企业基础架构ccie:组播中的igmp全系实验

网友投稿 285 2022-10-15


企业基础架构ccie:组播中的igmp全系实验

20.1 IGMP互联网组管理协议

图20-1 路由器的查询以及主机的报告功能报告抑制功能:组的其他成员监听到报告后抑制自己的成员关系报告发送。即报告抑制机制,实验证明V1抑制功能很低下,V2可以正常工作,而且增加了最大响应时间来指定延时值来规定所有主机的查询响应延时的上限,此外最大响应时间在IGMP查询器(选举原则为IP地址小的设备)上配置,只应用在成员关系查询信息。如图20-2所示:

图20-2 IGMP查询和抑制机制组成员离开过程:主机[必须是last report设备]向224.0.0.2发送离开组消息(报文中含有要离开的组地址224.1.1.1)1秒钟内没有收到该组的报告,发送第二个特定组查询。二个查询信息后未收到主机响应,组224.1.1.1超时,离开组。

20.2 IGMP实验拓扑

图中R3和R4为组播网络的最接近接收者(主机)的设备,两台主机由路由器模拟作为接收者,即加组的设备IP地址说明:每个节点都有一个loopback0,IP地址为XX.1.1.1/32,例如其中R4的loopback0,IP地址为44.1.1.1/32,本拓扑直连在同一网段,如R3的e0/0为10.1.1.3/24。

图20-3 IGMP实验拓扑

20.3 IGMP实验步骤

IGMPv1面临淘汰,不在本书讨论之列。本实验着重研究IGMPv2。

20.3.1 基本的IGMP配置

R3和R4作为最后一跳组播设备,PC1和PC2由路由器模拟加组设备。

R3、R4: ip multicast-routing---作为组播设备,开启组播功能 interface Ethernet0/0 ip address 10.1.1.3 255.255.255.0 ip pim sparse-mode---pim协议是最流行的组播协议,后续我们会着重介绍,对思科设备来说只要最后 一跳设备必须开启PIM,那么就自动使能了IGMP。 ! ip multicast-routing interface Ethernet0/0 ip address 10.1.1.4 255.255.255.0 ip pim sparse-mode PC1和PC2: interface Ethernet0/0 ip address 10.1.1.1 55.255.255.0 ip igmp join-group 224.1.1.1---加入组播组224.1.1.1 ! interface Ethernet0/0 ip address 10.1.1.2 255.255.255.0 ip igmp join-group 224.1.1.1

验证:R4#show ip pim neighbor ---验证PIM形成的邻居PIM Neighbor TableMode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,S - State Refresh CapableNeighbor Interface Uptime/Expires Ver DRAddress Prio/Mode10.1.1.3 Ethernet0/0 00:00:11/00:01:33 v2 1 / S

R3#show ip igmp interface ethernet 0/0---只要使能了PIM,自然即开启了igmp协议Ethernet0/0 is up, line protocol is upInternet address is 10.1.1.3/24IGMP is enabled on interface---使能PIM就自动使能了IGMPCurrent IGMP host version is 2---默认的IGMPv2Current IGMP router version is 2------默认的IGMPv2IGMP query interval is 60 seconds---IGMP查询间隔默认为60sIGMP querier timeout is 120 seconds---负责查询的设备即查询者,监控查询者超时时间为120sIGMP max query response time is 10 seconds---默认最大响应时间为10s,后续会进行调整Last member query count is 2Last member query response interval is 1000 msInbound IGMP access group is not setIGMP activity: 2 joins, 0 leavesMulticast routing is enabled on interfaceMulticast TTL threshold is 0Multicast designated router (DR) is 10.1.1.4---此网段的DR为R4IGMP querying router is 10.1.1.3 (this system)---最后一跳有多个设备,那么R3为查询者:在有多个最后一跳路由器的情况下,由查询路由器发起IGMP的查询(query)消息,IGMPv2和IGMPv3查询路由器的选取原则:接口IP地址小的为查询路由器。Multicast groups joined by this system (number of users):224.0.1.40(1)

