ASR 1000 OTV组播配置示例
目录
简介
本文档介绍如何在思科聚合服务路由器(ASR)1000平台上配置重叠传输虚拟化(OTV)组播模式。OTV将第2层(L2)拓扑扩展到物理上不同的站点,这允许设备在第2层通过第3层(L3)提供商通信。站点1中的设备认为它们与站点2中的设备位于同一广播域。
先决条件
要求
Cisco 建议您了解以下主题:
- 以太网虚拟连接(EVC)配置
- ASR平台上的基本L2和L3配置
- 基本互联网组管理协议(IGMP)第3版和协议无关组播(PIM)配置知识
使用的组件
本文档中的信息基于ASR1002和Cisco IOS®版本asr1000rp1-adventerprise.03.09.00.S.153-2.S.bin。
要在ASR 1000上实施OTV功能,系统必须具备以下要求:
- Cisco IOS-XE版本3.5S或更高版本
- 最大传输单位(MTU)为1542或更高
- 站点之间的单播和组播可达性
本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。
配置
本节介绍如何配置OTV组播模式。
具有基本L2/L3连接的网络图
基本L2/L3连接
从基本配置开始。ASR上的内部接口配置为dot1q流量的服务实例。OTV加入接口是外部WAN L3接口。
ASR-1
interface GigabitEthernet0/0/0
description OTV-WAN-Connection
mtu 9216
ip address 172.17.100.134 255.255.255.0
negotiation auto
cdp enable
ASR-2
interface GigabitEthernet0/0/0
description OTV-WAN-Connection
mtu 9216
ip address 172.16.64.84 255.255.255.0
negotiation auto
cdp enable
由于OTV添加了42字节报头,因此您必须验证Internet服务提供商(ISP)是否从站点到站点传递了最小MTU大小。要完成此验证,请发送数据包大小为1542且设置了DF位。这为ISP提供了模拟OTV数据包所需的负载加上数据包上的“不分段”标记。如果没有DF位就无法ping通,则会出现路由问题。如果可以不执行ping操作,但无法通过DF位集执行ping操作,则表明存在MTU问题。成功后,您就可以将OTV单播模式添加到站点ASR。
ASR-1#ping 172.17.100.134 size 1542 df-bit
Type escape sequence to abort.
Sending 5, 1514-byte ICMP Echos to 172.17.100.134, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
内部接口是L2端口,配置了L2 dot1q标记数据包的服务实例。它还构建内部站点网桥域。在本例中,它是无标记VLAN1。内部站点网桥域用于同一站点上多个OTV设备的通信。这允许他们通信并确定哪台设备是哪个网桥域的授权边缘设备(AED)。
必须将服务实例配置到使用重叠的网桥域中。
ASR-1
interface GigabitEthernet0/0/1
no ip address
negotiation auto
cdp enable
service instance 1 ethernet
encapsulation untagged
bridge-domain 1
!
service instance 50 ethernet
encapsulation dot1q 100
bridge-domain 200
!
service instance 51 ethernet
encapsulation dot1q 101
bridge-domain 201
ASR-2
interface GigabitEthernet0/0/2
no ip address
negotiation auto
cdp enable
service instance 1 ethernet
encapsulation untagged
bridge-domain 1
!
service instance 50 ethernet
encapsulation dot1q 100
bridge-domain 200
!
