Unsolved
This post is more than 5 years old
5 Posts
0
15656
How do I define PIM-SM / IGMP settings to make an upstream- or downstream-only port?
I have three multicast interfaces on a single switch. One (vlan 224) connects to multicast sources that I need to distribute throughout my network, so it's "upstream". One (vlan 225) connects to a number of multicast clients, so it's "downstream" from the switch. The last interface (vlan 140) uses the upstream multicast data and generates its own multicast streams that are consumed by the clients connecting to vlan 225. So vlan 140 is downstream from vlan 224 but upstream from vlan 225.
I have a powerconnect 6224 switch where the three vlans have been defined. The switch is the only RP in the system (statically defined) and runs PIM-SM and IGMP (of course) on all vlans. Traffic flows from one vlan to another without issue.
The issue is that I want to make sure that the upstream/downstream relations hold, especially because the clients on vlan 225 have the ability to "replay" multicast data that they receive, which could completely mess up the processing on vlan 140. I also want to make sure that none of the traffic generated on vlan 140 or 225 gets out on vlan 224.
I've read the manual, plugged through the cli and the web interface for clues and tried a bunch of things, but I'm basically at a loss. The igmp-proxy has an easy way to divide interfaces in upstream and downstream, but running a proxy is inefficient - I need to stop the multicast at the switch and only send it to the clients that request it. I'm just not sure how it can be made to work with PIM-SM and IGMP.
All help would be greatly appreciated, because I'm out of ideas of how it's even supposed to work on the PowerConnect 6224. I have two more days to work on this and am willing to try a lot of different things. I am, however, working in a facility in Europe right now, so my working hours will be a bit out of sync...
TIA
- Dirk
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 9th, 2012 08:00
Multicast filter would work for you if you are wanting to control the multicast traffic.
Page 225
support.dell.com/.../cli_en.pdf
This article is not on your specific switch, but the basic principles still apply, and should be looked at for multicast filtering.
www.dell.com/.../app_note_6.pdf
If you want to limit all traffic from one VLAN to another, then using an ACL would be the way to go.
Page 209
support.dell.com/.../cli_en.pdf
Some more info on ACL
www.dell.com/.../pwcnt_IP_ACLs.pdf
www.dell.com/.../app_note_3.pdf
Keep us updated,
Thanks.
deschepperdirk1
5 Posts
0
May 10th, 2012 00:00
Thanks for your time. I may be misunderstanding something here.
The way I see it, filtering allows me to keep sources for different multicast streams separate. The problem is that on the client VLAN (vlan225), multicast traffic can be recorded and replayed for further analysis. During replay, a new source of multicast data with the same exact characteristics as the original one appears on vlan225. I can't distinguish it from the real-time data stream (which comes in on vlan 224) except that it comes from a different interface. So I need to configure the switch so it does not accept sources on vlan225, only sinks.
I believe that ACL has the same issue: I need to distinguish between sources and sinks, not multicast streams. I could block multicast addresses to stop data flow, but not the igmp traffic that will tell the RP that there is a (false) new source for a particular data stream. Or am I missing something?
To be more concrete, here are my two vlans setups:
ip routing
ip multicast
ip igmp
ip pimsm
ip pimsm rp-address 10.0.20.22 224.0.0.0 240.0.0.0
interface vlan 224
routing
name MCupstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.20.22 255.255.255.0
exit
interface vlan 225
routing
name MCdownstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.30.22 255.255.255.0
exit
How do I make sure that a source for any multicast stream incoming on vlan 224 gets registered and distributed, while the very same stream incoming on vlan 225 would be dropped silently?
TIA,
- Dirk
deschepperdirk1
5 Posts
0
May 11th, 2012 00:00
Hello?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 11th, 2012 06:00
Sorry for late reply, I am actively doing research on if what exactly you need to have can be implemented, and if so how it would be done. As soon as I have this information I will post it up here.
Thanks.
deschepperdirk1
5 Posts
0
May 14th, 2012 00:00
Thanks.
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 16th, 2012 11:00
I apologize for the late reply on this, I have been trying to do some research on if this can be done and exactly how it would be implemented. And unfortunately I have not been able to make any headway. What I recommend doing is calling into PowerConnect support group, 1-800-945-3355, and opening a case on this setup. They can gather more information and assist further.
Thanks.
deschepperdirk1
5 Posts
0
May 21st, 2012 04:00
Hi Daniel, is there a number for that group in Belgium?
Thanks,
- Dirk
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
May 21st, 2012 06:00
Yes there is,
02 481 9288
or
02 481 8993
Cheers.