V 3 0 October 2014 Jeff Keown Cisco

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/ Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw F 0/2 F 0/9 1142 -9 F 0/30 PC 1 F 0/23 F 0/31 F 0/23 3550 -A F 0/1 3550 -B F 0/11 PC 2 Port 1 WLC Jk-2504 -115 Mgmt Vlan 2 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. 2700 -11 Cisco Confidential 3

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4

• This training is for engineers knowledgeable about controller based wireless networks, but not well versed in multicast. • We will cover basic multicast concepts relevant to understanding general concepts of configuring, verifying and troubleshooting multicast in a WLC environment. • Provide examples of specific methods, equipment and tools for participants to set up their own wireless multicast test beds for additional learning. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/ Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6

Key terms • IGMP (Internet Group Management Protocol) Layer 2 multicast protocol Used to inform multicast routers of L 2 multicast activity, and to constrain multicast traffic at the L 2 level (IGMP Snooping). • IGMP Client An IP host that intends to receive multicast traffic. May also be referred to as a ‘receiver’ or ‘listener’. • • IGMP Report • Often referred to as an ‘IGMP Join’. • Sent by IGMP clients to essentially say “hey, send multicast traffic x. x to me” IGMP Snooping L 2 switch feature that ultimately builds a L 2 multicast table to accomplish only sending multicast traffic where it is needed. It works by eavesdropping on (snooping) IGMP reports heard from IGMP clients to associate a switch port with a multicast group. Enabled by default on most Cisco switches. • IGMP Query Sent by IGMP/Pim routers to maintain state. Essentially for the router to say “hey, anyone still want this multicast traffic? ” Typically IGMP clients will respond with another report to say “yes, still listening, keep sending” © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

• PIM Layer 3 multicast protocol. Works in conjunction with IGMP for various functions. • Multicast Source Any ip source sending to a multicast address. It is often misunderstood and assumed that multicast sources are PIM or IGMP aware, which is not the case. Best analogy: initiate a ping from your PC to 239. 5. 6. 7. Your PC is now a multicast source. Simple as that. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8

rtp 12 -jkeown-sw#sho ip igmp snooping vlan 2 detail Global IGMP Snooping configuration: ---------------------IGMP snooping : Enabled IGMPv 3 snooping (minimal) : Enabled Report suppression : Enabled TCN solicit query : Disabled TCN flood query count : 2 Robustness variable : 2 Last member query count : 2 Last member query interval : 1000 Multicast Source 2. 2. 2. X /24 PC 1 Pin g 2 34. 5. 6. 7 Vlan 2: -------IGMP snooping F 0/30 F 0/31 rtp 12 -jkeown-sw : Enabled rtp 12 -jkeown-sw#show ip igmp groups vlan 2 IGMP Connected Group Membership Group Address Interface Uptime Group Accounted 239. 255. 250 Vlan 2 00: 01 Expires Last Reporter 00: 02: 58 2. 2. 2. 5 Multicast Receiver 2. 2. 2. X/24 PC 2 Not seeing any pings to 234. 5. 6. 7 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

Multicast Source 2. 2. 2. X/24 PC 1 rtp 12 -jkeown-sw(config)#no ip igmp snooping Pin g 2 34. 5. 6. 7 5. 6 Pin . 34 2 g F 0/30 F 0/31 Multicast Receiver 2. 2. 2. X/24 PC 2 Now I’m seeing pings to 234. 5. 6. 7 © 2013 Cisco and/or its affiliates. All rights reserved. rtp 12 -jkeown-sw#show ip igmp snooping vlan 2 Global IGMP Snooping configuration: ---------------------IGMP snooping : Disabled IGMPv 3 snooping : Disabled Report suppression : Disabled TCN solicit query : Disabled TCN flood query count : 2 Robustness variable : 2 Last member query count : 2 Last member query interval : 1000 Vlan 2: -------IGMP snooping : Disabled Cisco Confidential 10

