1. 2 2 Switch Volume II D-Link Switching Advanced Technology.
-
Upload
john-patterson -
Category
Documents
-
view
223 -
download
0
Transcript of 1. 2 2 Switch Volume II D-Link Switching Advanced Technology.
1
2
2
Switch Volume II
D-Link SwitchingAdvanced Technology
Module 7
Module 8
Module 9
Module 10
Module 11
:
:
:
:
:
Virtual Router Redundant Protocol
Routing Information Protocol
Open Shortest Path First
Multicast in D-Link Switching Environment
Quality of Service
3
3
4
4
Switch Module 7
Virtual Router RedundancyProtocol (VRRP)
•
•
The IP address, mask and defaultgateway are manually configured,with the gateway pointed to agateway device, here Router-A.
The gateway forward the client trafficto the destination
Problem with this configuration• The client do not have access to the
external network any more when therouter fails
Solution• VRRP is an solution to the problem
Virtual Router Redundancy Protocol
•Overview
!
Typical topology with an Internetaccess gateway
Layer 2 Switch
Router-A
192.168.11.1
Client 1
IP: 192.168.11.100
GW: 192.168.11.1
Client 2
IP: 192.168.11.200
GW: 192.168.11.1
Network Topology without VRRP
5
VRRP or Virtual Routing Redundancy Protocol is a function on a switch thatdynamically assigns responsibility for a virtual router to one of the VRRP routerson a LAN. The VRRP router that controls the IP address associated with avirtual router is called the Master, and it will forward packets sent to this IPaddress. This will allow any Virtual Router IP address on the LAN to be used asthe default first hop router by end hosts. Utilizing VRRP, the administrator canachieve a higher available default path cost without needing to configure everyend host for dynamic routing or routing discovery protocols.
5
VRRP operation• The Virtual Router Identifier (VRID) and IP
address are configured on each router
• A virtual MAC address is created toassociate it with a virtual router
•The virtual router utilizes an IEEE 802 MACaddress with the format: 00-00-5E-00-01-{VRID}
– 00-00-5E is derived from IANA OUI
–
00-01 is assigned to VRRP
– The last octet is the VRID
Virtual Router Redundancy Protocol
•Overview
!VRRP is a gateway redundancy protocoldesigned to prevent from a single pointfailure when the default gateway fails.
Virtual MAC Address
(M) VRID 1 / IP addr
(S) VRID 1 / IP addr
Virtual Router
When a client communicates with thevirtual router, it does not need to have theinformation about the physical router in thenetwork.
6
6
7
•
•
•
•
Router-A and Router-B are grouped into a VRRP virtual router group.
The members of the virtual router group have their own IP addresses:192.168.11.1 and 192.168.11.2 in thisexample.
The virtual IP (192.168.11.200) is assigned to the Virtual Router. The clients do not need to know thephysical interface IP addresses of Router-A and Router-B.
Client-1 and Client-2 take the virtual IP address for their default gateway address.
Result: The clients can access the Internet through the Virtual Router. As the master routerassuming the virtual IP is failed, the backup router takes over the master role without userintervention.
Virtual Router Redundancy Protocol
•Overview
!A VRRP Scenario
192.168.11.2
Router-BVRRP Router /
Virtual Router
Router-A
VRID = 1 (Master)
Virtual IP: 192.168.11.200
VRRP Router /Virtual Router
192.168.11.1
Layer 2 Switch
Client-1
IP: 192.168.11.x
GW: 192.168.11.200
VRID = 1 (Backup)
Virtual IP: 192.168.11.200
Backup Master
The Backup Router will assume the Masterrole if it does not receive VRRP packets from
the Master for a period of time.
Client-2
IP: 192.168.11.x
GW: 192.168.11.200
7
Header MAC Header IP VRRP Header FCS
VRRP Router VRRP Router
Virtual Router Redundancy Protocol
•VRRP Packet
VRRP packet is used for communication among VRRP routers.
All routers with a common VRID form a VRRP group.
The router priority and the state of the VRRP Master router are exchangedperiodically
VRRP packets are encapsulated in IP packets and sent to the IPv4multicast address 224.0.0.18 assigned by the IANA.
The IP protocol number assigned by the IANA for VRRP is 112 (decimal).
8
8
Ver=2 Type=1 Virtual Router ID Priority Count IP Address
Authentication Type Adver Interval Checksum
Virtual IP Address 1
Header MAC Header IP VRRP Header FCS
Virtual Router Redundancy Protocol
•VRRP Packet
"
312416840
Virtual IP Address n
Authentication Data (1)
Authentication Data (2)
9
9
#$ %
10
Virtual Router Redundancy Protocol•VRRP Packet
VRID = 10
IP = 192.168.10.252IP=192.168.10.252IP=192.168.10.253
Virtual MAC:00-00-5E=00-01-0A
TTL must be 255
Multicast Address:224.0.0.18
VRID = 10
Priority = 255 (highest)
Adver Int = 1
Auth Type = Simple
Auth String = ‘dlink’
10
#$ % &
11
Enable VRRPenable vrrp
enable vrrp ping
Create VRRP Routercreate vrrp vrid 1 ipif LAN ipaddress 11.1.1.1 state
enable priority 200 advertisement_interval 1preempt true critical_ip 10.53.13.224critical_ip_state enable
Configure VRRP Advertisement interval andauthentication (option)
config vrrp vrid 1 ipif LAN state enable priority 200advertisement_interval 2
config vrrp ipif LAN authtype simple authdatatomato
Virtual Router Redundancy Protocol•Switch Configuration
• Enable the VRRP function
• Allow the virtual IP address to be pingedfrom other host end nodes to verify theconnectivity
• Configure VRRP VRID, interface and IPaddress
• (Optional) Assign priority, advertisementinterval, preempt and critical IP
Control whether a higher priority backup router will preempt a lower priority Master router (default = true)
• Configure VRRP with VRID is 1 in interfaceLAN with priority 200 andadvertisement_interval 2
• Configure the authentication type for theVRRP routers of an IP interface
11
#$ % &' % (
Host-1 and Host-2 connect to the Internet through Switch-A to; Host-3 and Host-4connect to the Internet through Switch-B.
Load Balancing can be achieved by distributing hosts among different VRIDs
When L3 Switch-A fails, L3 Switch-B will become the Master for VRID 253.
When L3 Switch-B fails, L3 Switch A will become the Master for VRID 252.
Virtual Router Redundancy Protocol•Multiple Virtual Routers
VRID = 252
IP=192.168.1.252
VRID = 253
IP=192.168.1.253
Master 253
Backup 252
Master 252
Backup 253
GW=192.168.1.252
Host-1
192.168.1.1
GW=192.168.1.252
Host-2
192.168.1.2
GW=192.168.1.253
Host-3
192.168.1.3
GW=192.168.1.253
Host-4
192.168.1.4
L3 Switch-A L3 Switch-B
12
12
) * * ' %
Virtual Router Redundancy Protocol•Multiple Virtual Router
IP=192.168.1.x/24
GW1=192.168.1.252
GW2=192.168.1.253
Host-1 Host-2 Host-3 Host-4
L3 Switch-A
VRRP enabled on Net192_168_1
Master of VRID=252create vrrp vrid 252 ipif 192_168_1
ipaddress 192.168.1.252 state enable
create vrrp vrid 253 ipif 192_168_1ipaddress 192.168.1.253 state enable
enable vrrp
L3 Switch-A
Master VRID: 252
Backup VRID: 253
L3 Switch-B
VRRP enabled on Net192_168_1
Backup of VRID=252create vrrp vrid 252 ipif 192_168_1 ipaddress
192.168.1.252 state enable
create vrrp vrid 253 ipif 192_168_1 ipaddress192.168.1.253 state enable
enable vrrp
L3 Switch-B
Master VRID: 253
Backup VRID: 252
13
13
#$ % & )
With the Critical IP feature, the switch will detect the status of the next hop to theInternet by ARP request every 30 seconds periodically.
If the Critical IP fails to respond, the Master router will declare down immediately andthe Backup router will take over.
Virtual Router Redundancy Protocol•VRRP with Critical IP
Host-1 Host-2 Host-3 Host-4
Switch-A to Internet
192.168.2.1
Switch-B to Internet
192.168.3.1
IP=192.168.1.x/24
GW1=192.168.1.252
GW2=192.168.1.253
L3 Switch-B
Master VRID: 253
Backup VRID: 252
L3 Switch-A
Master VRID: 252
Backup VRID: 253
Critical IP for VRID 252 Critical IP for VRID 253
14
VRRP with Critical IP•With the Critical IP feature, the switch will detect the status of next hop to theInternet by ARP request in every 30 seconds periodically. If Critical IP fails torespond, the Master router will declare down immediately and Backup router willtake over immediately.•It provides enhanced failover feature which meet many customers’ requirement.
14
L3 Switch-A and L3 Switch-B provideVRRP function
L3 Switch-A is the Master
L3 Switch-B is the Backup
packets are routed by L3 Switch-A. L3Switch-B is Backup.
) * * )
15
Objective• VRRP is enabled at
Interface192_168_1 on both routers.
•
•
•
•
•
When NAT-A is working, 192.168.1.x
When NAT-A fails, L3 Switch-B willbecome the Master, and route thepacket for 192.168.1.x network. Itprovides the redundant default route.
Principle• With the Critical IP function, the
switch will detect the status of NATdevices by using ARP request every30 seconds. If one of the NAT devicesfails, VRRP switchover takes place.
Virtual Router Redundancy Protocol•VRRP with Critical IP
IP: 192.168.1.x/24
GW: 192.168.1.252
NAT-A
192.168.2.1
Ipif: 192_168_2
IP: 192.168.2.252
L3 Switch-A
Ipif: 192_168_1
IP: 192.168.1.252
NAT-B
192.168.3.1
Ipif: 192_168_3
IP: 192.168.2.253
L3 Switch-B
Ipif: 192_168_1
IP: 192.168.1.253
15
) * * )L3 Switch-A ConfigurationTwo Networks. RIP enabled.VRRP enabled on ipif192_168_1Master of VRID = 252Critical IP = 192.168.2.1
config vlan default delete 1-12
create vlan vlan2 tag 2config vlan vlan2 add untag 1-6create ipif 192_168_1 192.168.1.252/24 vlan2 state enable
create vlan vlan3 tag3config vlan vlan3 add untag 7-12create ipif 192_168_2 192.168.2.252/24 vlan3 state enable
enable ripconfig rip all tx_mode v2_only rx_mode v2_only state
enable
create vrrp vrid 252 ipif 192_168_1 ipaddress192.168.1.252 state enable critical_ip 192.168.2.1critical_ip_state enable
create vrrp vrid 253 ipif 192_168_1 ipaddress192.168.1.253 state enable critical_ip 192.168.2.1critical_ip_state enable
L3 Switch-B ConfigurationTwo Networks. RIP enabled.VRRP enabled on ipif192_168_1Backup of VRID = 252Critical IP = 192.168.3.1
config vlan default delete 1-12
create vlan vlan2 tag 2config vlan vlan2 add untag 1-6create ipif 192_168_1 192.168.1.253/24 vlan2 state enable
create vlan vlan3 tag3config vlan vlan3 add untag 7-12create ipif 192_168_3 192.168.2.253/24 vlan3 state enable
enable ripconfig rip all tx_mode v2_only rx_mode v2_only state enable
create vrrp vrid 252 ipif 192_168_1 ipaddress 192.168.1.252state enable critical_ip 192.168.3.1 critical_ip_state enable
create vrrp vrid 253 ipif 192_168_1 ipaddress 192.168.1.253state enable critical_ip 192.168.3.1 critical_ip_state enable
enable vrrp
Virtual Router Redundancy Protocol•VRRP with Critical IP
enable vrrp
16
16
17
17
Switch Module 8
Routing Information Protocol(RIP)
( !
Distance Vector is an approach to find routes between networks. The routerusing distance vector routing protocol exchanges the information with itsneighbor and determine the route based on the knowledge of “Distance”and “Vector”:•
•
“Distance” refers to “metric”; i.e. how far the destination is
“Vector” refers to the direction to the destination
Examples of Distance Vector Routing Protocols•
•
•
•
•
Routing Information Protocol (RIP) for IP
Cisco System Internet Gateway Protocol (IGRP)
Xerox Networking System (XNS) RIP
Novell IPX RIP
AppleTalk Routing Table Maintenance Protocol (RTMP)
Routing Information Protocol
•Distance Vector Routing Protocol
18
A router with Distance Vector Routing Protocol updates all its neighbors bybroadcasting its entire routing table.Distance Vector Routing Protocol has the following characteristics:•Each node knows the distance to its directly connected neighbors.•A node sends routing updates periodically to its neighbors (Eg. RIP sendsrouting updates to its neighbors every 30 seconds.•New nodes advertise themselves to their neighbors.
A router with Distance Vector Routing Protocol sends its updates to itsneighboring routers. These routers will pass the updated information to theirneighbors.•Periodic Updates: Updates to the routing tables are sent every certain timeperiod.•Triggered Updates: If a metric changes on a link, a router sends out an updateimmediately without waiting for the end of the update period.•Full Routing Table Updates: Most distance vector routing protocols send theirneighbors the entire routing table.•Route Invalidation Timers: The entries in the routing table become invalid ifthey are not refreshed by new routing updates.
18
NET VIA HOP
10.0.2.010.0.3.010.0.1.010.0.4.010.0.5.0
--
--10.0.2.110.0.3.210.0.3.2
00112
NET VIA HOP
10.0.3.010.0.4.010.0.2.010.0.5.010.0.1.0
--
--10.0.3.110.0.4.210.0.3.1
00112
NET VIA HOP
10.0.4.010.0.5.010.0.3.010.0.2.010.0.1.0
--
--10.0.4.110.0.4.110.0.4.1
00123
NET VIA HOP
10.0.2.010.0.3.010.0.1.010.0.4.010.0.5.0
--
--10.0.2.110.0.3.210.0.3.2
00112
NET VIA HOP
10.0.3.010.0.4.010.0.2.010.0.5.010.0.1.0
--
--10.0.3.110.0.4.210.0.3.1
00112
NET VIA HOP
10.0.4.010.0.5.010.0.3.010.0.2.0
--
--10.0.4.110.0.4.1
0012
NET VIA HOP
10.0.1.010.0.2.010.0.3.010.0.4.010.0.5.0
--
--10.0.2.210.0.2.210.0.2.2
00123
NET VIA HOP
10.0.1.010.0.2.010.0.3.010.0.4.0
--
--10.0.2.210.0.2.2
0012
NET VIA HOP
10.0.2.010.0.3.010.0.1.010.0.4.0
--
--10.0.2.110.0.3.2
0011
NET VIA HOP
10.0.3.010.0.4.010.0.2.010.0.5.0
--
--10.0.3.110.0.4.2
0011
NET VIA HOP
10.0.4.010.0.5.010.0.3.0
--
--10.0.4.1
001
NET VIA HOP
10.0.1.010.0.2.010.0.3.0
--
--10.0.2.2
001
NET VIA HOP
10.0.2.010.0.3.0
----
00
NET VIA HOP
10.0.3.010.0.4.0
----
00
NET VIA HOP
10.0.4.010.0.5.0
----
00
NET VIA HOP
10.0.1.010.0.2.0
----
00
( !
Routing Information Protocol
•Distance Vector Routing Protocol
10.0.5.010.0.4.010.0.3.010.0.2.010.0.1.0
Router DRouter CRouter BRouter A.1 .1 .2 .1 .2 .1 .2 .1
t0
t1
t2
t3
19
The flow chart in the slide describes the operation of the Distance VectorRouting Protocol algorithm.•At time 0, Distance Vector Routing Protocol is enabled in all routers. Theserouters only have the knowledge of their directly attached network. The hopcount of directly connected network is 0.•At time 1, the routers start to exchange routing information. Router A learns therouting information of networks 10.0.2.0 and 10.0.3.0 from its neighbor, RouterB. One hop count is added when the route information is passed over onerouter. In Router A, by comparing the learned routes with the information in itsrouting table, the hop count of route 10.0.2.0 is greater than its own routeinformation in the routing table. Hence, Router A adopts the original one anddisregards that information.•At time 2, router A repeats the process of time 1. Router A learns another routeinformation of network 10.0.4.0.•At time 3, all routers have learned all the routes of the entire network. Therouting information of this network is synchronized now.
19
NET VIA HOP
10.0.3.010.0.4.010.0.2.010.0.5.010.0.1.0
--
--10.0.3.110.0.4.210.0.3.1
00112
NET VIA HOP
10.0.4.010.0.5.010.0.3.010.0.2.010.0.1.0
--
--10.0.4.110.0.4.110.0.4.1
00123
NET VIA HOP
10.0.2.010.0.3.010.0.1.010.0.4.010.0.5.0
--
--10.0.2.110.0.3.210.0.3.2
00112
NET VIA HOP
10.0.1.010.0.2.010.0.3.010.0.4.010.0.5.0
--
--10.0.2.210.0.2.210.0.2.2
00123
Routing Information Protocol
•Distance Vector Routing Protocol
10.0.5.010.0.4.010.0.3.010.0.2.010.0.1.0
Router DRouter CRouter BRouter A.1 .1 .2 .1 .2 .1 .2 .1
Issue: If Router D fails, Router A, B and C, which still have the entries about network10.0.50.0 in their routing table, will continue to send packets to Router D. This willgenerate a black hole issue.
Solution: Set a route invalid timer for each entry in the route table. Router C sets atimer for the route after it learned the route 10.0.5.0 and place it into the routing table.When Router C receives periodic updates from Router D, it will reset the timer anddiscard the packets. If Router D fails, the timer of route 10.0.5.0 will not be updatedand will expired. The next update from Router C will notice this missing route to otherrouters.
20
20
NET VIA HOP
10.0.3.0
10.0.2.0
10.0.1.0
--
10.0.3.1
10.0.3.1
0
1
2
NET VIA HOP
10.0.4.0
10.0.5.0 --
10.0.4.
2
0
1
% + ,
Routing Information Protocol
•Distance Vector Routing Protocol
10.0.5.010.0.4.010.0.3.010.0.2.010.0.1.0
.1 .1
Router A.2 .1
Router B.2 .1
Router C.2 .1
Router DRouting Update Routing Update
Issue: Router C learns the route 10.0.5.0 from Router D and updates the route backto Router D. It is called reverse route. In a more serious situation, if route 10.0.5.0 isdown and Router C updates the route to Router D at the same time. Router D adoptsthe route information from Router C and will result in a route loop issue.
Solution: Split Horizon is a technique to prevent the issue of reverse route betweentwo routers. The interface will not send a specific routes which it received andlearned from. In the above example, Router C only sends two route information(10.0.4.0 & 10.0.5.0) to Router B instead of the route information it learned fromRouter B.
21
21
NET VIA HOP
10.0.3.0
10.0.4.0
10.0.2.0
10.0.5.0
10.0.1.0
--
--
10.0.3.1
10.0.4.2
10.0.3.1
Infinity
0
infinity
1
infinity
NET VIA HOP
10.0.3.0
10.0.4.0
10.0.2.0
10.0.5.0
10.0.1.0
--
--
10.0.3.1
10.0.4.2
10.0.3.1
0
infinity
1
infinity
2
% + , ( (
Routing Information Protocol
•Distance Vector Routing Protocol
10.0.5.010.0.4.010.0.3.010.0.2.010.0.1.0
.1 .1
Router A.2 .1
Router B.2 .1
Router C.2 .1
Router DRouting Update Routing Update
Split Horizon with Poison Reverse is a safer and stronger mechanism compared tostandalone Split Horizon working. Split Horizon with Poison Reverse can prevent andstop potential loops.