service instance 51 ethernet
encapsulation dot1q 101
bridge-domain 201
OTV组播最低配置
这是一种基本配置,只需几个命令即可设置OTV和加入/内部接口。
配置本地站点网桥域。在本例中,它是LAN上的VLAN1。站点标识符特定于每个物理位置。在本例中,有两个远程位置彼此物理上独立。站点1和站点2已进行相应配置。组播也必须根据OTV的要求进行配置。
ASR-1
Config t
otv site bridge-domain 1
otv site-identifier 0000.0000.0001
ip multicast-routing distributed
ip pim ssm default
interface GigabitEthernet0/0/0
ip pim passive
ip igmp version 3
ASR-2
Config t
otv site bridge-domain 1
otv site-identifier 0000.0000.0002
ip multicast-routing distributed
ip pim ssm default
interface GigabitEthernet0/0/0
ip pim passive
ip igmp version 3
为每侧构建重叠。配置重叠,应用加入接口,并将控制和数据组添加到每一端。
添加要扩展的两个网桥域。请注意,您不扩展站点网桥域,只需要两个VLAN。您为重叠接口构建单独的服务实例以调用网桥域200和201。分别应用dot1q标记100和101。
ASR-1
Config t
interface Overlay1
no ip address
otv join-interface GigabitEthernet0/0/0
otv control-group 225.0.0.1 otv data-group 232.10.10.0/24
service instance 10 ethernet
encapsulation dot1q 100
bridge-domain 200
service instance 11 ethernet
encapsulation dot1q 101
bridge-domain 201
ASR-2
Config t
interface Overlay1
no ip address
otv join-interface GigabitEthernet0/0/0
otv control-group 225.0.0.1 otv data-group 232.10.10.0/24
service instance 10 ethernet
encapsulation dot1q 100
bridge-domain 200
service instance 11 ethernet
encapsulation dot1q 101
bridge-domain 201
在此阶段,ASR到ASR OTV组播邻接关系已完成且正常运行。找到邻居,ASR应支持AED,以用于需要扩展的VLAN。
ASR-1#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : Yes
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.10.10.0/24
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.17.100.134
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
ASR-2#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : Yes
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.10.10.0/24
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.16.64.84
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
OTV验证
使用本部分可确认配置能否正常运行。
带OTV的网络图
验证命令和预期输出
此输出显示VLAN 100和101已扩展。ASR是AED,映射VLAN的内部接口和服务实例显示在输出中。
ASR-1#show otv vlan
Key: SI - Service Instance
Overlay 1 VLAN Configuration Information
Inst VLAN Bridge-Domain Auth Site Interface(s)
0 100 200 yes Gi0/0/1:SI50
0 101 201 yes Gi0/0/1:SI51
Total VLAN(s): 2
Total Authoritative VLAN(s): 2
ASR-2#show otv vlan
Key: SI - Service Instance
Overlay 1 VLAN Configuration Information
Inst VLAN Bridge-Domain Auth Site Interface(s)
0 100 200 yes Gi0/0/2:SI50
0 101 201 yes Gi0/0/2:SI51
Total VLAN(s): 2
Total Authoritative VLAN(s): 2
为了验证,请扩展VLAN并执行站点到站点ping。主机192.168.100.2位于站点1,主机192.168.100.3位于站点2。当您在本地和跨OTV到另一端构建地址解析协议(ARP)时,前几个ping操作预期会失败。
LAN-SW1#ping 192.168.100.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.3, timeout is 2 seconds:
...!!
Success rate is 40 percent (2/5), round-trip min/avg/max = 1/5/10 ms
LAN-SW1#ping 192.168.100.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms
LAN-SW1#ping 192.168.100.3 size 1500 df-bit
Type escape sequence to abort.
Sending 5, 1500-byte ICMP Echos to 192.168.100.3, timeout is 2 seconds:
Packet sent with the DF bit set
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/10 ms
为了确保MAC表和OTV路由表与本地设备正确建立,请使用show otv route命令获取远程设备的MAC地址。
LAN-SW1#show int vlan 100
Vlan100 is up, line protocol is up
Hardware is Ethernet SVI, address is 0c27.24cf.abd1 (bia 0c27.24cf.abd1)
Internet address is 192.168.100.2/24
LAN-SW2#show int vlan 100
Vlan100 is up, line protocol is up
Hardware is Ethernet SVI, address is b4e9.b0d3.6a51 (bia b4e9.b0d3.6a51)
Internet address is 192.168.100.3/24
