:

    commit

    The configuration is committed.

(Optional) Configuring the MSDP Mesh Group

Prerequisites

MSDP peers have been configured. For details, see Configuring MSDP Peers.

Context

An AS may contain multiple MSDP peers. To prevent these MSDP peers from flooding SA messages, configure an MSDP mesh group to optimize data traffic control.

MSDP peers in a mesh group forward SA messages that are sent by a peer not in the mesh group and pass the RPF check to other members in the group. If SA messages are sent by a group member, the messages are accepted without the RPF check and are not forwarded to other group members. This prevents MSDP peers from flooding SA messages and simplifies the RPF checking mechanism on MSDP peers.

You can set up an MSDP mesh group by configuring the same mesh group name for multiple MSDP peers.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    peer peer-address mesh-group name

    The remote MSDP peer is added to the mesh group.

    • peer-address: specifies the address of the remote MSDP peer.

    • name: specifies the name of the mesh group. Members of the same mesh group use the same group name.

    Configuration notes:

    • Members of a mesh group set up an MSDP peer relationship with one another using the mesh topology.

    • The two members between which the connection is set up must recognize each other as the member of the same mesh group.

    • One MSDP peer can join only one mesh group. If an MSDP peer is configured to join different mesh groups several times, the latest configuration takes effect.

  4. Run:

    commit

    The configuration is committed.

Checking the Configuration

Context

After configuring basic MSDP functions, run the following commands in any view to check the brief and detailed information about MSDP peers.

Procedure

  • Run the display msdp brief command to check brief information about MSDP peers.
  • Run the display msdp peer-status [ peer-address ] command to check the detailed information about MSDP peers.

Controlling SA Messages and the SA Cache

MSDP peers share (S, G) information by exchanging SA messages. To control SA message transmission, you can configure the SA cache size, enable the local device to send SA request messages, encapsulate multicast data in SA messages, and configure policies to filter SA messages and SA request messages.

Pre-configuration Tasks

Basic MSDP functions have been configured. For details, see Configuring Basic MSDP Functions.

Configuration Process

The following configuration tasks can be performed at any sequence as required.

Configuring the SA Cache

Context

To shorten the delay of obtaining multicast information, enable the SA caching function on the device. The device can locally cache (S, G) entities contained in SA messages. When the device receives a new Join message, it searches the local cache for the (*, G) entry carried in the message:

  • If the matching (S, G) entry is found, the device adds the sender of the Join message to the shortest path tree (SPT) with S as the root.
  • If no matching (S, G) entry is found, the device must wait for the SA message sent by the MSDP peer during the next period.

When there are more (S, G) entries in the cache, they occupy a larger memory space. You can set the maximum number of (S, G) entries to be cached to efficiently protect the device against Denial of Service (DoS) attacks.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    undo cache-sa-disable

    The SA caching function is enabled.

    By default, the SA caching function is enabled on the switch modules that has a remote MSDP peer specified.

  4. (Optional) Run:

    peer peer-address sa-cache-maximum sa-limit

    The maximum number of (S, G) entries is set.

    The value takes effect only when it is smaller than the specification of the cache. If the value is larger than the specification of the cache, the specification of the cache takes effect. By default, a maximum of 8192 (S, G) entries can be saved to the SA cache.

  5. Run:

    commit

    The configuration is committed.

Setting Parameters of the SA Request Message

Context

By default, when a receiver joins in, the device does not initiatively send an SA Request message to the MSDP peer. The device waits for the SA message sent by the MSDP peer during the next period, which delays the time for the receiver to obtain information about multicast sources. To enable the new receiver to learn information about active multicast sources immediately, the device needs to initiatively send an SA Request message to the MSDP peer.

After receiving the SA Request message, the remote MSDP peer responds to the SA message with a message containing the (S, G) information that meets the requirements. If the rule for filtering SA Request messages is configured on the remote MSDP peer, the remote MSDP peer responds only to the SA Request messages that match the rule.

NOTE:

Before configuring a local RP to send SA Request messages, you must disable the SA caching function on the local RP and enable the SA caching function on its remote MSDP peer.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Configure a local RP to send SA Request messages initiatively.

    Run:

    peer peer-address request-sa-enable

    The local RP is configured to send SA Request messages initiatively.

  4. (Optional) Configure the rule for filtering received SA Request messages on the remote MSDP peer.

    Run:

    peer peer-address sa-request-policy [ basic-acl-number | acl-name acl-name ]

    A rule for filtering received SA Request messages is configured.

  5. Run:

    commit

    The configuration is committed.

Configuring the Content of an SA Message

Context

The interval for sending multicast data by some multicast sources is longer than the aging time of (S, G) entries. In this case, the source DR can only encapsulate multicast data into Register messages, and send the messages to the source RP. The source RP transmits (S, G) information contained in SA messages to the remote RP. Then the remote RP sends an (S, G) Join message to the source DR and creates an SPT. The remote RP cannot receive multicast data sent by this source because the (S, G) entry is aged out.

After the function of encapsulating a multicast packet in an SA message is enabled on a source RP, the source RP encapsulates a multicast packet in an SA message and sends the message out. After receiving the SA message, the remote RP decapsulates it and transmits the multicast packet along RPT to users in the local domain.

In addition, you can set the time to live (TTL) threshold to control what multicast data will be encapsulated in the SA message and forwarded to the MSDP peer.
  • When the RP creates an SA message for the first time, it checks the TTL value of the IP header in the multicast packet. If the value is smaller than the threshold, the RP does not create an SA message. If the value is equal to or larger than the threshold, the RP encapsulates the multicast packet in an SA message and forwards the message to an MSDP peer.
  • When the RP receives an SA message that contains the multicast packet, it reduces the TTL value in the IP header by 1 and checks the TTL value. If the value is smaller than the threshold, the RP does not forward the SA message to any MSDP peer. If the value is equal to or larger than the threshold, the RP forwards the SA message to an MSDP peer.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    encap-data-enable

    The function of encapsulating multicast data packets in SA messages is enabled.

