Cisco Systems 3130 User Manual
45-11
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter 45 Configuring MSDP
Configuring MSDP
Filtering Source-Active Request Messages
By default, only switches that are caching SA information can respond to SA requests. By default, such
a switch honors all SA request messages from its MSDP peers and supplies the IP addresses of the active
sources.
a switch honors all SA request messages from its MSDP peers and supplies the IP addresses of the active
sources.
However, you can configure the switch to ignore all SA requests from an MSDP peer. You can also honor
only those SA request messages from a peer for groups described by a standard access list. If the groups
in the access list pass, SA request messages are accepted. All other such messages from the peer for other
groups are ignored.
only those SA request messages from a peer for groups described by a standard access list. If the groups
in the access list pass, SA request messages are accepted. All other such messages from the peer for other
groups are ignored.
Beginning in privileged EXEC mode, follow these steps to configure one of these options. This
procedure is optional.
procedure is optional.
To return to the default setting, use the no ip msdp filter-sa-request {ip-address | name} global
configuration command.
configuration command.
This example shows how to configure the switch to filter SA request messages from the MSDP peer
at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are
accepted; all others are ignored.
at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are
accepted; all others are ignored.
Switch(config)# ip msdp filter sa-request 171.69.2.2 list 1
Switch(config)# access-list 1 permit 192.4.22.0 0.0.0.255
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
ip msdp filter-sa-request ip-address |
name
name
or
ip msdp filter-sa-request {ip-address |
name} list access-list-number
name} list access-list-number
Filter all SA request messages from the specified MSDP peer.
or
Filter SA request messages from the specified MSDP peer for groups
that pass the standard access list. The access list describes a multicast
group address. The range for the access-list-number is 1 to 99.
that pass the standard access list. The access list describes a multicast
group address. The range for the access-list-number is 1 to 99.
Step 3
access-list access-list-number {deny |
permit} source [source-wildcard]
permit} source [source-wildcard]
Create an IP standard access list, repeating the command as many times
as necessary.
as necessary.
•
For access-list-number, the range is 1 to 99.
•
The deny keyword denies access if the conditions are matched. The
permit keyword permits access if the conditions are matched.
permit keyword permits access if the conditions are matched.
•
For source, enter the number of the network or host from which the
packet is being sent.
packet is being sent.
•
(Optional) For source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
statement for everything.
Step 4
end
Return to privileged EXEC mode.
Step 5
show running-config
Verify your entries.
Step 6
copy running-config startup-config
(Optional) Save your entries in the configuration file.