Embed Size (px)
Citation preview
Cisco ACI and Layer 3 MulticastFirst Published: 2016-09-29
Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000 800 553-NETS (6387)Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITEDWARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITHTHE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain versionof the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDINGANYOTHERWARRANTYHEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS"WITH ALL FAULTS.CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OFMERCHANTABILITY, FITNESS FORA PARTICULAR PURPOSEANDNONINFRINGEMENTORARISING FROMACOURSEOFDEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUTLIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERSHAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, networktopology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentionaland coincidental.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnershiprelationship between Cisco and any other company. (1110R)
© 2016 Cisco Systems, Inc. All rights reserved.
C O N T E N T S
P r e f a c e Preface v
Audience v
Document Conventions v
Related Documentation vii
Documentation Feedback vii
Obtaining Documentation and Submitting a Service Request viii
C H A P T E R 1 New and Changed Information 1
New and Changed Information 1
C H A P T E R 2 Introduction to Layer 3 Multicast 3
Layer 3 Multicast 3
About the Fabric Interface 4
Enabling Multicast Routing 5
Allocating VRF GIPo 5
Multiple Border Leaf Switches as Designated Forwarder 6
PIM Designated Router Election 7
Non-Border Leaf Switch Behavior 7
Active Border Leaf Switch List 7
Overload Behavior On Bootup 7
First-Hop Functionality 8
The Last-Hop 8
Fast-Convergence Mode 8
Guidelines for Configuring Layer 3 Multicast 8
C H A P T E R 3 Configuring Layer 3 Multicast 11
Configuring Layer 3 Multicast Using the Basic GUI 11
Cisco ACI and Layer 3 Multicast iii
Configuring Layer 3 Multicast Using the Advanced GUI 12
Configuring Layer 3 Multicast Using the NX-OS Style CLI 14
Configuring Layer 3 Multicast Using REST API 15
Cisco ACI and Layer 3 Multicastiv
Contents
Preface
This preface includes the following sections:
• Audience, page v
• Document Conventions, page v
• Related Documentation, page vii
• Documentation Feedback, page vii
• Obtaining Documentation and Submitting a Service Request, page viii
AudienceThis guide is intended primarily for data center administrators with responsibilities and expertise in one ormore of the following:
• Virtual machine installation and administration
• Server administration
• Switch and network administration
Document ConventionsCommand descriptions use the following conventions:
DescriptionConvention
Bold text indicates the commands and keywords that you enter literallyas shown.
bold
Italic text indicates arguments for which the user supplies the values.Italic
Square brackets enclose an optional element (keyword or argument).[x]
Cisco ACI and Layer 3 Multicast v
DescriptionConvention
Square brackets enclosing keywords or arguments separated by a verticalbar indicate an optional choice.
[x | y]
Braces enclosing keywords or arguments separated by a vertical barindicate a required choice.
{x | y}
Nested set of square brackets or braces indicate optional or requiredchoices within optional or required elements. Braces and a vertical barwithin square brackets indicate a required choice within an optionalelement.
[x {y | z}]
Indicates a variable for which you supply values, in context where italicscannot be used.
variable
A nonquoted set of characters. Do not use quotation marks around thestring or the string will include the quotation marks.
string
Examples use the following conventions:
DescriptionConvention
Terminal sessions and information the switch displays are in screen font.screen font
Information you must enter is in boldface screen font.boldface screen font
Arguments for which you supply values are in italic screen font.italic screen font
Nonprinting characters, such as passwords, are in angle brackets.< >
Default responses to system prompts are in square brackets.[ ]
An exclamation point (!) or a pound sign (#) at the beginning of a lineof code indicates a comment line.
!, #
This document uses the following conventions:
Means reader take note. Notes contain helpful suggestions or references to material not covered in themanual.
Note
Means reader be careful. In this situation, you might do something that could result in equipment damageor loss of data.
Caution
Cisco ACI and Layer 3 Multicastvi
PrefaceDocument Conventions
IMPORTANT SAFETY INSTRUCTIONS
This warning symbol means danger. You are in a situation that could cause bodily injury. Before youwork on any equipment, be aware of the hazards involved with electrical circuitry and be familiar withstandard practices for preventing accidents. Use the statement number provided at the end of each warningto locate its translation in the translated safety warnings that accompanied this device.
