block vrrp multicast

Answered Question
Jul 23rd, 2010

Hi,

We connected new VPLS L2 lines (whereas before we linked our site up with a L3 MPLS connections) for our sites to our datacentre (redundant 6500 switches).

Each site is in a separate vlan and the VPLS connections are connected on a single port as a trunk.

I've configured new VLANs and vlan interfaces with vrrp, but I see a lot af vrrp multicast traffic sent to the sites.

Is there a way to configure vrrp to only send its advertisements on a specific interface or to block vrrp on an interface?

I have this problem too.
0 votes

Multicast has a tendancy to end up where you don't want it do - it does not do any harm, unless there is a device wanting to listen.

If you want to block vrrp multicast on a router the specific address is 224.0.0.18

A simple acl like:-

access-list 101 deny ip 224.0.0.18 any

access-list 101 deny ip any 224.0.0.18

access-list 101 permit ip any any

!

interface <>

ip access-group 101 out

Should do the trick...

For a switch -  much easier, just use:-

interface <>

switchport block multicast

HTH>

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer

Multicast has a tendancy to end up where you don't want it do - it does not do any harm, unless there is a device wanting to listen.

If you want to block vrrp multicast on a router the specific address is 224.0.0.18

A simple acl like:-

access-list 101 deny ip 224.0.0.18 any

access-list 101 deny ip any 224.0.0.18

access-list 101 permit ip any any

!

interface <>

ip access-group 101 out

Should do the trick...

For a switch -  much easier, just use:-

interface <>

switchport block multicast

HTH>

Actions

This Discussion