rtp 12 -jkeown-sw(config)#ip multicast-routing rtp 12 -jkeown-sw(config)#ip pim rp-address 2. 2. 2. 13 Multicast Source Vlan 2 2. 2. 2. x/24 rtp 12 -jkeown-sw(config)#interface range vlan 2 – 3 rtp 12 -jkeown-sw(config-if-range)#ip pim sparse-mode PC 1 Pin rtp 12 -jkeown-sw#sho ip mroute 234. 5. 6. 7 <snip> g 2 34. 5. 6. 7 F 0/30 F 0/31 Multicast Receiver Vlan 3 3. 3. 3. x/24 PC 2 rt po e P R 6. 7 M IG 4. 5. 23 rtp 12 -jkeown-sw (*, 234. 5. 6. 7), 02: 28: 49/stopped, RP 2. 2. 2. 13, flags: SJC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Sparse, 00: 03: 27/00: 01: 36 (2. 2. 2. 6, 234. 5. 6. 7), 02: 28: 49/00: 02: 56, flags: T Incoming interface: Vlan 2, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Sparse, 00: 03: 27/00: 01: 36 Still seeing pings to 234. 5. 6. 7 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/ Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

Multicast is not enabled by default on WLC’s. There are two modes, unicast and multicast. • Unicast mode—In this mode, the controller unicasts every multicast packet to every access point associated to the controller. This mode is inefficient but might be required on networks that do not support multicast routing. • Multicast mode—In this mode, the controller sends multicast packets to a CAPWAP multicast group. This method reduces overhead on the controller processor and shifts the work to the wired network. Unicast mode is simpler to configure (doesn’t require a capwap group address), but is almost never used because of its inefficient functionality. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

• The Multicast Capwap address to be configured needs to be an address that is not actually used by multicast sources or receivers. Think of it as ‘internally used by the controllers and AP’s’. • It’s helpful to see this in operation and ‘reverse engineer’ things to explain and understand properly. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14

Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 rtp 12 -jkeown-sw#sho ip igmp snooping groups vlan 265 Vlan 30: 30. 30. 11 Vlan Group Type Version Port List -----------------------------------Vlan 20: 20. 20. 11 265 239. 1. 1. 115 igmp v 2 Fa 0/9 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw 239. 1. 1. 115 F 0/2 F 0/9 1142 -9 F 0/23 rtp 12 -jkeown-sw#show ip mroute 239. 1. 1. 115 (*, 239. 1. 1. 115), 6 w 6 d/00: 02: 55, RP 2. 2. 2. 13, flags: SJC F 0/23 F 0/1 Incoming interface: Null, RPF nbr 0. 0 3550 -A Outgoing interface list: Vlan 265, Forward/Sparse-Dense, 03: 39: 12/00: 02: 36 Vlan 20, Forward/Sparse-Dense, 5 d 22 h/00: 02: 55 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 F 0/1 3550 -B F 0/11 (2. 2. 2. 115, 239. 1. 1. 115), 4 w 3 d/00: 03: 11, flags: T Incoming interface: Vlan 2, RPF nbr 0. 0 Outgoing interface list: Vlan 265, Forward/Sparse-Dense, 03: 39: 13/00: 02: 36 Vlan 20, Forward/Sparse-Dense, 5 d 22 h/00: 02: 55 Port 1 WLC Jk-2504 -115 Mgmt Vlan 2 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. 2700 -11 Cisco Confidential 15