SAVE THESE INSTRUCTIONS
Warning
Related DocumentationCisco Application Centric Infrastructure (ACI) Documentation
The ACI documentation is available at the following URL: http://www.cisco.com/c/en/us/support/cloud-systems-management/application-policy-infrastructure-controller-apic/tsd-products-support-series-home.html.
Cisco Application Centric Infrastructure (ACI) Simulator Documentation
The Cisco ACI Simulator documentation is available at http://www.cisco.com/c/en/us/support/cloud-systems-management/application-centric-infrastructure-simulator/tsd-products-support-series-home.html.
Cisco Nexus 9000 Series Switches Documentation
The Cisco Nexus 9000 Series Switches documentation is available at http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/tsd-products-support-series-home.html.
Cisco Application Virtual Switch Documentation
The Cisco Application Virtual Switch (AVS) documentation is available at http://www.cisco.com/c/en/us/support/switches/application-virtual-switch/tsd-products-support-series-home.html.
Cisco Application Centric Infrastructure (ACI) Integration with OpenStack Documentation
Cisco ACI integration with OpenStack documentation is available at http://www.cisco.com/c/en/us/support/cloud-systems-management/application-policy-infrastructure-controller-apic/tsd-products-support-series-home.html.
Documentation FeedbackTo provide technical feedback on this document, or to report an error or omission, please send your commentsto [email protected]. We appreciate your feedback.
Cisco ACI and Layer 3 Multicast vii
PrefaceRelated Documentation
Obtaining Documentation and Submitting a Service RequestFor information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a servicerequest, and gathering additional information, seeWhat's New in Cisco Product Documentation at: http://www.cisco.com/c/en/us/td/docs/general/whatsnew/whatsnew.html
Subscribe toWhat’s New in Cisco Product Documentation, which lists all new and revised Cisco technicaldocumentation as an RSS feed and delivers content directly to your desktop using a reader application. TheRSS feeds are a free service.
Cisco ACI and Layer 3 Multicastviii
PrefaceObtaining Documentation and Submitting a Service Request
C H A P T E R 1New and Changed Information
This chapter contains the following sections:
• New and Changed Information, page 1
New and Changed InformationThe following table provides an overview of the significant changes to this guide up to this current release.The table does not provide an exhaustive list of all changes made to the guide or of the new features up tothis release.
Table 1: New Features and Changed Behavior
WhereDocumented
DescriptionFeatureCisco APIC Release Version
-See section Guidelinesfor Configuring Layer3 Multicast.
Layer 3 multicastsupport formultipod.
Release 2.1(1h)
--The Layer 3multicast featurewasintroduced.
Release 2.0(1m)
Cisco ACI and Layer 3 Multicast 1
Cisco ACI and Layer 3 Multicast2
New and Changed InformationNew and Changed Information
C H A P T E R 2Introduction to Layer 3 Multicast
This chapter contains the following sections:
• Layer 3 Multicast, page 3
• Guidelines for Configuring Layer 3 Multicast, page 8
Layer 3 MulticastIn the ACI fabric, most unicast and multicast routing operate together on the same border leaf switches, withthe multicast protocol operating over the unicast routing protocols.
In this architecture, only the border leaf switches run the full Protocol Independent Multicast (PIM) protocol.Non-border leaf switches run PIM in a passive mode on the interfaces. They do not peer with any other PIMrouters. The border leaf switches peer with other PIM routers connected to them over L3 Outs and also witheach other.
Cisco ACI and Layer 3 Multicast 3
The following figure shows the border leaf (BL) switches (BL1 and BL2) connecting to routers (R1 and R2)in the multicast cloud. Each virtual routing and forwarding (VRF) in the fabric that requires multicast routingwill peer separately with external multicast routers.
Figure 1: Overview of Multicast Cloud
About the Fabric InterfaceThe fabric interface is a virtual interface between software modules and represents the fabric for multicastrouting. The interface takes the form of a tunnel interface with the tunnel destination being the VRF GIPo(Group IP outer address). For example, if a border leaf is the designated forwarder responsible for forwardingtraffic for a group, then the fabric interface would be in the outgoing interface (OIF) list for the group. Thereis no equivalent for the interface in hardware. The operational state of the fabric interface should follow theaggFabState published by the intermediate system-to-intermediate system (IS-IS).