20.3.2 修改最后一跳位置的的DR设备

PIM的DR,即指定路由器作用和OSPF不同,其作用在于:在有多个第一跳路由器的情况下,由DR负责转发组播源发出的组播流,并向RP发送注册信息;在有多个最后一跳路由器的情况下,由DR负责向组播源或者RP发送PIM的join消息。PIM的DR的选取原则:优选DR优先级高的为DR,次选IP地址大的为DR。验证R4:R4#show ip igmp interface e0/0Ethernet0/0 is up, line protocol is upInternet address is 10.1.1.4/24IGMP is enabled on interfaceCurrent IGMP host version is 2Current IGMP router version is 2IGMP query interval is 60 secondsIGMP querier timeout is 120 secondsIGMP max query response time is 10 secondsLast member query count is 2Last member query response interval is 1000 msInbound IGMP access group is not setIGMP activity: 2 joins, 0 leavesMulticast routing is enabled on interfaceMulticast TTL threshold is 0Multicast designated router (DR) is 10.1.1.4 (this system)—DR为R4IGMP querying router is 10.1.1.3 ---查询者为R3Multicast groups joined by this system (number of users):224.0.1.40(1)下面的配置使得R3成为DR:interface Ethernet0/0ip address 10.1.1.3 255.255.255.0ip pim dr-priority 10—把默认的优先级改为10,使其成为DR验证:R4#show ip pim neighbor---验证pim的邻居时,可以看到dr的情况PIM Neighbor TableMode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,S - State Refresh CapableNeighbor Interface Uptime/Expires Ver DRAddress Prio/Mode10.1.1.3 Ethernet0/0 00:12:47/00:01:16 v2 10/ DR S

20.3.3 组播网络的最后一跳的路由器同IGMP加组设备的关系

需要先了解一下基本的术语和概念:last reporter设备,即最后发送report报文的设备。该设备和离开组有关系通过下面的实验让我们来观察report抑制功能以及报告抑制功能。R3#debug ip igmp IGMP debugging is on

R2#show ip igmp groups detail

Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,SS - Static Source, VS - Virtual Source

Interface: Ethernet0/0Group: 224.1.1.1Flags: L U Uptime: 00:18:32Group mode: INCLUDELast reporter: 10.1.1.1---R2知道R1为最后一个报告者,因为它们在同一个网段内Source list is empty此时R3上观察到:Mar 1 00:42:00.475: IGMP(0): Send v2 general Query on Ethernet0/0---查询者发送一个通用组查询Mar 1 00:43:09.107: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.1 for 224.1.1.1---收到来自R1的IGMP report报文,没有收到来自R2的report报文,是因为report抑制功能的原因。R1发送了有设备在该组中,为了节省报文发送,R2收到该报文之后不再发送report。Mar 1 00:43:09.111: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.1 for 0 sourcesMar 1 00:43:09.115: IGMP(0): Updating EXCLUDE group timer for 224.1.1.1验证R3:R3#show ip igmp groups IGMP Connected Group MembershipGroup Address Interface Uptime Expires Last Reporter224.1.1.1 Ethernet0/0 00:24:33 00:02:43 10.1.1.1224.0.1.40 Ethernet0/0 00:28:55 00:02:43 10.1.1.3R1为last report,该角色是不断发生变化的,发送报告的设备即为last report,而其他同组中的设备被抑制发送报告。可以在R2查看:R2#debug ip igmpIGMP debugging is onR2#Mar 1 00:52:01.943: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3---收到了来自R3(查询者)的查询消息Mar 1 00:52:01.947: IGMP(0): Set report delay time to 0.2 seconds for 224.1.1.1 on Ethernet0/0---发送报告的时延设置为0.2秒,该数字为一个随机值,随机值小的为报告者Mar 1 00:52:02.147: IGMP(0): Send v2 Report for 224.1.1.1 on Ethernet0/0---此时R2发送了报告,那么R2为last report,原因在于R2的随机报告时延较小R2#show ip igmp groups IGMP Connected Group MembershipGroup Address Interface Uptime Expires Last Reporter224.1.1.1 Ethernet0/0 00:27:39 stopped 10.1.1.2R2#show ip igmp groups detail

Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,SS - Static Source, VS - Virtual Source

Interface: Ethernet0/0Group: 224.1.1.1Flags: L U Uptime: 00:27:41Group mode: INCLUDELast reporter: 10.1.1.2Source list is empty为了观察到此过程,以及为了加速发送加组、离开组,需要多次取消和键入加组命令。为了控制加组设备设置的报告实验,IGMPv2可以设置该时间的最大值,在查询者R3上做如下设置:

interface Ethernet0/0 ip address 10.1.1.3 255.255.255.0 ip igmp query-max-response-time 5---设置最大响应时间为5秒 我们观察新一轮的完整的报告过程: R3# *Mar 1 01:06:01.019: IGMP(0): Send v2 general Query on Ethernet0/0---查询者发送一个通用组查询 *Mar 1 01:06:01.019: IGMP(0): Set report delay time to 3.4 seconds for 224.0.1.40 on Ethernet0/0---本 设备针对224.0.1.40的report delay,不用关心该组 R3# *Mar 1 01:06:04.167: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---从R2 收到报告消息 *Mar 1 01:06:04.171: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sources R1# *Mar 1 01:06:03.683: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3---从查询者R3收到 查询消息 *Mar 1 01:06:03.687: IGMP(0): Set report delay time to 4.4 seconds for 224.1.1.1 on Ethernet0/0---本设 备设置一个随机发送报告的时延4.4秒,该值应该大于R2的报告时延,同时该时间小于querier(R3) 上设置的时间