  4. (Optional) Run:

    peer peer-address minimum-ttl ttl

    The TTL value of multicast data packets is set.

    By default, the TTL value of multicast data packets is set to 0.

  5. Run:

    commit

    The configuration is committed.

Configuring the Rule for Filtering SA Messages

Context

By default, a device receives all SA messages that pass the RPF check, and forwards the SA messages to all MSDP peers. By configuring the filtering rule for creating, receiving, and forwarding SA messages, you can control what SA messages are transmitted between MSDP peers.

  • After you configure the rules for filtering the SA messages to be created, the device filters the (S, G) entries advertised through SA messages based on the rules, and determines whether to create the multicast source messages.
  • After you configure the rules for filtering the SA messages to be forwarded and received, the device filters the (S, G) entries advertised through SA messages based on the rules, and determines whether to accept or forward the multicast source messages.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    import-source [ acl { acl-number | acl-name } ]

    The rules for filtering multicast sources in SA messages are set.

  4. Run:

    peer peer-address sa-policy { import | export } [ advanced-acl-number | acl-name acl-name ]

    The rules for filtering the received SA messages or the SA messages to be forwarded are set.

  5. Run:

    commit

    The configuration is committed.

Checking the Configuration

Context

After configuring parameters for SA messages and the SA caching function, run the following commands in any view to check the SA cache information and detailed information about MSDP peers.

Procedure

  • Run the display msdp sa-cache [ group-address | source-address | as-number ] * command to check (S, G) information in the SA cache.
  • Run the display msdp sa-count [ as-number ] command to check the number of (S, G) entries in the SA cache.
  • Run the display msdp peer-status [ peer-address ] command to check the detailed information about MSDP peers.

Configuring MSDP Anycast RP

Anycast RP supports the configuration of several RPs with the same address in a PIM-SM domain. MSDP peer relationship is established between these RPs so that the multicast source can register to the closest RP and the multicast receiver can join the closest RP.

Pre-configuration Tasks

The PIM-SM function has been enabled on all switch moduleses in the PIM-SM domain and RP are not configured.

Configuration Process

Perform configuration tasks in the sequence listed as follows.

Configuring an RP

Context

In the anycast RP application, configure RPs with the same address on multiple switch moduleses in a PIM-SM domain. Before configuring anycast RP on the devices in the PIM-SM domain, configure a loopback interface on each device and assign the same IP address to the loopback interfaces. Then configure these interfaces as static RPs or C-RPs.

  • If you configure a static RP, configure an RP on each switch modules in the PIM-SM domain.
  • If you configure a C-RP, you only need to configure the C-RP on the switch modules as the anycast RP.
NOTE:

After an RP is configured, advertise the IP address of the RP interface through unicast routes to ensure that each switch modules on the network has a reachable route to the RP interface.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    interface loopback interface-number

    The loopback interface view is displayed.

  3. Run:

    ip address ip-address { mask | mask-length }

    An IP address is configured for the loopback interface.

  4. (For a C-RP) Run:

    pim sm

    PIM-SM is enabled on the RP interface.

    Before configuring a C-RP, run this command. This command is not required if you configure a static RP.

  5. Run:

    quit

    Return to the system view.

  6. Run:

    pim

    The PIM view is displayed.

  7. Configure the loopback interface address as a static RP address or a C-RP address.

    • Configure a static RP.

      Run:

      static-rp rp-address

      The loopback interface address is configured as a static RP address.

    • Configure a C-RP.

      NOTE:

      When configuring dynamic RP, configure C-BSRs. When configuring MSDP-based anycast RP, ensure that the addresses of the C-BSR and the C-RP are different. For details on how to configure the C-BSR, see Configuring a C-BSR.

      Run:

      c-rp loopback interface-number

      The loopback interface address is configured as a C-RP address.

  8. Run:

    commit

    The configuration is committed.

Configuring MSDP Peer Connections

Context

MSDP peer relationships need be set up between RPs. If more than three switch moduleses exist, establish an MSDP peer relationship between each two switch moduleses and add them to the same mesh group.

The purpose of this task is to set up MSDP peer relationships among multiple RPs. For details, see Configuring Basic MSDP Functions.

Configuring the Source RP Address of the SA Message

Context

In the anycast RP application, you need to configure RPs on two or more devices in a PIM-SM domain, assign the same IP address to these RPs, and set up MSDP peer relationships between these devices. An MSDP peer performs the RPF check on a received SA message and then discards the message if the addresses of the local RP and the remote RP are the same. Therefore, you need to specify a logical RP address for the SA message on the device on which anycast RP is to be configured.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    msdp

    The MSDP view is displayed.

  3. Run:

    originating-rp interface-type interface-number

    The address of the logical RP interface is set as the source RP address for the SA message.

    The interface functioning as a logical RP cannot be an actual RP interface. It is recommended that you configure the address of the MSDP peer interface as the logical RP address.

  4. Run:

    commit

    The configuration is committed.

Checking the Configuration

Context

After configuring anycast RP in a PIM-SM domain, run the following commands in any view to check the brief and detailed information about MSDP peers and RP information about PIM routing entries.

Procedure

  • Run the display msdp brief command to check brief information about MSDP peers.
  • Run the display msdp peer-status [ peer-address ] command to check the detailed information about MSDP peers.
  • Run the display pim routing-table command to check RP information about PIM routing entries.
Translation
Download
Updated: 2019-08-09

Document ID: EDOC1000041694

Views: 58009

Downloads: 3621

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next