The user must configure a unique loopback address on each border leaf on each VRF that is enablesmulticast routing.
Note
Any loopback configured for unicast routing can be reused. This loopback address must be routed from theexternal network and will be injected into the fabric MPBGP (Multiprotocol Border Gateway Protocol) routes
Cisco ACI and Layer 3 Multicast4
Introduction to Layer 3 MulticastAbout the Fabric Interface
for the VRF. The fabric interface source IP will be set to this loopback as the loopback interface. The followingfigure shows the fabric for multicast routing.
Figure 2: Fabric for Multicast routing
Enabling Multicast RoutingMulticast is enabled or disabled at three levels, the VRF, L3 Out, and the bridge domain (BD). At the toplevel, multicast routingmust be enabled on the VRF that has anymulticast-enabled BDs. On amulticast-enabledVRF, there can be a combination of multicast routing-enabled BDs and BDs where multicast routing isdisabled. BD with multicast-routing disabled will not show on VRF multicast panel. L3 Out with multicastrouting-enabled will show up on the panel as well, but any BD that has multicast routing-enabled will alwaysbe a part of a VRF that has multicast routing-enabled.
Multicast Routing is not supported on the leaf switches such as Cisco Nexus 93128TX, 9396PX, and 9396TX.All the multicast routing and any multicast-enabled VRF should be deployed only on the switches with -EXin their product IDs such as Cisco Nexus 93108TC-EX and 93180YC-EX.
Layer 3 Out ports and sub-interfaces are supported while external SVIs are not supported. Since externalSVIs are not supported, PIM cannot be enabled in L3-VPC.
Note
Allocating VRF GIPoVRF GIPo is allocated implicitly based on configuration. There will be one GIPo for the VRF and one GIPofor every BD under that VRF. Additionally, any given GIPomight be shared betweenmultiple BDs or multipleVRFs, but not a combination of VRFs and BDs. APIC will be required to ascertain this. In order to handlethe VRF GIPo in addition to the BD GIPos already handled and build GIPo trees for them, IS-IS is modified.
All multicast-routed traffic will be forwarded on the fabric using the VRF GIPo. Any broadcast or unicastflood traffic on a multicast routing-enabled BD will continue to use the BD GIPo. Only the multicast trafficthat is routed will use the VRF GIPo.
Cisco ACI and Layer 3 Multicast 5
Introduction to Layer 3 MulticastEnabling Multicast Routing
Table 2: GIPo Usage
MC Routing-enabled BDNon-MC Routing-enabled BDTraffic
BD GIPoBD GIPoBroadcast
BD GIPoBD GIPoUnknown Unicast Flood
VRF GIPoBD GIPoMulticast
Multiple Border Leaf Switches as Designated ForwarderWhen there are multiple border leaf (BL) switches in the fabric doing multicast routing, only one of the borderleafs has to be the designated forwarder for attracting traffic from the external multicast network and forwardingit to the fabric. This prevents multiple copies of the traffic and it balances the load across the multiple BLswitches.
This is done by striping ownership for groups across the available BL switches, as a function of the groupaddress and the VRF virtual network ID (VNID). A BL that is responsible for a group handles PIM joins toattract traffic into the fabric on behalf of receivers in the fabric.
Each BL in the fabric has a view of all the other active BL switches in the fabric in that VRF. So each of theBL switches can independently stripe the groups consistently. Each BL monitors PIM neighbor relations onthe fabric interface to derive the list of active BL switches. When a BL switch is removed or discovered, thegroups are re-striped across the remaining active BL switches. The striping is similar to the method used forhashing the GIPos to external links in multi-pod deployment, so that the group-to-BL mapping is sticky andresults in fewer changes on up or down.
Figure 3: Model for Multiple Border Leafs as Designated Forwarder
Cisco ACI and Layer 3 Multicast6
Introduction to Layer 3 MulticastMultiple Border Leaf Switches as Designated Forwarder
PIM Designated Router ElectionFor Layer 3 multicast on ACI fabric, the PIM DR (designated router) mechanism for different interface typesis as follows:
• PIM-enabled L3 Out interfaces: Follows standard PIM DR mechanism on these interface types.
