This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.
CCIE #29033
This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.
You can also follow me on twitter @FE80CC1E
In order to ensure AutoRP and the administratively scoped multicast addresses do not leak outside or into your multicast domain you need to filter the following:
224.0.1.40 -
The Cisco multicast router AUTO-RP-DISCOVERY address is the destination address for messages from the RP mapping agent to discover candidates
224.0.1.39 -
The Cisco multicast router AUTO-RP-ANNOUNCE address is used by RP mapping agents to listen for candidate announcements
239.0.0.0/8 -
Administratively Scoped
Create an ACL denying the respective IP's and ranges
access-list 24 deny 224.0.1.39
access-list 24 deny 224.0.1.40
access-list 24 deny 239.0.0.0 0.255.255.255
access-list 24 permit any
Apply to the interface using " ip multicast boundary"
inter fas 0/1
ip multicast boundary 24
1 comments:
A good companion article to this would be something on BSR boundary. BSR is the configuration of choice for the IE SP and is open standards.
Post a Comment