From: Ahmed Elhoussiny (aelhoussiny@gmail.com)
Date: Sat Aug 09 2008 - 18:10:51 ART
As i remember from one of IE lab Tips
1- The filtring on RP must only have permit statments in its ACL. (
send-rp-announce
group-list #)
2- The rp-announce-filter will need to match the send-rp-announce filter
used by the cRPs.
If the groups requested by the RP do not match the mapping agent's
filters,
the cRPs requests that do not match will be discarded.
Example:
If the cRP asks for 228.0.0.0/8 and 229.0.0.0/8 but the MA is allowing
only 228.0.0.0/8 then the MA will filter the 229.0.0.0/8 and the cRP will be
the RP
for just 228/8. If the cRP asks for say 224.0.0.0/4 (all multicast groups)
but the
MA is only allowing 228.0.0.0/8 then the cRP's 224.0.0.0/4 announcement will
be
filtered by the MA and the cRP will not be the RP for any groups.
On 8/8/08, Igor Manassypov <imanassypov@rogers.com> wrote:
> As a side note on rp filtering - is there a difference between cutting a
> shortcut with subnet mask tricks versus listing out the required groups
> under the access list? I understand with the complete access list you will
> see the mapping explicitly, and with mask tricks you will only see a subnet
> - but would that be functionally equivalent?
>
> Hobbs <deadheadblues@gmail.com> wrote: Ok. I think I see how this works.
> Because R3 and R5 only send an RP message
> for 224.0.0.0/4 the mapping agent will not split this up. You have to
> break
> up the groups on the autorp-candidates.
>
> In other words If I do this on R3:
>
> access-list 3 permit 237.0.0.0 0.255.255.255
> access-list 3 permit 238.0.0.0 0.255.255.255
> access-list 3 permit 239.0.0.0 0.255.255.255
>
> ip pim send-rp-announce lo 0 scope 5 group-list 3
>
> Now R1 can filter the other groups except 239.0.0.0/8. Otherwise It just
> filters the only group it sees.
>
>
> On Fri, Aug 8, 2008 at 1:32 PM, Hobbs wrote:
>
> > Thank you for your reply. The task says to only configure R1.
> > Why would we have this feature available if you still had to filter on
> the
> > RP?
> >
> >
> > On Fri, Aug 8, 2008 at 1:26 PM, Mujeeb Sarwar wrote:
> >
> >>
> >> Hello Hobbs,
> >>
> >> You need to do filtering on RPs as well for respective groups.
> >>
> >>
> >> Regards,
> >>
> >> Mujeeb
> >>
> >> On Fri, Aug 8, 2008 at 10:17 PM, Hobbs wrote:
> >>
> >>> Hello,
> >>>
> >>> Here are my requirements:
> >>>
> >>> R3, 150.1.3.3 should be RP for 239.0.0.0/8
> >>> R5 , 150.1.5.5 should be RP for
> >>> 226.0.0.0-238.255.255.255
> >>>
> >>> Here is what I have come up with on R1 the mapping agent:
> >>>
> >>> access-list 3 permit 150.1.3.3
> >>> access-list 30 permit 239.0.0.0 0.255.255.255
> >>> ip pim rp-announce-filter rp-list 3 group-list 30
> >>>
> >>> access-list 5 permit 150.1.5.5
> >>> access-list 50 deny 224.0.0.0 1.255.255.255
> >>> access-list 50 deny 239.0.0.0 0.255.255.255
> >>> access-list 50 permit 224.0.0.0 15.255.255.255
> >>> ip pim rp-announce-filter rp-list 5 group-list 50
> >>>
> >>> Yet here are the messages I get on R1:
> >>>
> >>> *Mar 1 09:14:24.215: Auto-RP(0): Received RP-announce, from 150.1.3.3
> ,
> >>> RP_cnt 1, ht 181
> >>> *Mar 1 09:14:24.215: Auto-RP(0): Filtered 224.0.0.0/4 for RP
> 150.1.3.3
> >>> *Mar 1 09:14:58.439: Auto-RP(0): Received RP-announce, from 150.1.5.5
> ,
> >>> RP_cnt 1, ht 181
> >>> *Mar 1 09:14:58.439: Auto-RP(0): Filtered 224.0.0.0/4 for RP
> 150.1.5.5
> >>>
> >>>
> >>> Is there something I am missing? R1 is filtering all the groups....
> >>>
> >>> thanks,
> >>>
> >>>
> >>> Blogs and organic groups at http://www.ccie.net
> >>>
> >>> _______________________________________________________________________
> >>> Subscription information may be found at:
> >>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
>
>
> Igor M., M.Eng, P.Eng
> Network Architect
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:29 ART