[c-nsp] 3750 Multicast Problem

Collins, Richard (SNL US) richard.1.collins.ext at nsn.com
Thu Jan 10 13:28:04 EST 2008 

Hi,

The access list "ip access-group bl-out out" won't work on internally
generated traffic like pim -only what tranverses the router.

Maybe I don't understand why you are enabling pim on Gi2/0/2 if you
don't want to form
any neighbors.  The igmp static-groups should be enough.

You could prevent the 3750 from forming pim neighbors with "pim
neighbor-filter" or filtering
inbound pim traffic but the 7600 would still see the pim messages
originating from the 3750 and it would think that it had a fully
functional neighbor.

-Richard

>From: "Tim Jackson" <jackson.tim at gmail.com>
>Subject: [c-nsp] 3750 Multicast Problem
>To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
>Message-ID:
>	<4407932e0801091013t4e2b7475ybf48c735710815a7 at mail.gmail.com>
>Content-Type: text/plain; charset=ISO-8859-1
>
>Got a 3750 with a bunch of multicast sources on it coming from Vlan101
and
>Vlan99:
>
>int vlan99
>ip address 10.16.99.1 255.255.255.0
>no ip redirects
>no ip proxy-arp
>ip pim sparse-dense-mode
>load-interval 30
>!
>int vlan101
>ip address 10.0.0.202 255.255.255.0
>no ip redirects
>no ip proxy-arp
>ip pim sparse-dense-mode
>load-interval 30
>!
>
>My destinations for this are some routed interfaces on the 3750:
>
>interface GigabitEthernet2/0/2
>no switchport
>ip address 10.255.255.1 255.255.255.0
>ip access-group customer-in in
>ip access-group bl-out out
>ip pim sparse-dense-mode
>ip igmp static-group 225.101.4.2
>ip igmp static-group 225.101.4.4
>ip igmp static-group 225.101.4.5
>ip igmp static-group 225.101.4.17
>ip igmp static-group 225.101.4.30
>ip igmp static-group 225.101.4.58
>ip igmp static-group 225.101.4.8
>ip igmp static-group 225.101.4.104
>ip igmp static-group 225.100.4.2
>ip igmp static-group 225.100.4.4
>ip igmp static-group 225.100.4.5
>ip igmp static-group 225.100.4.17
>load-interval 30
>speed nonegotiate
>!
>ip access-list extended bl-out
>deny   igmp any any
>deny   pim any any
>permit ip any 225.100.4.0 0.0.0.255
>permit ip any 225.101.4.0 0.0.0.255
>ip access-list extended customer-in
>deny   ip any any
>!
>
>My problem here is when we turn this up, no matter what is setup on the
>interface (even pim neighbor filters, the acl, etc) the far-end sees a
PIM
>neighbor form and the 3750 becomes the DR which effectively breaks the
rest
>of their multicast:
>
>Jan  9 01:18:28.037 CST: %PIM-5-NBRCHG: neighbor 10.255.255.1 UP on
>interface Vlan100 (vrf default)
>Jan  9 01:18:28.041 CST: %PIM-5-DRCHG: DR change from neighbor 10.0.0.1
to
>10.255.255.1 on interface Vlan100 (vrf default)
>
>The 3750 never sees a neighbor come up, but that log is from their
7600,
>after they see this, everything breaks...
>Any clue?
>
>>

More information about the cisco-nsp mailing list