After the basic unicast OTV bring up its time to move ahead and bring up OTV using multicast.
Unicast OTV and basic OTV terminologies: http://stayinginit.blogspot.in/2013/12/basic-unicast-overlay-transport.html
Some of you may have guessed why we go in for a multicast OTV solution. Multicast by nature performs one to many, hence, when we have multiple ED's located at various DC's, it would make sense to have multicast OTV [this again is based on the assumption that the transport connecting your DC's together supports multicast]
As before, lets just dive into the details related to topology and configuration. As we go along I will try my best to explain in brief why we need each of the configurations.
The topology is I will be using for multicast OTV is very much the same as the one I used for unicast OTV:
However, now, the ED's and the CORE will have multicast specific configurations on them.
ED1:
ip multicast-routing distributed
ip igmp snooping querier version 3
ip igmp snooping querier
otv site bridge-domain 150
otv site-identifier 0000.0000.0002 ! the site-identifier
interface GigabitEthernet0/0/0
description "ACCESS / INTERNAL INTERFACE"
no shutdown
negotiation auto
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
!
service instance 150 ethernet
encapsulation dot1q 150
bridge-domain 150
interface GigabitEthernet0/0/1
no ip address
no shutdown
negotiation auto
router ospf 14
router-id 14.14.14.1
otv site-identifier 0000.0000.0002 ! the site-identifier
interface GigabitEthernet0/0/0
description "ACCESS / INTERNAL INTERFACE"
no shutdown
negotiation auto
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
!
service instance 150 ethernet
encapsulation dot1q 150
bridge-domain 150
interface GigabitEthernet0/0/1
no ip address
no shutdown
negotiation auto
router ospf 14
router-id 14.14.14.1
interface GigabitEthernet0/0/1.14
description "JOIN INTERFACE"
encapsulation dot1Q 14
ip address 10.1.14.2 255.255.255.0
ip pim passive
ip igmp version 3
ip ospf 14 area 14
interface Overlay150
no ip address
no shutdown ! added by me
otv control-group 232.1.14.1
otv data-group 232.14.1.0/24
otv join-interface GigabitEthernet0/0/1.14
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
CORE:
ip multicast-routing distributed
router ospf 14
router-id 14.14.14.2
router-id 14.14.14.2
interface Loopback14
ip address 14.14.14.14 255.255.255.255
ip ospf 14 area 14
ip pim rp-address 14.14.14.14
interface GigabitEthernet0/0/1
no ip address
no shutdown
negotiation auto
interface GigabitEthernet0/0/1.14
description "CORE INTERFACE CONNECTED TO ED1"
encapsulation dot1Q 14
ip address 10.1.14.1 255.255.255.0
ip pim sparse-mode
ip igmp version 3
ip ospf 14 area 14
interface GigabitEthernet0/0/0
no ip address
no shutdown
negotiation auto
interface GigabitEthernet0/0/0.14
description "CORE INTERFACE CONNECTED TO ED2"
encapsulation dot1Q 14
ip address 10.2.14.1 255.255.255.0
ip pim sparse-mode
ip igmp version 3
ip ospf 14 area 14
ED2:
ip multicast-routing distributed
ip igmp snooping querier version 3
ip igmp snooping querier
otv site bridge-domain 151
otv site-identifier 0000.0000.0003
interface GigabitEthernet0/0/1
description "ACCESS / INTERNAL INTERFACE"
no shutdown
negotiation auto
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
!
service instance 151 ethernet
encapsulation dot1q 151
bridge-domain 151
interface GigabitEthernet0/0/0
no ip address
no shutdown
negotiation auto
router ospf 14
router-id 14.14.14.3
interface GigabitEthernet0/0/1
description "ACCESS / INTERNAL INTERFACE"
no shutdown
negotiation auto
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
!
service instance 151 ethernet
encapsulation dot1q 151
bridge-domain 151
interface GigabitEthernet0/0/0
no ip address
no shutdown
negotiation auto
router ospf 14
router-id 14.14.14.3
interface GigabitEthernet0/0/0.14
description "JOIN INTERFACE"
encapsulation dot1Q 14
ip address 10.2.14.2 255.255.255.0
ip pim passive
ip igmp version 3
ip ospf 14 area 14
interface Overlay150
no ip address
no shutdown ! added by me
otv control-group 232.1.14.1
otv data-group 232.14.1.0/24
otv join-interface GigabitEthernet0/0/0.14
service instance 14 ethernet
encapsulation dot1q 14
bridge-domain 14
Some inputs before we go into verification:
- Its good to keep in mind that whenever we configure 'interface overlay <num>' it is by default in shutdown state. Hence, I have added the 'no shutdown' in the configuration myself
- The 'ip multicast-routing distributed' - will enable multicast routing on the routers
- 'otv control-group' - ASM group in the core used for the OTV Control Plane [this group address should be same between all the ED's across the DC's for the MAC updates]
- 'otv data-group' - This is for sending multicast traffic from one DC to the other, related to SSM [we will be discussing this in the coming updates]
The verification as with unicast OTV follows the same process of checking the "show otv" details [the router used is ED2, but one can use either ED1 / ED2]:
ED2#show otv
Overlay Interface Overlay150
VPN name : None
VPN ID : 1
State : UP
AED Capable : Yes
IPv4 control group : 232.1.14.1
Mcast data group range(s): 232.14.1.0/24
Join interface(s) : GigabitEthernet0/0/0.14
Join IPv4 address : 10.2.14.2
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 151
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
ED2#
Checking the ping traffic flow between VM1 and VM2:
[root@vm-aries-cel ~]# ping 172.16.11.10 -c 10
PING 172.16.11.10 (172.16.11.10) 56(84) bytes of data.
