From: gladston@br.ibm.com
Date: Sat Aug 13 2005 - 11:46:59 GMT-3
If Security and SSM are tasks on the same interface where, would you agree with these commands to permit SSM operation?
When using IGMPv3 lite
permit IGMPv1/IGMPv2 group membership report join IN
When using URD
permit TCP port 465 IN
Config would be:
IGMPv3 lite
RTR01CPR(config)#ip pim ssm range 80
RTR01CPR(config)#access-lis 80 permit 239.10.0.0 0.0.255.255
RTR01CPR(config-if)#ip pim sparse-m
RTR01CPR(config-if)#ip igmp v3lite
RTR01CPR(config-if)#ip access-group 120 in
RTR01CPR(config)access-list 120 permit udp any 239.10.0.0 0.0.255.255
URD
RTR01CPR(config)#ip pim ssm range 80
RTR01CPR(config)#access-lis 80 permit 239.10.0.0 0.0.255.255
RTR01CPR(config-if)#ip pim sparse-m
RTR01CPR(config-if)#ip urd
RTR01CPR(config-if)#ip access-group 140 in
RTR01CPR(config)access-list 140 permit tcp any any eq 465
Do you know a way to test SSM using only routers?
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3