From: Tony Paterra (apaterra@gmail.com)
Date: Tue May 16 2006 - 17:03:08 ART
Hey all, another multicast question... I'm trying to control what
multicast groups users can join on a specific interface (for instance
everyone an Router A's Ethernet interface can't join Administratively
scoped groups). The examples I've seen of doing this involve the
following...
RouterA(config-if)#ip igmp access-group 1
RouterA(config)#access-list 1 deny 239.0.0.0 0.255.255.255
RouterA(config)#access-list 1 permit any
My question is targetted at understanding if this operates the same
for potential IGMP v1 receivers as well as IGMP v2 . That is to
say... If I have a v1 PC on that LAN that sends an IGMP Membership
Report (v1) is the router smart enough to dig inside of the v1 packet
to get the group address and say "no you can't join 239.x.x.x" even
though the packets will be destined for 224.0.0.1.
Also if you could explain why a standard access list works in this
case. Logic tells me that this should only work on IGMP traffic
sourced from 239.x.x.x, but that wouldn't be the case for IGMP
Membership Reports (they would be sourced from whatever the host IP
is), they would be destined for that address so my logic seems to be
fundamentally wrong...
Thanks,
-- Tony Paterra apaterra@gmail.com
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:21 ART