Compared to standalone Split Horizon, the updated packets are larger. In the aboveexample, Router C includes three additional route information and metric “infinity” inthe update to Router B. Router B will correct the corrupted information after receivingRouter C’s update.
22
22
23
) *
Issue: In the above example, Route B detects the route 10.0.5.0 is failed and sends the notice toits neighbors (Router A & D). Router D will mark the route unreachable via Router B. At the sametime, Router C updates the next-best path to 10.0.5.0 is three hops away and Router D placesthis information into its route table. Router D will inform Router B that it has an alternative route to10.0.5.0 with four hops via Router C. Next, Router B updates Router A and it forms a loop. It iscalled counting-to-infinity issue because the hop count to 10.1.5.0 will continue to increase toinfinity.
Solution: Define an infinity value. RIP, for example, has an infinity value of 16. The convergenceis very slow and the network will take up to 7.5 minutes to re-converge because its update periodis 30 seconds. Triggered updates can be used to reduce this convergence time.
Triggered updates: If a router receives a route with a better or worse metric, it will send out anupdate without waiting for its update timer to expire.
Routing Information Protocol
•Distance Vector Routing Protocol
10.0.1.0
10.0.2.0
A
C D
10.0.5.010.0.4.0
B
10.0.3.0Link Failure
A B DC10.0.2.0 10.0.3.0 10.0.4.0
Link Failure
Routing update10.0.5.0 isunreachable
Routing update10.0.5.0 isunreachable
Routing update10.0.5.0 isunreachable
Routing update10.0.5.0 isunreachable
10.0.1.0.1 .1 .1 .1
10.0.5.0
.1.2 .2 .2
Unlike regular update (every 30 seconds), triggered updates only include theentries which are changed. It can help alleviate the possibility of Counting toInfinity Issue.
23
+
24
(
Holddown timer is a mechanism to prevent a router from accepting any changes to aroute for a period of time so that some problems, like interface flapping, do not impactthe network.
Routing Information Protocol
•Distance Vector Routing Protocol
A B C10.0.2.0 10.0.3.0 10.0.4.010.0.1.0
.1 .1 .1 .1.2 .2 Link Failure
10.0.4.0 is
unreachable!
A B DC10.0.2.0 10.0.3.0 10.0.4.0
Link Failure
Bad Routing
UpdateHolddown Timer
Bad Routing
UpdateHolddown Timer
Bad Routing
UpdateHolddown Timer
10.0.1.0.1 .1 .1 .1
10.0.5.0
.1.2 .2 .2
Bad Routing
UpdateHolddown Timer
Poison Reverse
Holddown Timer
10.0.4.0 is
unreachable!
Poison Reverse
Holddown Timer
Interface of a Router Down/Up Process
Page is Animated
Holddown Timer: All routers running RIP must have identical holddown timervalue
Interface of a Router Down/Up ProcessFrom the example in the above slide, when Router C detects the network10.0.4.0 fails, it sends the last route update with the infinite hop counts ofnetwork 10.0.4.0. As Router B receives the route information from Router C, itstarts the Holddown Timer for the route 10.0.4.0 and sends poison reverse toRouter C. Next, Router B updates Router A, and the same procedure repeatstill the entire network converge.When interface 10.0.4.0 recovers, Router C will update Router B immediately.Router B will accept and adopt the route because of smaller hop counter(original is infinite). Next, Router B updates its neighbors about this new update.
24
* ( - -!
RIPv1 is defined in RFC 1058
All RIP messages are encapsulated in a User Datagram Protocol (UDP)
It defines two types of messages•
•
Request message
Response message
It uses classful routing• The routing updates do not carry subnet information and lack support for
Variable Length Subnet Masks (VLSM).
No router authentication mechanism.
Routes update via broadcast.
Limited to 15 hop counts.
25
25
Routing Information Protocol•RIP Version 1
Command Version Reserved (set to 0)
Address Family Identifier Reserved (set to 0)
IP Address
Unused (set to 0)
Unused (set to 0)
Metric
…………
Address Family Identifier Reserved (set to 0)
IP Address
Unused (set to 0)
Unused (set to 0)
MetricR
oute
Ent
ryR
oute
Ent
ry
- "Command: Indicate whether the packet is arequest or response entry.
•
•
Request: The request asks that a router to send all orpart of its routing table.Response: The response can be an unsolicitedregular routing update or a reply to a request.Responses contain routing table entries.
Version Number: Specify the RIP version used.The value is 1 for RIPv1.Zero: This field is not actually used by RFC1058RIP. It was added solely to provide backwardcompatibility with pre-standard varieties of RIP. Itsname comes from its defaulted value: ZERO.Address-Family Identifier, AFI: Specify theaddress family used. RIP is designed to carryrouting information for several different protocols.Each entry has an address-family identifier toindicate the type of address being specified. TheAFI for IP is 2.IP Address: The address of the destination of theroute.Metric: Indicate the number of hops (routes)which have been traversed in the trip to thedestination. This value is between 1 and 15 forvalid route.
26
Routing Information Protocol•RIP Version 1
- . ( ' (( % ((
27
Router A Router B10.1.1.1 10.1.1.2100.100.100.100 200.200.200.200
Routing Information Protocol•RIP Version 1
1
2
3
Initially, both Router A and B sendthe request to each other withbroadcast.
Router A and B reply with fullrouting table to each other.
The periodic update will beforwarded with broadcast packet.
To: 255.255.255.255
To: 255.255.255.255
To: 10.1.1.2
To: 10.1.1.1
To: 255.255.255.255
To: 255.255.255.255
Page is Animated
A router running RIP sends a request to ask for a full route table or only specificroute information.
Requesting Full Route TableStep 1: Router A sends the Request message with a single route entry in whichthe address family identifier is set to zero and metric is 16.Step 2: When Router B receives this type of request, it will send back full routetable to Router A via Unicast.
Only Request Specific Route InformationStep 1: Router A sends the Request message including specifying the addressin the request.Step 2: When Router B receives this type of request, it will send back the routeinformation which Router A request.
27
- . ( / (% (
Routing Information Protocol•RIP Version 1
Request Packet
Response Packet
28
28
Address Class Most Significant Bit Value Ranges
Class A 0000 0.0.0.0 to 126.255.255.255
Class B 1000 128.0.0.0 to 191.255.255.255
Class C 1100 192.0.0.0 to 223.255.255.255
Class D 1110 224.0.0.0 to 239.255.255.255
Class E 1111 240.0.0.0 to 255.255.255.255
) ((*
Routing Information Protocol•RIP Version 1
10.10.20.64
10.10.20.19210.15.75.64
10.93.1.110.100.3.5
192.168.1.0
192.168.1.32192.168.1.64192.168.1.96
192.168.1.128
10.0.0.0
Network Boundary
Route summarization at boundary routers
29
Classful routing protocol does not advertise an address mask along withadvertised destination address. Therefore, a classful routing protocol mustfollow major class A, B or C network portion of a destination as shown in theabove table. When packets pass through the router:•If the destination address is a member of a directly connected major network,the subnet mask configured on the interface attaching to that network will beused to determine the subnet of the destination address.•If the destination address is not a member of a directly connected majornetwork, the router will try to match only the major A, B or C portion of thedestination address.
29
* ( 0 0!
The RIPv2 specification (RFC2453) allows more information to be includedin RIP packets.
It provides a simple authentication mechanism (not supported in RIPv1)
RIPv2 is a Classless Routing Protocol. Comparing with RIPv1, RIPv2 hasthe following advantages.•
•
•
•
Carry mask information for each route entry
Designated next hop to select the best next hop on broadcast networks
Multicast routing update to reduce resource consumption
Plain text authentication and MD5 authentication to enhance security
Routing Information Protocol•RIP Version 2
30
Comparing with RIPv2, RIPv1 is a Classful Routing Protocol and supportsmessage advertisement via broadcast only. RIPv1 protocol messages do notcarry mask information. It can only recognize routing information of standardClass A, B and C networks. Therefore, RIPv1 does not support subnets.RIPv2 is classless routing protocol which have the capability to carry subnetmasks in their route advertisements. It provides a much greater benefit becausea subnet mask is associated with each route. It is able to use variable-lengthsubnet masking (VLSM) and summarize a group of major network address witha single aggregate address.
30
Command Version Reserved (set to 0)
Address Family Identifier Route Tag
IP Address
Subnet Mask
Next Hop
Metric
…………
Address Family Identifier Route Tag
IP Address
Subnet Mask
Next Hop
MetricR
oute
Ent
ryR
oute
Ent
ry
0 "Version: The value is 2 in a RIPv2 packetimplementation.Address-Family Identifier, AFI: Specify theaddress family used. RIP is designed to carryrouting information for several different protocols.Each entry has an address-family identifier toindicate the type of address being specified. TheAFI for IP is 2. If the AFI for the first entry in themessage is 0xFFFF, the remainder of the entrycontains authentication information. Currently, theonly authentication type is simple password.Route Tag: Provide a method for distinguishingbetween internal routes (learned by RIP) andexternal routes (learned from other protocols)IP Address: Specify the IP address for the entry.Subnet Mask: Contain the subnet mask for theentry. If this field is zero, no subnet mask hasbeen specified for the entry.Next Hop: Indicates the IP address of the nexthop to which packets for the entry should beforwarded.Metric: Indicate how many internetwork hops(routes) have been traversed in the trip to thedestination. This value is between 1 and 15 for avalid route, or 16 for an unreachable route.
31
Routing Information Protocol•RIP Version 2
- . ( ' (( % ((
32
Router A Router B10.1.1.1 10.1.1.2100.100.100.100 200.200.200.200
Routing Information Protocol•RIP Version 2
1
2
3
Initially, both Router A and B sendthe request to each other withmulticast.
Router A and B reply with fullrouting table to each other.
The periodic update will beforwarded with broadcast packet.
To: 224.0.0.9
To: 224.0.0.9
To: 10.1.1.2
To: 10.1.1.1
To: 224.0.0.9
To: 224.0.0.9
Page is Animated
RIPv2 sends RIP announcements to the IP multicast address of 224.0.0.9.
32
0 (( 1 2
33
Routing Information Protocol•RIP Version 2
33
0 (( 1 3%
34
Routing Information Protocol•RIP Version 2
34
Enable RIPv1 for Both Switchesenable ripconfig rip all tx_mode v1_only rx_mode v1_only state enable
Check Interface StatusDES-3612:5#sh iprouteCommand: show iproute
Routing TableIP Address/Netmask---------------------------10.1.1.0/24100.1.1.0/24200.1.1.0/24
Gateway------------0.0.0.00.0.0.010.1.1.2
Interface------------Systemint1System
Cost-------112
Protocol------------LocalLocalRIP
Check RIP Version and StatusDES-3612:5#sh ripCommand: sh rip
RIP Global State : Enabled
RIP Interface SettingsInterface IP Address----------- ---------------System 10.1.1.1/24Int1 100.1.1.1/24
TX Mode-------------V1 OnlyV1 Only
RX Mode-------------V1 OnlyV1 Only
Authentication-------------------DisabledDisabled
State--------EnabledEnabled
#$ % & -
Routing Information Protocol•Switch Configuration
100.1.1.1 200.1.1.110.1.1.1 10.1.1.2DGS-3612-1 DGS-3612-2
Total Entries : 2
35
35
#$ % & 0
Enable RIPv2 for Both Switchesenable ripconfig rip all tx_mode v2_only rx_mode v2_only state enable
Check Interface StatusDES-3612:5#sh iprouteCommand: show iproute
Routing TableIP Address/Netmask---------------------------10.1.1.0/24100.1.1.0/24200.1.1.0/24
Gateway------------0.0.0.00.0.0.010.1.1.2
Interface------------Systemint1System
Cost-------112
Protocol------------LocalLocalRIP
Check RIP Version and StatusDES-3612:5#sh ripCommand: sh rip
RIP Global State : Enabled
RIP Interface SettingsInterface IP Address----------- ---------------System 10.1.1.1/24Int1 100.1.1.1/24
TX Mode-------------V2 OnlyV2 Only
RX Mode-------------V2 OnlyV2 Only
Authentication-------------------DisabledDisabled
State--------EnabledEnabled
Routing Information Protocol•Switch Configuration
100.1.1.1 200.1.1.110.1.1.1 10.1.1.2DGS-3612-1 DGS-3612-2
Total Entries : 2
36
36
#$ % &DGS-3612:5#config rip all authentication enable keyCommand: config rip all authentication enable key
Success.
DES-3612:5#sh ripCommand: show rip
RIP Global State : Enabled
ticationState
--------EnabledEnabled
RIP Interface SettingsInterface IP Address TX Mode RX Mode Authen-
----------- -------------- ------------ ------------- ----------System 10.1.1.1/24 V2 Only V2 Only EnabledInt1 100.1.1.1/24 V2 Only V2 Only Enabled
Total Entries : 2
Routing Information Protocol•Switch Configuration
100.1.1.1 200.1.1.110.1.1.1 10.1.1.2DGS-3612-1 DGS-3612-2
37
37
38
38
Switch Module 9
Open Shortest Path First(OSPF)
•
•
•
•
•
Nodes respond immediately when the network changes
Sending periodic updates at a long time interval
Each router maintains its own routing table and calculates respectively its bestpaths to all destinations in the network with Dijkstra’s (Shortest Path First - SPF)algorithm
LSA has sequence number and Link State Advertisement (LSA) acknowledgemechanism
Example: OSPF, IS-IS
Open Shortest Path First
•Link-State Routing Protocol
Link = Link between Routers
State = state of the link
Link State Routing Protocol Characteristics
39
Comparing with Distance-Vector Routing Protocol, all routers running the LinkState Routing Protocol have an identical routing table and can calculate thebest route individually.
The Open Shortest Path First (OSPF) routing protocol uses a link-statealgorithm to determine routes to network destinations. A “link” is an interface ona router and the “state” is a description of that interface and its relationship toneighboring routers. The state contains information such as the IP address,subnet mask, type of network the interface is attached to, other routers attachedto the network, etc. The collection of link-states is then collected in a link-statedatabase that is maintained by routers running OSPF.
39
•
•
Link-State information must be synchronized among routers.
Every router maintains the following information:
Open Shortest Path First
•Link-State Routing Protocol
To make consistent routing decisions in a common routing domain:
– Directly connected routers or in other words, the adjacency information
– The information of all other routers and their attached network n a common routingdomain
– The calculated result of using Dijkstra’s (SPF) algorithm, i.e. best routes to eachdestination
40
Routers running the Link State Routing Protocol have the same routinginformation and make decision on the best route to a specific destination. Inorder for every router in a network area to make a consistent decision, therouters in the area should be equipped with the following information.
•Neighbor routers information
•All other routers information
•Define area
•Attached network
•Using the same way to calculate the best path
40
Open Shortest Path First
•Link-State Routing Protocol
4%
1. Detecting network change
2. Create a Link-State Advertisement(LSA) concerning that link andpropagates to all neighbor devices
3. Each routing device takes a copy ofthe LSA and updates its Link-StateDatabase (LSDB)
4. Forward the LSA to neighboringdevices 1
2
5
3
LSDB
Router E
A4
B
D
C
E5. LSDB (Topology Table) is used to
calculate the best paths through thenetwork and put it in the routing table
Drawback:• Memory resource issue• CPU consumption issue
41
Link State Routing Protocol is not perfect. In a large and complicated network,the protocol may generate some issues because all routers keep a completerouter information in its database (routers need to have enough space to storeall route information). These routers also need to calculate the best paths todestinations on their own (routers need to be equipped with powerful chips todeal with frequent calculations).
41
4% ( " ( 4 "!
OSPF RFCs•
•
RFC 1131 (version 1)
RFC 2328 (version 2)
Link-State Routing Protocol
Hello / Adjacencies
Link-StateLink State Advertisement (LSA) over all adjacenciesDatabase (LSDB)•
•
•
Router’s link
Router’s interface
Router’s neighbor
Flooding LSAs throughout an area / all routers build identical Link-StateDatabase
SPF (Dijkstra) algorithm to calculate a shortest path Routing Table
Open Shortest Path First•Overview
42
OSPF belongs Link-State routing protocol and uses Hello messages to keep intouch with its neighbors. All routers in the network fully exchange routeinformation via Link-State Advertisement (LSA) with one another so that allrouters have the identical Link-State Routing Database. If there is any routepath change, all routers will be notified immediately through the LSA flooding.
42
Link State
Types
Descriptions
1 Router link advertisement
2 Network link advertisement
3 or 4 Summary link advertisement
5 AS external link advertisement
6 Group Membership LSA
4 " " (
43
Open Shortest Path First•Overview
A
Hello Protocol
DR / BDR Election C
Multi-Access
D
Internal Routers
Backbone / Internal Routers
ASBR
External AS
RIP
Area 4F
GH
OSPF AutonomousBackbone Area / Area 0
I
J L
M
Virtual LinkLSA Exchange
B
Stub Area
Area 1E
K
Area 2
Totally Stub Area
Area 3
NSSA
No Type 4 LSA (ASBR Summary LSAs)No Type 5 LSA (AS External LSAs)
No Type 3 LSA (Summary LSA)No Type 4 LSA (ASBR Summary LSAs)No Type 5 LSA (AS External LSAs)
No Type 4 LSA (ASBR Summary LSAs)No Type 5 LSA (AS External LSAs)
ABR
43
4 "
To run OSPF, a router must have a Router ID.• It is a 32-bit unsigned number to uniquely identifies a router in the Autonomous System (AS).
Router ID assignment••
Configure it manuallyRouter ID is automatically selected from active interfaces:
Open Shortest Path First•OSPF Hello / Adjacency
– The highest IP address on an loopback interface is chosen by default
– The highest IP address on an active interface is chosen– Selection begins at the start of the OSPF process
LSDBs use the OSPF Router ID to differentiate one router from the others.Break the tie during the Designated Router (DR) and Backup Designated Router(BDR) election process.
E1 192.168.0.1
E2
E3 192.168.10.1
192.168.20.1Router ID
44
Autonomous System (AS)
It is a collection of router operators that presents a common, clearly definedrouting policy.
Designated Router (DR)
In multi-access network, DR represents this network to other OSPF areas andmanages the flooding process on the multi-access network.
Backup Designated Router (BDR)
In multi-access network, BDR is responsible for taking over the DR positionwhen DR fails.
44
••
••
Discover Neighbors“Keep-alive” mechanism between neighbors
– Broadcast Hello Interval: 10 seconds– Non Broadcast Interval: 30 seconds– Router Dead Interval: 40 seconds (four times the Hello Interval)
Ensure bidirectional communications between neighborsIt helps to elect the Designated Router (DR) and Backup Designated Router (BDR) onBroadcast and Non-Broadcast Multi-Access (NBMA) network.
Open Shortest Path First
•OSPF Hello / Adjacency
+Before any Link-State Advertisements (LSAs) can be sent, OSPF routers mustdiscover their neighbors and establish adjacencies.
Hello
Hello• Router ID• Area ID• Address mask of the originating
interface• Authentication type and information• Hello and dead intervals• All Neighbors list• Router priority• DR IP address• BDR IP address• Authentication password
Hello
Hello
Hello
45
45
2 65
Neighbor• The interfaces of two routers connect to common network. Neighbor relationship is
maintained by exchanging Hello messages between two routers.