64 bytes from 172.16.11.10: icmp_seq=0 ttl=64 time=0.491 ms
64 bytes from 172.16.11.10: icmp_seq=1 ttl=64 time=0.546 ms
64 bytes from 172.16.11.10: icmp_seq=2 ttl=64 time=0.651 ms
64 bytes from 172.16.11.10: icmp_seq=3 ttl=64 time=0.546 ms
64 bytes from 172.16.11.10: icmp_seq=4 ttl=64 time=0.723 ms
64 bytes from 172.16.11.10: icmp_seq=5 ttl=64 time=0.564 ms
64 bytes from 172.16.11.10: icmp_seq=6 ttl=64 time=0.635 ms
64 bytes from 172.16.11.10: icmp_seq=7 ttl=64 time=0.547 ms
64 bytes from 172.16.11.10: icmp_seq=8 ttl=64 time=0.529 ms
64 bytes from 172.16.11.10: icmp_seq=9 ttl=64 time=0.546 ms
--- 172.16.11.10 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9000ms
rtt min/avg/max/mdev = 0.491/0.577/0.723/0.072 ms, pipe 2
[root@vm-aries-cel ~]#
MAC updates related to both VM1 and VM2:
The below MAC addresses are learned from the other ED's [ED1 in our case]
ED2#show otv isis rib mac
Tag Overlay150:
MAC local rib for Overlay150 (Total 1)
L2 Topology ID Mac Address
14 000C.295E.EA91 --> MAC address VM1
[50/1] via 10.1.14.2(Overlay150), LSP[3/2]
ED2#
The below MAC addresses will be sent to the other ED's [these MAC addresses will be sent to ED1 from ED2]:
ED2#show otv isis rib redistribution mac
Tag Overlay150:
MAC redistribution local rib for Overlay150 (Total 3)
L2 Topology ID Mac Address
14 000C.297E.8CD5
State: Up/Best/Advertised Metric: 1
14 000C.2980.1494 --> MAC address VM2
State: Up/Best/Advertised Metric: 1
14 0050.56BF.4129
State: Up/Best/Advertised Metric: 1
ED2#
The below command is the one using which OTV does ARP suppression:
ED2#show otv arp-nd-cache
Overlay150 ARP/ND L3->L2 Address Mapping Cache
BD MAC Layer-3 Address Age (HH:MM:SS) Local/Remote
14 000c.295e.ea91 172.16.11.20 00:01:24 Remote
ED2#
Finally the packet is routed out using the below table, wherein we see that '000c.295e.ea91' is destined to ED1:
ED2#show otv route
Codes: BD - Bridge-Domain, AD - Admin-Distance,
SI - Service Instance, * - Backup Route
OTV Unicast MAC Routing Table for Overlay150
Inst VLAN BD MAC Address AD Owner Next Hops(s)
----------------------------------------------------------
0 14 14 000c.295e.ea91 50 ISIS ED1
0 14 14 000c.297e.8cd5 40 BD Eng Gi0/0/1:SI14
0 14 14 000c.2980.1494 40 BD Eng Gi0/0/1:SI14
0 14 14 0050.56bf.4129 40 BD Eng Gi0/0/1:SI14
4 unicast routes displayed in Overlay150
----------------------------------------------------------
4 Total Unicast Routes Displayed
ED2#
This ends our basic discussion on how one can bring up multicast OTV over a multicast-core.
The posts that follow will build on these basics [either unicast / multicast OTV] and proceed further towards multihoming / IPSec / HSRP / vMotion and others.
NOTE: All the above tests were done using the recently released XE-3.11 release
Hope you found this post informative.
The posts that follow will build on these basics [either unicast / multicast OTV] and proceed further towards multihoming / IPSec / HSRP / vMotion and others.
NOTE: All the above tests were done using the recently released XE-3.11 release
Hope you found this post informative.
No comments:
Post a Comment