From: Joseph Brunner (joe@affirmedsystems.com)
Date: Thu Sep 20 2007 - 15:23:39 ART
Why over think this?
Why not...
!deny certain pc's from sending igmp v2 join's
access-list 101 deny igmp host 10.10.10.x host 239.1.1.1
!
access-list 101 deny igmp host 10.10.10.x host 239.1.1.1
!
!permit the others
access-list 101 permit igmp host 10.10.10.5 host 239.1.1.1
!
!deny all other igmp
access-list 101 deny igmp any any
!
permit all else
!
access-list 101 permit ip any any
!
Apply
int f0/0
ip access-group 101 in
I just did this in my lab... seems to work...
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Salau, Yemi
Sent: Thursday, September 20, 2007 12:32 PM
To: Matthew Long; Joseph Brunner
Cc: ccielab@groupstudy.com
Subject: Client/PC Based Multicast Filtering
I was faced with a task to prevent some PCs(Clients) from joining 2
particular multicast groups. IGMPv2 is in use ...
How would you go about this, considering the fact that there are some
Clients in same subnet, connected at same layer2 point on the network,
who should be able to receive the multicast traffic.
I was thinking of ip igmp access-group, but this will only prevent (S,G)
feeds, as in, it only controls access based on the source of the feed
and also the destination multicast address. But my headache is around
prevent certain PCs from joining certain groups, if I implement ip igmp
access-group, all pcs would potentially be prevented from joining the
group.
Another one I'm thinking is mac access-list, but then I will have to do
this on all vlans across 3 different sites. What's the simplest way of
doing this?
Any Fresh ideas will be appreciated as my head is just too hot at the
moment!
Many Thanks
Yemi Salau
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:14 ART