•
Open Shortest Path First•OSPF Hello / Adjacency
Not Match
Match
ExistNeighbor Table Reset RouterDeadInterval Timer
Add to neighbor table
Not Exist
Adjacency
A B
Verify:Router ID, Area ID,Network Mask, …
No adjacency
Start to build an adjacency
A B
A relationship is already formed between two neighboring routers for exchanging routinginformation. Two routers synchronizing the LSDB with each other (exchanging DatabaseDescription (DD) packets and LSAs) become adjacent. Not every pair of neighboring routerswill become adjacent. It depends on the network type.
Routing Information
LSDB LSDB
Routing Information
46
When a router receives Hello message from its neighbor, it will verify allinformation (such as Router ID, Area ID, etc) and check its neighbor table. If theneighbor has been recorded in the neighbor table, the router knows that thisneighbor is still alive and reset the Router Dead Internal Timer. If the neighborinformation does not exist in the neighbor table, the router will create new one.
In a broadcast network, a DRothers router does not form an adjacency to otherDRothers routers but to the DR or BDR router.
46
+
47
Open Shortest Path First•OSPF Hello / Adjacency
47
4 " 2 %Point-to-Point Networks – T1, DS-3, SONET link
• In point-to-point networks, routers always become adjacent. The destination address ofOSPF packets on these networks will always be the reserved class D address 224.0.0.5,known as AllSPFRouters.
Broadcast Networks – Ethernet, Token Ring, FDDI•
•
•
OSPF routers on broadcast network will elect a Designated Router (DR) and a BackupDesignated Router (BDR).Hello packets are multicast with AllSPFRouter destination address 224.0.0.5 (DestinationMAC address is 0100.5E00.0005)All other routers will multicast Link State Update and Link-State Acknowledge packets to224.0.0.6 (Destination MAC address is 0100.5E00.0006)
Non-Broadcast Multi-Access (NBMA) networks – x.25, Frame Relay, ATM••
No broadcast capabilityOSPF routers on NBMA elects a DR and BDR, and all OSPF packets are unicast.
Point-to-Multicast Networks• Routers on these networks do not elect a DR and BDR, and the OSPF packets are unicast
to each known neighbor.
Virtual Link• OSPF packets are unicast over virtual links.
Open Shortest Path First•OSPF Hello / Adjacency
48
224.0.0.5: OSPF AllSPFRouters address. It is used to send Hello packets to allOSPF routers on a network segment.
224.0.0.6: OSPF AllDRRouters address. In a multi-access network, the addressis used for communication between routers and DR or BDR.
48
( !/7 % ( 7 !
49
#In a multi-access network, flooding of Link-State Advertisements (LSAs) can beobserved:
•
•
Many unnecessary LSAs – If n is the number of routers on a multi-access network, there willbe n(n-1)/2 adjacencies. Each router will flood n-1 LSAs for its adjacent neighbors and oneLSA to the network. Resulting in LSAs originating from the network.
Routers would in turn flood LSAs to each other, creating many copies of the same LSA onthe same network.
DR/BDR mechanism resolves the above issues. DR has the following duties:•
•
To represent the multi-access network and its attached routers to the reset of OSPF area.
To manage the flooding process on the multi-access network.
BDR assumes the DR role if the DR fails.•
Open Shortest Path First•OSPF Hello / Adjacency
Multi-Access Area
A B C
D E
No DR/BDR Election
N=5
5(5-1)/2=10
A
B C
D E
A B C
D E (DR)(BDR)
All routers form adjacent not only with the DR but also with the BDR(DRother)
DR/BDR Election
49
/7 #
DR and BDR election are based on:•
•
Router Priority– 8-bit unsigned integer from 0 to 255 (highest)
Router ID
Open Shortest Path First•OSPF Hello / Adjacency
50
DR / BDR will be elected based on the following rules:
•The router with highest priority value is the DR
•The router with the second highest priority value is the BDR
•In case of tie. The highest Router ID is DR and the second is BDR
•A router with priority 0 cannot be the DR or BDR
•A router that is not DR or BDR is a DRother
•If a router with higher priority enters the network, it does not preempt the DR orBDR.
50
51
51
4 " 6
After building neighbor relationship between two routers, they need toexperience four stages to reach a full adjacency:•
•
•
•
Neighbor Discovery
Bidirectional Communication
Database Synchronization
Full Adjacency
Open Shortest Path First•OSPF Hello / Adjacency
4 " 6Neighbor Discovery
• Down– No Hello message from the neighbor in Last RouterDeadInterval. If a neighbor transits to the Down state from some
highest state, the Link State Retransmission, Database Summary and Link state Request lists are cleared.
• Initial– The Router has seen a Hello message from a neighbor.
Bidirectional communication• Two-Way
–––
The Router can see its own Router-ID in the Neighbor field of the neighbor’s Hello packet.DR/BDR election (in the multi-access area)The Router receives Database Description (DD) packets from the neighbor in the initial state cases a transition to two-way.
Database Synchronization• ExStart
– The master/slave relationship is negotiated and the adjacency between the OSPF routers begins to form. The initial DDsequence number is decided in this state.
• ExChange– The two OSPF routers identify their Master/Slave status and send Database Description packets describing its entire link-
state database to neighbors . The router may also send Link State Request packet to ask for more recent LSAs.
• Loading– Link State Request packets are sent to neighbors asking for more recent LSAs that are discovered but not yet received.
Full Adjacency• Full
– Neighbors in this state are full adjacent.
Open Shortest Path First•OSPF Hello / Adjacency
52
An OSPF Router transits a neighbor through several states before the neighboris considered full adjacency.
The four stages mentioned in previous slide can be separated into seven states.
•Down State
•Initial State
•Two-Way State
•ExStart State
•ExChange State
•Loading State
•Full State
52
o
DD
DD
DD
LSR
Thanks for the information.
(( *#$ " *
Open Shortest Path First•OSPF Hello / Adjacency
ADown State
Initial State
Router A neighbor List172.16.5.2/24 in Port1
Two-Way State
ExStart State
Exchang ExChange Statee
Prot
Loading State
col
Full State
172.16.6.1/24
Down State
Initial State
172.16.5.2/24
Port 2
172.16.5.1/24
Port 1I am router id 172.16.5.1, and I see no one 224.0.0.5
hello
hello
DD
DD
DD
LSU
I am router id 172.16.5.2, and I see 172.16.5.1 Unicast Packet
In Two-Way state, all routers that have each other in their lists of neighbors haveestablished bidirectional communication.
If link type is a broadcast network (LAN), DR/BDR election. The DR forms the bidirectionaladjectives between all other routers on the LAN link.
Router A & B generate empty DD to each other for master/slave negotiation.
I will start exchange (my router id 172.16.5.1) MS-bit is 1 (Master),DD Sequence number is XXX, M-bit is 1 (not last DD packet)
I will start exchange (my router id 172.16.6.1) MS-bit is 1 (Master),DD Sequence number is YYY, M-bit is 1 (not last DD packet)
You are Master. Here is a summary of my LSDB (LSA header)MS-bit-0 (Slave) DD Sequence number is YYY
Here is a summary of my LSDB (LSA header)MS-bit is 1 (Master) DD Sequence number is YYY+1
DD Ack!! (with the same DD Sequence number)
I need complete entry for network 172.16.6.0/24
Here is the entry for network 172.16.6.0/24
LSAck
B
Router B neighbor List
172.16.5.1/24 in Port2
Two-Way State
ExStart State
ExChange State
Keep exchange DDpacket till M-bit=0
Loading State
Full State
53
This is the process flow chart of exchanging full routing information.
Initially, two router A and B stay in Down state. After OSPF feature is enabled on bothrouters, they are moved to Initial state and send Hello packets to each other.
Router A is moved to Two-Way state when receiving a Hello packets with its Router IDin it.
In Two-Way state, all routers which each other in the neighbor lists will establishbidirectional communication.
If the link-type is a broadcast network (LAN), DR/BDR election mechanism will belaunched. The DR forms the bidirectional adjacencies between all other routers on theLAN.
Router A and B generate and send empty DD to each other for master/slavenegotiation. If both routers receive empty DD packets, they will go to ExStart state. Forexample, Router B, with larger Router ID, will become the Master and lead routerinformation exchange. Router A will accept and use Router B’s sequence number asthe initial number.
They will exchange summary of LSDB in the ExChange state.
After checking the summary of LSDB from Router B, if Router A found some routerinformation is not in its routing table, it will send Link state Request (LSR) to Router torequest for the missing information. When Router B receives, it will send the Link StateUpdate (LSU) and ask Router A to acknowledge.
In the Loading state, the request LSR and LSU will be fully exchanged till both havingidentical router information.
Lastly, it will move to Full state.
* Empty DD is used for master/slave negotiation and Router ID is used to decidewhich side is leading the route information exchange.
53
5 ( ( % !
Open Shortest Path First•OSPF Hello / Adjacency
A B
DD
DD
Address Book
Summarization
54
DD packet is a summary of LSDB. It is similar to the summary of address bookwhich allows others to quickly know which route is missing.
54
55
Open Shortest Path First
•OSPF Hello / Adjacency
( *#A
Exchange
Protocol
Full State
ExChange State
Loading State
Two-Way State
ExStart State
Down State
Initial State
Router A neighbor List172.16.5.2/24 in Port1
Full State
172.16.6.1/24
Down State
Initial State
Router B neighbor List172.16.5.1/24 in Port2
172.16.5.1/24
Port 1
hello
DD
172.16.5.2/24
Port 2
helloRouter A & B generate empty DD to each
other for master/slave negotiation
ExStart State
ExChange State
Keep exchange DDpacket till M-bit=0
Loading State
DD
DD
LSR
DD
DD
DD
LSULSAck
B
Two-Way State
ospf_adjacency_establishment.log ospf_adjacency_establishment.pcap
(ospf_adjacency_establishment.pcap.PCA)
55
4 " (Problem: In the Link-State RoutingProtocol, all routers must keep all routinginformation in the Link-State Database(LSDB).
• Memory Issue – In a large scale network,the size of the LSDB is large.
• CPU Issue – Dijkstra (SPF) calculationconsumes time and can be very complex ina large network environment.
Solution: Area reduces the impact on theCPU / Memory.Link-State routing protocols use a two layerarea model
• Transit Area––
Fast and efficient forwarding IP packetsInterconnection with other OSPF area types
•
– OSPF are 0 / backbone area
– Summarize the topologies of each area toevery other area
Regular Area–
–
–
Regular areas are where the users andresources reside.Traffic between regular areas must cross atransit areaArea numbers are not 0 / many area type
Open Shortest Path First•OSPF Areas
A
E FD
C
J
Regulararea
G
Area 1
H
Area 2
I
Area 3
Transit area / Backbone area
External AS
B
Examples of Area ID0 = 0.0.0.0 (reserved for Backbone)275 = 0.0.1.19275 100010011 00000001 00010011 1.19
56
OSPF uses areas to reduce LSA flooding impact because not all routers needto keep a copy of all route information.
There are two types of areas in OSPF. One is the backbone area, also calledarea 0 or Transit area. The other area is the regular area which must attach tobackbone area.
56
4 " ) ( (
Open Shortest Path First•OSPF Areas
A hierarchical design
Smaller link-state database size
Reduction on link-state update (LSU) overhead
Detailed LSA flooding at the area boundary
An identical link-state database shared among routers in an area
57
57
% ( *4 " (
58
A router can exist as more than one routertype.A router has separate LSDB for each areato which it connects.Four types of roles in OSPF and each isresponsible for different router filter androute transmission
• Internal Router– Router’s Interfaces are all in the same area
• Backbone Router– Routers have at least one interface connected
to area 0
•
•
ABR (Area Border Router)– Router’s interface connects to one or more
areas to the backbone and acts as a gatewayfor inter-area traffic
ASBR (Autonomous System BoundaryRouter)
– Routers have at least one interface attachedto another autonomous It is a gateway forexternal traffic, injecting routes into the OSPFarea.
– It separates LSA flooding zone.–
–
It becomes the primary point for area addresssummarization.It functions regularly as the source of defaultrouters
– It maintains the LSDB for each area which it isinvolved.
Open Shortest Path First•OSPF Areas
C
J
D
G
Area 1
E
H
Area 2
F
I
Area 3
ASBR /
Backbone Router
Backbone area
A
ExternalAS
B
Backbone /InternalRouter
ABR
InternalRouter
58
•
•
•
•
Virtual links must be configured between two ABRs.
The area through which the virtual link is configured must have full routing information.
The transit area cannot be a stub area.
Virtual link should be a temporary solution because it will increase network complexityand difficult to troubleshoot.
Open Shortest Path First
•OSPF Areas
Virtual Links is a link to the backbone through a non-backbone area
Purposes of Virtual Links
ABR ABR
ABR1
2To connect two parts of apartitioned backbone througha non-backbone area
To link an area to backbonethrough a non-backbone area
Virtual Link
Area 0 Area 1Area 2 Area 3
Area 2
Area 1
Area 0
ABR
Virtual Link
59
In some special network environment, a regular area cannot attach to thebackbone area directly. The feature of Virtual Link enables a logical link tobackbone area and does not violate the rule.
59
Link State Type Descriptions
1 Router LSA
2 Network LSA
3 or 4 Summary LSA
5 AS external LSA
6 Group Membership LSA
7 NSSA External LSA
8 External attributes LSA for Border Gateway Protocol (BGP)
9, 10 or 11 Opaque LSAs
( !
Open Shortest Path First•OSPF LSA Types
Each router in the Autonomous System originates one or more Link-StateAdvertisements which are stored in the Link-State Database.
The area topology view in an AS can be derived from all the LSAs.
Link State ID
60
Different types of OSPF routers generate different route information (LSA).There are 11 types of LSAs and each type of LSA is for different purpose.
60
61
1.
2.
3.
4.
Router’s link
Interface
The state and outgoing cost of each link
Any known OSPF neighbors on the link
Open Shortest Path First
•OSPF LSA Types
% -&
Who: Every router
Scope: Flood only within a defined Router area
LSA List:
Type = 1
Router LSA
Router ID
Type = 1
Router LSA
Router ID
61
Open Shortest Path First
•OSPF LSA Types
% 0&2
Who: DR Router
Scope: flooded on every multi-access network
LSA List: All attached routers, including DR itself
Note: There is no metric field in the Network LSA. (The cost from the pseudo noderepresented by the LSA to any attached router is always 0)
Router ID:192.168.100.30
Router ID:192.168.100.20
192.168. 0.1
DR
Router ID:192.168.100.10
Attached Router =192.168.100.30
Attached Router =192.168.100.20
Attached Router =192.168.100.10
Type = 2
192.168.0.1
Subnet = 255.255.255.0
Attached Router =192.168.100.30
Attached Router =192.168.100.20
Attached Router =192.168.100.10
Type = 2
192.168.0.1
Subnet = 255.255.255.0
62
62
••
ABRABR
Internal Router (What destinations the ABR can reach)Backbone (What destinations in ABR’s attached area)
LSA List: Destination SummaryNote:
•
•
ABR only originate a single Network Summary for each destination even if they knows there are multiplerouters to destination (lower cost)When a router receives Summary LSA, it just simply adds the cost of route to the ABR without running SPFalgorithm
Open Shortest Path First
•OSPF LSA Types
% 8&Who: Area Border Router (ABR)Scope:
192.168.10.0/24 172.17.5.0/24
ABR
Area 0 Area 172.17.5.0
Type = 3
172.17.5.0
Subnet = 255.255.255.0
Metric = 120
Type = 3
192.168.10.0
Subnet = 255.255.255.0
Metric = 60
63
ABRs generate summary LSAs. They are sent for the following purpose
1.to advertise the destinations outside that area
2.to advertise the destinations within its connected areas into the backbone
3.to advertise a default route
63
% 9& 7
Who: ABR
Scope: Flood only into a single area
LSA List: The destination is an ASBR, subnet mask is zero; thus it is the hostaddress of an ASBR.
Note: ASBR Summary LSA will always be a host address because it is a route to arouter.
64
Open Shortest Path First•OSPF LSA Types
Type = 4
192.168.10.1
Subnet = 0.0.0.0
Metric = 64
ABR
192.168.10.0/24
ASBRRouter ID =
192.168.10.1
172.17.5.0/24
Area172.17.5.0
64
% :& ( ( !#$
Who: Autonomous System Boundary Router ASBR
Scope: Flood throughout the autonomous system
LSA List: Destination external to the OSPF antonymous system and a default route
65
Open Shortest Path First•OSPF LSA Types
Type = 5
192.168.10.0
Subnet = 255.255.255.0
Metric = 10
Forwarding Address =192.168.20.254
192.168.10.0/24
ASBR
Router ID = 192.168.10.1OSPF Autonomous System
192.168.20.254
65
% ; <
Type 6: Group Membership LSA• It is and multicast extension used for OSPF known as multicast OSPF (MOSPF)
Type 7: NSSA External LSA•
•
•
•
It is an LSA type used in Not-So-Stubby-Areas (NSSAs) and it only floods withinthe not-so-stubby-areas.
Who: ASBRs within not-so-stubby areas (NSSAs)
Scope: Flood only within not-so-stubby areas
LSA List: AS External LSA
Type 8: External Attributes LSA• It is used to internetwork OSPF and BGP. transporting BGP information across
an OSPF domain.
Type 9: Opaque LSA• Its information is used for application-specific purpose. The information field can
be used directly by OSPF or indirectly by other applications to distributeinformation throughout the OSPF domain.
66
Open Shortest Path First•OSPF LSA Types
66
4 " 5
In an autonomous system, AS External LSAs are flooded throughout theOSPF autonomous system but not in a Stub Area. A default route is used ina Stub Area for AS external destinations.
Problem:•
•
External LSAs may occupy a large percentage of LSAs in the database of everyrouter.
Not every router needs to know about all the external destinations.
Solution: A Stub Area•
•
It does not receive AS External LSAs (Type 5 LSA) and ASBR Summary LSA(Type 4).
ABRs use Network Summary LSAs (Type 3) to advertise a single default route(destination 0.0.0.0) into the area.
Open Shortest Path First•OSPF Special Area
67
In the real world practice, most of the route information are injected fromoutside the AS. In the area, not all devices need to know or keep all routesinformation in their database. Therefore, OSPF has defined some special areasfor blocking unnecessary routes injecting into those areas.
There are three types of special areas:
•Stub Area
•Totally Stub Area
•Not-So-Stubby Area
67
4 " 5
There are several restrictions andissues
• All routers in a Stub Area must beconfigured as a stub router and havean identical LSDB to form adjacencies.
•
•
•
A virtual link is not allowed in a StubArea.
No ASBR in the Stub Area
If there are more than one ABR in aStub Area and default routes aregenerated from all ABRs, the internalrouters in the Stub Area do not knowwhich one is the best to reach theexternal destination.
Open Shortest Path First•OSPF Special Area
ABR
ASBR
Area 1
AS ExternalLSAs
Stub Area
Area 2
68
68
4 " 55
Open Shortest Path First•OSPF Special Area
No Type 3 (ASR Summary LSA) except for a single type 3 LSA to advertisethe default route
No Type 4 (ASBR Summary LSA)
No Type 5 (AS External LSA)
In a Totally Stubby Area, the routes outside an area in an autonomous areblocked. A default route is used to reach all destinations outside the area nomatter where the destination is in the autonomous system or not.
