From: ali (asayyed@atheer.net.sa)
Date: Tue Jun 15 2004 - 14:06:47 GMT-3
What about if we create authentication between them .. which will stop any
multicast unless from authenticated interface
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of John
Underhill
Sent: Monday, June 14, 2004 9:24 PM
To: Godswill Oletu; Dan; Karim
Cc: ccielab@groupstudy.com
Subject: Re: OSPF over broadcast - drop mulitcast.
Why not just change the ospf network type to non-broadcast? Non broadcast
uses directed unicasts to exchange routing information..
An adjacency using the broadcast model and deb ip packet, shows the
multicast traffic:
R2#clear ip ospf pr
Reset ALL OSPF processes? [no]: y
R2#
00:29:49: IP: s=172.16.40.2 (local), d=224.0.0.5 (Ethernet0), len 68,
sending br
oad/multicast
00:29:50: IP: s=172.16.40.1 (Ethernet0), d=224.0.0.5, len 68, rcvd 0
Change the network type to non-broadcast, clear the process and this is what
you see:
R2#clear ip ospf pr
Reset ALL OSPF processes? [no]: y
R2#
00:27:17: IP: s=172.16.40.2 (local), d=172.16.40.1 (Ethernet0), len 68,
sending
00:27:18: IP: s=172.16.40.2 (local), d=172.16.40.1 (Ethernet0), len 128,
sending
00:27:18: %OSPF-5-ADJCHG: Process 110, Nbr 201.1.1.1 on Ethernet0 from FULL
to D
OWN, Neighbor Down: Interface down or detached
00:27:21: IP: s=172.16.40.1 (Ethernet0), d=172.16.40.2, len 84, rcvd 0
You can clearly see that updates are now being unicast between neighbor
addresses.
----- Original Message -----
From: "Godswill Oletu" <oletu@inbox.lv>
To: "Dan" <dans@danbsd.a.la>; "Karim" <karim_ccie@hotmail.com>
Cc: <ccielab@groupstudy.com>
Sent: Monday, June 14, 2004 1:25 PM
Subject: Re: OSPF over broadcast - drop mulitcast.
> OSPF uses multicast address 224.0.0.5 and 224.0.0.6 to form adjacency and
> send their hello packets.
>
> Why not try to apply these access-list to the interfaces between both
> routers.
>
> R(config)#Access-list 1 permit 224.0.0.5 0.0.0.0
> R(config)#Access-list 1 permit 224.0.0.6 0.0.0.0
> R(config)#Access-list 1 deny 224.0.0.0 0.255.255.255
> R(config)#Access-list 1 permit any any
>
> The above access-list should work, however note that:
>
> All routers uses : 224.0.0.1
> EIGRP uses 224.0.0.10
> RIPv2 uses 224.0.0.9
>
> So, you may have to adjust your access-list to accommodate other routing
> protocols running in your environment.
>
> my 0.02 cents
>
> ----- Original Message -----
> From: "Dan" <dans@danbsd.a.la>
> To: "Karim" <karim_ccie@hotmail.com>
> Cc: <ccielab@groupstudy.com>
> Sent: Monday, June 14, 2004 2:38 AM
> Subject: Re: OSPF over broadcast - drop mulitcast.
>
>
> > Maybe using tunnel interface between the two?
> >
> >
> > Karim wrote:
> >
> > >Hi all,
> > >
> > >Need your help in the following problem:
> > >
> > >Having two routers on the same ethernet segment, asked to drop
multicast
> > >traffic betwen the two routers. Meanwhile make sure that adjacecny will
> still
> > >established between the two routers.
> > >
> > >I was thinking about a passive interface on both routers but passive
> interface
> > >will drop the adjacency. So would it be solved with passive plus
neighbor
> > >command on both routers ?? Any ideas ??? am I thinking in the right
> direction
> > >??
> > >
> > >Thanks in advance,
> > >Karim.
> > >
> > >_______________________________________________________________________
> > >Please help support GroupStudy by purchasing your study materials from:
> > >http://shop.groupstudy.com
> > >
> > >Subscription information may be found at:
> > >http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:41 GMT-3