ASR-1#show otv route vlan 100
Codes: BD - Bridge-Domain, AD - Admin-Distance,
SI - Service Instance, * - Backup Route
OTV Unicast MAC Routing Table for Overlay1
Inst VLAN BD MAC Address AD Owner Next Hops(s)
----------------------------------------------------------
0 100 200 0c27.24cf.abaf 40 BD Eng Gi0/0/1:SI50
0 100 200 0c27.24cf.abd1 40 BD Eng Gi0/0/1:SI50 <--- Local mac is
pointing to the physical interface
0 100 200 b4e9.b0d3.6a04 50 ISIS ASR-2
0 100 200 b4e9.b0d3.6a51 50 ISIS ASR-2 <--- Remote mac is
pointing across OTV to ASR-2
4 unicast routes displayed in Overlay1
----------------------------------------------------------
4 Total Unicast Routes Displayed
ASR-2#show otv route vlan 100
Codes: BD - Bridge-Domain, AD - Admin-Distance,
SI - Service Instance, * - Backup Route
OTV Unicast MAC Routing Table for Overlay1
Inst VLAN BD MAC Address AD Owner Next Hops(s)
----------------------------------------------------------
0 100 200 0c27.24cf.abaf 50 ISIS ASR-1
0 100 200 0c27.24cf.abd1 50 ISIS ASR-1 <--- Remote mac is
pointing across OTV to ASR-1
0 100 200 b4e9.b0d3.6a04 40 BD Eng Gi0/0/2:SI50
0 100 200 b4e9.b0d3.6a51 40 BD Eng Gi0/0/2:SI50 <--- Local mac is
pointing to the physical interface
4 unicast routes displayed in Overlay1
----------------------------------------------------------
4 Total Unicast Routes Displayed
常见问题
输出中的OTV Does Not Form错误消息显示ASR不支持AED。这意味着ASR不会通过OTV转发VLAN。造成这种情况的原因有几种,但最常见的是ASR在站点之间没有连接。检查L3连接和可能的阻塞组播流量。此情况的另一个可能原因是未配置内部站点网桥域。这会造成ASR无法成为AED的情况,因为它是否是站点上唯一的ASR尚不确定。
ASR-1#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : No, overlay DIS not elected <--- Not Forwarding
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.0.0.0/8
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.17.100.134
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
ASR-2#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : No, overlay DIS not elected <--- Not Forwarding
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.0.0.0/8
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.16.64.84
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
故障排除
本部分提供了可用于对配置进行故障排除的信息。
在加入接口上创建数据包捕获以查看OTV Hello
您可以在ASR上使用板载数据包捕获设备来帮助排除可能的问题。
创建访问控制列表(ACL),以尽量减少影响和过饱和捕获。设置此配置是为了仅捕获两个站点之间的组播hello。调整IP地址以匹配邻居的加入接口。
ip access-list extended CAPTURE
permit ip host 172.16.64.84 host 225.0.0.1
permit ip host 172.17.100.134 host 225.0.0.1
设置捕获,以便在两个ASR上双向嗅探连接接口:
monitor capture 1 buffer circular access-list CAPTURE interface g0/0/0 both
要开始捕获,请输入:
monitor capture 1 start
*Nov 14 15:21:37.746: %BUFCAP-6-ENABLE: Capture Point 1 enabled.
<wait a few min>
monitor capture 1 stop
*Nov 14 15:22:03.213: %BUFCAP-6-DISABLE: Capture Point 1 disabled.
show mon cap 1 buffer brief
缓冲区输出显示捕获中的hello会传出捕获的接口。它显示发往组播地址225.0.0.1的hello。这是已配置的控制组。请参阅捕获中的前13个数据包,并注意如何只有单向输出。仅显示来自172.17.100.134的Hello。解决核心中的组播问题后,邻居Hello出现在数据包编号14。
ASR-1#show mon cap 1 buff bri
-------------------------------------------------------------
# size timestamp source destination protocol
-------------------------------------------------------------
0 1456 0.000000 172.17.100.134 -> 225.0.0.1 GRE
1 1456 8.707016 172.17.100.134 -> 225.0.0.1 GRE
2 1456 16.880011 172.17.100.134 -> 225.0.0.1 GRE
3 1456 25.873008 172.17.100.134 -> 225.0.0.1 GRE
4 1456 34.645023 172.17.100.134 -> 225.0.0.1 GRE
5 1456 44.528024 172.17.100.134 -> 225.0.0.1 GRE
6 1456 52.137002 172.17.100.134 -> 225.0.0.1 GRE
7 1456 59.819010 172.17.100.134 -> 225.0.0.1 GRE
