We have a couple of switches with a L3 Vlan 238 interface which runs PIM SM and OSPF, and HSRP. We have connected to this same segment telemetry processors which have raw socket interfaces configured - which means it picks up all IP packets which hit the interface and forwards them along.
So we dont want the processor to recevie any of the 224.x.x.x switch housekeeping traffic
You may be able to use a VACL to do this, but you'll need to be careful when using them to not block something that's needed. You'd do something like:
ip access-list ext BlockMulticast
permit ip 184.108.40.206 0.255.255.255 host 192.168.238.50
permit ip 220.127.116.11 0.255.255.255 host 192.168.238.51
vlan access-map BlockMulticast 10
match ip address BlockMulticast
vlan access-map BlockMulticast 20
vlan filter BlockMulticast vlan-list 238
**** Disclaimer ****
I'm not sure if the above will block multicast traffic. Another way of doing it may be to put your processors into private vlans. If anything, I would definitely create an outage window to put this in place and see what the results are.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...