RE: Client/PC Based Multicast Filtering

From: Salau, Yemi (yemi.salau@siemens.com)
Date: Fri Sep 21 2007 - 06:00:06 ART

• Next message: Singhal: "Re: IT'S DONE. CCIE#18904"
• Previous message: alexey: "Re: whats the diff bet ^54$ and _54$"
• Maybe in reply to: Salau, Yemi: "Client/PC Based Multicast Filtering"
• Next in thread: Gregory Gombas: "Re: Client/PC Based Multicast Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You're a genius, I was discussing this with a fellow colleague from the
Microsoft team yesterday ... This is the easiest way out, the one a
friend of mine refer to as CHEATING!

But I agree with you that at that point, it'll be outside the scope of
network design and solution.

Many Thanks
 
Yemi Salau

-----Original Message-----
From: jerry.du@accenture.com [mailto:jerry.du@accenture.com]
Sent: Friday, September 21, 2007 9:45 AM
To: Salau, Yemi; mlong@comms-care.com; joe@affirmedsystems.com
Cc: ccielab@groupstudy.com
Subject: RE: Client/PC Based Multicast Filtering

I have an idea to do this but not sure it would meet your requirements
or not.
 
You may try add these clients into a special OU in AD, then apply group
policy to those clients's FW to deny those multicast address.

This may be out of network solution, but would be easier than config ACL
in each switch access port.

Regards,
Jerry

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Salau, Yemi
Sent: Friday, September 21, 2007 12:32 AM
To: Matthew Long; Joseph Brunner
Cc: ccielab@groupstudy.com
Subject: Client/PC Based Multicast Filtering

I was faced with a task to prevent some PCs(Clients) from joining 2
particular multicast groups. IGMPv2 is in use ...

How would you go about this, considering the fact that there are some
Clients in same subnet, connected at same layer2 point on the network,
who should be able to receive the multicast traffic.

I was thinking of ip igmp access-group, but this will only prevent (S,G)
feeds, as in, it only controls access based on the source of the feed
and also the destination multicast address. But my headache is around
prevent certain PCs from joining certain groups, if I implement ip igmp
access-group, all pcs would potentially be prevented from joining the
group.

Another one I'm thinking is mac access-list, but then I will have to do
this on all vlans across 3 different sites. What's the simplest way of
doing this?

Any Fresh ideas will be appreciated as my head is just too hot at the
moment!

Many Thanks
 
Yemi Salau

• Next message: Singhal: "Re: IT'S DONE. CCIE#18904"
• Previous message: alexey: "Re: whats the diff bet ^54$ and _54$"
• Maybe in reply to: Salau, Yemi: "Client/PC Based Multicast Filtering"
• Next in thread: Gregory Gombas: "Re: Client/PC Based Multicast Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:14 ART