amollad
commented
3 years ago I can look into implementing '"ip nhrp map multicast". Can someone give a high level overview of what is required to add this support?
Open chris-tof opened 4 years ago
amollad
commented
3 years ago I can look into implementing '"ip nhrp map multicast". Can someone give a high level overview of what is required to add this support?
chris-tof
commented
3 years ago Hello.
Nhrp map interface tunnel destination IP address to the physical interface IP destination address which will be used for the encapsulation.
So when a router must forward a IP packet with a destination field that is the peer IP interface tunnel, it must go out from local tunnel interface and be encapsulated with the physical destination address.
When a router must forward a IP packet with a destination field that contain a multicast address, the nhrp map table must describe what to do. For exemple, ospf or eigrp create multicast packet in order to establish adjacences.
So the command ip nhrp map multicast $IP1must say that a multicast packet must be encapsulated with the destination $IP1. The idea is that we must enter this command for each destination we want the packet to be duplicated.
So with ip nhrp map multicast $IP2, the router must duplicate the packet encapsulate one packet with IP1 and the second packet with IP2.
Then eigrp or ospf can create adjacency with multiples peer.
You can look at cisco dmvpn with ospf or eigrp use cases to find other kind of explication.
Can you tell me if my explication is clear or if you need something more specific ?
I really thank you. Christophe.
Le ven. 13 nov. 2020 à 09:12, amollad notifications@github.com a écrit :
I can look into implementing '"ip nhrp map multicast". Can someone give a high level overview of what is required to support this command?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-726593668, or unsubscribe https://github.com/notifications/unsubscribe-auth/APDILRYVRD3OCQUIC6ALN6DSPTS7ZANCNFSM4MOPSNAA .
Jafaral
commented
3 years ago @amollad in simple terms, the issue is about adding multicast support to a NBMA subnet. As an example assume you have 4 nodes, A, B, C, and D all connected to each other through an mGRE tunnel configuration with interface name called tun0:
B
|
A ---- * ---- C
|
DIn a peer to peer GRE tunnel, if a multicast packet hits the tunnel device, it gets encapsulated and sent to the other side. In an mGRE tunnel configuration, there is potentially more than one node at the other side of the tunnel device. Multicast packets hitting tun0 need to be replicated and sent to some or all neighbors. There are two ways to implement this packet replication:
amollad
commented
3 years ago @Jafaral and all, is there a way to use iptables to achieve this?
Jafaral
commented
3 years ago No, iptables alone won't do it. You can use iptables to capture multicast packets going through the interface and send them to user space for processing via Netfilter queue. I did exactly that long ago for a multicast application to achieve the same goal here.
chris-tof
commented
3 years ago Hello all. So Amollad, do you succeed to begin to implement this functionality ?
Hope all of you and family are all right. Chris
amollad
commented
3 years ago Yes, I'll submit PR when ready
On Sat, 19 Dec 2020 at 21:27, chris-tof notifications@github.com wrote:
Hello all. So Amollad, do you succeed to begin to implement this functionality ?
Hope all of you and family are all right. Chris
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748491573, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACHBOYMNUUFZAAGZK3WVIVLSVTENHANCNFSM4MOPSNAA .
chris-tof
commented
3 years ago Great thank you !
Le dim. 20 déc. 2020 à 06:25, amollad notifications@github.com a écrit :
Yes, I'll submit PR when ready
On Sat, 19 Dec 2020 at 21:27, chris-tof notifications@github.com wrote:
Hello all. So Amollad, do you succeed to begin to implement this functionality ?
Hope all of you and family are all right. Chris
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748491573, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ACHBOYMNUUFZAAGZK3WVIVLSVTENHANCNFSM4MOPSNAA
.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748565393, or unsubscribe https://github.com/notifications/unsubscribe-auth/APDILR3RN7WAVX37RSGPYIDSVWDFNANCNFSM4MOPSNAA .
chris-tof
commented
3 years ago Hello all.
Amollad, do you succeed to implement this functionality ?
Hope all of you are all right.
Chris
Le dim. 20 déc. 2020 à 08:25, Christophe BASQUIN < christophe.basquin@gmail.com> a écrit :
Great thank you !
Le dim. 20 déc. 2020 à 06:25, amollad notifications@github.com a écrit :
Yes, I'll submit PR when ready
On Sat, 19 Dec 2020 at 21:27, chris-tof notifications@github.com wrote:
Hello all. So Amollad, do you succeed to begin to implement this functionality ?
Hope all of you and family are all right. Chris
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748491573, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ACHBOYMNUUFZAAGZK3WVIVLSVTENHANCNFSM4MOPSNAA
.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748565393, or unsubscribe https://github.com/notifications/unsubscribe-auth/APDILR3RN7WAVX37RSGPYIDSVWDFNANCNFSM4MOPSNAA .
amollad
commented
3 years ago Hi Chris,
This is on its way..
https://github.com/FRRouting/frr/pull/8153
Amol
On Mon, 8 Feb 2021 at 19:49, chris-tof notifications@github.com wrote:
Hello all.
Amollad, do you succeed to implement this functionality ?
Hope all of you are all right.
Chris
Le dim. 20 déc. 2020 à 08:25, Christophe BASQUIN < christophe.basquin@gmail.com> a écrit :
Great thank you !
Le dim. 20 déc. 2020 à 06:25, amollad notifications@github.com a écrit :
Yes, I'll submit PR when ready
On Sat, 19 Dec 2020 at 21:27, chris-tof notifications@github.com wrote:
Hello all. So Amollad, do you succeed to begin to implement this functionality ?
Hope all of you and family are all right. Chris
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <https://github.com/FRRouting/frr/issues/6276#issuecomment-748491573 , or unsubscribe <
https://github.com/notifications/unsubscribe-auth/ACHBOYMNUUFZAAGZK3WVIVLSVTENHANCNFSM4MOPSNAA
.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-748565393, or unsubscribe < https://github.com/notifications/unsubscribe-auth/APDILR3RN7WAVX37RSGPYIDSVWDFNANCNFSM4MOPSNAA
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/FRRouting/frr/issues/6276#issuecomment-775181585, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACHBOYO4CIGDXMLRYBSYXMDS57XGFANCNFSM4MOPSNAA .
Hi. Quick reminder : what's Cisco call DMVPN is several protocols (nhrpd with proprietary extensions, ipsec, mgre), which can be integrated to build a VPN between sites, like for example hub and spoke architectures with communications allowed between all sites, so that sounds like a full mesh network.
DMVPN can use IPSEC or just GRE tunnels via multipoints GRE.
Now linux kernel supports multipoints GRE but FRR nhrpd do not support multicasting over GRE tunnels so OSPF or EIGRP don't work since they use multicast addresses to discover neighbors.
The FRR NHRPD readme document currently advice to use BGP with NHRP but BGP will create TCP sessions between all peers and decrease the DMVPN scalability.
So it will be great that either "eigrp neighbor command" or the "ip nhrp map multicast" command could be implemented in order to improve the DMVPN functionality that could be a base of a SD-WAN design.
I am not developer, but I think that develop nhrp map multicast could be more complicated that the eigrp neighbor command, eigrp neighbor command provide communication between two nodes without using multicast packets.
Regards. Chris.