69
69
4 " 2 55 2 !
In a network environment where the characteristics of stub area are required but thearea attaches to other routing domain, NSSA is the solution. It breaks stub area rulesand allows external routes to enter the OSPF autonomous system.
An ASBR in the NSSA originates Type 7 LSAs (NSSA External LSA) to advertise theexternal destinations.
The NSSA External LSA is flooded to other areas in the AS with a flag P-bit in itsheader set to1 after this type 7 LSA is translated into type 5
Open Shortest Path First•OSPF Special Area
Area 0
Type 5
Area 2
Not-So-Stubby Area
RIP
ABR
Type 7
ASBR
Type 7
70
Not-So-Stubby Area is a special area which is the transit area connecting toexternal AS and backbone area.
70
Link State Types Type 1 & 2 Type 3 Type 4 Type 5 Type 7
Backbone area Yes Yes Yes Yes No
Non-backbone, non-stub area Yes Yes Yes Yes No
Stub Yes Yes No No No
Totally Stubby Yes No No No No
Not-So Stubby Yes Yes Yes No Yes
4 " % (
Open Shortest Path First•OSPF Special Area
This table shows the types of LSAs allowed in different areas.
71
71
Area 1 Area 3
R4
#$ % &4 "
72
Area 2
(Stub Area)
Virtual link
Redistribution
P10 (100.1.1.1/24)
P23 (3.1.1.1/24)
P9 (3.1.1.2/24)
(NSSA Area)
P10 (4.1.1.1/24)
P9 (4.1.1.2/24)
Backbone Area 0P9 (77.1.1.1/24)
P10 (99.1.1.1/24)
R1P22 (1.1.1.1/24)
P9 (1.1.1.2/24)
(Normal Area)P10 (2.1.1.1/24) R2
P9 (2.1.1.2/24)
R3 R5
P1 (100.1.1.2/24)
R6External AS(RIP)
RIP(101.1.1.1/24)RIP(102.1.1.1/24)
Open Shortest Path First•Switch Configuration
72
) * =7 5 > -/ ? 8;$$!
L3 Switch Configuration•
•
VLAN and IP Interface Settingsconfig command_prompt Area0
config vlan default delete 22-23
config ipif System ipaddress 77.1.1.1/24
create vlan area1 tag 2
config vlan area1 add tagged 22
create ipif area1 1.1.1.1/24 area1
create vlan area3 tag 3
config vlan area3 add tagged 23
create ipif area3 3.1.1.1/24 area3
OSPF Settingsconfig ospf router_id 1.1.1.1
config ospf ipif System area 0.0.0.0 state enable
config ospf ipif area1 area 0.0.0.0 state enable
config ospf ipif area3 area 0.0.0.0 state enable
enable ospf
73
Open Shortest Path First•Switch Configuration
73
) * =2 - 0/ ? 8;$$!
L3 Switch Configuration•
•
VLAN and IP Interface Settingsconfig command_prompt Area1
config vlan default delete 9-11
create vlan area0 tag 2
config vlan area0 add tagged 9
create ipif area0 1.1.1.2/24 area0
create vlan area2 tag 3
config vlan area2 add tagged 10
create ipif area2 2.1.1.1/24 area2
OSPF Settingsconfig ospf router_id 2.2.2.2
config ospf ipif area0 area 0.0.0.0 state enable
create ospf area 0.0.0.1 type normal
config ospf ipif area2 area 0.0.0.1 state enable
create ospf virtual_link 0.0.0.1 3.3.3.3 hello_interval 10 dead_interval 40 authenticationnone
enable ospf
74
Open Shortest Path First•Switch Configuration
74
) * = 5 0 8/ # 8@$$!
L3 Switch Configuration•
•
VLAN and IP Interface Settingsconfig command_prompt Area2
config vlan default delete 9-11
create vlan area1 tag 3
config vlan area1 add tagged 9
create ipif area1 2.1.1.2/24 area1
create vlan area2 tag 2
config vlan area2 add untagged 10
create ipif area2 99.1.1.1/24 area2
OSPF Settingsconfig ospf router_id 3.3.3.3
create ospf area 0.0.0.1 type normal
config ospf ipif area1 area 0.0.0.1 state enable
create ospf virtual_link 0.0.0.1 2.2.2.2 hello_interval 10 dead_interval 40 authenticationnone
create ospf area 0.0.0.2 type stub
config ospf ipif area2 area 0.0.0.2 state enable
enable ospf75
Open Shortest Path First•Switch Configuration
75
) * =2 8 9/ ? 8;$$!
L3 Switch Configuration•
•
VLAN and IP Interface Settingsconfig command_prompt Area3_1
config vlan default delete 9-11
create vlan area0 tag 3
config vlan area0 add tagged 9
create ipif area0 3.1.1.2/24 area0
create vlan area3 tag 2
config vlan area3 add tagged 10
create ipif area3 4.1.1.1/24 area3
OSPF Settingsconfig ospf router_id 4.4.4.4
config ospf ipif area0 area 0.0.0.0 state enable
create ospf area 0.0.0.3 type nssa translate enable
config ospf ipif area3 area 0.0.0.3 state enable
enable ospf
76
Open Shortest Path First•Switch Configuration
76
) * =2 8 :/ # 8@$$!
L3 Switch Configuration•
•
•
VLAN and IP Interface Settingsconfig command_prompt Area3_2
config vlan default delete 9-11
create vlan area3 tag 2
config vlan area3 add tagged 9
create vlan rip tag 3
config vlan rip add tagged 10
OSPF Settingscreate ipif area3 4.1.1.2/24 area3
config ospf router_id 5.5.5.5
create ospf area 0.0.0.3 type nssa translate enable
enable ospf
RIP Settingscreate ipif rip 100.1.1.1/24 rip
enable rip
config rip ipif rip tx_mode v2_only rx_mode v1_or_v2 state enable
create route redistribute dst ospf src rip
create route redistribute dst rip src ospf all
create route redistribute dst ospf src local mettype 2 metric 20
77
Open Shortest Path First•Switch Configuration
77
) * = #$ ;/ # 8@$$!
L3 Switch Configuration•
•
VLAN and IP Interface Settingsconfig command_prompt External_AS
config vlan default delete 1-3
create vlan rip1 tag 3
config vlan rip1 add tagged 1
create vlan rip2 tag 4
config vlan rip2 add tagged 2
create vlan rip3 tag 5
config vlan rip3 add tagged 3
RIP Settingscreate ipif rip1 100.1.1.2/24 rip1
create ipif rip2 101.1.1.1/24 rip2
create ipif rip3 102.1.1.1/24 rip3
enable rip
config rip all tx_mode v2_only rx_mode v1_or_v2 state enable
78
Open Shortest Path First•Switch Configuration
78
79
79
Switch Module 10
Multicast in D-LinkSwitching Environment
' -> ' (#
Internet Group Multicast Protocol (IGMP v1, 2 & 3)
IGMP Snooping
IGMP Fast Leave
IGMP Snooping Multicast VLAN
Per-Port Multicast Stream Control
Protocol Independent Multicast
80
80
' ( ** 4Three methods of traffic transmission:
• Unicast (multiple copies, multiple receivers)–
–
An application sends two copies of traffic to two clients
Dedicate bandwidth for every traffic session
• Multicast (single copy, multiple receivers)–
–
The client device decides whether or not to listen to the multicast address
An efficient solution for traffic transmission
• Broadcast (single copy, all receivers)–
–
An application sends only one copy of each packet using a broadcast address
Each host device must process the broadcast data frame
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
B
C
B
C
A
A
Multicast Server
Unicast x 2
Multicast Server
Multicast x 1
Multicast Client-1
Multicast Client-2
Multicast Client-1
Multicast Client-2
Unicast
Multicast
81
If a multicast server wants to deliver duplicated traffic to a number of client,there are several ways to transmit the traffic.•Unicast – It wastes bandwidth and it is not efficient. For example, the serverneeds to generate duplicated unicast traffic to each client.•Multicast – It is the best solution for sending duplicated traffic to a group ofclients. The server just needs to generate one copy of traffic for a group ofclients.•Broadcast – Broadcast packet will deliver to all clients and is regardless of theclients’ requirements.
81
( A ( ( *' (
Advantages• Multicast applications send a data stream in stead of multiple ones; thus the
network resource is efficiently utilized.
Disadvantages•
•
Multicast utilizes User Datagram Protocol (UDP) as the transport layer protocol.UDP is not a connection-oriented protocol and thus it lacks of reliability like TCPdoes.
The way how UDP delivers network traffic may cause packet losses. This mightimpact some delay or packet loss sensitive applications like VoIP.
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
82
Multicast has many advantages such as enhanced traffic efficiency, reducedbandwidth wastage and optimized network performance.However, it also has some drawbacks. Multicast adopts User DatagramProtocol (UDP) to transfer packets and does not ensure all packets aredelivered successfully.
82
' (
IP multicast relies on the concept of avirtual group address calledMulticast IP address.L2 Switch’s behavior to handlemulticast frame
•
•
A multicast frame is treated as aunknown unicast or broadcast frames.Hence, the multicast will be floodedto all ports within a VLAN.
Problem• When a client joins a specific group, it
will cause all multicast traffic to beflooded to all ports within the VLAN.Every client has to process the data.
Solution•
•
Set up a static multicast FDB for aspecific port (eg. Limit destinedmulticast group by forwarding to port1 & 2 only)Dynamic configuration with IGMPSnooping
83
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
Router
L2 Switch
Client-1 Client-2 Client-3Receive CNN channel traffic
even though they do not watch it.
83
' ( ((Class D 1 1 1 0 Multicast ID
28 Bits
Class D address range group address or destination address of IP multicast traffic• These address consists of
– Binary 1110 most significant bits (MSB) in the first octet
– Remaining 28 bits identify the multicast group ID
Multicast IP address range: 224.0.0.0 to 239.255.255.255•
•
224.0.0.1 all multicast systems on a subnet
224.0.0.2 all multicast routers on a subnet
First 4 bits
Example: 224.1.1.10
11100000.00000001.00000001.00001010
28 bits
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
Source: http://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml
84
Multicast IP range belongs to class D (224.0.0.0 to 239.255.255.255). Eachmulticast IP address can map to a multicast MAC address.Multicast IP address consists of two segments. First four bits must be 1110 andthe remaining 28 bits represent a specific multicast group ID.In the above example, multicast IP address 224.1.1.10 can map to multicast IPaddress 11100000.00000001.00000001.00001010.•The first four bits 1110 is called MSB (most significant bits)•The remaining 28 bits are used to identify the multicast group ID
84
Description Range
Local Network Control Block 224.0.0.0 to 224.0.0.255
Global scope address 224.0.1.0 to 238.255.255.255
Source Specific Multicast Block 232.0.0.0 to 232.255.255.255
GLOP Block 233.0.0.0 to 233.255.255.255
Administratively Scoped Block 239.0.0.0 to 239.255.255.255
' ( ((
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
Reserved Local Network Control Block (224.0.0.0 to 224.0.0.255)• Internet Assigned Numbers Authority (IANA) reserved addresses for network protocols on a local network
segment.• Router do not forward packets in this address range (packet with a Time-to-Live (TTL) value of 1)• 224.0.01 All Hosts• 224.0.0.2 All Multicast Routers• 224.0.0.3 All Distance Vector Multicast Routing Protocol (DVMRP) Routers• 224.0.0.5 All Open Shortest Path First (OSPF) Routers• 224.0.0.6 All OSPF Designated Router (DR) Routers• Eg. OSPF uses the IP addresses 224.0.0.5 and 224.0.0.6 to exchange link-state information• Eg. 224.0.0.1 identifies all-hosts group (if you send an ICMP echo request packet to this address, all
multicast-capable hosts on the network will answer the packet).Global Scope Address (224.0.1.0 to 238.255.255.255)
• Companies use these addresses to multicast data between organizations and across the Internet. Eg. IANAreserves the IP address 224..0.1.1 for Network Time Protocol (NTP)
85
In the multicast IP address range 224.1.1.10 to 239.255.255.255, somemulticast IP addresses are reserved.
85
' ( ((
Source Specific Multicast Block (232.0.0.0 to 232.255.255.255)•
•
This is reserved for Source-Specific Multicast (SSM), the extension of Protocol IndependentMulticast (PIM).
In SSM, forwarding decisions are based on a group of two addresses, which is referred to as(S,G), where S is the IP address of source and G is the multicast group address. It can solveaddress allocation problems because the source address makes each channel unique.
GLOP Block (233.0.0.0 to 233.255.255.255)• RFC3180, “GLOP addressing in 233/8”, proposes that 233.0.0.0 to 233.255.255.255 address
range. GLOP numbering sets the first octet of the address to 233, the next two octets to theregistered Autonomous System value and the fourth octet is locally assigned. GLOPaddresses are used by ISPs who want to provide multicast contents on the Internet.
Administratively Scoped Block (239.0.0.0 to 239.255.255.255)• RFC2635, “Administratively Scoped IP Multicast” to be constrained to a local group or
organization. Companies, schools or organizations use these addresses to have localmulticast applications where edge routers to the Internet do not forward multicast framesoutside their intranet domains.
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
86
GLOP is not an acronym; it refers to the multicast addressing method for IPv4.
86
1110
224.1.1.10
' ( ' ) ((Multicast MAC address starts with 25-bit prefix 0x01-00-5E (Binary is00000001.00000000.01011110.0xxxxxxx.xxxxxxxx.xxxxxxxx) with 25th bit set to 0)All the IP multicast addresses have the first four bits set to 1110, the remaining 28(32-4=28) least significant bits (LSB) must map into the 23 LSBs of the MAC address.The MAC address loses five bits of uniqueness in the IP to MAC address mappingprocess. This method for mapping a multicast IP address to a MAC address results ina 32:1 mapping. Each multicast MAC address represents a possible 32 distinct IPmulticast addresses.
87
87
238.1.1.10238.129.1.10239.1.1.10239.129.1.10
Multicast MAC Address
0x01-00-5E-01-01-02
00000001-00000000-01011110-0xxxxxxx-xx…
32 bits
28 bits
Multicast IP Address :
Multicast MAC Address :01-00-5e-01-01-0a25 bits
23 bits
28 bits – 23 bits = 5 bits lost
Multicast Address Overlap
224.1.1.10224.129.1.10225.1.1.10225.129.1.10226.1.1.10226.129.1.10
32 multicast IP addresses ………………
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
Multicast Group Example
Channel List
CH 10MovieChannel
Group 1: 225.1.1.10
Movie Channel
CH 11 News Chanel Group 2: 225.1.1.11
News
Channel
Current versions of IGMP•
•
•
IGMP version 1 (RFC1112)
IGMP version 2 (RFC2236)
IGMP version 3 (RFC3376)
The IGMP manages multicast group memberships mainly based on•
•
•
How a client Join (Report) a group
How a client Leave a group
How a router Query clients
? % ' ?' !
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
Hosts use IGMP to dynamically register themselves to a multicast group on a particular subnet.
Routers and switches keep listening to IGMP messages and periodically send out queries todiscover which groups are active or inactive on a particular subnet or VLAN.
TV to send Query
Remote Control tosend Join / Leave
88
IGMP is a control protocol which has three main messages as follows:•Join (Report) message•Leave message•Query message
Multicast group (eg. 225.1.1.10) is like a television channel number which youare watching in your daily life. Eg. News channel number is 11. The remotecontrol is like a multicast client, it can join or leave a multicast group.If you want to watch movie channel, the remote control will send the joinmessage to your television.If you want to switch TV channel from movie channel to news channel, theremote control will send the leave message to stop receiving movie channeltraffic and it will send another join message to the television to receive newschannel.The television is the router which sends query message to the remote controlperiodically to make sure that the clients will still want to continue receiving thesame channel.
88
? % ' ( -Query Mechanism
• The Querier sends IGMP Query to all clients(224.0.0.1) periodically (60 seconds) and Timeto Live (TTL) value of packet is equal to 1.
• There is no querier election mechanism. Thedesignated router (DR) is elected by multicastrouting protocol, such as PIM.
Join Mechanism• When receiving an IGMP query message,
clients will respond with IGMP Join Report forthe group it is interested.
•
•
When a host wants to join a multicast group, itsends out a multicast membership report to therouter.
Report Suppression Mechanism. If a clientreceives a given group report (eg. 225.1.1.10)from other members, it will keep quiet and willnot send the same report to ask for multicasttraffic. The benefit is to reduce bandwidth overthe local subnet.
Leave Mechanism• Clients leave multicast group quietly without
sending notification to the multicast router. Themulticast route stops forwarding traffic afterclient response timeout (no client in a group)
Client-1 Client-2 Client-3
A
JoinReport
Multicast Server
B
JoinReport
DR
QueryTTL=1, 224.0.0.1
JoinReport
Group 1: 225.1.1.10Movie Channel
Group 2: 225.1.1.11News Channel
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 1
89
89
?' ( - B
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 1
60sec.
Multicast Server
QueryTTL=1, 224.0.0.1
Multicast Client
90
90
?' ( - %
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 1
Multicast Server
Report234.1.1.10
Multicast Client
91
91
2 ) (% (
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 1
3 mins.
Routers stopforwardingmulticast stream
Once the router receives a report from the client, the counter will be refreshed to 3:00 and start to count down.
92
92
? % ' ( 0
IGMPv2 solves the limitation (no leave mechanism) of IGMPv1
RFC 2236
Backward compatible with IGMPv1
Addition two features•
•
Queries Election Mechanism
Leave Group Message– Host sends leave message if it leaves the group and is the last member.
– It reduces leave latency compared to IGMPv1.
93
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
93
? % ' ( 0Query Mechanism
•••
Query is sent with multicast IP address (224.0.0.1) and have an IP TTL equal to 1.Query interval is 60 to 120 seconds (default is 60 seconds).Query Election Mechanism resolves multiple queries on single multicast subnet. IGMPv1 does not havethis mechanism.
––––
Step 1: Initially, IGMPv2 routers regard themselves as queriers and send an IGMP general query message.Step 2: When an IGMP router receives a query message with lower source IP than itself, it will become the non-querier.Step 3: The IGMP routers with lowest IP address will be elected as the Querier.After election process, all non-querier routers start a timer, known as “other querier present timer”. If a router receives aquery before the timer expires, it will reset the timer. Otherwise, it assumes the querier fails and re-initiates an electionprocess.
• Group Specific Query is aimed at a specific group to query.
Join Mechanism•
•
A client can send the join packet any timeand does not wait to receive a querymessage in order to reduce join latency. Itis the same as IGMPv1, asynchronousJoin.
Suppresses mechanism. Only onemember per group responds with a reportto a query.
A B
Non-QuerierQuerier
Querier192.168.0.1
Querier192.168.0.2
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
Querier Election
94
IGMPv2 adds some features including Query Election Mechanism, GroupSpecific Query and Leave Mechanism.
94
? % ' ( 0Leave Mechanism
•Leave Group Mechanism– Step 1: A client sends the Leave message to all routers (224.0.0.2) on local subnet.– Step 2: When receiving the “Leave message”, the querier feedbacks a number of group-specific
queries to the associated group. This is to confirm if there are any other clients who wish to receivetraffic for the group.
– Step 3: One of the remaining members of the group will response a join report within the maximumresponse time (Query-Interval Response Time) set in the query message.
