20.1 IGMP Internet Group Management Protocol
IGMP (internet group manage protocol) protocol is a control protocol between hosts with routers, hosts through IGMP report to the multicast router group they want to join, the router by members of the group on whether there are specific queries the IGMP protocol network, protocol No. 2. the
current IGMP there are three versions of the IPv4:
RFC1112-IGMPv1 (see structure in IGMP RFC1112)
RFC2236-IGMPv2
RFC3376-IGMPv3
group control protocol between a host with a router called Multicast Listener Discover, for IPv6 has 2 version:
the MLD Vl
the MLD V2
joins a multicast group: when a host wishes to receive data of a multicast group, sending a report to join a multicast group members. But also for the DR sends the query to the network shown in Figure 20-1:
Reporting query graph 20-1 routers and hosts
report suppression:
the other members of their group membership report suppression after listening to a report sent. That report suppression mechanism, proved V1 suppression function is low, V2 can work, but also increases the maximum response time to be specified cap on all hosts query response latency delay value, in addition to the maximum response time in IGMP querier ( the principle of small electoral IP address of the device) configuration, only apply in membership query information. Shown in Figure 20-2:
FIG. 20-2 IGMP queries and inhibitory mechanisms
group member leaving the process:
host [last report device must be] sent to 224.0.0.2 leave group message (packet containing leaving group address 224.1.1.1)
is not received within 1 second to the report of the group, sending a second group-specific queries.
After two inquiries have not received information from the host response, group 224.1.1.1 timeout, leaving the group.
20.2 IGMP lab topology
FIG R3 and R4 nearest multicast network receiver (host) device, an analog two hosts by the router as the receiver, i.e. the device plus group
IP address Description: Each node has a Loopback0, IP address XX.1.1.1 / 32, wherein loopback0 R4 e.g., IP address as 44.1.1.1/32, this direct connection topology in the same network segment as R3, e0 / 0 to 10.1.1.3/24.
Figure 20-3 IGMP lab topology
20.3 IGMP Experimental Procedure
IGMPv1 phased out, not in this book list. In this study we focus on IGMPv2.
20.3.1 IGMP basic configuration
R3 and R4 are as last hop multicast device, PC1 and PC2 plus group by the router device simulation.
R3、R4:
ip multicast-routing---作为组播设备,开启组播功能
interface Ethernet0/0
ip address 10.1.1.3 255.255.255.0
ip pim sparse-mode---pim协议是最流行的组播协议,后续我们会着重介绍,对思科设备来说只要最后
一跳设备必须开启PIM,那么就自动使能了IGMP。
!
ip multicast-routing
interface Ethernet0/0
ip address 10.1.1.4 255.255.255.0
ip pim sparse-mode
PC1和PC2:
interface Ethernet0/0
ip address 10.1.1.1 55.255.255.0
ip igmp join-group 224.1.1.1---加入组播组224.1.1.1
!