R1#Mar 1 01:06:06.843: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---从R2收到了R2发送的报告消息Mar 1 01:06:06.847: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sources*Mar 1 01:06:06.851: IGMP(0): Cancel report for 224.1.1.1 on Ethernet0/0---R1取消了发送报告,R1的报告被抑制

R2#Mar 1 01:06:02.275: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3Mar 1 01:06:02.279: IGMP(0): Set report delay time to 2.4 seconds for 224.1.1.1 on Ethernet0/0---本端设置的一个随机报告时延为2.4秒R2#*Mar 1 01:06:05.411: IGMP(0): Send v2 Report for 224.1.1.1 on Ethernet0/0---本设备发送了报告,会抑制R1的报告R2#

20.3.4 观察IGMPv2的离开组播组

下面描述一个接收者离开组播组224.1.1.1的过程:主机(作为last report的加组者)向224.0.0.2发送离开组消息(该报文中含有准备要离开的组播组地址224.1.1.1);查询者如果在1秒钟内没有收到关于224.1.1.1的报告,那么它将发送第二个关于224.1.1.1的查询;在2个查询信息后,查询者未收到主机响应,那么组224.1.1.1超时,即所有的接收者都离开了该组。先来观察last report是哪台设备R3#show ip igmp groups IGMP Connected Group MembershipGroup Address Interface Uptime Expires Last Reporter224.1.1.1 Ethernet0/0 01:45:51 00:02:27 10.1.1.1224.0.1.40 Ethernet0/0 01:50:13 00:02:27 10.1.1.4让R1离开组:R1(config)#int e0/0R1(config-if)#no ip igmp join-group 224.1.1.1R1(config-if)#Mar 1 02:10:51.855: IGMP(0): IGMP delete group 224.1.1.1 on Ethernet0/0Mar 1 02:10:51.859: IGMP(0): Send Leave for 224.1.1.1 on Ethernet0/0---R1发送了离开组的leaver消息,这点和V1不同,V1是默默的离开R3#Mar 1 02:10:49.191: IGMP(0): Received Leave from 10.1.1.1 (Ethernet0/0) for 224.1.1.1---查询者从R1收到了离开组的消息Mar 1 02:10:49.195: IGMP(0): Received Group record for group 224.1.1.1, mode 3 from 10.1.1.1 for 0 sourcesMar 1 02:10:49.199: IGMP(0): Lower expiration timer to 2000 msec for 224.1.1.1 on Ethernet0/0Mar 1 02:10:49.203: IGMP(0): Send v2 Query on Ethernet0/0 for group 224.1.1.1R3#Mar 1 02:10:50.203: IGMP(0): Send v2 Query on Ethernet0/0 for group 224.1.1.1---连续发送两次查询,而且是专门针对该组的查询,而非通用查询,发送次数可以设置Mar 1 02:10:50.227: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---R2收到R2的查询,发送了报告,即该子网下还有组播接收者Mar 1 02:10:50.231: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sourcesMar 1 02:10:50.235: IGMP(0): Updating EXCLUDE group timer for 224.1.1.1Mar 1 02:10:50.235: IGMP(0): MRT Add/Update Ethernet0/0 for (,224.1.1.1) by 0总结:当last reporter离开一个组的时候,要发送leave报文通知最后一跳路由器,然后路由器连续发送两个查询报文,查询是否还有该组的接收者存在,此时的查询报文是针对特定组的查询。对于非last reporter离开组,不需要发送leave报文,因为这个时候路由器记录的组播接收者不是该设备。

20.3.5 在最后一跳设备上实现加组的控制

可以在最后一跳设备上限制加入某些组播组,配置如下:R3:

access-list 10 permit 224.1.1.1 access-list 10 permit 224.1.1.2 interface Ethernet0/0 ip address 10.1.1.3 255.255.255.0 ip pim dr-priority 10 ip pim sparse-mode ip igmp query-max-response-time 5 ip igmp access-group 10---ACL 10 匹配的组才能加入