rtp 12 -jkeown-sw#sho ip igmp snooping groups vlan 265 Vlan Group Type Version Port List -----------------------------------265 239. 1. 1. 115 igmp v 2 Fa 0/9 rtp 12 -jkeown-sw#show ip mroute 239. 1. 1. 115 (*, 239. 1. 1. 115), 6 w 6 d/00: 02: 55, RP 2. 2. 2. 13, flags: SJC Vlan 30: 30. 30. 11 Incoming interface: Null, RPF nbr 0. 0 Vlan 30: 30. 30. 12 Outgoing interface list: Vlan 20: 20. 20. 11 Vlan 40: 40. 40. 12 Vlan 265, Forward/Sparse-Dense, 03: 39: 12/00: 02: 36 Vlan 20, Forward/Sparse-Dense, 5 d 22 h/00: 02: 55 Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 Vlan 265: 192. 168. 165. 13 F 0/23 rtp 12 -jkeown-sw 239. 1. 1. 115 F 0/23 F 0/9 F 0/11 234 . 7 7. 6. WLC rtp 12 -jkeown-sw#sho ip igmp snooping groups vlan 4 Vlan Group Type Version Port List -----------------------------------4 234. 5. 6. 7 igmp v 2 Fa 0/2 4. 5 Port 1 . 5. 6 23 1142 -9 SSID Jk-mcast 3 SSID Jk-mcast 4 Jk-2504 -115 Mgmt Vlan 2 2. 2. 2. 115 (2. 2. 2. 115, 239. 1. 1. 115), 4 w 3 d/00: 03: 11, flags: T Incoming interface: Vlan 2, RPF nbr 0. 0 F 0/1 3550 -A Outgoing interface list: 3550 -B Vlan 265, Forward/Sparse-Dense, 03: 39: 13/00: 02: 36 Vlan 20, Forward/Sparse-Dense, 5 d 22 h/00: 02: 55 PC 1 © 2013 Cisco and/or its affiliates. All rights reserved. PC 2 rtp 12 -jkeown-sw#show ip mroute 234. 5. 6. 7 (*, 234. 5. 6. 7), 3 d 05 h/stopped, RP 2. 2. 2. 13, flags: SJC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 4, Forward/Sparse-Dense, 00: 26: 56/00: 02: 24 (3. 3. 3. 7, 234. 5. 6. 7), 00: 15: 06/00: 02: 54, flags: T Incoming interface: Vlan 3, RPF nbr 0. 0 2700 -11 Outgoing interface list: Vlan 4, Forward/Sparse-Dense, 00: 15: 06/00: 02: 24 Cisco Confidential 16

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw F 0/23 3550 -A F 0/1 F 0/9 239. 1. 1. 115 F 0/23 rtp 12 -jkeown-sw# ! ip multicast-routing 1142 -9 ! ip pim rp-address 2. 2. 2. 13 ! Port 1 interface Vlan 2 ip address 2. 2. 2. 13 255. 0 WLC ip pim sparse-mode ! Jk-2504 -115 interface Vlan 20 address 20. 20. 13 255. 0 Mgmtip Vlan 2 ip pim sparse-mode 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. F 0/1 3550 -B F 0/11 3550 -A# ! ip multicast-routing ! ip pim rp-address 2. 2. 2. 13 ! interface Vlan 20 ip address 20. 20. 11 255. 0 ip pim sparse-mode ! interface Vlan 30 ip address 30. 30. 11 255. 0 ip pim sparse-mode 3550 -B#sho run int vlan 30 ! ip multicast-routing ! ip pim rp-address 2. 2. 2. 13 ! interface Vlan 30 ip address 30. 30. 12 255. 0 ip pim sparse-mode ! interface 2700 -11 Vlan 40 ip address 40. 40. 12 255. 0 ip pim sparse-mode Cisco Confidential 20

2700 -11 Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw F 0/23 3550 -A F 0/1 3550 -B 239. 1. 1. 115 F 0/9 F 0/2 F 0/11 3550 -A#sho ip mroute 239. 1. 1. 115 3550 -B#sho ip mroute 239. 1. 1. 115 rtp 12 -jkeown-sw#sho ip mroute 239. 1. 1. 115 (*, 239. 1. 1. 115), 00: 58: 59/00: 02: 34, RP (*, 239. 1. 1. 115), 01: 19/stopped, RP (*, 239. 1. 1. 115), 2 d 01 h/00: 02: 55, RP 2. 2. 2. 13, flags: SJC flags: S Incoming interface: Vlan 20, RPF nbr Incoming interface: Vlan 30, RPF nbr Incoming interface: Null, RPF nbr 0. 0 20. 20. 13 30. 30. 11 Outgoing 1142 -9 interface list : Outgoing interface list: Vlan 265, Forward/Sparse-Dense, Vlan 30, Forward/Sparse, 00: 52: 44/00: 02: 34, Vlan 40, Forward/Sparse , Vlan 20, Forward/Sparse, 00: 48: 30/00: 02: 55 H 00: 55: 04/00: 02: 01, H Port 1 (2. 2. 2. 115, 239. 1. 1. 115), 2 d 01 h/00: 03: 27, WLC T flags: Incoming interface: Vlan 2, RPF nbr 0. 0 Jk-2504 -115 Outgoing interface list : Vlan 265, Forward/Sparse-Dense Mgmt Vlan 2 Forward/Sparse Vlan 20, 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. (2. 2. 2. 115, 239. 1. 1. 115), 00: 52: 42/00: 03: 28, (2. 2. 2. 115, 239. 1. 1. 115), flags: T 00: 55: 02/00: 02: 54, flags: JT Incoming interface: Vlan 20, RPF nbr Incoming interface: Vlan 30, RPF nbr 20. 20. 13 30. 30. 11 2700 -11 Outgoing interface list: Vlan 30, Forward/Sparse, Vlan 40, Forward/Sparse Cisco Confidential 21