interface Ethernet0/0
ip address 10.1.1.2 255.255.255.0
ip igmp join-group 224.1.1.1Verify:
R4 PIM neighbor --- # Show IP verification formed PIM neighbors
PIM the Neighbor the Table
Mode: B - Capable Bidir, the DR - the Designated Router, N - the Priority the Default the DR,
S - Capable the Refresh State
the Neighbor Interface The Uptime / the Expires the DR Ver
the Address PRIO / Mode
10.1.1.3 Ethernet0 / 0 00: 00: 11/00: 01: 33 is V2. 1 / S
R3#show ip igmp interface ethernet 0/0---只要使能了PIM,自然即开启了igmp协议
Ethernet0/0 is up, line protocol is up
Internet address is 10.1.1.3/24
IGMP is enabled on interface---使能PIM就自动使能了IGMP
Current IGMP host version is 2---默认的IGMPv2
Current IGMP router version is 2------默认的IGMPv2
IGMP query interval is 60 seconds---IGMP查询间隔默认为60s
IGMP querier timeout is 120 seconds---负责查询的设备即查询者,监控查询者超时时间为120s
IGMP max query response time is 10 seconds---默认最大响应时间为10s,后续会进行调整
Last member query count is 2
Last member query response interval is 1000 ms
Inbound IGMP access group is not set
IGMP activity: 2 joins, 0 leaves
Multicast routing is enabled on interface
Multicast TTL threshold is 0
Multicast designated router (DR) is 10.1.1.4---此网段的DR为R4
IGMP querying router is 10.1.1.3 (this system)---最后一跳有多个设备,那么R3为查询者:在有多个最后一跳路由器的情况下,由查询路由器发起IGMP的查询(query)消息,IGMPv2和IGMPv3查询路由器的选取原则:接口IP地址小的为查询路由器。
Multicast groups joined by this system (number of users):
224.0.1.40(1)
20.3.2 修改最后一跳位置的的DR设备
PIM的DR,即指定路由器作用和OSPF不同,其作用在于:在有多个第一跳路由器的情况下,由DR负责转发组播源发出的组播流,并向RP发送注册信息;在有多个最后一跳路由器的情况下,由DR负责向组播源或者RP发送PIM的join消息。
PIM的DR的选取原则:优选DR优先级高的为DR,次选IP地址大的为DR。
验证R4:
R4#show ip igmp interface e0/0
Ethernet0/0 is up, line protocol is up
Internet address is 10.1.1.4/24
IGMP is enabled on interface
Current IGMP host version is 2
Current IGMP router version is 2
IGMP query interval is 60 seconds
IGMP querier timeout is 120 seconds
IGMP max query response time is 10 seconds
Last member query count is 2
Last member query response interval is 1000 ms
Inbound IGMP access group is not set
IGMP activity: 2 joins, 0 leaves
Multicast routing is enabled on interface
Multicast TTL threshold is 0
Multicast designated router (DR) is 10.1.1.4 (this system)—DR为R4
IGMP querying router is 10.1.1.3 ---查询者为R3
Multicast groups joined by this system (number of users):
224.0.1.40(1)
下面的配置使得R3成为DR:
interface Ethernet0/0
ip address 10.1.1.3 255.255.255.0
ip pim dr-priority 10—把默认的优先级改为10,使其成为DR
验证:
R4#show ip pim neighbor---验证pim的邻居时,可以看到dr的情况
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
S - State Refresh Capable
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
10.1.1.3 Ethernet0/0 00:12:47/00:01:16 v2 10/ DR S
20.3.3 组播网络的最后一跳的路由器同IGMP加组设备的关系
需要先了解一下基本的术语和概念:
last reporter设备,即最后发送report报文的设备。该设备和离开组有关系
通过下面的实验让我们来观察report抑制功能以及报告抑制功能。
R3#debug ip igmp
IGMP debugging is on
R2#show ip igmp groups detail
Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,
SS - Static Source, VS - Virtual Source
Interface: Ethernet0/0