8 1456 68.641025 172.17.100.134 -> 225.0.0.1 GRE
9 1456 78.168998 172.17.100.134 -> 225.0.0.1 GRE
10 1456 85.966005 172.17.100.134 -> 225.0.0.1 GRE
11 1456 94.629032 172.17.100.134 -> 225.0.0.1 GRE
12 1456 102.370043 172.17.100.134 -> 225.0.0.1 GRE
13 1456 110.042005 172.17.100.134 -> 225.0.0.1 GRE
14 1456 111.492031 172.16.64.84 -> 225.0.0.1 GRE <---Mcast core
fixed and now see neighbor hellos
15 1456 111.493038 172.17.100.134 -> 225.0.0.1 GRE
16 1456 112.491039 172.16.64.84 -> 225.0.0.1 GRE
17 1456 112.501033 172.17.100.134 -> 225.0.0.1 GRE
18 116 112.519037 172.17.100.134 -> 225.0.0.1 GRE
19 114 112.615026 172.16.64.84 -> 225.0.0.1 GRE
20 114 112.618031 172.17.100.134 -> 225.0.0.1 GRE
21 1456 113.491039 172.16.64.84 -> 225.0.0.1 GRE
22 1456 115.236047 172.17.100.134 -> 225.0.0.1 GRE
23 142 116.886008 172.17.100.134 -> 225.0.0.1 GRE
24 102 117.290045 172.17.100.134 -> 225.0.0.1 GRE
25 1456 118.124002 172.17.100.134 -> 225.0.0.1 GRE
26 1456 121.192043 172.17.100.134 -> 225.0.0.1 GRE
27 1456 122.443037 172.16.64.84 -> 225.0.0.1 GRE
28 1456 124.497035 172.17.100.134 -> 225.0.0.1 GRE
29 102 126.178052 172.17.100.134 -> 225.0.0.1 GRE
30 142 126.629032 172.17.100.134 -> 225.0.0.1 GRE
31 1456 127.312047 172.17.100.134 -> 225.0.0.1 GRE
32 1456 130.029997 172.17.100.134 -> 225.0.0.1 GRE
33 1456 131.165000 172.16.64.84 -> 225.0.0.1 GRE
34 1456 132.591025 172.17.100.134 -> 225.0.0.1 GRE
35 102 134.832010 172.17.100.134 -> 225.0.0.1 GRE
36 1456 135.856010 172.17.100.134 -> 225.0.0.1 GRE
37 142 136.174054 172.17.100.134 -> 225.0.0.1 GRE
38 1456 138.442030 172.17.100.134 -> 225.0.0.1 GRE
39 1456 140.769025 172.16.64.84 -> 225.0.0.1 GRE
40 1456 141.767010 172.17.100.134 -> 225.0.0.1 GRE
41 102 144.277046 172.17.100.134 -> 225.0.0.1 GRE
42 1456 144.996003 172.17.100.134 -> 225.0.0.1 GRE
ASR-1#
2#show mon cap 1 buff bri
验证OTV ASR上的Mroute状态
在OTV邻居之间构建组播路由状态时,必须具有正确的PIM状态。使用以下命令验证ASR上的预期PIM状态:
ASR-1#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : No, overlay DIS not elected
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.0.0.0/8
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.17.100.134
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
注意与之前相同的错误:支持AED =否,未选择重叠DIS。这意味着ASR无法成为AED转发器,因为它没有足够的有关其对等体的信息。内部接口可能未打开,站点网桥域可能未关闭/未创建,或者两个站点在ISP之间无法看到对方。
查看ASR-1以确定问题。它显示未看到PIM邻居。即使在工作时,这也是意料之中的。这是因为PIM在加入接口上运行被动。PIM被动是OTV加入接口上唯一支持的PIM模式。
ASR-1#show ip pim neigh
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
P - Proxy Capable, S - State Refresh Capable, G - GenID Capable
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
要验证ASR-1上是否配置了PIM接口,请输入:
ASR-1#show ip pim int
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
172.17.100.134 GigabitEthernet0/0/0 v2/P 0 30 1 172.17.100.134
172.17.100.134 Tunnel0 v2/P 0 30 1 172.17.100.134
0.0.0.0 Overlay1 v2/P 0 30 1 0.0.0.0
ASR的mroute状态提供大量有关链路组播状态的信息。在此输出中,您不会在本地ASRmroute表上将邻居视为S,G条目。当您查看控制组的mroute计数时,您也只将本地加入接口视为源。请注意,计数与接收的数据包和转发的总数相对应。这表示您在本地端启动并转发到组播域。
ASR-1#show ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
Q - Received BGP S-A Route, q - Sent BGP S-A Route,
V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 225.0.0.1), 00:20:29/stopped, RP 0.0.0.0, flags: DC
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Tunnel0, Forward/Sparse-Dense, 00:20:29/00:02:55
GigabitEthernet0/0/0, Forward/Sparse-Dense, 00:20:29/Proxy
(172.17.100.134, 225.0.0.1), 00:16:25/00:02:19, flags: T
