[c-nsp] Multicast: Packets from sources failing RPF check being forwarded
Matti Saarinen
mjsaarin at cc.helsinki.fi
Thu Jan 20 03:49:35 EST 2011
I try to understand why certain multicast packets coming from sources
are being forwarded even thought there is no route towards the source.
To be more precise:
rtr# sh ip mroute 239.255.255.250 count
IP Multicast Statistics
100 routes using 81502 bytes of memory
18 groups, 4.61 average sources per group
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second
Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 239.255.255.250, Source count: 9, Packets forwarded: 2490727, Packets received: 2492613
RP-tree: Forwarding: 804794/0/292/0, Other: 806652/1846/12
Source: 192.168.0.1/32, Forwarding: 0/0/0/0, Other: 19/19/0
Source: 169.254.114.143/32, Forwarding: 0/0/0/0, Other: 0/0/0
Source: 10.57.48.7/32, Forwarding: 4/0/369/0, Other: 4/0/0
Source: 10.57.48.8/32, Forwarding: 4/0/369/0, Other: 4/0/0
Source: 10.57.48.6/32, Forwarding: 4/0/369/0, Other: 4/0/0
Source: 10.57.48.10/32, Forwarding: 4/0/370/0, Other: 4/0/0
For some reason the packets coming from the 10.57.48.x sources are
forwarded but not the ones coming from 192.168.0.1. The routes towards the
sources don't exist in our network - at least not in the routers I can
access.
There is default route on every router pointing eventually to our
upstream but I trust our upstream to have set up their routing properly
and not to forward such backets.
I explanation I can think of that one of the routers I cannot control
sends PIM Register packets to RP and from there the info is propagated
to other routers. That might explain also why the RPF check fails on
every other router except the RP. But it makes me wonder why RP still
forwards the packets.
Does this sound reasonable explanation? I didn't refresh my knowlegde on
the PIM SM details so I have quite likely misremembered something.
Cheers,
Matti
More information about the cisco-nsp
mailing list