No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - IP Multicast 01

This is NE40E V800R010C10SPC500 Configuration Guide - IP Multicast
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Setting a Valid C-RP Address Range

Setting a Valid C-RP Address Range

You can create ACL rules on all Candidate-BootStrap Routers (C-BSRs) for filtering Candidate-Rendezvous Point (C-RP) addresses and the addresses of groups that C-RPs serve. A BSR accepts the Advertisement messages and adds C-RP information to the RP-Set only when C-RP addresses and the addresses of the groups that C-RPs serve in the Advertisement messages are within the valid address range. Thus, the C-RP spoofing is prevented.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run acl { name advance-acl-name [ advance | [ advance ] number advance-acl-number ] | [ number ] advance-acl-number } [ match-order { config | auto } ]

    An advanced ACL is created, and the advanced ACL view is displayed.

  3. Run rule [ rule-id ] [ name rule-name ] { deny | permit } ip [ destination { destination-ip-address { destination-wildcard | 0 } | any } | source { source-ip-address { source-wildcard | 0 } | any } ] *

    Rules are configured for the advanced ACL.

    Run the rule command, set the source parameter to a valid C-RP source address range, and set the destination parameter to a multicast group address range to be served by C-RPs.

  4. Run quit

    Return to the system view.

  5. Run pim [ vpn-instance vpn-instance-name ]

    The PIM view is displayed.

  6. Run crp-policy { advanced-acl-number | acl-name acl-name }

    A valid C-RP address range is set to limit the range of groups that C-RPs serve.

    • If C-RP addresses or the addresses of the groups that the C-RPs serve carried in the Advertisement messages are denied by the ACL or the ACL does not define the action on the messages, the BSR discards the Advertisement message, and therefore C-RP information is not added to the RP-Set.

    • If no ACL rule corresponding to the specified advanced-acl-number exists, the BSR also denies all the Advertisement messages, and C-RP information is not added to the RP-Set.

    NOTE:
    • If an Advertisement message from a C-RP matches an ACL rule and the action is permit, the BSR permits this message.
    • If an Advertisement message from a C-RP matches an ACL rule and the action is deny, the BSR denies this message.
    • If an Advertisement message from a C-RP does not match any ACL rule, the BSR denies this message.
    • If a specified ACL does not exist or does not contain rules, the BSR denies all messages from any C-RP.

  7. Run commit

    The configuration is committed.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055017

Views: 43371

Downloads: 97

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next