– Step 4: If the querier receives join message sent by a client, it will keep sending traffic into the subnet.Otherwise, the querier will assume no client is interested in the group and stop forwarding traffic to thegroup.
•Benefits of Group Specific Queries– Quickly find out if any members are left in
the group
•
– Router does not need to ask all groups for
a report– Shorten the traffic flooding time
The difference between Group SpecificQuery and General Query
– General Query – Multicast to “All-Hosts”(224.0.0.1) address
– Group Specific Query for Group “G” –Multicast to Group “G” multicast address
Leave
A
Querier
Group Specific QueryMax. Response Time: 10 seconds225.1.1.10
Client-2
Group: 225.1.1.11
Group: 225.1.1.10
Client-3
Report
Client-1
Group: 225.1.1.10
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
95
Group Specific query can help to reduce the bandwidth consumption.For example, in IGMPv1, a client leaves quietly without sending any notice to aQuerier. This will cause continuous multicast query traffic in the segment untiltimeout.Group Specific Query is efficient in resolving such issue and can shorten theflooding time.In IGMPv2, when a Querier receives leave message from a client, it willfeedback with Group Specific Query for specific multicast group. The router willstop flooding traffic into the segment when it does not receive any clients’ Joinresponses after repeating the query for three times. Group Specific Query usesmulticast group IP address as the destination address.
95
?' ( 0 B
96
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
Multicast Server
QueryTTL=1, 224.0.0.1
Multicast Client
96
?' ( 0 ' ((
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
Multicast Server
Leave234.1.1.10
Multicast Client
97
97
?' ( 0 ? % % * B (
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 2
Multicast Server
Group-Specific QueryTTL=1, 234.0.0.1
Multicast Client
98
98
Client-1
B E
? % ' ( 8RFC 3376Enhance host control capability using Source Filter Mode (include/exclude SourceLists)•
•Group and source-specific queries– General query – multicast to “All-Hosts” (224.0.0.1) address and does not carry group address and
source address.– Group specific query – multicast to the Group “G” multicast address and carries a group address and
no source address.– Group and source specific query – multicast to the Group “G” multicast address and carry a group
address and one or more source addresses.
99
For all hosts to receive/reject a designated multicast group from one or a set of multicastservers.
Group 1: 225.1.1.10Movie Channel
A DMulticast Server-1IP address: 192.168.0.10
Client-2
Group 2: 225.1.1.10
News ChannelC F
Multicast Server-2 Packets (S2,G)IP address: 192.168.0.11
Example: If client-2 only wants to see movie channel (HBO), it just needs to include Server-1 into its report.
Enhance query and report capabilities
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
99
? % ' ( 8Report containing Multiple Group Records
• Unlike IGMPv1 and IGMPv2 report message (report to target multicast group), IGMPv3report message is designated to 224.0.0.22 and contains one or more group records. Eachgroup entry contains a multicast group address and an uncertain number of sourceaddresses.
• All IGMPv3 routers listen to 224.0.0.22 address in order to receive and maintain IGMPmembership state for every member on the subnet. (IGMPv1/v2 router only main group stateon a subnet basis.
No Report Suppression (IGMPv1 and IGMPv2 have) because every host has toreport a specific multicast address list for the group.
Group record types• Current-state record (include/exclude): the current-state record reports the current reception
state of the interface.• Filter-mode-change record (include/exclude): indicates that the interface filter mode has
changed from Include to Exclude or from Exclude to Include for the specific multicastaddress list.
• Source-List-Change record (include/exclude): indicates that new source addresses areallowed or old source addresses are blocked
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
V3 Report (224.0.0.22)Group 224.1.1.10Exclude: “192.168.1.1”
V3 Report (224.0.0.22)Group 224.1.1.10Include: “192.168.1.1”
Specified Multicast Address List
100
There are six types of IGMP Join Report•Include current-state record•Exclude current-state record•Include filter-mode-change record•Exclude filter-mode-change record•Include Source-list-change record•Exclude Source-list-change record
100
?' ( 8 C
Report 1 – Client 1 sends a report to join all sources of the multicast group224.1.1.10
Report 2 (Joining only specific Source/Include) – Client 1 sends a report to join onlythe source multicast group 224.1.1.10 except the group from the source (192.168.1.1)
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
A B
C
Client-1
Report
Multicast Server-1Source IP: 192.168.0.1/24Multicast Group: 224.1.1.10
Multicast Server-2Source IP: 192.168.1.1/24Multicast Group: 224.1.1.10
Multicast trafficFrom Server-1
Multicast trafficFrom Server-2
V3 Report (224.0.0.22)
Group 224.1.1.10
Report -1 Exclude: “null”
(any source)
V3 Report (224.0.0.22)
Group 224.1.1.10
Report-2 Include: 192.168.0.1
(only from source 192.168.0.1)
V3 Report (224.0.0.22)
Group 224.1.1.10
Report-3 Exclude: 192.168.1.1
(any source, except source 192.168.1.1)
101
IGMPv3 allows Client-1 to use different types of report to join the multicastgroup.In the example, the client can send Report-1 to join group 224.1.1.10 withexclude list equal to “null”. This means that Client-1 can receive the multicaststream from any source.
101
?' ( 8 '
No Report Suppression mechanism.
The router multicast periodic membership queries to “All-Hosts” (224.0.0.1) groupaddress.
All hosts respond by sending back an IGMPv3 membership report that contains theirspecific multicast address list for the interface.
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
A B
C
Client-1Report
Multicast Server-1Source IP: 192.168.0.1/24Multicast Group: 224.1.1.10
Multicast Server-2Source IP: 192.168.1.1/24Multicast Group: 224.1.1.10
Query
Report
V3 Report (224.0.0.22)
Group 224.1.1.10
Report -1 Exclude: “null”
V3 Report (224.0.0.22)
Group 224.1.1.10
Report-3 Exclude: 192.168.1.1
Report
Query 224.0.0.1
Client-2
102
IGMPv3 does not support Suppress mechanism but IGMPv1 and IGMPv2support. This is because different users may receive the multicast stream fromdifferent multicast sources. As mentioned in the previous slide, all IGMPv3routers listen to 224.0.0.22 address in order to receive and maintain IGMPmembership state for every member on the subnet.
102
?' ( 8 B "
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
Type code = 0x11 (IGMP Query)Max Response Time – The maximum time in seconds that the switch will wait for reports frommembersMulticast Address – This field is identical to IGMPv2 version . 0.0.0.0 is for General QueriesS flag – It indicates that the router is receiving message that is not processed.QRV (Querier Robustness Value) – It affects various timers and retries counts. Increasing thisvalue provides more protocol robustness at the expense of latency.QQIC (Querier Query Interval) – This field indicates the Query Interval in use by the Queryingrouter. (Same format as Maximum Response Time)Number of Sources – the number of Source Addresses in the Group-and-Source-Specific Query.
103
103
?' ( 8 % "
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
Type code = 0x22 (IGMP Report)
Number of Group Record – Number of Group Records in Report
Group Record: Mode include Exclude and Include – which specifies which Sources to“include” or “exclude”
Aux Data Len (Group Records) – indicates the size of Auxiliary Data area
Number of Source (Group Records) – indicates the number of Sources in the list
Multicast Address (Group Records) – the multicast group address of the joined group
104
104
?' ( 8 %
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
Multicast Server
Report224.0.0.22
Multicast Client
105
105
?' ( 8 B
106
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol Version 3
Multicast Server
QueryTTL=1, 224.0.0.1
Multicast Client
106
Category Function IGMPv1 IGMPv2 IGMPv3
Query Periodically Query
Yes
224.0.0.1 TTL=1
Interval = 60-120 (60)
Yes Yes
Group-Specific Query No Yes Yes
Group-and-Source Specific Query No No Yes
Query Election Mechanism No Yes Yes
Report Report Suppression Yes Yes No
Asynchronous Report Yes Yes Yes
Leave Leave Notification No Yes Yes
Include / Exclude Mechanism No No Yes
) % ( * ** ?' ( (
Multicast in D-Link Switching Environment•Internet Group Multicast Protocol
IGMPv2 uses IGMPv1 membership report for backward-compatibility with IGMPv1
107
107
?' %
Internet Group Management Protocol (IGMP) Snooping is a layer 2 function thatenables a switch to learn multicast group membership while the IGMP messagespass through the switch.
The switch will forward multicast traffic only to ports that request for it, based onIGMP queries and report messages that have been snooped.
108
Flooding to all ports
Media Server
Multicast Stream
PCs
Without Multicast Support
Page is Animated
Multicast Stream
Media Server
Multicast Stream
PCs
With IGMP Snooping Support
Multicast Stream
Multicast in D-Link Switching Environment•IGMP Snooping
Computers and network devices which want to receive multicast traffic need toinform nearby routers / switches that they will become members of a multicastgroup. IGMP is used to communicate this information. IGMP also periodicallychecks for members in the multicast group who are no longer active.
IGMP snooping allows the switch to recognize IGMP queries and reports whichare sent between layer 3 devices and an IGMP host.
IGMP snooping must be enabled on the switch. The switch can open or close aport to a specific multicast group member based on the IGMP messages sentfrom the layer 3 device to the IGMP host or vice versa. The switch monitorsIGMP messages and discontinues forwarding multicast packets when there areno hosts requesting for it.
108
Port No. Multicast Group Multicast MAC
251, 10, 25 239.1.1.10 01005e010110
#$ % & ?' %
109
1
PC-1
10
PC-2
Media Server
L3 Switch
IGMP Snooping FDB
25
L2 Switch
IGMP Report / Query
Multicast: 224.1.1.10
Page is Animated
Switch (Processor) intercepts
and examines contents betweenhosts and routers to determine
where the traffic should forward.
Users on VLAN-1 and VLAN-2join the same multicast group, or
switch to the same TV channel
2
1
Multicast in D-Link Switching Environment•IGMP Snooping
L2 Switch BehaviorL2 Switch uses forwarding table to switch packets. If packet’s destination MACis not found in FDB, the switch engine will flood the packets to all ports.
Step 1. The first join sent by PC-1 joins the group 224.1.1.10. (At this time,there are no entry associated with the L2 multicast MAC address = 224.1.1.10)Step 2. The switch will be aware of the IGMP report and populates the multicastFDB table with an entry of 0x01005e010110 equivalent of IP multicast address224.1.1.10. (This entry is populated with the port associated with PC-1 andServer)Step 3. PC-2 sends IGMP Report to multicast group (224.1.1.10).Step 4. The switch will be aware of the IGMP report and add port 10 into the oldentry of MAC 0x01005e010110.Step 5. This results is port 1, 10 and 25 are being associated with the multicastMAC address 0x01005e010110.
109
Multicast Client
) * * ?' %
110
ISM Report
VLAN ID 1
IP: 10.90.90.100
IP: 10.90.90.100
Non-Multicast Client
IP: 10.90.90.101
When IGMP snooping is enabled, only the user who sends IGMP report will receivethe multicast stream.
Non-multicast client does not receive the multicast stream.Multicast Server
Channel IP: 239.10.10.10
DGS-3627
DES-3528
26
DES-3528
Non-Multicast Client
IP: 10.90.90.102
Multicast in D-Link Switching Environment•IGMP Snooping
110
) * * ?' %
DES-3528 Configurationenable igmp_snooping
config igmp_snooping vlan default stateenable
config multicast vlan_filtering_mode vlandefault filter_unregistered_groups
DGS-3627 Configurationenable igmp_snooping
config igmp_snooping all state enable
config igmp all version 2
config igmp ipif System state enable
1. Enable Switch’s IGMP snooping feature
2. Enable IGMP snooping on specific VLAN
3. Avoid multicast stream to “non-multicastclient” of the specified VLAN
4.
5.
6.
7.
Enable Switch’s IGMP snooping feature
Enable IGMP snooping on specific VLAN
Configure switch to send IGMPv2 query
Enable IGMP on specific IP Interface
111
Multicast in D-Link Switching Environment•IGMP Snooping
111
* ?' %DES-3528 Configuration
show igmp_snoopingconfig igmp_snooping group
DES-3528:5#show igmp_snoopingCommand: show igmp_snooping
IGMP Snooping Global State : Enable
VLAN NameQuery IntervalMax Response TimeRobustness ValueLast Member Query IntervalHost TimeoutLeave TimerQuerier StateQuerier Router BehaviorStateFast LeaveReceive Query CountSend Query Count
: default: 125: 10:2:1: 260:2: Disabled: Non-Querier: Enabled: Disabled:0:0
112
Multicast in D-Link Switching Environment•IGMP Snooping
112
?' %
Multicast in D-Link Switching Environment•IGMP Snooping
IGMP Query Packet
IGMP Report
IGMP Leave
113
113
?' " (
When IGMP Fast Leave is enabled, aport will be removed immediatelyupon receiving an IGMPv2 leavemessage and end stations will exitfrom the multicast session quickly toreduce superfluous network traffic.
Fast Leave is an essential feature toshorten response time whenswitching channels for IPTV andIGMP.
114
114
Multicast in D-Link Switching Environment•IGMP Fast Leave
?' " (
According to IGMPv2 standard implementation, IGMP client may request toleave a multicast group by sending a leave message.
Without IGMP Fast Leave• Issue: When IGMP snooping querier receives the leave message, it will send
group specific query to clients. If there is no response after time out (defaultvalue is two seconds), that client will be taken out from the membership list.There will be some latency between the leave process.
With IGMP Fast Leave• Solution: With IGMP fast leave enabled, a port will be removed immediately
when the IGMP v2 leave message is received. Thus end stations will exit quicklyfrom a multicast session and reduce superfluous network traffic.
Benefits of IGMP Fast Leave•
•
When implementing MOD service, users can receive TV-like broadcast.
When they switch among the channels, with IGMP fast leave enabled, thebandwidth can be released more efficiently.
115
Multicast in D-Link Switching Environment•IGMP Fast Leave
115
Port No. Multicast Group Multicast MAC
1, 1010, 25 239.1.1.11 01005e010111
D " ( "
116
Media Server
110
25
IGMP Report / Query
Multicast: 224.1.1.10 PC-1
IGMP Report / Query
PC-2 Multicast: 224.1.1.11
Symptom: Wastage of bandwidth and
inefficiency. Client still receives multicasttraffic till timeout after sending leave
message to the switch
L3 Switch
IGMP Snooping FDB
Switch (Processor) intercepts
and sends back specific query tocheck whether there is any other
users remaining in the group
Users send the Leave messageto change the multicast channel
or stop multicast traffic
2
1
L2 Switch
After three times of group specificqueries, the switch makes sure
there is no other users in the samegroup and stops forwarding
multicast streams.
3
Page is Animated
Multicast in D-Link Switching Environment•IGMP Fast Leave
116
Port No. Multicast Group Multicast MAC
1, 1010, 25 239.1.1.11 01005e010111
D " ( "
117
Media Server
L3 Switch
IGMP Snooping FDB
L2 Switch
110
25
IGMP Report / Query
Multicast: 224.1.1.10 PC-1
IGMP Report / Query
PC-2 Multicast: 224.1.1.11
Users send the Leave messageto change the multicast channel
or stop multicast traffic1
Switch (Processor) interceptsand stops forwarding multicast
traffic to clients2
Page is Animated
Multicast in D-Link Switching Environment•IGMP Fast Leave
117
?' " ( ((
Multicast in D-Link Switching Environment•IGMP Fast Leave
With IGMP Fast Leave enabled,the forwarding of Multicast traffic
will be stopped immediately
If IGMP Fast Leave disabled,Multicast client receives the multicast
stream until query timeout.
118
118
#$ % & ?' " (
119
When IGMP Fast Leave is enabled on a switch, it stops the multicast streamimmediately once it receives an IGMP Leave message from a Multicast client.
Multicast Server
DGS-3627
DES-3528
Multicast Client
Leave Message
Multicast Client
IGMP Snooping
Fast Leave enabled
DES-3528
Multicast Client
Multicast in D-Link Switching Environment•IGMP Fast Leave
119
) * * ?' " (
Multicast in D-Link Switching Environment•IGMP Fast Leave
Enable IGMP snooping on a switch and a specific VLANenable igmp_snooping
config igmp_snooping vlan default state enable
Avoid unregistering clients from receiving traffic and enable IGMP fast leaveconfig multicast vlan_filtering_mode vlan default filter_unregistered_groups
config igmp_snooping vlan default fast_leave enable
120
120
?' % ' ( '! 2
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
D-Link ISM VLAN is designed to optimize network performance wheremulticast services are deployed in VLANs.
It can prevent bandwidth wastage caused by multiple copies of identicalmulticast flows in the uplink ports.
It can be done by snooping all the multicast messages received and thesame multicast message will be sent to the uplink once. Only one multicaststream for each channel is received from the uplink
121
Cisco’s feature to address this multicast optimization demand is called MulticastVLAN Registration (MVR).
D-Link’s ISM VLAN is the corresponding feature to Cisco MVR.
121
D 2
122
L3 switch copies two identicalmulticast streams and sends
them to VLAN-1 and VLAN-24
VLAN-1 VLAN-2
L2 Switch
PC-1 PC-2
Symptom: Wastage of uplink bandwidth
especially while many users arerequesting identical multicast streams,
such as the World Cup. Uplink isconsumed by multiple users
L3 Switch
Users on VLAN-1 and VLAN-2
join the same multicast group, orswitch to the same TV channel
1
L2 Switch sends Join messagesto L3 switch with tagged VID 1
and VID 2 respectively2
'
Media Server
Media Server sends a multicaststream to L3 switch3
Page is Animated
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
Multicast VLANs may exist in the switching environment. When a multicastquery passes through the switch, the switch will forward separate copies of datato each VLAN, which will increase the data traffic and may clog the traffic path.In order to reduce the traffic load, ISM VLANs can be deployed. This featureallows the switch to forward one copy of the same multicast traffic to recipientsof the multicast VLAN instead of multiple copies.Regardless of other VLANs that are deployed on the switch, users may add anyports to the multiple VLAN where they wish multicast traffic is to be sent. Onceit is configured properly, the stream of multicast data will be relayed to thereceiver ports timely and reliably.
122
D 2
123
L3 Switch sends only one
Multicast stream to ISM VLAN100. L2 switch forwards the
multicast stream from ISM VLANto VLAN-1 and VLAN-2
4
3
Page is Animated
VLAN-1 VLAN-2
'
Media Server
Media Server sends a multicaststream to L3 switch
PC-1 PC-2
D-Link ISM VLAN saves uplink
bandwidth running multicastapplications in MAN efficiently.
L3 Switch
L2 Switch sends Report / Leave
2 message to L3 switch withtagged VID 100
L2 SwitchCreate ISM VLAN 100 VID 100,
with members for all ports.
Users on VLAN-1 and VLAN-21
join the same multicast group, or
switch to the same TV channel
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
It defines IGMP multicast traffic across different VLANs and responds only tojoin and leave messages from the multicast group configured with ISM.
It is designed to mitigate the impact of broadcast / multicast floods and it canfurther prevent security breach, such as data sniffing.
Without ISM VLAN, when users in different VLANs join a common multicastgroup, multiple copies of identical multicast flows in the uplink. It will causepacket duplication and lead to bandwidth congestion.
When a ISM switch receives the IGMP Report message, ISM switch will forwardVLAN ID and IP (optional) to IGMP router.
