3com 8807 用户指南
Managed multicast Configuration
437
Managed multicast
Configuration
Configuration
Managed multicast
Overview
The managed multicast feature controls user’s authority to join multicast groups.
This feature is based on ports: users must first pass the 802.1x authentication set
for their ports. Then they are allowed to join the multicast groups specifically
configured for them but are prohibited from joining any multicast group they are
not authorized to join. In this way, users access to specific multicast groups under
control.
This feature is based on ports: users must first pass the 802.1x authentication set
for their ports. Then they are allowed to join the multicast groups specifically
configured for them but are prohibited from joining any multicast group they are
not authorized to join. In this way, users access to specific multicast groups under
control.
Prerequisites of multicast authentication:
■
802.1x is enabled both globally and on ports. Then, when you enable managed
multicast, all IGMP report messages are legal. Then the system allows users to
join any group and cannot control the access to multicast groups.
multicast, all IGMP report messages are legal. Then the system allows users to
join any group and cannot control the access to multicast groups.
■
The managed multicast is based on port. The 802.1x mode on port must be
port authentication. Otherwise, the system discards all IGMP report messages
without any processing.
port authentication. Otherwise, the system discards all IGMP report messages
without any processing.
Configuring Managed
Multicast
Perform the following configurations in system view.
Perform the following configuration in local user view.
Configure managed multicast in local user view
c
CAUTION: In local user view, before executing this command, you must configure
user service type to LAN-ACCESS, which is the only one supported by managed
multicast at present.
user service type to LAN-ACCESS, which is the only one supported by managed
multicast at present.
Table 427 Set/remove the managed multicast function of the system
Operation
Command
Enable managed multicast
ip managed-multicast
Disable managed multicast
undo ip managed-multicast
Table 428 Set managed multicast for users in a specific domain
Operation
Command
Set the multicast group which users in the
specified domain are authorized to join
specified domain are authorized to join
local-user multicast [ domain domain-name
] ip-address [ mask-length ]
] ip-address [ mask-length ]
Remove the multicast group which users in
the specified domain are authorized to join
the specified domain are authorized to join
undo local-user multicast [ domain
domain-name ] ip-address
domain-name ] ip-address
Table 429 Set/remove the multicast group which users are authorized to join
Operation
Command
Set multicast group which users are
authorized to join (managed multicast)
authorized to join (managed multicast)
multicast ip-address [ ip-address &<1-9> |
mask-length ]
mask-length ]
Remove the specified managed multicast
undo multicast { ip-address [ ip-address
&<1-9> ] | all }
&<1-9> ] | all }