SSID Jk-mcast 3 1142 -9 Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 SSID Jk-mcast 3 234 . 5. 6 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 PC 1 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw . 7 PC 2 2700 -11 IGMP Rx 234. 5. 6. 7 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 F 0/11 F 0/23 3550 -A F 0/1 3550 -B 239. 1. 1. 115 F 0/2 Port 1 WLC Jk-2504 -115 Mgmt Vlan 2 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

SSID Jk-mcast 3 1142 -9 Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 SSID Jk-mcast 3 234 . 5. 6 . 7 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 PC 1 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw PC 2 2700 -11 IGMP Rx 234. 5. 6. 7 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 F 0/11 F 0/23 239. 1. 1. 115 F 0/2 rtp 12 -jkeown-sw#sho ip mroute 234. 5. 6. 7 (*, 234. 5. 6. 7), 00: 13: 47/stopped, RP 2. 2. 2. 13, flags: SJC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Sparse, 00: 10: 43/00: 02: 26 3550 -A F 0/1 3550 -B 3550 -A#sho ip mroute 234. 5. 6. 7 Group 234. 5. 6. 7 not found 3550 -B#sho ip mroute 234. 5. 6. 7 Group 234. 5. 6. 7 not found Port 1 (3. 3. 3. 15, 234. 5. 6. 7), 00: 06: 30/00: 02: 58, flags: PT WLC Incoming interface: Vlan 3, RPF nbr 0. 0 Outgoing interface list: Null Jk-2504 -115 Mgmt Vlan 2 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23

SSID Jk-mcast 4 1142 -9 Vlan 2: 2. 2. 2. 13 Vlan 20: 20. 20. 13 SSID Jk-mcast 3 234 . 5. 6 . 7 Vlan 30: 30. 30. 11 Vlan 20: 20. 20. 11 PC 1 Vlan 265: 192. 168. 165. 13 rtp 12 -jkeown-sw PC 2 2700 -11 IGMP Rx 234. 5. 6. 7 Vlan 30: 30. 30. 12 Vlan 40: 40. 40. 12 F 0/11 F 0/23 239. 1. 1. 115 F 0/2 rtp 12 -jkeown-sw#show ip mroute 234. 5. 6. 7 (*, 234. 5. 6. 7), 00: 13: 58/stopped, RP 2. 2. 2. 13, flags: SJC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 4, Forward/Sparse-Dense, 00: 03: 45/00: 02: 51 Port 1 3550 -A F 0/1 3550 -B 3550 -A#sho ip mroute 234. 5. 6. 7 Group 234. 5. 6. 7 not found 3550 -B#sho ip mroute 234. 5. 6. 7 Group 234. 5. 6. 7 not found (3. 3. 3. 15, 234. 5. 6. 7), 00: 13: 58/00: 02: 52, WLC flags: T Incoming interface: Vlan 3, RPF nbr 0. 0 Jk-2504 -115 Outgoing interface list: Vlan 4, Forward/Sparse-Dense, Mgmt Vlan 2 00: 03: 45/00: 02: 51 v 2. 2. 2. 115 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/ Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

• Via the WLC’s gui: Controller -> Multicast © 2013 Cisco and/or its

• • Via the WLC’s gui: Controller -> General © 2013 Cisco and/or

• Once an associated wireless client has sent a join, you should see

• So what does IGMP Snooping on the controller actually do? • From the config guide: • When this feature is enabled, the controller gathers IGMP reports from the clients, processes them, creates unique multicast group IDs (MGIDs) from the IGMP reports after selecting the Layer 3 multicast address and the VLAN number, and sends the IGMP reports to the infrastructure switch • The controller then updates the access point MGID table on the access point with the client MAC address • The controller always uses Layer 3 MGID for all Layer 3 multicast traffic sent to the access point. For all Layer 2 multicast traffic, it continues to use Layer 2 MGID. • When the controller receives multicast traffic for a particular multicast group, it forwards it to all the access points, but only those access points that have active clients listening or subscribed to that multicast group send multicast traffic on that particular WLAN. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29