123
' ((
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
Client to Switch
L2 Switch to Router (L3 Switch)
Replaced VLAN/IP Address
124
ISM MechanismISM is used by application receiving multicast traffic across an Ethernet basedservice provider network.It allows a subscriber on a port to subscribe and unsubscribe to a multicaststream on the network-wide multicast VLAN.It operates on the underlying mechanism of the IGMP snooping function andrequires IGMP snooping to be enabled.The CPU sets up a forwarding table once ISM is configured, the CPU thenintercepts the IGMP messages and modifies the forwarding table to include orremove the receiver port as a receiver of the multicast stream. This selectivelyallows traffic to cross between different VLANs.With IGMP and ISM both enabled, ISM reacts only to join and leave messagesfrom the multicast group configured under ISM. IGMP will react to all messages.
124
#$ % & ' 2
When Multicast clients send IGMP report to join a channel, the L2 switch will replaceclient’s VLAN to ISM VLAN and IP address if configured.
Multicast Server
Channel IP: 239.10.10.10
DGS-3627
Multicast Client
DES-3528
Multicast Client
IP: 10.90.90.102
ISM VLAN ID: 101
IP: 192.168.101.526
DES-3528
IGMP Report
VLAN ID 1
IP: 10.90.90.90.100
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
Multicast Client IP: 10.90.90.101
IP: 10.90.90.100
125
125
) * * ' 2
L2 Switch Configurationenable igmp_snooping multicast_vlan
create igmp_snooping multicast_vlan vlan101
config igmp_snooping multicast_vlan101 state enable replace_source_ip 192.168.101.5
config igmp_snooping multicast_vlan101 add member_port 1-24
config igmp_snooping multicast_vlan101 add source_port 25-26
create igmp_snooping multicast_vlan_group _profile 1
config igmp_snooping multicast_vlan_group_profile 1 add 239.10.10.10
config igmp_snooping multicast_vlan_group vlan101 add profile_name 1
1.
2.
3.
4.
5.
6.
7.
Enable Multicast VLAN
Create ISM VLAN 101
Enable ISM VLAN & replace the client’s IP address with 192.168.101.5
Specify the ISM member ports
Specify the ISM TV source port
Add multicast IP address in the ISM VLAN
Apply the profile to multicast VLAN
126
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
126
) * * ' 2
L3 Switch Configuration•
•
•
VLAN Settingcreate vlan IPTV tag 101
config vlan IPTV add tagged 22
create vlan source tag 102
config vlan source add untagged 23
IGMP Settingenable igmp_snooping
config igmp_snooping all state enable
create ipif IPTV 192.168.101.1/24 IPTV
config igmp ipif IPTV version 3 query_interval 15 max_response_time 10 robustness_variable 2 stateenable
create ipif source 192.168.102.1/24 source
config igmp ipif source version 3 query_interval 15 max_response_time 10 robustness_variable 2 stateenable
PIM Settingenable pim
config pim ipif IPTV state enable
config pim ipif source state enable
127
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
127
* ' 2 ) * 0DES-3528:5#show igmp_snooping
multicast_vlanCommand: show igmp_snooping
multicast_vlan
ISM VLAN Global State : Enabled
VLAN Name : vlan101VID : 101
Member (Untagged) Ports : 1-24Tagged Member Ports :Source Ports : 25-26Untagged Source Ports :Status : EnabledReplace Source IP : 192.168.101.5Remap Priority : None
DES-3528:5#show igmp_snooping vlan vlan101Commang: show igmp_snooping vlan vlan101
IGMP Snooping Global State : DisableData Driven Learning Max Entries : 128VLAN Name : vlan101Query Interval : 125Max Response Time : 10Robustness Value :2Last Member Query Interval :1Querier State : DisableQuerier Role : Non-QuerierQuerier IP : 0.0.0.0Querier Expiry IP : 0 secsState : DisableFast Leave : DisableReport Suppression : EnableRate Limit : No LimitationVersion :3Data Driven Learning State : EnableData Driven Learning Aged Out : DisableData Driven Group Expiry Time : 260
128
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
128
* ' 2 ) *
DES-3528:5#show igmp_snooping multicast_vlan_groupCommand: show igmp_snooping multicast_vlan_group
VLAN Name-----------------vlan101
VLAN ID
-------------101
Multicast Group Profile
--------------------------------1
DES-3528:5#show igmp_snooping multicast_vlan_group_profileCommand: show igmp_snooping multicast_vlan_group_profile
Profile Name-------------------
1
Multicast Addresses
------------------------------239.10.10.10
Multicast in D-Link Switching Environment•IGMP Snooping Multicast VLAN
Total Entries: 1
129
129
' ( )
130
Subscriber 4
Service 3
Subscriber 3
Service 2
Subscriber 2
Service 1
Subscriber 1
Service 1
Service 1: 239.10.10.1~239.10.10.20
Service 2: 239.10.10.1~239.10.10.50
Service 3: 239.10.10.1~239.10.10.100
20 channels: $10/month
50 channels: $20/month
100 channels: $30/month
Once the MOD service goes live, it is important to ensure that only “paid” subscribersreceive the services.For example, if channel 1-20 are free channels and channel 21 onwards are for paidsubscribers only. There should be some security controls even if there are IGMP joinmessages for channel 21 onwards from the unpaid ports. These join messagesshould not be forwarded out.D-Link provides a feature to assign limited multicast addresses per port so that ISPcan use this feature as a security control to pre-configure channels for eachsubscriber on port level. This is to prevent unauthorized multicast join to join.
Multicast Channels
Multicast in D-Link Switching Environment•Per-Port Multicast Stream Control
The IP Multicast Profile setting window allows the user to add a profile wheremulticast address(es) reports are received on specified switch ports. Thisfunction will therefore limit the number of reports received and the number ofmulticast groups configured on the Switch. The user may set an IP multicastaddress or a range of IP multicast addresses to accept reports (Permit) or denyreports (Deny) coming from the specified switch ports.
130
#$ % & ' ( )
When per-port Multicast Stream Control is enabled, it allows the administrator topermit or deny access to a port or a range of ports by specifying a range of multicastaddresses.
Multicast Server
DGS-3627
16
DES-3528
20
DES-3528
Profile 1: 239.10.10.1~239.10.10.20
Profile 2: 239.10.10.1~239.10.10.100
Paid channels
Unpaid channels
Multicast in D-Link Switching Environment•Per-Port Multicast Stream Control
Paid Subscriber
Unpaid Subscriber
Unpaid Channels
Paid Subscriber
Paid Channels
131
131
) * * ' ()
L2 Switch Configuration•
•
IGMP Snooping Settingsenable igmp_snooping
config igmp_snooping vlan default state enable
config multicast vlan_filtering_mode vlan default filter_unregistered_groups
config igmp_snooping vlan default fast_leave enable
Per-Port Multicast Stream Control Settingscreate mcast_filter_profile profile_id 1 profile_name Channel_range1
create mcast_filter_profile profile_id 2 profile_name Channel_range2
config mcast_filter_profile profile_id 1 add 239.10.10.1-239.10.10.20
config mcast_filter_profile profile_id 2 add 239.10.10.1-239.10.10.100
config limited_multicast_addr ports 1 add profile_id 1 access permit
config limited_multicast_addr ports 8 add proile_id 12 access permit
132
Multicast in D-Link Switching Environment•Per-Port Multicast Stream Control
132
% ' ( '!
Protocol Independent Multicast (PIM)•
•
PIM makes multicast forwarding decision based on the information supplied byunicast routing protocols, such as OSPF, RIP.When a multicast packet arrives on an interface of router, it will be forwarded todestination or receiver following the path or multicast distribution tree.
PIM has two variants:•
•
Dense-Mode– Uses “Push” Model – Assume that at least one multicast group client on each subnet of
the network– Step 1: Routers flood multicast traffic throughout all the network– Step 2: Routers prune back when it has no client interested in the multicast
– Flood and prune behavior (typically every three minutes)
Sparse-Mode
Multicast in D-Link Switching Environment•Protocol Independent Multicast
– Uses “Pull” Model – Assume that no receivers are interested in multicast traffic unlessa client requests for it.
– Uses a Rendezvous Point (RP) – sender and receiver “rendezvous” at this point tolearn each other.
– Senders are “registered” with RP by first-hop router.– Receivers are “joined” to the Shared Tee (root is RP) by their local designated router.
133
With the development of network infrastructure, there is frequent use ofmulticast applications. PIM is a multicast routing protocol which is widelydeployed for IPTV service delivery.PIM has two modes in light of forwarding mechanism. Different modes areapplied in different network environment.•Dense-Mode•Sparse-Mode
133
( " "!
Unicast Routing• Where is the packet going
(destination)
Multicast Router• Where does the packet come from
(source)
Multicast Routing uses Reverse PathForwarding (RPF) to check theincoming multicast packets
Reverse Path Forwarding (RPF)• The check mechanism to determine
whether router should forward ordrop packets according to theinterface of the incoming packet.
•
•
RPF is a key point in multicastforwarding.
It prevents forwarding loop issue.
Source
Destination
How to reach thedestination?
Multicast Routing
Source
Destination
Unicast Routing
Where does thepacket come from?
Multicast in D-Link Switching Environment•Protocol Independent Multicast
134
Before inspecting PIM, we need to understand how general routing protocolsends packets to the correct destinations.Multicast routing focuses on where the packets come from and which backwardpath to the source correct is. Multicast routing uses RPF check mechanism toachieve the goal.
134
" ) ' (
Step 1: Take out the source IP address of multicast packets and checkunicast routing table to determine whether the packets are arrived on thecorrect interface.
Step 2: If the packets have arrived on the interface leading back to thesource, the RPF check is successful. The router will replicate and forwardthe packets to the outgoing interfaces.
Step 3: If the RPF check fails, the router will drop the packet silently.
135
135
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Unicast Routing Table
Network Interface
192.168.0.0/24 S1
192.168.3.0/24 S0
192.168.4.0/24 E0
A B
D
F
E
G
C
RPF Check
Multicast Server
Multicast Stream: 224.1.1.10IP: 192.168.0.10
Multicast PacketSrc IP: 192.168.0.10
Router C Router G
S0
S1 S2
E0
RPF Check Successful!Packet arrived on correct interface.Forward out all outgoing interfaces.
Router only accepts multicast data fromsource 192.168.0.10 from interface S1.
Router D
Multicast in D-Link Switching Environment
•Protocol Independent Multicast
" )
H
136
When multicast packets are flooded to the whole network, Router F decideswhich interface is correct and is allowed to receive multicast traffic.
136
Unicast Routing Table
Network Interface
192.168.0.0/24 S1
192.168.3.0/24 S0
192.168.4.0/24 E0
" ) "
A B
C E
G
H
137
137
Multicast Server
Multicast Stream: 224.1.1.10IP: 192.168.0.10
Multicast PacketSrc IP: 192.168.0.10
D
RPF Check
F
Router C Router G
S0
S1 S2
E0
RPF Check Fail!Packet arrived on the wrong interface.
The switch discards the packet.
Router only accepts multicast data fromsource 192.168.0.10 from interface S1.
Router D
Drop
Multicast in D-Link Switching Environment•Protocol Independent Multicast
% ' ( 1 ( '
138
C D
Multicast Client
Prune OverridesAssert Mechanism
A B
Multicast Client
Join
Graft Message
RPF Check
E H G
JIF
Page is Animated
Multicast Client
• RPF Check – Recalculation of RPF Interfacewhen the unicast routing table changes
• Assert Message – Elect a designated forwarderon multi-access network
• Prune overrides on multi-access network
Multicast Traffic
Graft Message
Prune Message
Multicast Server
Prune Message
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Initially, the multicast traffic will flood to the whole network. When routersreceive the multicast traffic, they will perform RPF check to filter unnecessaryredundant incoming traffic. Next, it will send the prune message to uplink routerif no user wants to receive the multicast stream. On the other hand, if a clientunder a router (eg. Router G) wants to receive the multicast traffic, the routerwill send Graft message to uplink router.
Some networks will cause duplicated traffic into the multi-access area. Forexample, Router E delivers traffic to both Router A and B which are connectedin the same multi-access area. It will cause Router A and B to inject duplicatedmulticast traffic into the same segment and cause bandwidth wastage. Dense-Mode uses Assert mechanism to resolve this issue.
In another example, Router H transmits multicast stream into the segmentattaching to Router C and D. Only one router (Router D) has multicast streamrequirement. The Join message sent by Router D may be overwritten by theprune message sent from Router C when there is no user under Router C.Network administrators need to pay attention to avoid such issue.
138
139
% ' ( 1 ( 'Application: small-size network with denselydistributed multicast membersUse Flood and Prune modelWhen a router receives a multicast packet, it executesRPF check mechanism.Graft mechanism – to request / resume multicast traffic
• Step 1: The router sends a graft message to upstreamrouter towards the source
• Step 2: When upstream router receives a graft messagefrom its interface, it puts the interface into forwarding stateand response with a graft-ack message to the graft sender.
• Step 3: After sending a graft message, the router will waitfor the router to send graft-ack. Otherwise, it will continuesending graft messages until it receivs it.
Pruning Message – send to upstream only with thefollowing conditions
• Traffic arrives on a non-RPF• A leaf router without any receivers (no member join the
group)• A non-leaf router receives a prune message from all of its
neighbors.
Use a Source-Distribution Tree to forward multicastdata
• Multicast forwarding path is a source tree (shortest pathtree, SPT).
• A multicast source as its “root” and multicast groupmembers as its “leaves”
139
(leaf)
(leaf)
Multicast Server
(Root)
Prune Message
Graft Message
Multicast Clients
Group: 225.1.1.10
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' ' " APIM-DM Initial Flooding
• PIM-DM initially floods multicast out “ALL” non RPF interfaces– PIM-DM neighbor– A directly connected member of the group
PIM-DM Flooding• Step 1: The multicast server (source) floods multicast group traffic throughout the entire network.• Step 2: When each router receives the multicast traffic via its RPF interface, it creates an (S,G) entry and
forwards traffic to all its PIM-DM neighbors.• Step 3: Traffic arriving via a non-RPF interface will be corrected by the normal PIM-DM pruning mechanism.• Step 4: Prunes are sent on the RPF interface when the router has no downstream multicast group
members.• Result: Multicast traffic is pruned off from all links except those which are necessary. The Shortest Path
Tree (SPT) is built from the Source to the Receiver.• Note:
– Even though the flow of multicast traffic is no longer reaching most of the routers in the network, (S,G) state still remains inall routers. This (S,G) state will remain until the source stops transmitting.
– In PIM-DM, Prune expires after three minutes. This causes the multicast traffic to be re-flood to all routers.
140
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Multicast PacketPrune Message
Multicast Group Member
Group: 225.1.1.10
RPF Check
1
Multicast Server2 3
(S,G) is created in the multicast routing table and the path from the multicastsource to receive clients using the shortest path treeS is the IP address of the multicast source.G is the multicast group address
140
141
' ' (( ' (Problem – After Router A and B receive an (S,G) packet from the upstream router, they willforward the packet to the local subnet. The client will receives two identical multicast packets fromRouter A and B.Solution – Both Router A and B send assert message to all PIM routers (224.0.0.13) through theinterface where the packet was received. This is to shutoff duplicate flows into the multicast-access area.Forward Election – An assert message contains the multicast source address (S), multicast groupaddress (G), administration distance and metric to the source. Routers compare these values todetermine who has the best path (lowest cost) to the source.••
Step 1: Compare distance valueStep 2: Compare metric value
the higher distance wins
the smaller metric wins••
141
Multicast in D-Link Switching Environment•Protocol Independent Multicast
BE0
A
E0
S0 S0
Step 3: If metric and distance are equal, the highest IP address winsResult: The losing router will prune its interface and the winning router will continue to forward multicasttraffic onto the LAN segment.
Incoming Multicast Packets
(Successful RPF Check)
PIM Assert
(distance, metric)
Multicast Traffic
Assert Message
' ' (( 5 1 (( D " (
Normal Pruning Assert Mechanism•
•
Step 1: During the process of Asset mechanism, two routers exchange routing metric todetermine which one has the best route to the source.
Step 2: The Winning Router continues to forward traffic and Assert Loser prunes its interfaceand starts its prune timer.
When the Assert Winner Fails•
•
The Losing Router does not know that the Winning Router has failed and wait for threeminutes before sending time out to its pruned interface.
There will be loss of traffic for three minutes (worst case)
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Multicast Traffic
Assert Message
A B
C D
F
Loser
E
Winner
Multi-Access Area
142
142
Traffic flow is cut offuntil prune times out
on Assert Loser
4 (Step 1: Router A learns its two downstream neighbors via Hello messages.Step 2: Router B sends Prune message. (No group member)Step 3: When Router A receives message, it does not prune its interface immediately. It sets athree-second timer.Step 4: Router C also receives prune message. It sees the Prune is for the group but it willcontinue to receive.Step 5: Router C sends the Join message to Router A.Result: Router C overrides the Prune message sent by Router B.For Client-1, there is no traffic interruption as long as Router A receives a Join message beforethe three-second timeout.
143
143
Multicast in D-Link Switching Environment•Protocol Independent Multicast
A
CB
Multi-Access Area
Multicast Traffic
(192.168.0.10 / 225.1.1.1)
Prune Message(192.168.0.10 / 225.1.1.1)
With 224.0.0.13
A
CB
Multi-Access Area
Multicast Traffic
(192.168.0.10 / 225.1.1.1)
Join
(192.168.0.10 / 225.1.1.1)
' ' %
PIM-DM together with “flood-and-prune” mechanism can sometimes result in seriousmulticast route loops.
Under stead-state conditions, traffic flows from the source via RPF interface.
Multicast in D-Link Switching Environment•Protocol Independent Multicast
RPF Interface A B C
Routers perform Asset process
and one interface on one routeris in the prune state
Multicast Traffic
S1
144
144
Multiple routers
provide redundancy
S0
' ' %
When the first-hop router fails•
•
•
•
•
Multicast in D-Link Switching Environment•Protocol Independent Multicast
RPF Interface A B C
Step 1: Assume that interface S0 of Router C fails
Step 2: The unicast routing of Router A converges first and PIM computes the new RPFinterface
Step 3: Router B has not converged (forward multicast traffic using the old RPF interface
Result: A multicast route loop appears until Router B finally converges and the correct newRPF is calculated.
Note: If the router needs some bandwidth to complete this convergence (as in the case whenEIGRP is active), this condition will never be resolved.
Router Aconverges first
S0Multicast Traffic
S1
145
145
% ' ( 1 % ( '
146
A
192.168.0.2
B
192.168.0.1
C
G F
DE
Multicast Client
Multicast Client
Multicast Server
• RPP Election• PIM-Register• Switchover mechanism
Neighbor DiscoverHello Message
Designated Router (DR)The highest IP Address
Rendezvous Point(RP) Election
Rendezvous Points• Bootstrap Router (BSR) Mechanism•Static RP
PIM-SIM
Register / Join
RPF Check
Shared Tree
SwitchoverMechanism
Shortest
Path Tree
Page is Animated
Multicast Traffic
PIM Register
(S,G) Join
Multicast in D-Link Switching Environment•Protocol Independent Multicast
PIM Sparse mode uses pull mode which only waits for multicast stream users torequest for the multicast traffic. The routers do not flood the traffic to the entirenetwork actively. This is the main difference compared to the Dense Mode.Routers running PIM-SM use Hello message to detect its neighbors. In a multi-access network, it must perform the Designated Router (DR) election in thesegment. Rendezvous Point (RP) election is necessary in the entire networkand RP can be generated automatically or set manually. RP is the meetingplace where a server registers messages and clients join messages.Different multicast channels may have different RPs. After registering to RP, themulticast traffic will flow down from the Server to RP and finally to end users. Inthe diagram in the slide, from Router E to end user is called Shared Tree.Sometimes, Shared Tree is not the shortest path tree. Therefore, Router canuses the switchover feature to change the shared tree to be the shortest pathtree.