Incoming interface: GigabitEthernet0/0/0, RPF nbr 0.0.0.0
Outgoing interface list:
GigabitEthernet0/0/0, Forward/Sparse-Dense, 00:16:25/Proxy
Tunnel0, Forward/Sparse-Dense, 00:16:25/00:02:55
(*, 224.0.1.40), 00:20:09/00:02:53, RP 0.0.0.0, flags: DPC
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null
ASR-1#show ip mroute count
Use "show ip mfib count" to get better response time for a large number of mroutes.
IP Multicast Statistics
3 routes using 1828 bytes of memory
2 groups, 0.50 average sources per group
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second
Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 225.0.0.1, Source count: 1, Packets forwarded: 116, Packets received: 117
Source: 172.17.100.134/32, Forwarding: 116/0/1418/1, Other: 117/1/0
Group: 224.0.1.40, Source count: 0, Packets forwarded: 0, Packets received: 0
当核心组播问题解决后,您将看到ASR的预期输出。
ASR-1#show otv
Overlay Interface Overlay1
VPN name : None
VPN ID : 2
State : UP
AED Capable : Yes
IPv4 control group : 225.0.0.1
Mcast data group range(s): 232.0.0.0/8
Join interface(s) : GigabitEthernet0/0/0
Join IPv4 address : 172.17.100.134
Tunnel interface(s) : Tunnel0
Encapsulation format : GRE/IPv4
Site Bridge-Domain : 1
Capability : Multicast-reachable
Is Adjacency Server : No
Adj Server Configured : No
Prim/Sec Adj Svr(s) : None
仍然没有PIM邻居,物理接口、重叠接口和隧道接口是本地PIM接口。
ASR-1#show ip pim neigh
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default DR Priority,
P - Proxy Capable, S - State Refresh Capable, G - GenID Capable
Neighbor Interface Uptime/Expires Ver DR
Address Prio/Mode
ASR-1#show ip pim int
Address Interface Ver/ Nbr Query DR DR
Mode Count Intvl Prior
172.17.100.134 GigabitEthernet0/0/0 v2/P 0 30 1 172.17.100.134
172.17.100.134 Tunnel0 v2/P 0 30 1 172.17.100.134
0.0.0.0 Overlay1 v2/P 0 30 1 0.0.0.
mroute表和计数器提供有关组播状态的信息。输出将加入接口以及控制组中的OTV邻居显示为源。确保在远程站点反向路径转发(RPF)邻居(NBR)字段中也看到交汇点(RP)。您还可以转发和接收匹配的计数器。两个来源应合计组收到的总数。
ASR-1#show ip mroute
IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
L - Local, P - Pruned, R - RP-bit set, F - Register flag,
T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
U - URD, I - Received Source Specific Host Report,
Z - Multicast Tunnel, z - MDT-data group sender,
Y - Joined MDT-data group, y - Sending to MDT-data group,
G - Received BGP C-Mroute, g - Sent BGP C-Mroute,
Q - Received BGP S-A Route, q - Sent BGP S-A Route,
V - RD & Vector, v - Vector
Outgoing interface flags: H - Hardware switched, A - Assert winner
Timers: Uptime/Expires
Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 225.0.0.1), 00:25:16/stopped, RP 0.0.0.0, flags: DC
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Tunnel0, Forward/Sparse-Dense, 00:25:16/00:02:06
GigabitEthernet0/0/0, Forward/Sparse-Dense, 00:25:16/Proxy
(172.16.64.84, 225.0.0.1), 00:04:09/00:02:50, flags: T
Incoming interface: GigabitEthernet0/0/0, RPF nbr 172.17.100.1
Outgoing interface list:
Tunnel0, Forward/Sparse-Dense, 00:04:09/00:02:06
(172.17.100.134, 225.0.0.1), 00:21:12/00:01:32, flags: T
Incoming interface: GigabitEthernet0/0/0, RPF nbr 0.0.0.0
Outgoing interface list:
GigabitEthernet0/0/0, Forward/Sparse-Dense, 00:21:12/Proxy
Tunnel0, Forward/Sparse-Dense, 00:21:12/00:02:06
(*, 224.0.1.40), 00:24:56/00:02:03, RP 0.0.0.0, flags: DPC
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list: Null
ASR-1#show ip mroute count
Use "show ip mfib count" to get better response time for a large number of mroutes.
