From: B Kim (beokim@comcast.net)
Date: Mon Feb 28 2005 - 18:08:54 GMT-3
Hi
Basically I agree. In fact, this question is from NMC Workbook 6.15.
The question (somewhat vague, actually most NMC questions are) that I
interpreted requires that "all multicast traffic should be denied" on a
VLAN, in which OSPF is running.
So I configured the VLAN access map that forwards 224.0.0.5 and
224.0.0.6, and denies all multicast (224.0.0.0/4), and lastly permits
all. And this solution works.
But the solution guide configures "storm-control multicast 0.0" on the
vlan in question. I thought this would break OSPF neighbor relationship.
But interestingly, it didn't. OSPF works just fine.
I am still not sure how it works.
Thanks
Beomsu Kim
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Bob Sinclair
Sent: Monday, February 28, 2005 1:38 PM
To: Nazgulero; 'CCIE Study Group'
Subject: Re: Correction - Storm-Control Level 0
Georg,
What I saw seems to indicate that storm control 0.0 would block
multicast
routing updates if they got to a level that was "detectable". Normal
OSPF
updates are so low-rate that they appear not to be measurable as a
percent of
bandwidth. But if they get to a level above 1 pps, it looks like they
would
trigger it. At least, that is what I seem to be seeing.
As a practical matter, I don't think I would implement a multicast
storm-control level of 0.0. Why put multicast control traffic at risk?
As a
lab matter, I would probably find a method other than storm-control if I
intended to block normal OSPF updates.
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: Nazgulero
To: Bob Sinclair ; B Kim ; 'CCIE Study Group'
Sent: Monday, February 28, 2005 2:06 PM
Subject: Re: Correction - Storm-Control Level 0
Hello Bob,
interesting. So the 0.0 is not really blocking all multicast
traffic...maybe
there is a built-in mechanism that lets regular routing protocol
multicast
traffic through...
Georg
----- Original Message -----
From: Bob Sinclair
To: Nazgulero ; B Kim ; 'CCIE Study Group'
Sent: Monday, February 28, 2005 5:16 PM
Subject: Re: Correction - Storm-Control Level 0
Georg,
By sending extended pings to the address 224.0.0.5, with a timeout
of 1
second and a datagram size of 1000 bytes I could get storm-control
multicast
to trigger. Regular 10-second hellos did not, however. The rate was
just
too low to register. Seems to me that regular OSPF multicast traffic
would
trigger storm-control if the rate was perceptible.
HTH,
Bob Sinclair
CCIE #10427, CCSI 30427, CISSP
www.netmasterclass.net
----- Original Message -----
From: Nazgulero
To: B Kim ; 'CCIE Study Group'
Sent: Monday, February 28, 2005 2:26 AM
Subject: Re: Correction - Storm-Control Level 0
Hello,
according to the documentation, a level of 0.0 should suppress all
multicast
traffic. I could not find anything regarding if that affects e.g.
RIP,
OSPF,
or HSRP multicast as well, does anybody have any info on that ?
Regards,
Georg
----- Original Message -----
From: "B Kim" <beokim@comcast.net>
To: "'CCIE Study Group'" <ccielab@groupstudy.com>
Sent: Monday, February 28, 2005 3:16 AM
Subject: Correction - Storm-Control Level 0
> Correction - Actually my test shows that the multicast routing
protocol
> traffic is NOT affected by the storm-control multicast level 0
command.
>
> Thanks.
>
> Hi
>
> Does the "storm-control multicast level 0" command suppress all
> multicast traffic, including multicast routing protocol traffic?
>
> Based on my experiment, it looks like the case. I just want to
verify
> this.
>
> Appreciate in advance any reply.
>
> Thanks
> Beomsu Kim
> beokim@comcast.net
>
>
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:26 GMT-3