Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Prevent 224 multicast from hitting switchports

We have a couple of switches with a L3 Vlan 238 interface which runs PIM SM and OSPF, and HSRP.   We have connected to this same segment telemetry processors which have raw socket interfaces configured - which means it picks up all IP packets which hit the interface and forwards them along.

So we dont want the processor to recevie any of the 224.x.x.x switch housekeeping traffic

is there anyway to prevent that ?


Prevent 224 multicast from hitting switchports

You may be able to use a VACL to do this, but you'll need to be careful when using them to not block something that's needed. You'd do something like:

Processors Addresses:

ip access-list ext BlockMulticast

permit ip host

permit ip host

vlan access-map BlockMulticast 10

match ip address BlockMulticast

action drop

vlan access-map BlockMulticast 20

action forward

vlan filter BlockMulticast vlan-list 238

**** Disclaimer ****

I'm not sure if the above will block multicast traffic. Another way of doing it may be to put your processors into private vlans. If anything, I would definitely create an outage window to put this in place and see what the results are.


HTH, John *** Please rate all useful posts ***
CreatePlease to create content