• Fabric interface: DR election on this interface is not of much significance as the DR functionality isdetermined by the striping. PIM DR election continues unaltered on this interface.
• Multicast routing-enabled Pervasive BDs: The pervasive BDs in the fabric are all stubs as far as multicastrouting is concerned. Hence, on all the leaf switches, the SVI interfaces for pervasive BDs includingvPC, are considered DR on the segment.
Non-Border Leaf Switch BehaviorOn the non-border leaf switches, PIM runs in passive mode on the fabric interface and on the pervasive BDSVIs. PIM is in a new passive-probe mode where it sends only hellos. PIM neighbors are not expected onthese pervasive BD SVIs. It is desirable to raise a fault when a PIM hello is heard from a router on a pervasiveBD. PIM, on the non-border leaf switches, does not send any PIM protocol packets except for hellos onpervasive BDs and source register packets on the fabric interface.
At the same time, PIM will receive and process the following PIM packets on the fabric interface:
• PIM Hellos: This is used to track the active BL list on the fabric interface and on the pervasive BDs,this is used to raise faults.
• PIM BSR, Auto-RP advertisements: This is received on the fabric interface and is processed to gleanthe RP to group-range mapping.
Active Border Leaf Switch ListOn every leaf switch, PIM maintains a list of active border leaf switches that is used for striping and otherpurposes. On the border leaf switches themselves this active border leaf list is derived from the active PIMneighbor relations. On non-border leaf switches, the list is generated by PIM using the monitored PIM Hellomessages on the fabric interface. The source IP on the hello messages is the loopback IP assigned to eachborder leaf switch.
Overload Behavior On BootupWhen a border leaf switch gains connectivity to the fabric for the first time after bootup or after losingconnectivity, it is not desirable to cause the border leaf switch to be part of the active border leaf switch listtill the border leaf switch has had a chance to pull theCOOP repo information and to bring up its southboundprotocol adjacencies. This can be achieved by delaying the transmission of PIM hello messages for anon-configured period of time.
Cisco ACI and Layer 3 Multicast 7
Introduction to Layer 3 MulticastPIM Designated Router Election
First-Hop FunctionalityThe directly connected leaf will handle the first-hop functionality needed for PIM Subnet Manager (SM).
The Last-HopThe last-hop router is connected to the receiver and is responsible for doing a shortest-path tree (SPT) switchoverin case of PIM any-source multicast (ASM). The border leaf switches will handle this functionality. Thenon-border leaf switches do not participate in this function.
Fast-Convergence ModeThe fabric supports a configurable fast-convergence mode where every border leaf switch with externalconnectivity towards the root (RP for (*,G) and source for (S, G)) pulls traffic from the external network. Toprevent duplicates, only one of the BL switches forwards the traffic to the fabric. The BL that forwards thetraffic for the group into the fabric is called the designated forwarder (DF) for the group. The stripe winnerfor the group decides on the DF. If the stripe winner has reachability to the root, then the stripe winner is theDF also. If the stripe winner does not have external connectivity to the root, then that BL chooses a DF bysending a PIM join over the fabric interface. All non-stripe winner BL switches with external reachability tothe root send out PIM joins to attract traffic but continue to have the fabric interface as the RPF interface forthe route. This results in the traffic reaching the BL switch on the external link, but getting dropped.
The advantage of the fast-convergence mode is that when there is a stripe owner change due to a loss of a BLswitch for example, the only action needed is on the new stripe winner of programming the right ReversePath Forwarding (RPF) interface. There is no latency incurred by joining the PIM tree from the new stripewinner. This comes at the cost of the additional bandwidth usage on the non-stripe winners' external links.
Fast-convergence mode can be disabled in deployments where the cost of additional bandwidth outweighsthe convergence time saving.
Note
Guidelines for Configuring Layer 3 MulticastSee the following guidelines:
• The Layer 3 multicast configuration is done at the VRF level so protocols function within the VRF andmulticast is enabled in a VRF, and each multicast VRF can be turned on or off independently.
• Once a VRF is enabled for multicast, the individual bridge domains (BDs) and L3 Outs under the enabledVRF can be enabled for multicast configuration. By default, multicast is disabled in all BDs and Layer3 Outs.
