[Xorp-users] Complex BGP. mBGP and PIM-SM setup

Pavlin Radoslavov pavlin at icir.org
Fri Jun 23 12:33:28 PDT 2006 

> I have this complex setup in Debian sarge for
> my University (In Guatemala so no budget for
> Cisco/Juniper routers):
> 
> If	IP address	Purpose
> --	----------	-------
> eth0	10.0.0.1/24	Internal LAN
> eth1	10.0.1.1/24	Internal LAN
> eth2	172.16.0.1/16	Internal LAN
> eth3	192.168.0.1/24	Internal LAN
> eth3.2	192.168.2.1/24	Internal LAN (VLAN)
> eth3.3	192.168.3.1/24	Internal LAN (VLAN)
> eth3.4	192.168.4.1/24	Internal LAN (VLAN)
> eth3.5	192.168.5.1/24	Internal LAN (VLAN)
> eth3.6	192.168.6.1/24	Internal LAN (VLAN)
> eth3.7	192.168.7.1/24	Internal LAN (VLAN)
> eth3.8	192.168.8.1/24	Internal LAN (VLAN)
> eth3.9	192.168.9.1/24	Internal LAN (VLAN)
> eth3.10	192.168.10.1/24	Internal LAN (VLAN)
> eth3.15	192.168.15.1/24	Internal LAN (VLAN)
> eth4	10.0.2.1/24	Internal LAN
> eth5	<not assigned>	(unused)
> eth6	10.10.26.7/28	External to Internet2
> eth7	<public IP>*	External to Internet
> 
> * eth7 have 120+ assigned IPv4 address for NATing
>   internal hosts.
> 
> I am using Xorp for 3 purposes:
> 
> 1. BGP/mBGP with peer in eth6 for connecting to
>    Internet2.
> 2. IGMP tracking for my internal hosts.
> 3. PIM-SM (multicast) for my internal hosts and
>    for Internet2.
> 
> BGP/mBGP works, I obtain more than 9000 routes.
> IGMP and PIM-SM in my internal LANs works as
> expected, I can stream to a multicast address
> and any host from any internal LAN can 'see'
> the stream if he join it.
> 
> Now my problems:
> 
> a. My next-hop router for Internet2 is Linux too
>    and there is no MSDP implementation for Linux
>    I choose to use the next-next router (Cisco) as
>    my RP in PIM-SM.  But when sniffing the wire my
>    box is sending PIM-register to the Cisco (via
>    eth6) but with the source-address as 10.0.0.1
>    (eth0) so is possible to change this address
>    ala 'local-ip' parameter?

The address is selected automatically.
Until today, the primary address of the interface toward the
directly-connected source was used to originate the PIM Register
messages.
I just committed some changes, so now the RPF interface toward the
RP is used to originate the PIM Registers.

Please let me know if this doesn't solve your problem, and then
we can think about adding a mechanism to manually configure that
interface/address.

> b. As you can see all my internal hosts run private
>    IPv4 addresses and I NAT them for both normal
>    Internet and Internet2 which works ok but what
>    if they want to stream something, I know Cisco
>    could NAT multicast traffic, do you know of any
>    solution for Linux?

With the above modification, I believe now the PIM Registers (with
the multicast data your internal hosts are originating) will be send
properly to the RP. Assuming the RP doesn't filter the PIM Registers
based on some rules (e.g., if there is no RPF information for the
inner private source address of the multicast packets), then
multicast should be working.

The downside is that if the RP decides to switch to the SPT toward
your sources, it can't (e.g., it might not have the RPF information
for your private IP addresses), so all the multicast traffic you are
originating will have the PIM Register overhead.

> c. I want to export to my next router via BGP my
>    public Internet CIDR so I have this but it
>    doesn't work (quagga do export it correctly
>    but problem with quagga is that it doesn't
>    handle PIM so I have to pair it with pimd which
>    is not as good as Xorp for tracking IGMP and
>    it has lot less parameters to tune):
> 
>    policy {
>    	policy-statement to-bgp {
> 		term export {
> 			from {
> 				protocol: "connected"
> 				network4: <public_cidr>
> 			} to {
> 				neighbor: 10.10.26.14
> 			} then {
> 				accept
> 			}
> 		}
> 	}
>    }
> 
>    bgp {
> 	export: "to-bgp"
> 
> 	bgp-id: 10.10.26.7
> 	local-as: 65103
> 
> 	peer 10.10.26.14 {
> 		local-ip: 10.10.26.7
> 		as: 65103
> 		next-hop: 10.10.26.7
> 
> 		ipv4-unicast: true
> 		ipv4-multicast: true
> 	}
>    }

First, could you try "network4 <= <public_cidr>" statement instead
of "network4: <public_cidr>" .

If this doesn't help, for testing purpose could you remove the "to"
statement and see whether it works.

Pavlin

> I know this setup is extreme but I'm pretty sure
> it is a good test bed for Xorp as is a real world
> implementation.  Thanks for the help!
> 
> -otto
> 
> _______________________________________________
> Xorp-users mailing list
> Xorp-users at xorp.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users

More information about the Xorp-users mailing list