Re: Client/PC Based Multicast Filtering

From: Gregory Gombas (ggombas@gmail.com)
Date: Fri Sep 21 2007 - 10:57:09 ART

• Next message: Guyler, Rik: "RTP dates available in March"
• Previous message: Guyler, Rik: "RE: want to swap date , have 12 Feb and 6th jan in dubai"
• Maybe in reply to: Salau, Yemi: "Client/PC Based Multicast Filtering"
• Next in thread: Salau, Yemi: "RE: Client/PC Based Multicast Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Wait - but couldn't Joe's access-group be applied to the router or SVI
rather than every single switch port?

On 9/21/07, Salau, Yemi <yemi.salau@siemens.com> wrote:
> Hello Joseph,
>
> Thanks for your contribution, I'm not overthinking this, just trying to
> save myself of having to configure this for over 10,000 multicast PCs.
> As in I'll have to configure that access-group on all the ports that
> connects to 10,000 PCs ... Init?
>
> If there is no better way to do this, then I will have to just take my
> fate yet again!
>
> Many Thanks
>
> Yemi Salau
>
> -----Original Message-----
> From: Joseph Brunner [mailto:joe@affirmedsystems.com]
> Sent: Thursday, September 20, 2007 7:24 PM
> To: Salau, Yemi; 'Matthew Long'
> Cc: ccielab@groupstudy.com
> Subject: RE: Client/PC Based Multicast Filtering
>
> Why over think this?
>
> Why not...
>
> !deny certain pc's from sending igmp v2 join's
> access-list 101 deny igmp host 10.10.10.x host 239.1.1.1
> !
> access-list 101 deny igmp host 10.10.10.x host 239.1.1.1
> !
> !permit the others
> access-list 101 permit igmp host 10.10.10.5 host 239.1.1.1
> !
> !deny all other igmp
> access-list 101 deny igmp any any
> !
> permit all else
> !
> access-list 101 permit ip any any
> !
> Apply
> int f0/0
> ip access-group 101 in
>
> I just did this in my lab... seems to work...
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> Salau, Yemi
> Sent: Thursday, September 20, 2007 12:32 PM
> To: Matthew Long; Joseph Brunner
> Cc: ccielab@groupstudy.com
> Subject: Client/PC Based Multicast Filtering
>
> I was faced with a task to prevent some PCs(Clients) from joining 2
> particular multicast groups. IGMPv2 is in use ...
>
> How would you go about this, considering the fact that there are some
> Clients in same subnet, connected at same layer2 point on the network,
> who should be able to receive the multicast traffic.
>
> I was thinking of ip igmp access-group, but this will only prevent (S,G)
> feeds, as in, it only controls access based on the source of the feed
> and also the destination multicast address. But my headache is around
> prevent certain PCs from joining certain groups, if I implement ip igmp
> access-group, all pcs would potentially be prevented from joining the
> group.
>
> Another one I'm thinking is mac access-list, but then I will have to do
> this on all vlans across 3 different sites. What's the simplest way of
> doing this?
>
> Any Fresh ideas will be appreciated as my head is just too hot at the
> moment!
>
> Many Thanks
>
> Yemi Salau
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Guyler, Rik: "RTP dates available in March"
• Previous message: Guyler, Rik: "RE: want to swap date , have 12 Feb and 6th jan in dubai"
• Maybe in reply to: Salau, Yemi: "Client/PC Based Multicast Filtering"
• Next in thread: Salau, Yemi: "RE: Client/PC Based Multicast Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:15 ART