• Layer 3 multicast is not currently supported on VRFs that are configured with a shared L3 Out.
• Any Source Multicast (ASM) and Source-Specific Multicast (SSM) are supported.
• Bidirectional PIM, Rendezvous Point (RP) within the ACI fabric, and PIM IPv6 are currently notsupported.
Cisco ACI and Layer 3 Multicast8
Introduction to Layer 3 MulticastFirst-Hop Functionality
• IGMP snooping cannot be disabled on pervasive bridge domains with multicast routing enabled.
• Multicast routers are not supported in pervasive bridge domains.
• The Layer 3 multicast feature is supported on the following -EX model leaf switches:
• N9K-93180YC-EX
• N9K-93108TC-EX
• N9K-93180LC-EX
• Layer 3 Out ports and sub-interfaces are supported while external SVIs are not supported. Since externalSVIs are not supported, PIM cannot be enabled in L3-VPC.
• For Layer 3 multicast support for multipod, when the ingress leaf switch receives a packet from a sourceattached on a bridge domain that is enabled for multicast routing, the ingress leaf switch sends only arouted VRF copy to the fabric (routed implies that the TTL is decremented by 1, and the source-mac isrewritten with a pervasive subnet MAC). The egress leaf switch also routes the packet into receivers inall the relevant bridge domains. Therefore, if a receiver is on the same bridge domain as the source, buton a different leaf switch than the source, that receiver continues to get a routed copy, even though it isin the same bridge domain.
For more information, see details about layer 3 multicast support for multipod that leverages existingLayer 2 design, at the following link Adding Pods.
• Layer 3 multicast is not supported with FEX. Multicast sources or receivers connected to FEX ports arenot supported.
When you configure Layer 3 Outside (L3Out) connections to external routers, or multipod connectionsthrough an Inter-Pod Network (IPN), it is critical that the MTU be set appropriately on both sides. Onsome platforms, such as ACI, Cisco NX-OS, and Cisco IOS, the configurable MTU value takes intoaccount packet headers (resulting in a max packet size to be set as 9000 bytes), whereas other platformssuch as IOS-XR configure the MTU value exclusive of packet headers (resulting in a max packet size of8986 bytes).
For the appropriate MTU values for each platform, see the relevant configuration guides.
Cisco highly recommends you test the MTU using CLI-based commands. For example, on the CiscoNX-OS CLI, use a command such as ping 1.1.1.1 df-bit packet-size 9000 source-interface
ethernet 1/1.
Note
Cisco ACI and Layer 3 Multicast 9
Introduction to Layer 3 MulticastGuidelines for Configuring Layer 3 Multicast
Cisco ACI and Layer 3 Multicast10
Introduction to Layer 3 MulticastGuidelines for Configuring Layer 3 Multicast
C H A P T E R 3Configuring Layer 3 Multicast
This chapter contains the following sections:
• Configuring Layer 3 Multicast Using the Basic GUI, page 11
• Configuring Layer 3 Multicast Using the Advanced GUI, page 12
• Configuring Layer 3 Multicast Using the NX-OS Style CLI, page 14
• Configuring Layer 3 Multicast Using REST API, page 15
Configuring Layer 3 Multicast Using the Basic GUIBefore You Begin
• The desired VRF, bridge domains, Layer 3 Outs such as OSPF or BGP must be configured
• Basic unicast network must be configured.
Step 1 Navigate to Tenants > Tenant_name > Networking > VRFs > VRF_name >Multicast.In theWork pane, a message is displayed as follows: PIM is not enabled on this VRF. Would you like to enablePIM?.
Step 2 Click YES, ENABLE MULTICAST.You can enable multicast at the interface level.
Step 3 In theWork pane, click the Interfaces tab.Step 4 In theWork pane, in the Bridge Domains area, perform the following actions:
a) Click the BD drop-down list to choose the desired BD.b) Click the IGMP Policy drop-down list to choose the desired IGMP Policy.
You can choose Create IGMP Policy to create a new IGMP Policy.
Step 5 In the Interfaces area, perform the following actions:a) Expand Interfaces and in the Select and L3 Out dialog box, from the L3 Out drop-down list, choose the desired
L3 Out.
Cisco ACI and Layer 3 Multicast 11
b) Click Select.
