secondary VLAN ingress traffic, note the
following: - Enter a value for the
secondary_vlan_list parameter or use the add keyword with
the secondary_vlan_list parameter to map the secondary VLANs to
the primary VLAN.
- Use the remove keyword with
the secondary_vlan_list parameter to clear the mapping
between secondary VLANs and the primary VLAN.
- Use the
no keyword to clear all mappings with the PVLAN
promiscuous port.
This example shows how to permit
routing of secondary VLAN ingress traffic from PVLAN440 and
verify the configuration: Switch#configure terminal
Switch(config)#interface vlan 202
Switch(config-if)#private-vlan mapping add 440
Switch(config-if)#end
Switch#show interfaces
private-vlan mapping
Interface Secondary VLAN
Type
--------- --------- -----------------
vlan202 440
isolated
Content 8.2 Configuring IP
Multicast 8.2.7 What is Internet Group
Management Protocol – IGMP? Internet Group Management
Protocol (IGMP) is used to register individual hosts with a
multicast group. The host sends a join message to a local
router multicast address. If the router is running a multicast
routing protocol, it will accept the join and then forward the
multicast stream for that group onto the segment where the
registering host is present. IGMP messages are IP datagrams
with a protocol value of 2 and a destination address 224.0.0.2
and a TTL of 1. In addition to listening to IGMP join messages,
multicast routers also periodically send out queries to
discover which groups are active or inactive on a particular
subnet. Any end station that is part of the multicast group
receives this IGMP query, and responds with a host membership
report for each group to which it belongs . This is sent to all
hosts 224.0.0.1 with a TTL of 1. As of this writing, version 3
is the most current iteration of IGMP and is covered in more
detail. Previous versions had attributes and limitations as
listed in Figure . IGMP Message Format
IGMP
version3, the next step in the evolution of IGMP, adds support
for source filtering, multiple group memberships, joins and
leaves. This enables a multicast receiving host to indicate to
the router the groups from which it wants to receive multicast
traffic, as well as the source unicast addresses from which
this traffic is expected. This membership information enables
IOS software to forward traffic from only those sources
requested by the receiver. IGMP v3 supports Report and Query
messages that have different packet structure as shown .
IGMP v3 Report Message
Figure describes the fields
in the IGMP v3 report message sent from the host to the
router. With IGMP v3, receivers signal membership to a
multicast host group in these two modes: - INCLUDE
mode – The receiver announces membership to a host group
and provides a list of source addresses (the INCLUDE list) from
which it does want to receive traffic.
- EXCLUDE mode – The receiver announces membership to
a multicast group and provides a list of source addresses (the
EXCLUDE list) from which it does not want to receive
traffic. To receive traffic from all sources, which is the
behavior of IGMP v2, a host uses EXCLUDE mode membership with
an empty EXCLUDE list.
IGMP v3 Query Message
The IGMP query message sent from the multicast router to
the all hosts address 224.0.0.1 has a different format than the
report or join message. –
Content 8.2
Configuring IP Multicast 8.2.8 Describing the
IGMP snooping process The default behavior for a Layer 2
switch is to forward multicast traffic to every port in the
VLAN on which the traffic was received. Therefore, a switch
between a requesting host and a multicast router will forward a
multicast flow intended for a single host out all switch ports
on the same VLAN as the receiving host. IGMP snooping is an IP
multicast constraining mechanism for switches. It examines IGMP
frames so that multicast traffic is not forwarded out all VLAN
ports but only those over which hosts sent IGMP message toward
the router. IGMP snooping runs on a Layer 2 switch. The switch
snoops the content of the IGMP join and leave messages sent
between the hosts and the router. When the switch sees an IGMP
report from a host to join a particular multicast group, the
switch creates a CAM table entry associating the port number
where that message was seen to the Layer 2 multicast address
for the group that the host joined. When the frames of the
multicast flow arrive at the switch with the destination
multicast MAC address, they are forwarded down only those ports
where the IGMP messages were snooped, and associated CAM table
entries were created. When the switch snoops the IGMP leave
group message from a host, the switch removes the table entry.
Content 8.2 Configuring IP Multicast
8.2.9 IP multicast configuration commands These
commands are used to configure IP Multicast on a router or
switch. –
Content 8.2 Configuring IP
Multicast 8.2.10 How to enable IP
multicast By default, a Layer 3 device will isolate
multicast traffic to the segment on which it was generated, not
forwarding it across the router to other network segments.
Enabling IP multicast routing allows a Layer 3 device to
forward multicast packets based upon the configuration of the
Multicast routing protocol. The general steps to enabling and
verifying multicast routing are outlined: 1. Enable IP
Multicast Routing
A single command is used from global
configuration to enable multicast routing: Switch(config)#ip
multicast-routing 2. Enable a Multicast Routing
Protocol
The multicast routing protocol, which is PIM
on a campus network, establishes the rules by which multicast
traffic will be forwarded onto various network segments by the
Layer 3 device. An interface can be configured to operate in
PIM dense mode, sparse mode, or sparse-dense mode. The mode
determines how the Layer 3 device populates its multicast
routing table and how it forwards multicast packets received
from directly connected segments. Enabling PIM on an interface
also enables IGMP operation on that interface. At interface
configuration mode, configure the PIM mode of operation for the
interface. When the switch populates the multicast routing
table, dense-mode interfaces are always added to the table.
Sparse-mode interfaces are added to the table only when
periodic join messages are received from downstream routers, or
when there is a directly connected member on the interface. If
configured for sparse or sparse-dense mode, multicast sparse
mode operation will occur if there is a RP known for the group.
If so, the packets are encapsulated and sent toward the RP.
When no RP is known, the packet is flooded in a dense-mode
fashion. By default, multicast routing is disabled on an
interface. 3. Configure the RP for Sparse Mode
Operation
Routers with group members on its
direction-connected interfaces as the RP address to send PIM
register messages up the tree. On routers in the tree that are
closest to the RP, the RP address is used to send PIM join and
prune messages to the RP, and to inform it about group
membership down the tree from that point. The RP address must
be configured on all routers anywhere in the tree that will
carry traffic from a source to its member (including the RP
router). 4. Verify IP Multicast Operations
These
commands are available to verify and monitor IP multicast
operations such as; operational statistics, resource
utilization, multicast database content, troubleshooting
information, node reachability and Multicast routing paths.
Some of the commands are further delineated in the lesson.
5. Verify PIM
Figure shows output from the show
ip pim interface command. Figure shows output from the
show ip pim interface command with a count.
Figure shows sample output from the show ip pim