146
147
% ' ( 1 % ( 'Application: Group members are sparsely distributed throughout the networkRFC 2362Support both source and shared treesPULL Model• Assumption
– No host want multicast traffic unless they specifically ask for it
– Group members are sparsely distributed throughput the network (Flooding will consume networkbandwidth)
– Bandwidth is limited
Use a Rendezvous Point (RP) to coordinate forwarding from senders to receivers••••
When a sender wants to send data, it uses first multicast packet to register with the RPWhen a receiver wants to receive data, it registers with the RPSenders are “registered” with RP by their first-hop routerReceivers are “joined” to the Shared Tree (rooted at the RP) by their local Designated Router(DR) in a multi-access network
PIM-SM protocols begin with an empty distribution tree and add branches only as theresult of explicit requests to join the distribution.SPT Switchover• Shared tree mode can be switched to a source tree mode to have an optimal route to the
source
147
Multicast in D-Link Switching Environment•Protocol Independent Multicast
148
' ' 2 5 (
PIM Neighbor Discover – Hello message•
•
Discover neighbor – PIMv2 routers sent Hello message periodically (eg. 30seconds). Multicast to “All-PIM-Routers” (224.0.0.13)
Designated Router election over a multi-access network
Designated Router (DR)•
•
•
For multi-access network, a DR must be elected
Functions of DR in PIM-SM– For multicast source – DR helps to send register message to RP
– For multicast client – DR sends join message to RP
Functions of DR in PIM-DM– PIM-DM does not require a DR
– Exception: IGMPv1 in PIM-DM domain. DR must be elected as the IGMPv1 Querier onmulti-access network
148
Multicast in D-Link Switching Environment•Protocol Independent Multicast
( #
Designated Router (DR) Election•
•
•
Step 1: Each PIM node over the multi-access network examines Hello messages from itsneighbors
Step 2: PIM Neighbor with the highest IP Address is elected as the DR
Step 3: The DR election mechanism runs again when PIM node does not received PIMHello message from the elected DR for a period of time.
PIM Hello
A
PIM Hello
B
PIM Router 2192.168.0.10
149
149
PIM Router 1192.168.0.11
DR (highest IP address)
PIM Hello
Multicast in D-Link Switching Environment•Protocol Independent Multicast
150
' 2 5 (
150
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' 0 , (
Rendezvous Point (RP)•
•
•
RP is an important concept in PIM-SM.
Small-size and simple network topology– One RP is enough to cover all multicast information / traffic handling
Large scale network environment– Need more RPs to share the loading and optimize the topological structure of the
RPT(RP-rooted shared tree)
Static RP•
•
Suitable for small-size network topology
It must be configured on every router and all routers need to point to the sameRP address
Bootstrap Router (BSR) Mechanism• Suitable for large scale network environment network topology
Multicast in D-Link Switching Environment•Protocol Independent Multicast
151
RP can be configured manually. It is called static RP. It is suitable for smallscale network environment. Dynamic RP uses some election mechanism to findthe mapping relationship between multicast channel and RP. BSR is a methodto elect RP.
151
152
( 7 ( % 7 !' (
Candidate BSR (C-BSR)•
•
A network can contain one or more routers served as Candidate BSR.
BSR will be elected from these Candidate BSR.
Bootstrap Router (BSR)•
•
•
The BSR is elected from a collection of Candidate BSRs.
If the current BSR fails, an BSR election is triggered to avoid service interruption.
Bootstrap router collects all Candidate RPs (C-RPs) announcements and save them into adatabase (RP-set) and periodically sends the RP-set out to all other routers in the network.
152
BSR
C-RP
C-BSR
C-RP
C-BSR withhighest priority
C-BSR
Multicast in D-Link Switching Environment•Protocol Independent Multicast
153
' 0 7 ( %Bootstrap Router Election Mechanism
•••
The C-BSR with the highest priority is elected as the BSR.The highest IP address of C-BSRs is used as a tie-breaker.If a new C-BSR with a higher priority joins the network, it triggers a new election.
Candidate RP (C-RP)•••
Send C-RP announcement directly to the BSR via unicast periodically (60 seconds)C-RP learns the BSR’s IP address via periodic BSR messageMulticast to All-PIM-Routers (224.0.0.13) with TTL=1
BSR message (multicast)• RP-Set consists of all C-RP announcements••
IP-Holdtime = 3 * <rp-announce-interval>IP Address of BSR (Allow C-RPs to know where to
send their announcements)
Candidate RP’s message (unicast)• Group Range (eg. 224.0.0.0/4 All multicast group)
••
C-RP addressHoldtime = 3 * <rp-announce-interval>
153
2. 226.0.0.0/24 (226.0.0.1-226.0.0.255)
RP2
1. 227.0.0.0/24 (227.0.0.1-227.0.0.255)
2. 228.0.0.0/24 (228.0.0.1-228.0.0.255)
C-RP message example
RP1
1. 225.0.0.0/24 (225.0.0.1-225.0.0.255)
Multicast in D-Link Switching Environment•Protocol Independent Multicast
154
7 ( %
154
Client-1
192.168.40.100E
192.168.40.1
Step 1: All candidate BSRs join the BSR election process by sending a PIM BSR message containing BSR
priority to all interfaces. BSR message will be flooded throughout the entire network.Step 2: At the end of “BSR-Election-Interval”, the highest priority C-BSR is elected as active Bootstrap Router.Step 3: C-RPs learn IP of BSR from BSR message and unicast their C-RP Announcement message directly tothe BSR.Step 4: The active BSR stores all incoming C-RP Announcements in its Group-to RP mapping (RP-Set) andfloods the entire list of C-RP hop by hop.Step 5: Each router updates its RP-set table and elects the RP for particular group range using hash algorithm.Result: Every router in the network knows where is the RP to register.
192.168.60.2 BSR Message BSR Message
C-RP Advertisement192.168.60.1 C-BSR/C-RP
C-RP Advertisement 192.168.10.2Packet 2
BSR Message 192.168.50.1
192.168.10.1192.168.90.2
192.168.30.1 DB 192.168.50.2 Multicast Server
192.168.70.100 192.168.70.1C-BSR/C-RP 192.168.30.2
Page is Animated
Multicast in D-Link Switching Environment•Protocol Independent Multicast
155
7 ( % ' (( A ) (
155
Bootstrap Message
C-RP Message
Packet 1 – BSR Message Packet 2 – C-RP Advertisement
Multicast in D-Link Switching Environment•Protocol Independent Multicast
156
• Multicast constructs separate multicast trees for every multicast source. Routersforward packets from a particular source to a client.(eg.192.168.0.10/225.1.1.10)
– Create by receiving (S,G) join
– Remove by receiving (S,G) prune or interface expire timer counters down to 0
(*,G) Entry = (*, Group) used for Shared-Tree.•Many multicast trees can share a single router within the network. The root of the
tree is the rendezvous point and DRs are leaves of the tree. (eg. */225.1.1.10)– Step 1: When a client joins a multicast group G, it uses an IGMP message to inform the
directly connected DR.– Step 2: After that, DR sends a join message to the RP corresponding to the multicast
group G.– Step 3: The routers along the path from the DR to RP form an RPT tree. Each router on
this branch generates a (*,g) entry in its forwarding table. “*” means any multicastsources.
156
Multicast in D-Link Switching Environment
•Protocol Independent Multicast
'
In PIM-SM, the multicast traffic “forwarding” state are contained in themroute table.Mroute table are composed of (*,G) and (S,G).(S,G) Entry = (Source, Group) used for Source-Tree.
Multicast in D-Link Switching Environment
•Protocol Independent Multicast
'
Client-1
Multicast Server
RP
DR
Source Tree Example
Client-1
Multicast Server
RP
DR
Shared Tree ExampleTraffic Flow
Shared Tree
Source Tree
157
157
158
' ' ! (PIM-SM Source Registration
• Step 1: When R2 receives the first packet to multicast group G from the multicast source, it encapsulatesthe multicast data from the source in a Register message and unicast to RP.
When the RP receives the Register message• Step 2: It de-encapsulates the multicast data packet inside the Register message and forward it to the
Shared Tree.• Step 3: The RP sends an (S,G) Join back to the source to create a branch of an (S.G) Shortest-Path Tree.
This result in (S,G) state being created in all the routers along the SPT, including the RP.• Step 4: SPT is built from Source router to RP. Multicast traffic begins to flow down.• Step 5: RP sends a “Register Stop” to R2 (source’s first hop router) to inform that it can stop sending the
unicast Register message.• Result: Multicast traffic from source is flowing down the SPT to the RP and them down to the Shared Tree
to the receiver.
158
Client-1
R2
R3
R1
RP
(S,G) state createsonly along the
Source Tree
Multicast Server
Multicast Group: 225.1.1.10(S,G) entry
(S,G) entry
Page is Animated
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Traffic Flow
Shared Tree
Source Tree
(S,G) Register
(S,G) Join
Unicast
159
' ' C 1
Step 1: R1 (DR) receives Client-1 IGMP Report.
Step 2: There is no existing (*,G) state for Group “G” and R1 will create it.
Step 3: R1 forwards PIM (*,G) Join towards PIM neighbor to R2 (RP) hop by hop.
Step 4: R2 creates (*,G) state and the path from the DR to RP form an RPT tree.• If R2 is not the RP, this behavior will continue Step 2 to 4 until back to RP.
Result: Group “G” traffic can flow down the Shared Tree to the receiver.
159
Multicast Server
192.168.20.100
Client-1
192.168.60.100
192.168.20.1
192.168.10.1
Group: 225.1.1.10
192.168.30.1
192.168.30.2 192.168.10.2IGMP ReportPIM Join
R1/DR
192.168.40.2 192.168.60.2
R2/RP
192.168.40.1
Group: 225.1.1.10
Shared Tree
(*,G) Join
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' ' C 1Router-1
Client-1
160
160
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' ' C 1Router-1
Client-1
161
161
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' ' 1
Step 1: When R1 receives Client-1’s IGMP Leave and finds that Client-1 is the lasthost for the group.
Step 2: R1 moves the outgoing interface to Client-1 and sends (*,G) prune to theshared tree towards RP (R2)
162
162
Multicast in D-Link Switching Environment•Protocol Independent Multicast
Multicast Server
192.168.20.100
192.168.60.100
192.168.20.1
192.168.10.1
Group: 225.1.1.10
192.168.30.1
192.168.30.2
R2/RP
192.168.10.2
R1/DR
IGMP Leave
192.168.60.2
PIM Prune
192.168.40.2192.168.40.1
Group: 225.1.1.10
Client-1
Shared Tree
(*,G) Prune
163
' ' ( !It can reduce network latency because SPT tree is the most optimal path.The last hop has capability to switch to the shortest-path tree and bypass the RP if the traffic rateexceed the threshold.
• Step 1: The last-hop router sends an (S,G) Join to first hop router and create (S,G) with the new part of SPT(R1,R3,R2).
• Step 2: All routers in the path have installed the (S,G) entries which means Shortest Path Tree is built andmulticast traffic begins to flow along SPT.
• Step 3: (S,G) RP-bit Prune messages are sent to prune off the redundant (S,G) traffic from RP (SharedTree).
• Step 4: RP no longer needs the flow of (S,G) and sends (S,G) prune back to the source to shutoff the flow ofunnecessary (S,G) traffic to the RP.
• Result: After switching over (RPT to SPT), (S,G) traffic is now forwarded from the source to the receiver.
163
Client-1
Multicast ServerThe first hop
The last hop
R2
R3
R1
RP
Last-hop router joinsthe Source Tree
Traffic Flow
Shared Tree
RP-bit Prune
Source Tree
(S,G) Join
(S,G) Prune
Page is Animated
Multicast in D-Link Switching Environment•Protocol Independent Multicast
' ' ( !When “SPT-Threshold” is configured as “immediately”, all sources are immediatelyswitched to the Shortest Path Tree. The last-hop router sends an (S,G) join messagetowards the source as soon as the first packet arrives via (*,G) shared tree.When “SPT-Threshold” is configured as “never” (specified for a group), the sourceswill not be switched to Shortest Path Tree.Exceed the threshold
• When the Group’s SPT-Threshold exceeds in a last-hop router, the next packet for the groupwill cause an (S,G) join message to be sent and travelled hop-by-hop to the first-hop routerto create another branch of the SPT.
Last-hop router joinsthe Source Tree
Multicast Server
RP
The first hop
The last hop
Traffic Flow
Shared Tree
Source Tree(S,G) Join
Client-1
D-Link switches support “Never” or “Immediately” for “SPT-Threshold”
164
164
Multicast in D-Link Switching Environment•Protocol Independent Multicast
165
165
Switch Module 11
Quality of Service (QoS)
B * B !4Purpose
••
Provide guaranteed services for a given Ethernet / IP packetSupport various types of applications and specific business requirements.
Traditional Packet Forwarding• Best-effort policy without any quality assurance and guarantee for delivery delay, jitter, packet loss ratio
New Emerging Application• Video-on-Demand (VOD), VoIP, Video Conferencing
Congestion Issues••
Network congestion is a key factor to degrade the service quality of a networkIncrease the delay and jitter of packet transmission and packet retransmission
Solution••
Increase the bandwidth of networkQuality of Service
Quality of Service•Overview
Bottleneck
1G
1G
1G 1G
1G 100M
Bottleneck
1G
Bottleneck
1G + 1G = 2G
LACP
166
The reason for implementing QoS is to ensure packets can arrive at thedestination in time without packet loss due to heavy network traffic.Switches, with traditional packet forwarding, use best-effort mechanism totransfer data. This means that switches will try their best to forward packetsaccording to their capability without assurance.Nowadays, end users use a lot of network applications, such as BT, VoIP, IPTV,Mail, etc. Some of these applications require more reliability, robustness,efficiency for packet forwarding. Therefore, QoS is required to ensure packetsare forwarded to the destination under senders'expectation.The design of a network is also a key factor for network performance. In somecases, network congestion issue is due to improper design. For example, thereare three Gigabit incoming connections to a router, however, there is only oneoutgoing path (1G bandwidth) connecting out of the router. Another example,delay sensitive applications are influenced by other applications. Thiscongestion will result in loss of voice packet and voice communication isinterrupted.
166
B ' (
Best Effort•
•
Connection without any guarantee
Use first in, first out (FIFO) queue
Integrated Services(IntServ)•
•
•
Hard QoS / Flow-based (Per-flow policy)
Absolute reservation of resources
IntServ is implemented through the use of Resource Reservation Protocol(RSVP). It is enabled at both endpoints and the network between them.
Differentiated Services(DiffServ)•
•
•
•
Soft QoS / Class-based (Per-class policy)
Provide multiple levels of services that satisfy different QoS requirements
It reassigns bits in the Type of Service (ToS) field of an IP packet header
Use L2 Class of Service (CoS) and L3 Differentiated Service Code Points (DSCP)as the QoS priority descriptor value. It supports seven levels for Layer 2 and 64levels for Layer 3 classification.
Quality of Service•Overview
167
There are three types of models to implement QoS in the network.•Best Effort – Devices use best-effort mechanism to transmit data.•Integrated Services – It is also called Hard QoS. It guarantees the predictablenetwork behavior for applications that require consistent and dedicatedbandwidth for acceptable quality. IntServ model reserves enough bandwidth forthese applications. Once the bandwidth is reserved, no other traffic can use thatbandwidth. IntServ guarantees bandwidth, delay and packet-loss rates fromend-to-end. It is flow-based and uses RSVP protocol which needs to be enableat both endpoints between the network devices.•Differentiated Services – The differentiated services architecture providesdifferent QoS levels to various services. In this architecture, each packet carriesinformation (DS byte) used by each hop to provide a particular forwardingcriteria. The DiffServ services define the standard layout of the DS byte toassign specific forwarding criteria, called per-hop behavior, to a certain numberof patterns of the DS byte.
167
@>0E-% 3( ) (( * F) !
Quality of Service•Overview
Offset TTL Proto FCS IP SA IP DA DataIDLenToSByte
VersionLength
4B
Tag
6B
SA
6B
DA
2B
L/T
4B
FCS
46 to 1500B
Data
SADA L/T FCSData
6B6B 2B 4B46 to 1500B
Normal L2 Frame
Three bits used for CoS (User Priority)
L3 IPv4 Packet
Add QoS
L2 802.1Q Frame
IP Precedence or DSCP (1 byte)
IP Precedence: Three Most Significant Bits (MSBs) of ToSDSCP: Six MSBs of ToS
168
At Data Link Layer (L2), 802.1q tag field is used for QoS value assignment.At Network Layer (L3), ToS byte is used for QoS value assignment. There aretwo variations:•IP Precedence (three bits for QoS level)•DSCP (six bits for QoS level)
168
" (** '
Traffic Classification• Switches or routers classify incoming packets by examining the QoS field contents.
Differentiated service is based on traffic classification.
Bandwidth Control•
•
Traffic Policing (Re-Phrase)– There is a counter to track the traffic flow through a switch or router. Restrictions will be given when
the defined threshold exceeds.
Traffic Shaping (Re-Phrase)– Traffic is limited by the desired rate limited. It can prevent excessive bursts and produce a steady flow
of data.
Congestion Control•
•
Congestion Management– The congestion management mechanism determines the packet sequence based on the priority value
when network congestion occurs.
Congestion Avoidance
Quality of Service•Overview
– The switch / router achieves congestion avoidance by dropping packet using complex algorithm. If the
congestion becomes worse, the policy will drop packets actively to resolve the overloading of thenetwork.
169
When packets enter into a switch or a router, it will classify the priority ofincoming packets first. Traffic classification is the basis of QoS.Implementing QoS mechanism with different ways can bring two major benefits.•Bandwidth Control
Traffic Policing and Traffic Shaping features belong to this category.These two mechanisms can help to decide whether to drop or forwardpacket or shape the bandwidth based on restriction set manually.
•Congestion ControlCongestion Management and Congestion Avoidance provide solutionsfor congestion issue and reduce packet retransmission.
169
TT
** ) (( * 7 )%
Quality of Service•Overview
Egress PacketIngress Packet B
TThe system will putTokens into the Bucketat a defined rate (eg. 10bytes token per second)
Token
Drop!
T T
Marking3
Buffer
Traffic Shaping
The traffic will be placed into a buffer or queue.When there are enough tokens in the Token Bucket,these stored packets will be sent out.
Traffic Policing
Give a punishment to excessive packets
2
1
Traffic Classification
L3 IP Precedence / DSCPL2 CoSDSCP Value: 56 Higher priorityDSCP Value: 48 Medium priorityDSCP Value: 32 Low priority
170
Step 1. When a packet enters the switch, the switch will classify the packetaccording to the priority settings of incoming packet.Step 2. The switch uses token bucket mechanism to accomplish bandwidthcontrol (Traffic Policing). The switch generates and put tokens into the tokenbucket at a defined rate. The volume of token bucket is limited. The excessivetokens spill from the bucket. The packets which pass through the switch willattach and consume tokens before forwarding them. If the token bucket isempty, the packets without attached tokens will be restricted by actions setmanually (drop, allow or priority replacement).
