All things related to multicast

[Bill Owens <>]

On Thu, Jun 19, 2008 at 07:55:38AM -0400, Michael Lambert wrote:
> Not being a true multicast practitioner, but would it help to turn off  
> MSDP and bid adieu to ASM?  I guess this is as much a political  
> question as a technical question.

No, although MSDP has certainly been a problem in the past, it isn't the 
cause this time. From what I can see, we have two issues:

1. Network equipment that is either configured or defaults to listen to 
traffic in the SAP group; for example, Cisco routers with "ip sap listen" 
configured on an interface. This causes high CPU utilization, and depending 
on the hardware and other confiugration the effects can range from dropped 
traffic to BGP bouncing to crashes.

2. Sites with relatively small uplink bandwidth that happen to have a SAP 
listener running, something as simple as VLC with SAP Announcements selected. 
Although VLC appears to be stable even when receiving high SAP traffic, the 
volume in the last two incidents was enough to congest the uplink for someone 
with less than 25-30 Mbps of available bandwidth.

Rate limiting the SAP group will solve both of these problems if it is 
implemented throughout the network. However, I doubt whether the effort 
required to implement that thorough a configuration is greater than the 
continuing value of SAP/SDP. Looking at the display in VLC just now, I have 
44 working streams (though that's being generous, at least 8 of them had no 
a/v content) and 51 non-working. I've long been in the habit of warning 
people who want to test multicast that they have no better than a 50/50 
chance of picking a working stream at random.

One other approach to fixing this problem might be to convince the fine folks 
who 'maintain' the miniSAPserver to stop distributing it. That only prevents 
one, accidental DoS vector; the problem remains that some substantial 
fraction of the multicast-enabled network is vulnerable if someone sends high 
traffic into the SAP group. To a certain extent this is a problem inherent to 
ASM, but made much worse by the high likelihood that a site will have at 
least one SAP listener. Other than perhaps one of the beacon groups, you'd be 
lucky to find a single group that would have so many receivers.

Since this has become a recurring problem I'm going to approach it through 
education; telling people not to leave a SAP listener running on their 
desktop, and getting them to disable sap listen on their routers. Hopefully 
that will be enough. But I wonder whether it is time to start down the road 
towards deprecation. . .

Bill.