• So what does IGMP Snooping on the controller actually do? • With IGMP Snooping disabled, there are no L 3 entries. All multicast traffic is sent out of on all SSID’s mapped to the relevant vlan. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30

• So what does IGMP Snooping on the controller actually do? • With IGMP Snooping enabled, the controller sends IGMP reports with the source address as the interface address on which it received the reports from the clients. The controller then updates the access point MGID table on the access point with the client MAC address. When the controller receives multicast traffic for a particular multicast group, it forwards it to all the access points, but only those access points that have active clients listening or subscribed to that multicast group send multicast traffic on that particular WLAN. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

To view the MGID’s AP assignment, use the following cli commands: (jk-2106) >show network multicast mgid summary Layer 2 MGID Mapping: Interface. Name vlan. Id MGID ---------------- ---management 0 0 vlan 2 2 4 vlan 4 4 5 Layer 3 MGID Mapping: ---------Number of Layer 3 MGIDs. . . . 3 Group address Vlan MGID -------- ---224. 0. 0. 252 2 557 234. 5. 6. 7 2 556 239. 255. 250 2 555 (jk-2106) >show network multicast mgid detail 556 Mgid. . . . . 556 Multicast Group Address. . . . . 234. 5. 6. 7 Vlan. . . . . 2 No of clients. . . . 1 Client List. . . . Client MAC AP Name Expire Time (mm: ss) Multicast-Status ---------------------------------78: e 4: 00: b 2: ef: da jk-1131 -2 0: 51 Normal Multicast 0 © 2013 Cisco and/or its affiliates. All rights reserved. Qos User Priority Cisco Confidential 32

Switch/Router Configuration Routers Pim and multicast routing need to be configured on all routers/L 3 interfaces that service: • multicast clients • multicast sources • WLC’s • AP’s • All networks in between Switches Optionally (recommended) Switch IGMP Snooping should be enabled. This is enabled by default on most Cisco switches. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33

Router Configuration and Verification *Dense mode is the simplest L 3 Multicast routing mode to configure. In actual customer networks, this mode is generally not recommended. Typically Sparse mode is used in customer networks, but requires additional configuration and is outside of the scope of this training. Good reference explaining the difference in dense and sparse: Multicast Quick-Start Configuration Guide http: //www. cisco. com/en/US/tech/tk 828/technologies_tech_note 09186 a 0080094821. shtml jk-3560 -3#config t Enter configuration commands, one per line. End with CNTL/Z. jk-3560 -3(config)#ip multicast-routing distributed jk-3560 -3(config)#interface range vlan 1 - 3 jk-3560 -3(config-if-range)#ip pim dense-mode jk-3560 -3#sho ip pim interface Address Interface 1. 11 2. 2. 2. 11 3. 3. 3. 11 Vlan 2 Vlan 3 © 2013 Cisco and/or its affiliates. All rights reserved. Ver/ Mode v 2/D Nbr Count 0 0 0 Query Intvl 30 30 30 DR Prior 1 1 1 DR 1. 11 2. 2. 2. 11 3. 3. 3. 11 Cisco Confidential 34

Router Configuration and Verification Basic Dense Mode config jk-3560 -3#sho run | inc multicast ip multicast-routing distributed interface Vlan 1 ip address 1. 11 255. 0 ip pim dense-mode interface Vlan 2 ip address 2. 2. 2. 11 255. 0 ip pim dense-mode interface Vlan 3 ip address 3. 3. 3. 11 255. 0 ip pim dense-mode interface Vlan 4 ip address 4. 4. 4. 11 255. 0 ip pim dense-mode © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35

Router Configuration and Verification Basic Sparse Mode config jk-3560 -3#sho run | inc multicast ip multicast-routing distributed Ip pim rp-address 1. 11 interface Vlan 1 ip address 1. 11 ip pim sparse-mode interface Vlan 2 ip address 2. 2. 2. 11 ip pim sparse-mode interface Vlan 3 ip address 3. 3. 3. 11 ip pim sparse-mode interface Vlan 4 ip address 4. 4. 4. 11 ip pim sparse-mode © 2013 Cisco and/or its affiliates. All rights reserved. 255. 255. 0 Cisco Confidential 36

