Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Blocking HSRP messages

Hi all

Is it possible to block workstations on a lan from seeing the HSRP messages going between the routers? The scenario is 2 x 7200 routers configured for HSRP each connected to a 2950, which are in turn connected to each other.

Thanks, Henk

4 REPLIES

Re: Blocking HSRP messages

Hello Henk,

HSRP uses multicast address 224.0.0.2, I guess if you block access from your workstations to this address by means of an access list, that should prevent the workstations from seeing the messages...

Regards,

GNT

Re: Blocking HSRP messages

Hi,

Not sure why you'd want to do this - if the workstations are using the hsrp address for that net then the routers need to communicate whether they're active or standby for that net.

However, if it's specifically multicast causing a problem on the workstations then you could always use the "switchport block multicast" on the workstation ports.

HTH - plz rate if useful

Andrew.

New Member

Re: Blocking HSRP messages

Hi

The requirement is from the customer that workstations shouldn't see any HSRP messages, etc.

I will try the switchport block mc command.

Thanks for the tip

Re: Blocking HSRP messages

Hi

and to add something if u block the multicast traffic between u r cores there will be problem as the routers will not be able to exchange hellos which is imp for them to maintain there active/standby relationship.

Thanks

Mahmood

383
Views
0
Helpful
4
Replies
CreatePlease login to create content