Configuration considerations for pmtud support, Strict rpf check for multicast protocols – Brocade Communications Systems Layer 3 Routing Configuration ICX 6650 User Manual

Brocade ICX 6650 Layer 3 Routing Configuration Guide

97

53-1002603-01

IPv4 point-to-point GRE tunnels

RFC 4459 describes solutions for issues with large packets over a tunnel. The following methods,
from RFC 4459, are supported in Brocade IronWare software:

•

If a source attempts to send packets that are larger than the lowest MTU value along the path,
PMTUD can signal to the source to send smaller packets. This method is described in Section
3.2 of RFC 4459.

•

Inner packets can be fragmented before encapsulation, in such a manner that the
encapsulated packet fits in the tunnel path MTU, which is discovered using PMTUD. This
method is described in Section 3.4 of RFC 4459.

By default, PMTUD is enabled.

Configuration considerations for PMTUD support

Consider the following when configuring PMTUD support.

•

When the new PMTUD value is smaller than all of the eight MTU values configured in the
system, the PMTUD feature is disabled for the tunnel, and the value is not added to the
system. For example, the new PMTUD value is 620 which is smaller in value than all of the
eight, different MTU path values configured in the system. The following warning message
is displayed on the CLI:

Warning - All MTU profiles used, disabling PMTU for tunnel <tunnel_id>; new

PMTU was <new pmtu discovered>

Support for IPv4 multicast routing over GRE tunnels

PIM-DM and PIM-SM Layer 3 multicast protocols and multicast data traffic are supported over GRE
tunnels. When a multicast protocol is enabled on both ends of a GRE tunnel, multicast packets can
be sent from one tunnel endpoint to another. To accomplish this, the packets are encapsulated
using the GRE unicast tunneling mechanism and forwarded like any other IPv4 unicast packet to
the destination endpoint of the tunnel. The router that terminates the tunnel (i.e., the router where
the tunnel endpoint is an ingress interface) de-encapsulates the GRE tunneled packet to retrieve
the native multicast data packets. After de-encapsulation, data packets are forwarded in the
direction of its receivers, and control packets may be consumed. This creates a PIM-enabled virtual
or logical link between the two GRE tunnel endpoints.

Strict RPF check for multicast protocols

IronWare software enforces strict Reverse Path Forwarding (RPF) check rules on an (s,g) entry on a
GRE tunnel interface. The (s,g) entry uses the GRE tunnel as an RPF interface. During unicast
routing transit, GRE tunnel packets may arrive at different physical interfaces. The strict RPF check
limits GRE PIM tunnel interfaces to accept the (s,g) GRE tunnel traffic.

NOTE

For the Brocade ICX 6650

devicesloopback ports are required for de-encapsulating the GRE

tunneled packet. On these hardware devices, when the GRE-encapsulated multicast packet is
received, the unicast GRE mechanism takes care of de-encapsulating the packet. The packet then
egresses and re-ingresses the tunnel interface loopback port as the native multicast packet. The
hardware RPF check is done, not on the tunnel interface directly, but on the loopback port - the
hardware compares this port number with the port number configured in the Multicast table (s,g)
entry. If they match, the packet is routed. Otherwise it is sent to the CPU for error processing. In