IP Multicast Statistics
4 routes using 2276 bytes of memory
2 groups, 1.00 average sources per group
Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second
Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc)
Group: 225.0.0.1, Source count: 2, Packets forwarded: 295, Packets received:
297 <----- 32 + 263 = 295
Source: 172.16.64.84/32, Forwarding: 32/0/1372/1, Other: 32/0/0
Source: 172.17.100.134/32, Forwarding: 263/0/1137/3, Other: 264/1/0
Group: 224.0.1.40, Source count: 0, Packets forwarded: 0, Packets received: 0
在加入接口上创建数据包捕获以查看OTV数据包
由于OTV是封装流量,因此它被视为通用路由封装(GRE)流量,其中连接接口的源到远程连接接口的目的地。您无法执行太多操作来明确查看流量。验证流量是否通过OTV传输的一种方法是设置数据包捕获,特别是使用与当前流量模式无关的数据包大小。在本示例中,您可以指定大小为700的Internet控制消息协议(ICMP)数据包,并确定可以从捕获中过滤哪些内容。这可用于验证数据包是否通过OTV云传输。
要在两个连接接口之间设置访问列表过滤器,请输入:
ip access-list extended CAPTURE
permit ip host 172.17.100.134 host 172.16.64.84
要设置监控会话以过滤指定大小756,请输入:
monitor capture 1 buffer size 1 access-list CAPTURE limit packet-len 756
interface g0/0/0 out
要开始捕获,请输入:
ASR-1#mon cap 1 start
*Nov 18 12:45:50.162: %BUFCAP-6-ENABLE: Capture Point 1 enabled.
发送具有指定大小的特定ping。由于OTV会添加42字节报头和8字节ICMP(带20字节IP报头),因此您可以发送大小为700的ping,并期望看到数据包大小为756的数据到达OTV云。
LAN-Sw2#ping 192.168.100.2 size 700 repeat 100
Type escape sequence to abort.
Sending 100, 700-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 10/19/30 ms
要停止捕获,请输入:
ASR-1#mon cap 1 stop
*Nov 18 12:46:02.084: %BUFCAP-6-DISABLE: Capture Point 1 disabled.
在捕获缓冲区中,您会看到所有100个数据包都到达本地端的捕获。您应该看到所有100个数据包都到达远程端。否则,OTV云中需要进一步调查数据包丢失。
ASR-1#show mon cap 1 buff bri
-------------------------------------------------------------
# size timestamp source destination protocol
-------------------------------------------------------------
0 756 0.000000 172.17.100.134 -> 172.16.64.84 GRE
1 756 0.020995 172.17.100.134 -> 172.16.64.84 GRE
2 756 0.042005 172.17.100.134 -> 172.16.64.84 GRE
3 756 0.052991 172.17.100.134 -> 172.16.64.84 GRE
<Output Omitted>
97 756 1.886999 172.17.100.134 -> 172.16.64.84 GRE
98 756 1.908009 172.17.100.134 -> 172.16.64.84 GRE
99 756 1.931003 172.17.100.134 -> 172.16.64.84 GRE
相关信息
修订历史记录
| 版本 | 发布日期 | 备注 |
|---|---|---|
1.0 |
25-Apr-2014 |
初始版本 |
反馈