From: Mike Kraus \(mikraus\) (mikraus@cisco.com)
Date: Sun Jul 01 2007 - 15:59:19 ART
From my testing, it appears so. It essentially just builds a list of
RPs (with groups if desired) that can be selected as a RPs. Only word
of note, you need to apply this to every router in the multicast domain
(you can't apply this in one place and it "filter" the spoofed RP or
anything).
So, just say RP 1.1.1.1 is the good one, just add ip pim accept-rp
1.1.1.1 to all your routers and then you're good to go.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
sam s
Sent: Saturday, June 30, 2007 3:01 PM
To: ccielab@groupstudy.com
Subject: RP spoofing
Hello Group,
Can ip pim accept-rp (rp#) (acl-group) help in preventing Rp spoofing.
Best Wishes,
SAMARTH
This archive was generated by hypermail 2.1.4 : Sat Aug 18 2007 - 08:17:39 ART