Step 6 Click the Rendezvous Points tab.Step 7 Choose the desired Rendezvous Point (RP) from the available options. You can specify static RP, auto RP, or bootstrap
router, or choose the desired combination of the RPs to configure.Step 8 (Optional) Expand Static RP, and from the RouteMap drop-down list, click Create RouteMap Policy, and perform
the following actions:This is a specific route map configured for multicast. If the route map you desire is already present, choose that insteadof creating a new route map.
a) In the Name field, enter a name for the routemap policy.b) Enter the values in the fields for Order, Source IP , Group IP, RP IP for that entry.c) In the Action field, choose the desired action to permit or deny. Click OK.d) Click Submit to display the entry under RouteMaps.
Step 9 In theWork pane, click the Pattern Policy tab.Step 10 Click Pattern Policy and choose the desired multicast option.
Choose theMulticast Route Map for each of the policies.
Step 11 Click the PIM Settings tab and set the desired PIM Setting and Resource Policy values.Step 12 Click the IGMP Setting tab.
a) In the Group Prefix and the Source Address fields, enter the appropriate values for both.b) Click Update to complete the IGMP Settings for that particular bridge domain.
Step 13 To verify the configuration perform the following actions:a) In theWork pane, click Interfaces to display the associated Bridge Domains.b) Click Interfaces to display the associated L3 Out interfaces.c) In the Navigation pane, navigate to the BD.d) In theWork pane, the configured IGMP policy and PIM functionality are displayed as configured earlier.e) In the Navigation pane, the L3 Out interface is displayed.f) In theWork pane, the PIM functionality is displayed as configured earlier.g) In theWork pane, navigate to Fabric > Inventory > Pod name > Leaf_Node > Interfaces > Physical Interfaces
> interface_name to convert an interface from L2 to L3 and vice-versa.h) In theWork pane, navigate to Fabric > Inventory > Protocols > IGMP to view the operational status of the
configured IGMP interfaces.i) In theWork pane, navigate toFabric > Inventory >Pod name >Leaf_Node >Protocols > IGMP > IGMPDomains
to view the domain information for multicast enabled/disabled nodes.
Configuring Layer 3 Multicast Using the Advanced GUIBefore You Begin
• The desired VRF, bridge domains, Layer 3 Out interfaces with IP addresses must be configured to enablePIM and IGMP.
Cisco ACI and Layer 3 Multicast12
Configuring Layer 3 MulticastConfiguring Layer 3 Multicast Using the Advanced GUI
• Basic unicast network must be configured.
Step 1 Navigate to Tenants > Tenant_name > Networking > VRFs > VRF_name >Multicast.In theWork pane, a message is displayed as follows: PIM is not enabled on this VRF. Would you like to enablePIM?.
Step 2 Click YES, ENABLE MULTICAST.Step 3 In theWork pane, click the Interfaces tab.Step 4 In the Bridge Domain area, perform the following actions:
a) Click the BD drop-down list to choose the desired BD.b) Click the IGMP Policy drop-down list to choose the desired IGMP Policy.
You can choose Create IGMP Policy to create a new IGMP Policy, or you can use the default policy.
Step 5 In the Interfaces area, perform the following actions:a) Expand Interfaces and in the Select and L3 Out dialog box, from the L3 Out drop-down list, choose the desired
L3 Out.b) Click Select.
Step 6 Click the Rendezvous Points tab.Step 7 Choose the desired Rendezvous Point (RP) from the available options. You can specify static RP, auto RP, or bootstrap
router, or choose the desired combination of the RPs to configure.Step 8 (Optional) Expand Static RP, and from the RouteMap drop-down list, click Create RouteMap Policy, and perform
the following actions:This is a specific route map configured for multicast. If the route map you desire is already present, choose that insteadof creating a new route map.
a) In the Name field, enter a name for the routemap policy.b) Enter the values in the fields for Order, Source IP , Group IP, RP IP for that entry.c) In the Action field, choose the desired action to permit or deny. Click OK.d) Click Submit to display the entry under RouteMaps.
Step 9 In theWork pane, click the Pattern Policy tab.Step 10 Click Pattern Policy and choose the desired multicast option.
Choose theMulticast Route Map for each of the policies.