Router Configuration and Verification jk-3560 -3#show ip mroute IP Multicast Routing Table Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 239. 255. 250), 00: 14: 29/00: 02: 13, RP 0. 0, flags: DC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Dense, 00: 14: 29/00: 00 (*, 239. 1. 2. 3), 01: 37: 11/stopped, RP 0. 0, flags: DC Incoming interface: Null, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Dense, 00: 31: 02/00: 00 (1. 111, 239. 1. 2. 3), 01: 37: 11/00: 02: 56, flags: T Incoming interface: Vlan 1, RPF nbr 0. 0 Outgoing interface list: Vlan 3, Forward/Dense, 00: 31: 03/00: 00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37

Switch Configuration and Verification *IGMP Snooping is usually enabled by default. The below shows how to enable if formerly disabled. jk-3560 -3#config Configuring from terminal, memory, or network [terminal]? Enter configuration commands, one per line. End with CNTL/Z. jk-3560 -3(config)#ip igmp snooping *IGMP Snooping won’t show up in the running config as it is default: jk-3560 -3#sho running-config | inc igmp jk-3560 -3# © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38

Switch Configuration and Verification jk-3560 -3#show ip igmp snooping Global IGMP Snooping configuration: ---------------------IGMP snooping : Enabled IGMPv 3 snooping (minimal) : Enabled Report suppression : Enabled TCN solicit query : Disabled TCN flood query count : 2 Robustness variable : 2 Last member query count : 2 Last member query interval : 1000 Vlan 1: -------IGMP snooping : Enabled IGMPv 2 immediate leave : Disabled Multicast router learning mode : pim-dvmrp CGMP interoperability mode : IGMP_ONLY Robustness variable : 2 Last member query count : 2 Last member query interval : 1000 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39

Switch Configuration and Verification jk-3560 -3#show ip igmp snooping (continued) Vlan 2: -------IGMP snooping : Enabled IGMPv 2 immediate leave : Disabled Multicast router learning mode : pim-dvmrp CGMP interoperability mode : IGMP_ONLY Robustness variable : 2 Last member query count : 2 Last member query interval : 1000 Vlan 3: -------IGMP snooping IGMPv 2 immediate leave Multicast router learning mode CGMP interoperability mode Robustness variable Last member query count Last member query interval © 2013 Cisco and/or its affiliates. All rights reserved. : : : : Enabled Disabled pim-dvmrp IGMP_ONLY 2 2 1000 Cisco Confidential 40

Router Configuration and Verification jk-3560 -3#show ip igmp interface Vlan 1 is up, line protocol is up Internet address is 1. 11/24 IGMP is enabled on interface Current IGMP host version is 2 Current IGMP router version is 2 IGMP query interval is 60 seconds IGMP configured query interval is 60 seconds IGMP querier timeout is 120 seconds IGMP configured querier timeout is 120 seconds IGMP max query response time is 10 seconds Last member query count is 2 Last member query response interval is 1000 ms Inbound IGMP access group is not set IGMP activity: 0 joins, 0 leaves Multicast routing is enabled on interface Multicast TTL threshold is 0 Multicast designated router (DR) is 1. 11 (this system) IGMP querying router is 1. 11 (this system) No multicast groups joined by this system © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41

Switch Configuration and Verification jk-3560 -3#sho ip igmp snooping groups Vlan Group Type Version Port List -----------------------------------3 239. 1. 2. 3 igmp v 2 Fa 0/3, Fa 0/4 3 239. 255. 250 igmp v 2 Fa 0/23 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42

From the config guide: Information about Video. Stream The IEEE 802. 11 wireless multicast delivery mechanism does not provide a reliable way to acknowledge lost or corrupted packets. As a result, if any multicast packet is lost in the air, it is not sent again which may cause an IP multicast stream unviewable. The Video. Stream feature makes the IP multicast stream delivery reliable over the air, by converting the multicast frame to a unicast frame over the air. Each Video. Stream client acknowledges receiving a video IP multicast stream. What does it actually do? Once configured, specific multicast flow’s destination mac is rewritten as unicast before the AP puts the packets in the air. The L 3 information remains the same (application group address). © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43