Group: 224.1.1.1
Flags: L U
Uptime: 00:18:32
Group mode: INCLUDE
Last reporter: 10.1.1.1---R2知道R1为最后一个报告者,因为它们在同一个网段内
Source list is empty
此时R3上观察到:
Mar 1 00:42:00.475: IGMP(0): Send v2 general Query on Ethernet0/0---查询者发送一个通用组查询
Mar 1 00:43:09.107: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.1 for 224.1.1.1---收到
来自R1的IGMP report报文,没有收到来自R2的report报文,是因为report抑制功能的原因。R1
发送了有设备在该组中,为了节省报文发送,R2收到该报文之后不再发送report。
Mar 1 00:43:09.111: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.1 for 0 sources
Mar 1 00:43:09.115: IGMP(0): Updating EXCLUDE group timer for 224.1.1.1
验证R3:
R3#show ip igmp groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 Ethernet0/0 00:24:33 00:02:43 10.1.1.1
224.0.1.40 Ethernet0/0 00:28:55 00:02:43 10.1.1.3
R1为last report,该角色是不断发生变化的,发送报告的设备即为last report,而其他同组中的设备被抑制发送报告。
可以在R2查看:
R2#debug ip igmp
IGMP debugging is on
R2#
Mar 1 00:52:01.943: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3---收到了来自R3(查
询者)的查询消息
Mar 1 00:52:01.947: IGMP(0): Set report delay time to 0.2 seconds for 224.1.1.1 on Ethernet0/0---发送
报告的时延设置为0.2秒,该数字为一个随机值,随机值小的为报告者
Mar 1 00:52:02.147: IGMP(0): Send v2 Report for 224.1.1.1 on Ethernet0/0---此时R2发送了报告,
那么R2为last report,原因在于R2的随机报告时延较小
R2#show ip igmp groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 Ethernet0/0 00:27:39 stopped 10.1.1.2
R2#show ip igmp groups detail
Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,
SS - Static Source, VS - Virtual Source
Interface: Ethernet0/0
Group: 224.1.1.1
Flags: L U
Uptime: 00:27:41
Group mode: INCLUDE
Last reporter: 10.1.1.2
Source list is empty
为了观察到此过程,以及为了加速发送加组、离开组,需要多次取消和键入加组命令。
为了控制加组设备设置的报告实验,IGMPv2可以设置该时间的最大值,在查询者R3上做如下设置:
interface Ethernet0/0
ip address 10.1.1.3 255.255.255.0
ip igmp query-max-response-time 5---设置最大响应时间为5秒
我们观察新一轮的完整的报告过程:
R3#
*Mar 1 01:06:01.019: IGMP(0): Send v2 general Query on Ethernet0/0---查询者发送一个通用组查询
*Mar 1 01:06:01.019: IGMP(0): Set report delay time to 3.4 seconds for 224.0.1.40 on Ethernet0/0---本
设备针对224.0.1.40的report delay,不用关心该组
R3#
*Mar 1 01:06:04.167: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---从R2
收到报告消息
*Mar 1 01:06:04.171: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sources
R1#
*Mar 1 01:06:03.683: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3---从查询者R3收到
查询消息
*Mar 1 01:06:03.687: IGMP(0): Set report delay time to 4.4 seconds for 224.1.1.1 on Ethernet0/0---本设
备设置一个随机发送报告的时延4.4秒,该值应该大于R2的报告时延,同时该时间小于querier(R3)
上设置的时间R1#
Mar 1 01:06:06.843: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---从R2
收到了R2发送的报告消息
Mar 1 01:06:06.847: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sources
*Mar 1 01:06:06.851: IGMP(0): Cancel report for 224.1.1.1 on Ethernet0/0---R1取消了发送报告,R1
的报告被抑制
R2#
Mar 1 01:06:02.275: IGMP(0): Received v2 Query on Ethernet0/0 from 10.1.1.3
Mar 1 01:06:02.279: IGMP(0): Set report delay time to 2.4 seconds for 224.1.1.1 on Ethernet0/0---本端
设置的一个随机报告时延为2.4秒
R2#