Step 11 Click the PIM Settings tab and set the desired PIM Setting and Resource Policy values.Step 12 Click the IGMP Setting tab.
a) In the Group Prefix and the Source Address fields, enter the appropriate values for both.b) Click Update to complete the IGMP Settings for that particular bridge domain.
Step 13 To verify the configuration perform the following actions:a) In theWork pane, click Interfaces to display the associated Bridge Domains.b) Click Interfaces to display the associated L3 Out interfaces.c) In the Navigation pane, navigate to the BD.d) In theWork pane, the configured IGMP policy and PIM functionality are displayed as configured earlier.e) In the Navigation pane, the L3 Out interface is displayed.f) In theWork pane, the PIM functionality is displayed as configured earlier.
Cisco ACI and Layer 3 Multicast 13
Configuring Layer 3 MulticastConfiguring Layer 3 Multicast Using the Advanced GUI
g) In theWork pane, navigate to Fabric > Inventory > Protocols > IGMP to view the operational status of theconfigured IGMP interfaces.
h) In theWork pane, navigate toFabric > Inventory >Pod name >Leaf_Node >Protocols > IGMP > IGMPDomainsto view the domain information for multicast enabled/disabled nodes.
Configuring Layer 3 Multicast Using the NX-OS Style CLI
Step 1 Enter the configure mode.
Example:apic1# configure
Step 2 Enter the configure mode for a tenant, the configure mode for the VRF, and configure PIM options.
Example:apic1(config)# tenant tenant1apic1(config-tenant)# vrf context tenant1_vrfapic1(config-tenant-vrf)# ip pimapic1(config-tenant-vrf)# ip pim fast-convergenceapic1(config-tenant-vrf)# ip pim bsr forward
Step 3 Configure IGMP and the desired IGMP options for the VRF.
Example:apic1(config-tenant-vrf)# ip igmpapic1(config-tenant-vrf)# exitapic1(config-tenant)# interface bridge-domain tenant1_bdapic1(config-tenant-interface)# ip multicastapic1(config-tenant-interface)# ip igmp allow-v3-asmapic1(config-tenant-interface)# ip igmp fast-leaveapic1(config-tenant-interface)# ip igmp inherit interface-policy igmp_intpol1apic1(config-tenant-interface)# exit
Step 4 Enter the L3 Out mode for the tenant, enable PIM, and enter the leaf interface mode. Then configure PIM for this interface.
Example:apic1(config-tenant)# l3out tenant1_l3outapic1(config-tenant-l3out)# ip pimapic1(config-tenant-l3out)# exitapic1(config-tenant)# exitapic1(config)#apic1(config)# leaf 101apic1(config-leaf)# interface ethernet 1/125apic1(config-leaf-if) ip pim inherit interface-policy pim_intpol1
Step 5 Configure IGMP for the interface using the IGMP commands.
Example:
apic1(config-leaf-if)# ip igmp fast-leaveapic1(config-leaf-if)# ip igmp inherit interface-policy igmp_intpol1This completes the APIC Layer 3 multicast configuration.
Cisco ACI and Layer 3 Multicast14
Configuring Layer 3 MulticastConfiguring Layer 3 Multicast Using the NX-OS Style CLI
Configuring Layer 3 Multicast Using REST API
Step 1 Configure tenant, VRF, and enable multicast on VRF.
Example:<fvTenant dn="uni/tn-PIM_Tenant" name="PIM_Tenant">
<fvCtx knwMcastAct="permit" name="ctx1"><pimCtxP mtu="1500"></pimCtxP>
</fvCtx></fvTenant>
Step 2 Configure L3 Out and enable multicast (PIM, IGMP) on L3 Out.
