Basically it's the same. But remember that locally generated traffic is not affected by the outbound ACL. So with method 2, if that
router is a RP candidate and/or a Mapping Agent, the ACL with not have the desired effect. I think this is why the "ip multicast
boundary" command exists.
Regards,
Antonio Soares, CCIE #18473 (R&S)
amsoares_at_netcabo.pt
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Rin
Sent: sexta-feira, 19 de Junho de 2009 10:18
To: 'Cisco certification'
Subject: Block Auto-RP message
Hi all,
Anyone find the differences between below methods to prevent Auto-RP message
leaking:
Method 1:
ip access-list standard FILTER_AUTORP
deny 224.0.1.39
deny 224.0.1.40
permit any
!
interface Serial0/0
ip multicast boundary FILTER_AUTORP
++++++++++++++++++++++++++++++
Method 2:
ip access-list extended FILTER_AUTORP
deny ip any host 224.0.1.39
deny ip any host 224.0.1.40
permit ip any any
!
interface Serial0/0
ip access-group FILTER_AUTORP in
ip access-group FILTER_AUTORP out
Thanks.
Rin.
Blogs and organic groups at http://www.ccie.net
Received on Fri Jun 19 2009 - 11:29:12 ART
This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:37 ART