3com 8807 사용자 가이드
468
C
HAPTER
44: PIM-SM C
ONFIGURATION
Configuring the filtering
of multicast
source/group
Configuring the filtering
of PIM neighbor
Refer to “Configuring the Maximum Number of PIM Neighbor on an Interface”
“Configuring the Maximum Number of PIM Neighbor on an Interface”.
“Configuring the Maximum Number of PIM Neighbor on an Interface”.
Configuring RP to Filter
the Register Messages
Sent by DR
In the PIM-SM network, the register message filtering mechanism can control
which sources to send messages to which groups on the RP, i.e., RP can filter the
register messages sent by DR to accept specified messages only.
which sources to send messages to which groups on the RP, i.e., RP can filter the
register messages sent by DR to accept specified messages only.
Perform the following configuration in PIM view.
If an entry of a source group is denied by the ACL, or the ACL does not define
operation to it, or there is no ACL defined, the RP will send RegisterStop messages
to the DR to prevent the register process of the multicast data stream.
operation to it, or there is no ACL defined, the RP will send RegisterStop messages
to the DR to prevent the register process of the multicast data stream.
c
CAUTION: Only the register messages matching the ACL permit clause can be
accepted by the RP. Specifying an undefined ACL will make the RP deny all register
messages.
accepted by the RP. Specifying an undefined ACL will make the RP deny all register
messages.
Limiting the range of
legal BSR
To prevent the legal BSR from being replaced maliciously in the network, you can
limit the range of legal BSR. Other BSR messages beyond the range are not
received by the router and thus ensure the BSR security.
limit the range of legal BSR. Other BSR messages beyond the range are not
received by the router and thus ensure the BSR security.
Perform the following configuration in PIM view.
For detailed information of bsr-policy, refer to the 3Com Switch 8800 Family
Series Routing Switches Command Manual.
Series Routing Switches Command Manual.
Limiting the range of
legal C-RP
To avoid C-RP spoofing, you can limit the range of legal C-RP and limit the groups
that each C-RP servers.
that each C-RP servers.
Perform the following configuration in PIM view.
Table 461 Configure RP to filter the register messages sent by DR
Operation
Command
Configure RP to filter the register messages sent by DR
register-policy acl-number
Cancel the configured filter of messages
undo register-policy
Table 462 Limit the range of legal BSR
Operation
Command
Set the limit legal BSR range
bsr-policy acl-number
Restore to the default setting
undo bsr-policy