验证:R3#show ip igmp interface e0/0Ethernet0/0 is up, line protocol is upInternet address is 10.1.1.3/24IGMP is enabled on interfaceCurrent IGMP host version is 2Current IGMP router version is 2IGMP query interval is 60 secondsIGMP querier timeout is 120 secondsIGMP max query response time is 5 secondsLast member query count is 2Last member query response interval is 1000 msInbound IGMP access group is 10IGMP activity: 2 joins, 0 leavesMulticast routing is enabled on interfaceMulticast TTL threshold is 0Multicast designated router (DR) is 10.1.1.3 (this system)IGMP querying router is 10.1.1.3 (this system)Multicast groups joined by this system (number of users):224.0.1.40(1)R1加组:R1(config)#interface e0/0 R1(config-if)#ip igmp join-group 224.1.1.3R1(config-if)#ip igmp join-group 224.1.1.2查看R3:Mar 1 02:27:25.451: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.1 for 224.1.1.3Mar 1 02:27:25.455: IGMP(*): Group 224.1.1.3 access denied on Ethernet0/0---加入该组224.1.1.3的信息被拒绝,因为该组没有被ACL允许R3#show ip igmp groups ---R3上没有收到224.1.1.3的加组信息IGMP Connected Group MembershipGroup Address Interface Uptime Expires Last Reporter224.1.1.1 Ethernet0/0 02:03:29 00:02:52 10.1.1.2224.0.1.40 Ethernet0/0 02:07:51 stopped 10.1.1.3R3#show access-listsStandard IP access list 1010 permit 224.1.1.1 (213 matches)20 permit 224.1.1.2 (2 matches最后做一个ping的测试:R3#ping 224.1.1.1

Type escape sequence to abort.Sending 1, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds:

Reply to request 0 from 10.1.1.2, 32 msR3#ping 224.1.1.2

Type escape sequence to abort.Sending 1, 100-byte ICMP Echos to 224.1.1.2, timeout is 2 seconds:

Reply to request 0 from 10.1.1.1, 16 ms

20.3.6 IGMPv3

IGMPv3是最新的关于IGMP的版本IGMPv3可以和IGMPv1、V2实现互操作,它特定服务于Source Specific Multicast(SSM)模型,默认的组播组为232.0.0.0/8。IGMPv3允许主机指定组播源,只接收特定组播源发出的组播数据,相比以前的版本,加强了主机的控制能力,不仅可以指定组播组,还能指定组播的源。IGMPv3增强了接收者对源的控制,可以显式的指定它期望的源,有两种模式:INCLUDE和EXCLUDE。INCLUDE模式中,接收者通告组成员关系,提供一个INCLUDE列表,其中包含它想接收的流量。即主机只接收除了EXCLUDE LIST中列出的源的流量,通常为空。IGMPv3专门为SSM设计,主机发送成员关系报告到224.0.0.22,所有的IGMPv3路由器侦听该地址,主机不会侦听或者响应224.0.0.22,IGMPv3也不存在报告抑制功能,因为IGMPv3主机不侦听其他主机。修改查询者R3为IGMPv3,配置如下:

interface Ethernet0/0 ip address 10.1.1.3 255.255.255.0 ip igmp version 3

R3#show ip igmp interface e0/0Ethernet0/0 is up, line protocol is upInternet address is 10.1.1.3/24IGMP is enabled on interfaceCurrent IGMP host version is 3Current IGMP router version is 3IGMP query interval is 60 secondsIGMP querier timeout is 120 secondsIGMP max query response time is 5 secondsLast member query count is 2Last member query response interval is 1000 msInbound IGMP access group is 10IGMP activity: 3 joins, 0 leavesMulticast routing is enabled on interfaceMulticast TTL threshold is 0Multicast designated router (DR) is 10.1.1.3 (this system)IGMP querying router is 10.1.1.3 (this system)Multicast groups joined by this system (number of users):224.0.1.40(1)R1加入232.1.1.1而且指定源interface Ethernet0/0ip address 10.1.1.1 255.255.255.0ip igmp join-group 224.1.1.2ip igmp join-group 232.1.1.1 source 10.1.1.3---指定可以从特性组播10.1.1.3源收的流量验证:R1#show ip igmp groups detailFlags: L - Local, U - User, SG - Static Group, VG - Virtual Group,SS - Static Source, VS - Virtual SourceInterface: Ethernet0/0Group: 232.1.1.1Flags: L Uptime: 00:05:36Group mode: INCLUDE---加入了232.1.1.1,而且模式为include模式Last reporter: 10.1.1.1Group source list: (C - Cisco Src Report, U - URD, R - Remote, S - Static,V - Virtual, Ac - Accounted towards access control limit,M - SSM Mapping, L - Local) Source Address Uptime v3 Exp CSR Exp Fwd Flags10.1.1.3 00:05:36 stopped stopped Yes LInterface: Ethernet0/0Group: 224.1.1.2---加入了普通组Flags: L U Uptime: 00:56:57Group mode: INCLUDE---includeLast reporter: 10.1.1.1Source list is empty---没有指定源


版权声明:本文内容由网络用户投稿,版权归原作者所有,本站不拥有其著作权,亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容,请联系我们jiasou666@gmail.com 处理,核实后本网站将在24小时内删除侵权内容。

标签:接口 配置
上一篇:网络基础知识学习笔记11
下一篇:Spring源码剖析之Spring处理循环依赖的问题
相关文章

 发表评论

暂时没有评论,来抢沙发吧~