Brocade Communications Systems Upgrade Pef IPMC5000PEF IPMC5000PEF Manual Do Utilizador
Configuration considerations
•
Only one ACL can be bound to any interface.
•
Normal ACL restrictions apply as to how many software ACLs can be created, but there is no
hardware restrictions on ACLs with this feature.
hardware restrictions on ACLs with this feature.
•
Creation of a static MLD client is allowed for a group on a port that may be prevented from
participation in the group on account of an ACL bound to the port’s interface. In such a situation,
the ACL would prevail and the port will not be added to the relevant entries.
participation in the group on account of an ACL bound to the port’s interface. In such a situation,
the ACL would prevail and the port will not be added to the relevant entries.
•
Either standard or extended ACLs can be used with the multicast boundary feature. When a
standard ACL is used, the address specified is treated as a group address and NOT a source
address.
standard ACL is used, the address specified is treated as a group address and NOT a source
address.
•
When a boundary is applied to an ingress interface, all packets destined to a multicast group that is
filtered out will be dropped by software. Currently, there is no support to drop such packets in
hardware.
filtered out will be dropped by software. Currently, there is no support to drop such packets in
hardware.
•
The ipv6 multicast-boundary command may not stop clients from receiving multicast traffic if the
filter is applied on the egress interface up-stream from RP.
filter is applied on the egress interface up-stream from RP.
Configuring multicast boundaries
To define boundaries for PIM enabled interfaces, enter commands such as the following.
device(config)# interface ethernet 1/2
device(config-if-e1000-1/2)#ipv6 multicast-boundary MyBrocadeAccessList
Syntax: [no] ipv6 multicast-boundary acl-spec
Use the acl-spec parameter to define the number or name identifying an access list that controls the
range of group addresses affected by the boundary.
range of group addresses affected by the boundary.
Use the no ipv6 multicast boundary command to remove the boundary on a PIM enabled interface.
The ACL, MyBrocadeAccessList can be configured using standard ACL syntax. Some examples of how
ACLs can be used to filter multicast traffic are as follows:
ACLs can be used to filter multicast traffic are as follows:
ACL to permit multicast traffic
To permit multicast traffic for group ff1e::300 and deny all other traffic, enter the following commands.
Brocade(config)# ipv6 access-list abc
Brocade(config-ipv6-access-list abc)# permit ipv6 any host ff1e::300
Brocade(config-ipv6-access-list abc)# deny ipv6 any any
To permit multicast data traffic from source 5555::14 for group ff55::5514 and deny all other traffic, enter
the following commands.
the following commands.
Brocade(config)# ipv6 access-list ex2
Brocade(config-ipv6-access-list ex2)# permit ipv6 host 5555::14 host ff55::5514
Brocade(config-ipv6-access-list ex2)# deny ipv6 any any
ACL to deny multicast traffic
To deny multicast data traffic for group ff55::55 and permit all other traffic, enter the following
commands.
commands.
Brocade(config)# ipv6 access-list ex1
Brocade(config-ipv6-access-list ex1)# deny ipv6 any host ff55::55
Brocade(config-ipv6-access-list ex1)# permit ipv6 any any
Configuration considerations
FastIron Ethernet Switch IP Multicast Configuration Guide
207
53-1003085-02