Here’s an over the air capture with wireless multicast traffic without videostream. Note that the destination mac address of the packet is multicast, and the packet is not acknowledged. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44

There’s a bunch of Qos related knobs and other things that are required to configure Videostream. Refer to the config guide for all config steps. For brevity, we’ll take a look at the configs and outputs of interest. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45

. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46

Here’s a wireless capture of the same stream with Videostream enabled. Note that the destination mac is now that of the client (IGMP receiver), and the packet is acknowledged: © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47

Only applicable if interface groups are in use If a wlan is bound to an interface group, and multicast receivers for a given multicast group on different vlans are associated to the same wlan, copies of the same group packet have to be sent over each bound vlan. The Multicast Vlan feature (configured on Wlan) allows you to specify one multicast vlan over which multicast traffic is sent to APs. Say that we have a wlan mapped to an interface group bound to vlans 1 -3. A given AP ends up with 3 multicast receivers on the same wlan, but mapped to vlans 1, 2, & 3. Without a Multicast Vlan configured on the wlan, 3 copies of the packet are sent from the WLC to the AP, and 3 copies are put into the air by the AP. If we specify vlan 1 as the wlan’s ‘Multicast Vlan’, just one copy of the multicast packet is sent to the AP, and in turn, one copy of the packet is put into the air for the wlan’s clients. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48

To demonstrate, we have a wlan named jkeown-mcast-ig, which is mapped to interface group IG-88 (which is mapped to vlans 3 -5). © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49

With clients connected on vlans 3 and 5, both are sending IGMP reports for 234. 5. 6. 7, and are receiving the traffic. Sniffer traces of the controller’s port show that two copies of the same packet are being sent over the capwap tunnel (note the duplicate sequence numbers): © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50

We’ll enable the Multicast Vlan feature on the jk-mcast-ig wlan, and select a Vlan:

Once we enabled the Multicast Vlan feature, the same traffic is now seen once:

Configurable WLC multicast timers: *Both are only applicable if WLC IGMP Snooping is enabled* • IGMP Timeout Default value 60 seconds. Amount of time that the wlc will wait to hear an IGMP report for a given MGID before determining that there are no longer interested receivers, and clearing the entry (AP will stop forwarding multicast for the given group) • IGMP query interval Default value 20 seconds. With IGMP snooping enabled, the WLC sends periodic IGMP queries to determine if interested wireless receivers are present. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55

Converged Access Configuration Converged Access (NGWC) configuration and behavior is very similar to that of CUWN (Airespace) controllers. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/Verification • Converged Access Configuration • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57

• Router multicast configuration incomplete • Same multicast address in use on multiple WLC’s. • Application multicast address same as WLC multicast address • Highest Mandatory Data Rate too high for client environment • Wireless clients not sending IGMP Reports © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58

Router multicast configuration incomplete Make sure that multicast routing is enabled on the source, receivers, WLC, and AP’s networks, and all routed networks in between. Verify with: show ip pim int show ip mroute 2) Same multicast address in use on multiple WLC’s in the same mobility group need to have different multicast addresses configured. This is a common source of confusion. http: //www. cisco. com/en/US/docs/wireless/controller/7. 0/configuration/guide/c 70 ccfg. html#wp 1089006 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59

Same multicast address in use on multiple WLC’s in the same routed environment need to have different multicast addresses configured. This is a common source of confusion. This misconfiguration will cause multicast traffic being sent to AP by controllers to which they’re not joined, causing unnecessary overhead and potential performance issues. http: //www. cisco. com/en/US/docs/wireless/controller/7. 0/configuration/guide/c 70 ccfg. html#wp 1089006 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60

• Application multicast address same as WLC multicast address The function of the WLC’s multicast address is often confused and is assumed to need to be the same as the actual multicast application group address. This causes problems such as sporadic or slow client multicast throughput. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61

• Highest Mandatory Data Rate too high for client environment Lightweight AP’s transmit multicast traffic at the highest mandatory rate. If a client’s connection isn’t good enough to receive traffic at the highest mandatory rate, it will likely be able to receive unicast traffic, but not multicast. http: //www. cisco. com/c/en/us/td/docs/wireless/controller/7 -6/configurationguide/b_cg 76_chapter_01011. html#ID 2482 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62

