block vrrp multicast

Answered Question
Jul 23rd, 2010
User Badges:

Hi,


We connected new VPLS L2 lines (whereas before we linked our site up with a L3 MPLS connections) for our sites to our datacentre (redundant 6500 switches).

Each site is in a separate vlan and the VPLS connections are connected on a single port as a trunk.

I've configured new VLANs and vlan interfaces with vrrp, but I see a lot af vrrp multicast traffic sent to the sites.


Is there a way to configure vrrp to only send its advertisements on a specific interface or to block vrrp on an interface?

Multicast has a tendancy to end up where you don't want it do - it does not do any harm, unless there is a device wanting to listen.


If you want to block vrrp multicast on a router the specific address is 224.0.0.18


A simple acl like:-


access-list 101 deny ip 224.0.0.18 any

access-list 101 deny ip any 224.0.0.18

access-list 101 permit ip any any

!

interface <>

ip access-group 101 out

Should do the trick...


For a switch -  much easier, just use:-

interface <>

switchport block multicast


HTH>

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer

Multicast has a tendancy to end up where you don't want it do - it does not do any harm, unless there is a device wanting to listen.


If you want to block vrrp multicast on a router the specific address is 224.0.0.18


A simple acl like:-


access-list 101 deny ip 224.0.0.18 any

access-list 101 deny ip any 224.0.0.18

access-list 101 permit ip any any

!

interface <>

ip access-group 101 out

Should do the trick...


For a switch -  much easier, just use:-

interface <>

switchport block multicast


HTH>

Actions

This Discussion