×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Multicast LockDown and DoS prevention

Unanswered Question
Feb 21st, 2014
User Badges:

Dear All,


we have succesfully set up a Multicast Environment in our Network.

The Core Switches, which we elected as RandeVouz Points, are NEXUS 7K.


What we would like to consider is a Lock Down of the Multicast Environment, in particular:


- On the Multicast Server Side we only want to allow the multicast for the two 239.0.0.1 and 239.0.0.2 IPs we are deplying

- On the Client side, we only want clients to receive Multicat but not to be able to propagate theirown stream on the network.


1) For the first solution we wanted to rely on the command:

ip pim rp-address CORE1IP access-list MULTICASTACL


However, this command doesnt exist on the NX-OS. Any idea of an alternative?


2) On the client side, we can only think of an ACL to block incoming class D addresses.


Any better ideas?


Many thanks,

Francesco

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion