In SSM, Source-Specific Multicast, things are done differently from standard multicast forwarding. SSM is specifying a group of hosts that are receiving same multicast stream using group IP address and additionally using stream unicast source IP.
In this article it is shown how to configure Source Specific Multicast on Cisco and Juniper equipment.
In standard multicast, forwarding is done using group IP address which is an IP from multicast dedicated range 184.108.40.206/4 (220.127.116.11 – 18.104.22.168) or FF00::/8 in IPv6. Each multicast group IP address is a single address which specifies all hosts receiving a specific stream, streamed towards that group IP address from multicast source. In standard multicast everybody can start to stream with some IP multicast group IP, becoming in that way, the multicast source.
SSM group is usually referred to as a channel and identified as (S,G) with S being the source IP and G representing multicast group address. There is a subset of multicast group address range reserved specifically for SSM, 22.214.171.124/8 in IPv4 and FF3x::/ for IPv6. If needed, Cisco and Juniper can be configured to use other multicast addresses with SSM.
SSM is better that ASM in some specific cases. By using Source and Group IP together for channel definition, it is possible for the same group address to be used by multiple multicast sources making the each of the channels unique. This is more secure and usable in the situation where we need to have many sources and where hosts need to receive the streams only from approved and secure sources.
The best thing about SSM is its simplicity. It does not need to have and RPs configured (rendezvous point). Source is always defined in advance and the hosts that need some specific stream all have the stream source and group IP defined in their applications which will be used to get the stream. In that way, multicast tree is built directly from host to the source.
SSM is an enhancement of PIM sparse mode protocol. For it to work all we need to do on our network is to enable PIM sparse mode on all interfaces where multicast stream will be forwarded. Additionally, IGMPv3 is used on interfaces facing hosts that will require to join multicast stream. IGMPv3 is enabling the router to see that somebody is requesting SSM multicast stream and to tell PIM-SSM to start building the (S,G) tree towards the multicast source.
Juniper SSM Configuration
For Juniper devices, it is enough to enable PIM on all interfaces where multicast will be forwarded and IGMPv3 on LAN interfaces facing hosts that will connect to multicast stream
user@R1# set protocols pim interface ge-0/0/1.0 mode sparse version 2 user@R1# set protocols igmp interface ge-0/0/5.0 version 3
user@R2# set protocols pim interface ge-0/0/0.0 mode sparse version 2 user@R2# set protocols pim interface ge-0/0/1.0 mode sparse version 2
user@R3# set protocols pim interface ge-0/0/0.0 mode sparse version 2
If you want to use some non-SSM specific multicast group rather than 126.96.36.199/8 you will need to specify that to the router.
user@R1# set routing-options multicast ssm-groups 188.8.131.52/8 user@R2# set routing-options multicast ssm-groups 184.108.40.206/8 user@R3# set routing-options multicast ssm-groups 220.127.116.11/8
Additionally, if your hosts which will request and join to SSM multicast sources do not all support IGMPv3, you will need to configure SSM mapping on the router which is facing the hosts, in this case R1. SSM mapping will catch IGMPv1 and IGMPv2 membership reports and translate it to IGMPv3 report. It is a transition technique for use until your hosts get patched to support IGMPv3.
set policy-options policy-statement SSM-Policy term A from route-filter 18.104.22.168/32 exact set policy-options policy-statement SSM-Policy term A then accept set routing-options multicast interface ge-0/0/5 set routing-options multicast ssm-map SSM-MAP policy SSM-Policy set routing-options multicast ssm-map SSM-MAP source 172.16.10.100 set protocols igmp interface ge-0/0/5.0 ssm-map SSM-MAP
Cisco SSM Configuration
For Cisco routers, you need to globally enable PIM-SSM on all routers in the topology.
Router(config)#ip multicast-routing Router(config)#ip pim ssm default
Then it will be enough to enable PIM on all interfaces in-between the routers and IGMPv3 on interface facing hosts.
R1(config)#interface Gi0/0/0 R1(config-if)# ip igmp version 3 R1(config)#interface Gi0/0/1 R1(config-if)# ip pim sparse-dense-mode
R2(config)#interface Gi0/0/0 R2(config-if)# ip pim sparse-dense-mode R2(config)#interface Gi0/0/1 R2(config-if)# ip pim sparse-dense-mode
R3(config)#interface Gi0/0/0 R3(config-if)# ip pim sparse-dense-mode
It is also needed to specifically configure non-SSM specific multicast group rather than 22.214.171.124/8 if you want to use them with SSM on Cisco device.
Router(config)#access-list 11 permit 126.96.36.199 255.255.255.255 Router(config)#ip pim ssm 11