Example:<l3extOut enforceRtctrl="export" name="l3out-pim_l3out1">
<l3extRsEctx tnFvCtxName="ctx1"/><l3extLNodeP configIssues="" name="bLeaf-CTX1-101"><l3extRsNodeL3OutAtt rtrId="200.0.0.1" rtrIdLoopBack="yes" tDn="topology/pod-1/node-101"/><l3extLIfP name="if-PIM_Tenant-CTX1" tag="yellow-green"><igmpIfP/><pimIfP><pimRsIfPol tDn="uni/tn-PIM_Tenant/pimifpol-pim_pol1"/>
</pimIfP><l3extRsPathL3OutAtt addr="131.1.1.1/24" ifInstT="l3-port" mode="regular" mtu="1500"
tDn="topology/pod-1/paths-101/pathep-[eth1/46]"/></l3extLIfP>
</l3extLNodeP><l3extRsL3DomAtt tDn="uni/l3dom-l3outDom"/><l3extInstP name="l3out-PIM_Tenant-CTX1-1topo" ></l3extInstP><pimExtP enabledAf="ipv4-mcast" name="pim"/>
</l3extOut>
Step 3 Configure BD under tenant and enable multicast and IGMP on BD.
Example:<fvTenant dn="uni/tn-PIM_Tenant" name="PIM_Tenant">
<fvBD arpFlood="yes" mcastAllow="yes" multiDstPktAct="bd-flood" name="bd2" type="regular"unicastRoute="yes" unkMacUcastAct="flood" unkMcastAct="flood">
<igmpIfP/><fvRsBDToOut tnL3extOutName="l3out-pim_l3out1"/><fvRsCtx tnFvCtxName="ctx1"/><fvRsIgmpsn/><fvSubnet ctrl="" ip="41.1.1.254/24" preferred="no" scope="private" virtual="no"/>
</fvBD></fvTenant>
Step 4 Configure IGMP policy and assign it to BD.
Example:<fvTenant dn="uni/tn-PIM_Tenant" name="PIM_Tenant">
<igmpIfPol grpTimeout="260" lastMbrCnt="2" lastMbrRespTime="1" name="igmp_pol"querierTimeout="255" queryIntvl="125" robustFac="2" rspIntvl="10" startQueryCnt="2"startQueryIntvl="125" ver="v2">
</igmpIfPol>
Cisco ACI and Layer 3 Multicast 15
Configuring Layer 3 MulticastConfiguring Layer 3 Multicast Using REST API
<fvBD arpFlood="yes" mcastAllow="yes" name="bd2"><igmpIfP>
<igmpRsIfPol tDn="uni/tn-PIM_Tenant/igmpIfPol-igmp_pol"/></igmpIfP></fvBD>
</fvTenant>
Step 5 Configure route map, PIM, and RP policy on VRF.
Example:<fvTenant dn="uni/tn-PIM_Tenant" name="PIM_Tenant">
<pimRouteMapPol name="rootMap"><pimRouteMapEntry action="permit" grp="224.0.0.0/4" order="10" rp="0.0.0.0" src="0.0.0.0/0"/>
</pimRouteMapPol><fvCtx knwMcastAct="permit" name="ctx1"><pimCtxP ctrl="" mtu="1500"><pimStaticRPPol><pimStaticRPEntryPol rpIp="131.1.1.2"><pimRPGrpRangePol><rtdmcRsFilterToRtMapPol tDn="uni/tn-PIM_Tenant/rtmap-rootMap"/>
</pimRPGrpRangePol></pimStaticRPEntryPol>
</pimStaticRPPol></pimCtxP>
</fvCtx></fvTenant>
Step 6 Configure PIM interface policy and apply it on L3 Out.
Example:<fvTenant dn="uni/tn-PIM_Tenant" name="PIM_Tenant"><pimIfPol authKey="" authT="none" ctrl="" drDelay="60" drPrio="1" helloItvl="30000" itvl="60"
name="pim_pol1"/><l3extOut enforceRtctrl="export" name="l3out-pim_l3out1" targetDscp="unspecified">
<l3extRsEctx tnFvCtxName="ctx1"/><l3extLNodeP name="bLeaf-CTX1-101"><l3extRsNodeL3OutAtt rtrId="200.0.0.1" rtrIdLoopBack="yes" tDn="topology/pod-1/node-101"/><l3extLIfP name="if-SIRI_VPC_src_recv-CTX1" tag="yellow-green"><pimIfP><pimRsIfPol tDn="uni/tn-tn-PIM_Tenant/pimifpol-pim_pol1"/>
</pimIfP></l3extLIfP>
</l3extLNodeP></l3extOut>
</fvTenant>
Cisco ACI and Layer 3 Multicast16
Configuring Layer 3 MulticastConfiguring Layer 3 Multicast Using REST API