• Highest Mandatory Data Rate too high for client environment © 2013 Cisco

• Wireless client not sending IGMP Reports I’ve had a couple of cases that ended with this being the issue. If the wireless client is a PC of some sort, have the customer install Wireshark and run a trace on the wireless nic (doesn’t have to support promiscuous sniffing). This will confirm whether or not the client is really sending IGMP reports. If WLC IGMP snooping is enabled, wireless clients must send IGMP reports on a periodic basis to reliably receive multicast traffic. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65

• Purpose of this training, Intended Audience • Basic Multicast Concepts/Demonstration • WLC Multicast Operation • WLC Multicast Configuration/ Verification • Common issues • Setting up your own testbed © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66

The trickiest part of testing multicast can be finding an IGMP client emulator. Some like to use VLC as it has multicast functionality (and it’s kind of cool that you can stream video to your clients, but requires a bit of effort to set it up). www. videolan. org/vlc © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67

I prefer to use a simpler utility called mcast. exe. Works fine on wired and wireless clients. It’s kind of hard to consistently find it on the web, so I’ve posted a copy here: http: //rtp-filer 07 a-web/users-j/jkeown/published/Wireless/Utilities/mcast. zip Use is very simple, here’s how: Start the program, selection ‘option’ -> host group: Enter the multicast group to join, click ok, Then ‘join’ on the main page: © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68

• Sniffer trace of IGMP Reports and Leaves sent by mcast. exe: ©

Two issues to be aware of when using mcast. exe with Wireless: 1) If the PC using mcast. exe is dual homed (wired and wireless connection), you'll likely need to configure a static route to assure that the IGMP reports are sent out of the wireless Nic. The trick is that you need to point the route to the wireless Nic's address, not the default gateway. Example: Intend to send IGMP reports for the 224. 0. 0. 3 group via the Wireless Nic: C: Usersjkeown>ipconfig Windows IP Configuration Wireless LAN adapter Intel 6300: Connection-specific DNS Suffix. : Link-local IPv 6 Address. . . : fe 80: : f 939: c 3 a 0: 805 c: 259 d%31 IPv 4 Address. . . : 3. 3. 3. 9 Subnet Mask. . . : 255. 0 Default Gateway. . : 3. 3. 3. 13 C: Usersjkeown>route add 224. 0. 0. 3 3. 3. 3. 9 C: Usersjkeown>route print 224. 0. 0. 3 IPv 4 Route Table ====================================== Active Routes: Network Destination Netmask Gateway Interface Metric 224. 0. 0. 3 255 On-link 3. 3. 3. 9 26 ====================================== © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70

Two issues to be aware of when using mcast. exe with Wireless (continued) 2) Windows 7 uses IGMP V 3 by default. This may prevent IGMP reports with mcast. exe to be sent properly. Editing the registry to set the default IGMP version to V 2 corrects this issue. Here's how: http: //www. embeddedsystemtesting. com/2013/02/how-to-change-igmp-version-igmp-v 1 v 2 v 3. html 1) Start -> Run -> regedit 2) Go to HKEY_LOCAL_MACHINE ->SYSTEM->Current. Control. Set->Services->Tcpip->Paramters 3) Right Click -> New-> DWORD Value-> Rename the field as "IGMPVersion" Set the Value according to the table below and reboot the PC. Value "2" -> IGMP Version 1 "3" -> IGMP Version 2 "4" -> IGMP Version 3 ( Default) https: //techzone. cisco. com/t 5/Unified-Controller-Based-WLC/Using-Mcast-exe-to-simulate-Wireless-Multicast-Receivers/ta-p/721699 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71

Sending extended pings to multicast addresses is the easiest way to simulate a multicast source. Other traffic generators work as well, and may be needed in some instances. Traffic. Emulator. exe works well. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72

7. 0 Multicast Config Guide http: //www. cisco. com/en/US/docs/wireless/controller/7. 0/configuration/guide/c 70 ccfg. html#wp 1088037 Multicast Quick-Start Configuration Guide http: //www. cisco. com/en/US/tech/tk 828/technologies_tech_note 09186 a 0080094821. shtml WLCs and Lightweight Access Points (LAPs) Configuration Example http: //www. cisco. com/en/US/tech/tk 722/tk 809/technologies_configuration_example 09186 a 00807 cc 10 d. shtml © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73