170
) ( )) ( ) ( '
Quality of Service•Overview
Egress Packet
Sending Queue
2
Ingress Packet B
3
1
Traffic Classification
L3 IP Precedence / DSCPL2 CoSDSCP Value: 56 Higher priorityDSCP Value: 48 Medium priorityDSCP Value: 32 Low priority
Queue 1
Queue 2
Queue N
Queue N-1
Drop!
Congestion Avoidance
• Tail-Drop• Random Early Detection (RED)• WRED
Congestion Management
• FIFO (First In, First Out) queuing (Best Effort)• PQ (Priority Queuing)• WFQ (Weighted Fair Queuing)
1G 100M
Bottleneck
Congestion Issue
171
Step 1. When a packet enters the switch, the switch will classify the packetaccording to the priority of incoming packet.Step 2. The switch treats different packets with different actions when usingdifferent queuing theories. For example, the FIFO queue means that when firstpacket comes in, first packet goes out without any QoS mechanism. Anothermechanism, Priority Queue, is that the packets with higher priority are placed inthe high priority queue and are sent out first.The number of supported queues and queue mechanism may vary dependingon the switch capacity.Step 3. When all queues are full, the switch must drop the last packets whichare sent to the switch. It may cause TCP retransmission issue. The way howpackets are dropped depends on the Congestion Avoidance mechanism. TheCongestion Avoidance mechanism influences TCP traffic retransmissionbecause of packet drop.
171
Cla
ssif
icat
ion
** ) (( *
The first task classifies a frame or packet by specific priority or predetermined criteria.
The switch / router can distribute incoming packets into different service classes byexamining the frame, packet and segment headers. (Eg. Place into which queue ordrop packet policy).
For example, when a switch receives a packet with DSCP value of 46, the switchaccepts the ingress DSCP of the frame and use the DSCP value of 46 for internalDSCP
Quality of Service
•Traffic Classification / Marking
Network
Data Link
Physical
Transport
Application
3
2
1
4
6 Presentation
5 Session
7
DiffServ QoS
802.1p Cos
DSCP: 16 / CoS:2
DSCP: 0 / CoS:0
DSCP: 36 / CoS:4
DSCP: 48 / CoS:6
OSI Model
172
172
R1 R3
Port 1Marking
Quality of Service
•Traffic Classification / Marking
** '
Marking provides the way for QoS component to change QoS bits (DSCP, CoS or IPPrecedence) on ingress frames.
It will affect how the switch handles the packets internally after altering DSCP values.
Mark as close to the ingress edge of the network as possible.
For example. Marking the voice traffic with DSCP value 40 at the ingress point. Next,the switch will handle this packet internally with higher priority.
L2 frame with CoS value, R1 maps incoming CoS value to the Precedence or DSCP fields.L3 packet with DSCP/IP Precedence value will be remarked if required.
R2
Port 10
L2 Switch: Change CoS value of incoming packetsL3 Switch: Change DSCP value of incoming packets and enforce policies such asqueuing, congestion avoidance and policing based on the marked values.
173
173
@>0E-% 3( ) (( * F) !
Quality of Service
•Traffic Classification / Marking
Data FCSL/TSADA
46 to 1500B 4B2B6B6B
Normal Packet
Data FCSL/TSADA
46 to 1500B 4B2B6B6B
Tagged Packet Tag
4B
2B
TPID(Tag Protocol Identifier)
2B
TCI(Tag Control Information)
12 bits
VID
3 bits
Priority
1 bit
CFI
TPID: Tag Protocol Identifier, 802.1Q TPID = 0x8100
CFI: Canonical Format Indicator, always set to zero for EthernetVID: VLAN ID, 4096 VLAN used by 802.1Q for VLAN identification
Layer 2 802.1Q frame headers have two bytes tag control information (TCI) field thatcarries the CoS value in the three-significant bits, which are called User Priority bits.Layer 2 CoS value ranges from 0 for low priority to 7 for high priority.Different types of traffic are assigned with different CoS value.
174
Implementing QoS in a Layer 2 environment will bring QoS information into thetag field of Layer 2 frame.Tag is a four-byte information with two segments (one for TPID and another forTCI)TCI field is divided into three sub-fields. QoS uses first three bits to indicatepriority.
174
CoS Priority Typical Application
111 (7) (Reserved for network use)
110 (6) (Reserved for network use)
101 (5) Voice Bearer
100 (4) Video Conferencing
011 (3) Call Signaling
010 (2) High Priority Data
001 (1) Medium Priority Data
000 (0) Best Effort Data
@>0E-% ) (( (
Quality of Service
•Traffic Classification / Marking
There are eight priority classes / levels available from three bits. They are assigned
as follows.
High
Priority
Low
175
802.1p Priority – It ranges from binary 000 (0) for low priority to binary 111 (7)for high priority.This maps to the IP precedence values in the ToS field.
175
Version IHL Type of Service Total Length
Identification Flag Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Option + Padding
Data
Ethernet 802.1Q CoSIP Header ToS (IP
Precedence) / DSCPPayload
Quality of Service
•Traffic Classification / Marking
8
311915830
All switches and routers in the Internet rely on the class information to provide the
forwarding treatment to packets. Packets with the same class information will begiven the same forwarding treatment while packets with different class informationwill be given different treatment.
176
For Layer 3 QoS, ToS in the IP packet header is used.
176
7 6 5 4 3 2 1 0
IP Precedence Unused
DiffServ Code Point (DSCP) Flow Control
8 7VersionLength
ToSByte
Len ID Offset TTL Protocol FCS IP SA IP DA Data
•
•
Layer 3 IP precedence value – the IP version 4 specification defines the three most significant bits of theone-byte ToS field as IP precedence. IP precedence values range from priority 0 to priority 7.Other bits are unused.
DiffServ Code Print (DSCP)••
••
The default DSCP value of a frame is 0.Layer 3 differentiated services code point (DSCP) values – IETF has defined the six most significant bitsof the 1 bytes IP ToS field as the DSCP. DSCP ranges from 0 to 63.DSCP is backward-compatible with IP Precedence.Remaining two bits are used for flow control
Quality of Service
•Traffic Classification / Marking
Standard IPv4
DiffServ Extension
IP Precedence
177
There are two ways to implement L3 QoS by adding parameters into ToS byte.•IP Precedence –adopt three bits, so seven level priorities•DSCP – adopt six bits, so 64 level priorities
177
Queue N (High Priority)
Queue 5
Queue 4
Queue 3
Queue 2
Queue 1
Queue 0 (Low Priority)
** ( + % " 7
Differentiated Service (DS) Definition•
•
DS field replaces the header field (ToS) of the packet
Six bits of the DS field are used for DSCP to select the Per-Hop Behavior (PHB) at each interface.
Per-Hop Behavior (PHB)•
•
•
178
Quality of Service
•Traffic Classification / Marking
RFC2475 defines PHB on a DS (DiffServ-compliant) node to a DiffServ Behavior Aggregate (BA).
According to DSCP value, collections of packets with the same DSCP setting are sent in a particulardirection and can be grouped in a BA. Packets from multiple sources or applications can belong to the sameBA.
PHB refers to packet scheduling, queuing, policing or shaping behavior of a node on any given packetbelonging to a BA.
Router
7 6 7 7 1 7 5 2 6
Incoming Traffic
1 2 5 6 6 7 7 7 7
Outgoing Traffic
178
" 5 +7(
Quality of Service
•Traffic Classification / Marking
Default PHB• The default PHB specifies that packets marked with DSCP value of 000000 receive the
traditional best-effort service from a DS-compliant node.Class-Selector PHB
• To preserve backward-compatibility with any IP precedence scheme.• DiffServ has defined a DSCP value in the form xxx000, where x is either 0 or 1.• PHB retains most of the forwarding behavior as nodes that implement IP Precedence-based
classification and forwarding– Eg. Packets with a DSCP value of 110000 shows IP Precedence-based value of 110.
Assured Forwarding (AF) (RFC2597)• AF PHB is nearly equivalent to Controlled Load Service available in the integrated services
model.• Define a method by which BAs(Behavior Aggregate) can be given different forwarding
assurances.• AF defines classes by using DSCP values. AF is important in understanding how to relate
DSCP AF terminology to DSCP values.• AF has four AF classes, AF1x to AF4x (most important)• Within each class, there are three drop probabilities.
Expedited Forwarding (EF) (RFC2598)• EF PHB should be reserved for only the most critical applications.• EF service appears to the endpoints as a point-to-point connection. Eg. VoIP traffic.
179
Assured Forwarding values are part of the Per Hop Behavior (PHB) used byrouters. This value is used to determine the degree of reliability of a packet inthe DiffServ domain.
Expedited Forwarding PHB is typically for mission critical applications whichrequire guarantee transmission without delay and jitter.
179
IP Precedence 0 1 2 3 4 5 6 7
DSCP 0 8 16 24 32 40 48 56
CoS 0 1 2 3 4 5 6 7
DSCP 0 8 16 24 32 40 48 56
) ' %%
Quality of Service
•Traffic Classification / Marking
Default CoS-to-DSCP Mapping Table
Default IP Precedence-to-DSCP Mapping Table
180
D-Link switches can be configured to trust DSCP, IP Precedence or CoS valuesof ingress packets.When trusting CoS or IP Precedence, switches map an ingress packet’s to avalue based on the mapping table of CoS-DSCP or IP Precedence-internalDSCP.
180
Class 1 Class 2 Class 3 Class 4
Low Drop 001010 (DSCP 10)AF
11
0100010 (DSCP 18)AF
21
011010 (DSCP 26)AF
31
100010 (DSCP 34)AF
41Medium
Drop
001100 (DSCP 34)AF
12
010100 (DSCP 34)AF
22
011100 (DSCP 34)AF
32
100100 (DSCP 34)AF
42High Drop 001110 (DSCP 34)
(AF 13)
010110 (DSCP 34)AF
23
011110 (DSCP 34)AF
33
100110 (DSCP 34)AF
43
** ) ) !
181
Quality of Service
•Traffic Classification / Marking
0 1 2 3 4 5 6 7
DSCP
+ % 7Currently Unused
Expedited Forwarding (EF) / Assured Forwarding (AF)
Class Drop Precedence Unused
0 1 2 3 4 5 6 7
001010
define the class
drop probabilityalways 0
DSCP Example: 001010
181
### @>0E-% (E B ' %%A switch has eight priority queues. These priority queues are numbered from 7 (class 7: highestpriority queue) to 0 (class 0: lowest priority queue). Eight priority tags specified in IEEE 802.1p aremapped to the switch’s priority queues as follows:
••••••••
Priority 0 is assigned to the switch’s Q2 queuePriority 1 is assigned to the switch’s Q0 queuePriority 2 is assigned to the switch’s Q1 queuePriority 3 is assigned to the switch’s Q3 queuePriority 4 is assigned to the switch’s Q4 queuePriority 5 is assigned to the switch’s Q5 queuePriority 6 is assigned to the switch’s Q6 queuePriority 7 is assigned to the switch’s Q6 queue
Quality of Service
•Switch Configuration
DES-3528:5#show 802.1p user_priorityCommand: show 802.1p user_priorityQOS Class of TrafficPriority-0 -> <Class-2>Priority-1 -> <Class-0>Priority-2 -> <Class-1>Priority-3 -> <Class-3>Priority-4 -> <Class-4>Priority-5 -> <Class-5>Priority-6 -> <Class-6>Priority-7 -> <Class-6>
182
182
#$ % &@>0E-% )
Objective• Client-1 is running VoIP application and needs higher QoS than other stations running
regular applications.
Procedures• Configure VoIP connected ports with 1p=7. Based on the default “1p to queue mapping” and
“schedule”, the incoming VoIP packet will mapped to class 6 and will have higher prioritythan other packets coming from other ports (1p=0 and mapped to class 2) on DES-3528-1and DES-3528-2.
183
Quality of Service
•Switch Configuration
Client-1VoIP
Client-2HTTP
Client-3VoIP
DES-3528-1
DES-3528-2
P16
P18
183
) * * @>0E-% )
DES-3528-1 Configuration•
•
•
Change the port connection DES-3528-1 and DES-3528-2 from “untagged” to“tagged” so that 802.1p information can be carried across the switch.
config vlan default delete 1-6
config vlan default add tagged 1-6
Change the default priority of port 18 (VoIP device is connected), from 0 to 7.config 802.1p default_priority 18 7
The “User Priority” and “Scheduling” are using the default value.
DES-3528-2 Configuration•
•
•
Change the port connecting DES-3528-1 and DES-3528-2 from “untagged” to“tagged” so that 802.1p information can be carried across the switch.
config vlan default delete 1-6
config vlan default add tagged 1-6
Change the default priority of port 16 (VoIP device is connected), from 0 to 7.config 802.1p default_priority 16 7
The “User Priority” and “Scheduling” are using the default value.
184
Quality of Service
•Switch Configuration
184
TTA Router / Switch takes a specific action (Policing)for the different specified traffic rate.The difference between Traffic Shaping and TrafficPolicing is that Policing does not delay or buffer anytraffic.When the traffic exceeds a specified rate, the actiontaken is usually “dropped”. Other actions, such asre-marking is also available.
Quality of Service
•Traffic Policing and Shaping
**
Traffic Policing
Time
Without Traffic Policy
Traffic Policing usually uses the leaky token bucketalgorithm to achieve limiting traffic. Comparing withthe bandwidth control feature (only exact for UDPpacket), the leaky token bucket algorithm handlesTCP flows more effectively.
Traffic
Traffic Rate
Traffic
Time
With Traffic Policy
Traffic Rate
T
T
The system will place Tokensinto the Bucket at a defined rate
Token
Meter
T T
185
When traffic policing is enabled, the switch can set different thresholds atdifferent output traffic limitation manually. When incoming traffic rate hitsdifferent rate limits, the switch will adopt different actions, such as Allow, Drop,Priority Replacement, according to manually configured actions.
185
TT
TT
' ( ** 7
Mean Rate (Committed InformationRate, CIR)
• The rate of putting Token into Bucket.Average rate of allowing traffic topass through the router interface.
Burst size (Committed Burst Size,CBS)
•
•
•
Token Bucket’s capacity. Maximumtraffic size of every burst.
Step 1: The system will put Tokensinto the Token Bucket at a definedrate.
Step 2: If the Token Bucket is full, theextra tokens will be dropped.
•
•
Step 3: One token is associated to theforwarding ability of one bit.
Step 4: If enough tokens are availablefor forwarding packets, traffic isregarded conforming the specification,otherwise, non-confirm or excess
Quality of Service
•Traffic Policing and Shaping
Egress PacketIngress Packet
T
Drop!
Non-Conform
Traffic Classification
Token
CBS
The system will put tokens intothe Bucket at a defined rate
T T T
Drop!
Excess
186
Traffic policing is implemented based on Token bucket mechanism. The switchis able to allocate fixed size (CBS) of the token bucket and place tokens intobucket with fix rate (CIR). Packets which are sent out of the switch must attachtokens taken from the bucket. If token bucket is empty, packets will be droppedand treated with other actions.
186
TT
** %
Traffic Shaping meters traffic ratesand delays (buffers) excessive trafficso that the traffic rates stay within adesired rate limit.
Shaping smoothes excessive burststo produce a steady flow of data.
Shortage: Shaping delays traffic isnot suitable for delay-sensitive traffic,such as voice, video stream, but it isuseful for typical, busty TCP flow.
187
Quality of Service
•Traffic Policing and Shaping
Traffic Shaping
Traffic
Without Traffic Shaping
Traffic Rate
Time
Traffic
With Traffic Shaping
Traffic Rate
Time
T
The system will place Tokensinto the Bucket at a defined rate
T T T
Buffer
Token
Meter
Drop! (Original) /put it to buffer
In the above diagram, when the incoming traffic rate exceeds the threshold, thetraffic will be dropped. After enabling traffic shaping, the excessive traffic will beplaced into the switch buffer. The switch will forward these packets which arestored in the buffer when the traffic is not heavy. Therefore, traffic shapingsmoothes the traffic.
187
•
•
•
•
Weighted round robin (WRR) queuing
Priority queuing
Custom queuing
Shared Round Robin (SSR)
) ( '
188
Quality of Service
•Congestion Management & Avoidance
Both Congestion-Management and Congestion Avoidance use Multiple egressqueues.
Congestion avoidance is a per-queue feature and each queue may have its ownconfiguration for congestion management and avoidance.
Congestion Management includes several queuing mechanism, including the
Queue 1
• FIFO queuing
Queue 2
Queue N
Sending Queue
Queue N-1
Congestion Management
Drop!
188
) (
Switch / Router achieves congestion avoidance through packet droppingusing complex algorithms•
•
•
Tail-Drop
Random Early Detection (RED)
Weighted Random Early Detection (WRED)
189
Quality of Service
•Congestion Management & Avoidance
189
" ( F" ( 4 " "4!B
190
Quality of Service
•Congestion Management & Avoidance
Tail-Drop
FIFO queuing does not use classification and all packets are treated as if they belongto the same class.
The switch schedules packets into the queue in the order which they are receive.
Packet of size BFIFO
SchedulerSending Queue
FIFO Queuing System
190
B
Switch always schedules frames from the highest priority queue first. It willonly service the other queues when there is no frames in the higher priorityqueue.
Priority queuing is useful for voice applications where voice trafficoccupies the priority queue.
This type of scheduling may result in queue starvation in the non-priorityqueue.
191
Quality of Service•Congestion Management & Avoidance
191
1
Quality of Service
•Congestion Management & Avoidance
B
High Priority Queue
Medium Priority Queue
2
45
6
Normal Priority Queue
3
Low Priority Queue
192
Strict Priority Queue is strict and all traffic transmission must follow the queuepriority to forward frames out. In the above example, the traffic in higher priorityqueue will be sent out of switch first. When high priority queue is empty, theswitch starts to check next queue with second priority (medium priority queue inthe above example) and sends the packets stored in it. It means that thepackets stored in the lowest priority queue will wait till all other queues withhigher priority to clear before the packets have chance to be forwarded out ofthe switch. Sometimes, it generates “starving” issue that the packets in thelowest priority queue have no chance to be sent out.
192
D 5 D !B
WRR use weight value for each egress queue.
This weight value determines the implied bandwidth of each queue.
Quality of Service
•Congestion Management & Avoidance
HW Queue
Queue 1 (40%)
Queue 2 (30%)
Queue 3 (20%)
Queue 8 (10%)
WRR
WeightedRound
Robin
Class 8Tail-Drop
WRED
Class 3Tail-Drop
WRED
Class 2Tail-Drop
WRED
Class 1Tail-Drop
WRED
Packet of size B
WRR Queuing System
193
WRR is another queuing mechanism. The packets stored in different queueswill be forwarded out in sequence as stated in the configured weight value.
193
D
Quality of Service
•Congestion Management & Avoidance
5
High Priority Queue (40%)
Low Priority Queue (10%)
1234X
X
X
X
X
X
X
X
X
X
X
X
Medium Priority Queue (30%)
8 7 6 5
Normal Priority Queue (20%)
9101112
13141516
194
In the above example, the switch takes 40% packets from high priority queue,30% packets from medium priority queue, and so on. After finishing sending out10% packets from the low priority queue, the process will go back to check thehigh priority queue and repeat the whole process again.
194