Controlling the Forwarding of SA Messages

RPF Rules of SA Messages

To prevent SA messages from being circularly forwarded among MSDP peers, MSDP performs the RPF check on received SA messages. MSDP strictly controls the incoming SA messages, and discards the SA messages that do not comply with the RPF rules.

After receiving SA messages, the MSDP-enabled device determines the RPF peer of the source RP based on Multicast RPF Routing Information Base (MRIB). The RPF peer is the next hop along the optimal path from the RP that creates SA messages. If an SA message is sent by an RPF peer, the message is accepted and forwarded to other MSDP peers. MRIB includes MBGP, multicast static route, and BGP and IGP unicast routing.

Apart from the rule mentioned above, the device complies with the following rules when forwarding SA messages:

• Rule 1: If the peer that sends the SA message is the source RP, the SA message is accepted and forwarded to other peers.

• Rule 2: If the peer that sends the SA message is a static RPF peer, the SA message is accepted. One router can set up MSDP peer relationships with multiple routers simultaneously. You can select one or more peers from these remote peers as a static RPF peer or RPF peers.

• Rule 3: If a router has only one remote MSDP peer, the remote peer automatically becomes the RPF peer. The router accepts the SA message sent by this remote peer.

• Rule 4: If a peer and the local router are in the same mesh group, the SA message sent by this peer is accepted. The SA message is not forwarded to members of this mesh group but all the other peers outside the mesh group.

• Rule 5: If the route that reaches the source RP spans multiple ASs, only the SA message sent by a peer in the next hop AS is accepted. If this AS has multiple remote MSDP peers, the SA message sent by the peer with the largest IP address is accepted.

MSDP Mesh Group

When there are multiple MSDP peers on a network, SA messages are flooded among these MSDP peers. The MSDP peer needs to perform the RPF check on each received SA message, causing a heavy burden to the system. Configuring multiple MSDP peers to join the same mesh group can reduce the number of SA messages transmitted among these MSDP peers.

Mesh group members can be located in one or more PIM-SM domains. They can also be located in the same AS or multiple ASs.

You must set up MSDP peer relationships between any two members of the mesh group and the two members must identify each other as the member of the same mesh group. As shown in Figure 6-5, RouterA, RouterB, RouterC, and RouterD belong to the same mesh group. On each router, you must set up MSDP peer relationships with the other three routers.

Figure 6-5 Networking diagram of MSDP peer relationships among mesh group members

After mesh group members receive SA messages, they check the source of these SA messages.

• If the SA message is sent by a certain MSDP peer outside the mesh group, the member performs the RPF check on the SA message. If the message passes the RPF check, the member forwards this message to all the other members in the mesh group.

• If the SA message is sent by a member of the mesh group, the member directly accepts the message without performing the RPF check. In addition, it does not forward the message to other members in the mesh group.

Filtering SA Messages

By default, MSDP does not filter SA messages. SA messages sent from a domain are transmitted to all MSDP peers on the network.

However, (S, G) entries in some PIM-SM domains guide the forwarding within local PIM-SM domains. For example, some local multicast applications use global multicast group addresses or some multicast sources use private addresses 10.x.x.x. If SA messages are not filtered, these (S, G) entries are transmitted to other MSDP peers. To address this problem, configure rules (ACL rules are often used) for filtering SA messages, and apply these rules when creating, forwarding, or receiving SA messages.