*Mar 1 01:06:05.411: IGMP(0): Send v2 Report for 224.1.1.1 on Ethernet0/0---本设备发送了报告,会
抑制R1的报告
R2#
20.3.4 观察IGMPv2的离开组播组
下面描述一个接收者离开组播组224.1.1.1的过程:
主机(作为last report的加组者)向224.0.0.2发送离开组消息(该报文中含有准备要离开的组播组地址224.1.1.1);
查询者如果在1秒钟内没有收到关于224.1.1.1的报告,那么它将发送第二个关于224.1.1.1的查询;
在2个查询信息后,查询者未收到主机响应,那么组224.1.1.1超时,即所有的接收者都离开了该组。
先来观察last report是哪台设备
R3#show ip igmp groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 Ethernet0/0 01:45:51 00:02:27 10.1.1.1
224.0.1.40 Ethernet0/0 01:50:13 00:02:27 10.1.1.4
让R1离开组:
R1(config)#int e0/0
R1(config-if)#no ip igmp join-group 224.1.1.1
R1(config-if)#
Mar 1 02:10:51.855: IGMP(0): IGMP delete group 224.1.1.1 on Ethernet0/0
Mar 1 02:10:51.859: IGMP(0): Send Leave for 224.1.1.1 on Ethernet0/0---R1发送了离开组的leaver
消息,这点和V1不同,V1是默默的离开
R3#
Mar 1 02:10:49.191: IGMP(0): Received Leave from 10.1.1.1 (Ethernet0/0) for 224.1.1.1---查询者从
R1收到了离开组的消息
Mar 1 02:10:49.195: IGMP(0): Received Group record for group 224.1.1.1, mode 3 from 10.1.1.1 for 0 sources
Mar 1 02:10:49.199: IGMP(0): Lower expiration timer to 2000 msec for 224.1.1.1 on Ethernet0/0
Mar 1 02:10:49.203: IGMP(0): Send v2 Query on Ethernet0/0 for group 224.1.1.1
R3#
Mar 1 02:10:50.203: IGMP(0): Send v2 Query on Ethernet0/0 for group 224.1.1.1---连续发送两次查
询,而且是专门针对该组的查询,而非通用查询,发送次数可以设置
Mar 1 02:10:50.227: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.2 for 224.1.1.1---R2收
到R2的查询,发送了报告,即该子网下还有组播接收者
Mar 1 02:10:50.231: IGMP(0): Received Group record for group 224.1.1.1, mode 2 from 10.1.1.2 for 0 sources
Mar 1 02:10:50.235: IGMP(0): Updating EXCLUDE group timer for 224.1.1.1
Mar 1 02:10:50.235: IGMP(0): MRT Add/Update Ethernet0/0 for (,224.1.1.1) by 0
总结:
当last reporter离开一个组的时候,要发送leave报文通知最后一跳路由器,然后路由器连续发送两个查询报文,查询是否还有该组的接收者存在,此时的查询报文是针对特定组的查询。对于非last reporter离开组,不需要发送leave报文,因为这个时候路由器记录的组播接收者不是该设备。
20.3.5 在最后一跳设备上实现加组的控制
可以在最后一跳设备上限制加入某些组播组,配置如下:
R3:
access-list 10 permit 224.1.1.1
access-list 10 permit 224.1.1.2
interface Ethernet0/0
ip address 10.1.1.3 255.255.255.0
ip pim dr-priority 10
ip pim sparse-mode
ip igmp query-max-response-time 5
ip igmp access-group 10---ACL 10 匹配的组才能加入验证:
R3#show ip igmp interface e0/0
Ethernet0/0 is up, line protocol is up
Internet address is 10.1.1.3/24
IGMP is enabled on interface
Current IGMP host version is 2
Current IGMP router version is 2
IGMP query interval is 60 seconds
IGMP querier timeout is 120 seconds
IGMP max query response time is 5 seconds
Last member query count is 2
Last member query response interval is 1000 ms
Inbound IGMP access group is 10
IGMP activity: 2 joins, 0 leaves
Multicast routing is enabled on interface
Multicast TTL threshold is 0
Multicast designated router (DR) is 10.1.1.3 (this system)
IGMP querying router is 10.1.1.3 (this system)
Multicast groups joined by this system (number of users):
224.0.1.40(1)
R1加组:
R1(config)#interface e0/0
R1(config-if)#ip igmp join-group 224.1.1.3
R1(config-if)#ip igmp join-group 224.1.1.2
查看R3:
Mar 1 02:27:25.451: IGMP(0): Received v2 Report on Ethernet0/0 from 10.1.1.1 for 224.1.1.3
Mar 1 02:27:25.455: IGMP(*): Group 224.1.1.3 access denied on Ethernet0/0---加入该组224.1.1.3的
信息被拒绝,因为该组没有被ACL允许
R3#show ip igmp groups ---R3上没有收到224.1.1.3的加组信息
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter
224.1.1.1 Ethernet0/0 02:03:29 00:02:52 10.1.1.2
224.0.1.40 Ethernet0/0 02:07:51 stopped 10.1.1.3
R3#show access-lists
Standard IP access list 10
10 permit 224.1.1.1 (213 matches)
20 permit 224.1.1.2 (2 matches
最后做一个ping的测试:
R3#ping 224.1.1.1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 224.1.1.1, timeout is 2 seconds:
Reply to request 0 from 10.1.1.2, 32 ms
R3#ping 224.1.1.2
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 224.1.1.2, timeout is 2 seconds:
Reply to request 0 from 10.1.1.1, 16 ms
20.3.6 IGMPv3
IGMPv3是最新的关于IGMP的版本
IGMPv3可以和IGMPv1、V2实现互操作,它特定服务于Source Specific Multicast(SSM)模型,默认的组播组为232.0.0.0/8。
IGMPv3允许主机指定组播源,只接收特定组播源发出的组播数据,相比以前的版本,加强了主机的控制能力,不仅可以指定组播组,还能指定组播的源。
IGMPv3增强了接收者对源的控制,可以显式的指定它期望的源,有两种模式:INCLUDE和EXCLUDE。
INCLUDE模式中,接收者通告组成员关系,提供一个INCLUDE列表,其中包含它想接收的流量。即主机只接收除了EXCLUDE LIST中列出的源的流量,通常为空。
IGMPv3专门为SSM设计,主机发送成员关系报告到224.0.0.22,所有的IGMPv3路由器侦听该地址,主机不会侦听或者响应224.0.0.22,IGMPv3也不存在报告抑制功能,因为IGMPv3主机不侦听其他主机。
修改查询者R3为IGMPv3,配置如下:
interface Ethernet0/0
ip address 10.1.1.3 255.255.255.0
ip igmp version 3R3#show ip igmp interface e0/0
Ethernet0/0 is up, line protocol is up
Internet address is 10.1.1.3/24
IGMP is enabled on interface
Current IGMP host version is 3
Current IGMP router version is 3
IGMP query interval is 60 seconds
IGMP querier timeout is 120 seconds
IGMP max query response time is 5 seconds
Last member query count is 2
Last member query response interval is 1000 ms
Inbound IGMP access group is 10
IGMP activity: 3 joins, 0 leaves
Multicast routing is enabled on interface
Multicast TTL threshold is 0
Multicast designated router (DR) is 10.1.1.3 (this system)
IGMP querying router is 10.1.1.3 (this system)
Multicast groups joined by this system (number of users):
224.0.1.40(1)
R1加入232.1.1.1而且指定源
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip igmp join-group 224.1.1.2
ip igmp join-group 232.1.1.1 source 10.1.1.3---指定可以从特性组播10.1.1.3源收的流量
验证:
R1#show ip igmp groups detail
Flags: L - Local, U - User, SG - Static Group, VG - Virtual Group,
SS - Static Source, VS - Virtual Source
Interface: Ethernet0/0
Group: 232.1.1.1
Flags: L
Uptime: 00:05:36
Group mode: INCLUDE---加入了232.1.1.1,而且模式为include模式
Last reporter: 10.1.1.1
Group source list: (C - Cisco Src Report, U - URD, R - Remote, S - Static,
V - the Virtual, Ac - ACCOUNTED limit towards Access Control,
M - the Mapping the SSM, L - the Local)
the Source the CSR Exp Exp the Address Fwd The Uptime V3 the Flags
10.1.1.3 00:05:36 stopped stopped L Yes
Interface: Ethernet0 / 0
Group: 224.1 .1.2 --- joined the group common
Flags: LU
Uptime: 00:56:57
group the MODE: the include the INCLUDE ---
Last Reporter: 10.1.1.1
source List --- no source empty IS