No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - IP Multicast 01

This is NE40E V800R010C10SPC500 Configuration Guide - IP Multicast
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Filtering Policies for SA Messages

Configuring Filtering Policies for SA Messages

By default, an MSDP peer permits all Source Active (SA) messages that pass the Reverse Path Forwarding (RPF) check, and forwards the SA messages to all remote MSDP peers. To control the transmission of SA messages among MSDP peers, configure policies to filter SA messages to be constructed, received, and forwarded.

Procedure

  • Configure a policy to filter SA messages to be constructed on the source 's Rendezvous Point (RP).
    1. Run system-view

      The system view is displayed.

    2. Configure a basic or an advanced ACL as needed.

      • Configure a basic ACL.

        1. Run acl [ number ] basic-acl-number [ match-order { auto | config } ]

          A basic ACL is created, and the basic ACL view is displayed.

        2. Run rule [ rule-id ] [ name rule-name ] { deny | permit } source { source-ip-address { source-wildcard | 0 } | any }

          Rules are configured for the basic ACL.

      • Configure an advanced ACL.

        1. Run acl { name advance-acl-name [ advance | [ advance ] number advance-acl-number ] | [ number ] advance-acl-number } [ match-order { config | auto } ]

          An advanced ACL is created, and the advanced ACL view is displayed.

        2. Run rule [ rule-id ] [ name rule-name ] { deny | permit } ip [ destination { destination-ip-address { destination-wildcard | 0 } | any } | source { source-ip-address { source-wildcard | 0 } | any } ] *

          Rules are configured for the advanced ACL.

      If a basic ACL is used, run the rule command and set the source parameter to the source address of multicast packets.

      If an advanced ACL is used, run the rule command, set the source parameter to the source address of multicast packets, and set the destination parameter to a multicast group address.

    3. Run quit

      Return to the system view.

    4. Run msdp [ vpn-instance vpn-instance-name ]

      The MSDP view is displayed.

    5. Run import-source [ acl { acl-number | acl-name } ]

      A policy is configured to filter SA messages to be constructed on the source 's RP.

      acl basic-acl-number: defines a filtering policy. The source's RP filters locally registered and active multicast sources, and determines (S, G) information to be advertised based on the configured policy.

      • If no ACL is specified, the SA message does not carry information about any local active source.

      • If an ACL is specified, the source's RP constructs an SA message carrying information only about the local sources matching the ACL to control the advertisement of local (S, G) information.

    6. Run commit

      The configuration is committed.

  • Configure a policy to filter SA messages to be received from remote MSDP peers.
    1. Run system-view

      The system view is displayed.

    2. Run acl { name advance-acl-name [ advance | [ advance ] number advance-acl-number ] | [ number ] advance-acl-number } [ match-order { config | auto } ]

      An advanced ACL is created, and the advanced ACL view is displayed.

    3. Run rule [ rule-id ] [ name rule-name ] { deny | permit } ip [ destination { destination-ip-address { destination-wildcard | 0 } | any } | source { source-ip-address { source-wildcard | 0 } | any } ] *

      Rules are configured for the advanced ACL.

      Run the rule command, set the source parameter to the source address of SA messages, and set the destination parameter to a multicast group address.

    4. Run quit

      Return to the system view.

    5. Run msdp [ vpn-instance vpn-instance-name ]

      The MSDP view is displayed.

    6. Run peer peer-address sa-policy import [ acl { advanced-acl-number | acl-name } ]

      A policy is configured to filter SA messages to be received from remote MSDP peers.

      peer-address: specifies the IP address of a remote MSDP peer.

      acl advanced-acl-number: defines a filtering policy. When the SA message sent by a remote MSDP peer reaches the router, the router determines whether to permit the message based on the configured policy.

      • If no ACL is specified, the router does not permit any (S, G) information received from peer-address.

      • If an ACL is specified, the router permits the (S, G) information that is received from peer-address and matches the specified ACL.

    7. Run commit

      The configuration is committed.

  • Configure a policy to filter SA messages to be forwarded to remote MSDP peers.
    1. Run system-view

      The system view is displayed.

    2. Run acl { name advance-acl-name [ advance | [ advance ] number advance-acl-number ] | [ number ] advance-acl-number } [ match-order { config | auto } ]

      An advanced ACL is created, and the advanced ACL view is displayed.

    3. Run rule [ rule-id ] [ name rule-name ] { deny | permit } ip [ destination { destination-ip-address { destination-wildcard | 0 } | any } | source { source-ip-address { source-wildcard | 0 } | any } ] *

      Rules are configured for the advanced ACL.

      Run the rule command, set the source parameter to the source address of SA messages, and set the destination parameter to a multicast group address.

    4. Run quit

      Return to the system view.

    5. Run msdp [ vpn-instance vpn-instance-name ]

      The MSDP view is displayed.

    6. Run peer peer-address sa-policy export [ acl { advanced-acl-number | acl-name } ]

      A policy is configured to filter SA messages to be forwarded to remote MSDP peers

      peer-address: specifies the IP address of a remote MSDP peer.

      acl advanced-acl-number: defines a filtering policy. The router determines whether to forward the received SA messages based on the configured policy.

      • If no ACL is specified, the router does not forward any (S, G) information to peer-address.

      • If an ACL is specified, the router forwards only the (S, G) information that matches the specified ACL to peer-address.

    7. Run commit

      The configuration is committed.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055017

Views: 43027

Downloads: 97

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next