[NE Router-Troubleshooting] The IPTV Has Sound but No Picture Due to Incorrect ACL Configurations

Fault Symptom

Router A and Router B function as PEs to provide IPTV services for users. To prevent users attached to the DSLAM to access the routers, an ACL is configured on each of the routers to permit only valid services.

After the network is configured, it is found that the IPTVs at the user side have sound but no picture.

Fault Analysis

1.     Access the DSLAM from a PC, and then demand IPTV programs through the video on-demand software. Then, the problem is reproduced.

2.     Check the traffic on the interface of the NIC of the PC. You can find that the volume of the traffic received by the PC is up to 1.4 Mbit/s. Normally, the traffic of an IPTV program is 0.7 Mbit/s. It is therefore suspected that no receiver's DR is elected from Router A and Router B and both devices send multicast data flows to the PC.

3.     Run the display acl acl-number command to check the ACL configuration. You can find that PIM Hello packets are filtered out because the ACL is configured. Consequently, the receiver's DR cannot be correctly elected, and multicast data flows cannot be correctly forwarded.

<HUAWEI> display acl 3001

Advanced ACL 3001, 10 rules

permits communication with DHCP server, IPTV portal, Multicast source equipment

at Headend

Acl's step is 5

 rule 5 permit udp source 0.0.0.0 0 destination-port range bootps bootpc

 rule 10 permit ip destination 10.80.8.0 0.0.0.255

 rule 20 permit ip destination 10.80.9.0 0.0.0.255

 rule 30 permit ip destination 10.227.0.0 0.0.255.255

 rule 40 permit ip destination 239.150.150.0 0.0.0.255

 rule 50 permit ip destination 239.150.151.0 0.0.0.255

 rule 60 permit ip destination 239.150.152.0 0.0.0.255

 rule 70 permit ip destination 239.150.153.0 0.0.0.255

 rule 80 permit ip destination 239.150.154.0 0.0.0.255

 rule 100 deny ip

Procedure

1.     Run the acl acl-number command on Router A and Router B respectively to enter the ACL view.

2.     Run the rule 90 permit ip destination 224.0.0.13 0.0.0.0 command to permit PIM Hello packets.

Summary

When configuring ACL rules, you must ensure that valid multicast protocol packets are not filtered out by the ACL rules. Otherwise, multicast data flows cannot be normally forwarded.