Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Webcast FAQ- Layer 3 Multicast: Security and Best Practices

 

Introduction

 Cisco Ask the Expert     

 

Featured Speakers 

LEspejel.jpgLuis Espejel is the Telecommunications Manager of IENova, an Oil & Gas company. Currently he works with Cisco IOS® and Cisco IOS XE platforms, and NX to some extent. He has also worked as a Senior Engineer with the Routing Protocols team in Cisco’s Global Technical Assistance Center (TAC), as a Network and Telecommunications Manager for GM’s Mexico subsidiary, and in the Engineering Department for Axtel, a major Internet Service Provider. Luis holds an Electronics and Communication degree and postgraduate degrees, one in marketing and one in telecommunications. He has several certifications such as Google Power Search, ITIL foundations, Certified Ethical hacker, CCNA in DC, Cybersecurity Specialist, and a CCIE in R&S (#52804) among others. 

 

DavidRam.jpgDavid Ramirez is a Network Engineer at Astra Zenca pharmaceutical, where he works on IWAN implementation projects and LAN refresh and migrations to 10 Gig Fibre ring network. Previously he worked as a Support Engineer for Cisco’s TAC Routing Protocols team, as a Deployment Engineer of Value Added Services (Voicemail and Multimedia Messaging Services for Mobile Telephony), and as a Telecom Associate Engineer at Getronics where he provided routing and switching support to several customers in the US and UK. David holds a Bachelor’s Degree in Electronics and Communication Engineering and diverse certifications such as ITIL Foundations, Microsoft Certified Professional, Cisco CCNA, and Cisco CCIE R&S-written only.

 

You can download the slides of the presentation in PDF format here. The related Ask The Expert sessions is available here. The complete recording of this live Webcast can be accessed here.

 

Layer 3 Multicast: Security and Best Practices 

 

Q: It's the same configuration in IPv6?

A: Most of the commands are pretty similar, example for BSR. IPv6 pim [vrf vrf-name] bsr candidate rp ipv6-address [group-list access-list-name] [priority priority-value] [interval seconds] [scope scope-value] [bidir] 

Q: Do you know how to harden multicast environment?

A: You can find the answer at the "Ask the expert" session of this event here

Q: What about GLOP if we have 4-byte AS?

A: It is one of the disadvantages of GLOP, it can't work with 4 byte AS. You can check https://tools.ietf.org/html/rfc6034

Q: Do you recommend to use 239/8 or not to use it?

A: You can find the answer at the "Ask the expert" session of this event here

Q: Is not ACL 3 filtering all addresses? There is no "permit"

A: You are correct ACL should have permit statement to allow certain group. The example was showing only a deny.

Q: This this still the same issue if you have the 7Ks as your RP router?

A: You can find the answer at the "Ask the expert" session of this event here

Q: What issues are introduced with using VSS or VPC in the core?

A: Answer available soon 

Q: Are there any security best practices?

A: You can find the answer at the "Ask the expert" session of this event here

Q: Who is Dr. Flow and why should I know? 

A: That's a nickname given to David Ramirez, because of his knowledge in netflow

Q:   The accept-register access-list is in the format of source and then group right? Not FHR and then group?

A: Yes, the source and Group. Please check: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti/command/imc-cr-book/imc_i3.html#wp1379259139

Q: When you mention 224.0.40? You mean Auto RP

A: You can find the answer at the "Ask the expert" session of this event here

 

Q:  Can you give more exam? I need to implement multicas IPv6 boot i have diferent diveces,in cisco 3750.

A: You can check the configuration guide: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/15-mt/imc-pim-15-mt-book.html

 

 

Q:  What are the possible threats to multicast?

A: You can find the answer at the "Ask the expert" session of this event here

 

 

 

 



Related Information

 

2803
Views
5
Helpful
0
Comments