Re: RE: Practical Study2 Lab6: group-list doesn't work

From: l.tosolini@chello.nl
Date: Tue May 17 2005 - 18:03:10 GMT-3

• Next message: Richard Dumoulin: "RE: A bit OT - tunnel vs internet"
• Previous message: marvin greenlee: "RE: EIGRP Varience [bcc][faked-from]"
• Maybe in reply to: Scott Morris: "RE: Practical Study2 Lab6: group-list doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Brian,
the links you suggested explains why the access-list written with the deny statement doesn't work:

'Once a single "candidate RP" advertises a negative prefix, it will override any other "positive" advertisements for the same group prefix'

So be carefull with deny in group list ....
Thanks,
Luca.

>
> van: "Brian Dennis" <bdennis@internetworkexpert.com>
> datum: 2005/05/16 ma PM 07:06:29 CEST
> aan: <l.tosolini@chello.nl>,
> <ccielab@groupstudy.com>
> onderwerp: RE: Practical Study2 Lab6: group-list doesn't work
>
> Try these links from Cisco's "Guide to Auto-RP Configuration and
> Diagnostics document:
>
> ftp://ftpeng.cisco.com/ipmulticast/autorp.html#Commonerrors
>
> ftp://ftpeng.cisco.com/ipmulticast/autorp.html#megativeprefix
>
>
> Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
>
> bdennis@internetworkexpert.com
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Direct: 775-745-6404 (Outside the US and Canada)
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> l.tosolini@chello.nl
> Sent: Monday, May 16, 2005 9:33 AM
> To: ccielab@groupstudy.com
> Subject: Practical Study2 Lab6: group-list doesn't work
>
> Hi group,
> the group-list for R13 as suggested in the book doesn't work and r13
> becomes the RP for all 224.0.0.0/4
> See here:
> r13 loopback = 192.168.255.13
> r5 loopback = 192.168.255.5
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> r13
> ip pim send-rp-announce Loopback0 scope 16 group-list 8
> access-list 13 deny 239.0.0.0 0.255.255.255
> access-list 13 permit 224.0.0.0 15.255.255.255
>
> r6#show ip pim rp mapping 238.1.1.1
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 224.0.0.0/4
> RP 192.168.255.13 (?), v2v1
> Info source: 192.168.255.13 (?), elected via Auto-RP
> Uptime: 00:03:00, expires: 00:02:57
> r6#show ip pim rp mapping 239.1.1.1
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 224.0.0.0/4
> RP 192.168.255.13 (?), v2v1
> Info source: 192.168.255.13 (?), elected via Auto-RP
> Uptime: 00:03:04, expires: 00:02:53
> Group(s) (-)239.0.0.0/8
> RP 192.168.255.13 (?), v2v1
> Info source: 192.168.255.13 (?), elected via Auto-RP
> Uptime: 00:03:04, expires: 00:02:52
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~
>
> To achieve the goal of having R13 for 'all multicast groups, except
> administratively scoped addresses' I had to rewrite the ACL in the
> following funny way !! It seems that the 'deny' it is not taken
> correctly. Any idea?
>
> r13
> ip pim send-rp-announce Loopback0 scope 16 group-list 7
> access-list 7 permit 224.0.0.0 0.255.255.255
> access-list 7 permit 225.0.0.0 0.255.255.255
> access-list 7 permit 226.0.0.0 0.255.255.255
> access-list 7 permit 227.0.0.0 0.255.255.255
> access-list 7 permit 228.0.0.0 0.255.255.255
> access-list 7 permit 229.0.0.0 0.255.255.255
> access-list 7 permit 230.0.0.0 0.255.255.255
> access-list 7 permit 231.0.0.0 0.255.255.255
> access-list 7 permit 232.0.0.0 0.255.255.255
> access-list 7 permit 233.0.0.0 0.255.255.255
> access-list 7 permit 234.0.0.0 0.255.255.255
> access-list 7 permit 235.0.0.0 0.255.255.255
> access-list 7 permit 236.0.0.0 0.255.255.255
> access-list 7 permit 237.0.0.0 0.255.255.255
> access-list 7 permit 238.0.0.0 0.255.255.255
>
> r6#show ip pim rp mapping 238.1.1.1
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 238.0.0.0/8
> RP 192.168.255.13 (?), v2v1
> Info source: 192.168.255.13 (?), elected via Auto-RP
> Uptime: 00:29:53, expires: 00:02:06
> r6#show ip pim rp mapping 239.1.1.1
> PIM Group-to-RP Mappings
> This system is an RP-mapping agent (Loopback0)
>
> Group(s) 239.0.0.0/8
> RP 192.168.255.5 (?), v2v1
> Info source: 192.168.255.5 (?), elected via Auto-RP
> Uptime: 00:30:15, expires: 00:02:41
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Richard Dumoulin: "RE: A bit OT - tunnel vs internet"
• Previous message: marvin greenlee: "RE: EIGRP Varience [bcc][faked-from]"
• Maybe in reply to: Scott Morris: "RE: Practical Study2 Lab6: group-list doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:11:58 GMT-3