Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Multicast LockDown and DoS prevention

Dear All,

we have succesfully set up a Multicast Environment in our Network.

The Core Switches, which we elected as RandeVouz Points, are NEXUS 7K.

What we would like to consider is a Lock Down of the Multicast Environment, in particular:

- On the Multicast Server Side we only want to allow the multicast for the two 239.0.0.1 and 239.0.0.2 IPs we are deplying

- On the Client side, we only want clients to receive Multicat but not to be able to propagate theirown stream on the network.

1) For the first solution we wanted to rely on the command:

ip pim rp-address CORE1IP access-list MULTICASTACL

However, this command doesnt exist on the NX-OS. Any idea of an alternative?

2) On the client side, we can only think of an ACL to block incoming class D addresses.

Any better ideas?

Many thanks,

Francesco

132
Views
0
Helpful
0
Replies
CreatePlease to create content