Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

how to block 224.0.1.22 on layer 3 switch

Please anybody give me an example to block 224.0.1.22 ?

I did some test using Cisco's example but not work. I tryied

deny ip=224.0.1.22" and deny mac=0100:5e00:0116, not work!!!

I also tried disable multicast on an interface

"switchport block multicast", but the multicast still can pass through switch ?? I using NAM at uplink switch and capture multicast from the downlink switch (which I alreday disabled multicast on interface). Need Help .

Thanks lots

3 REPLIES
New Member

Re: how to block 224.0.1.22 on layer 3 switch

To block multicast address like 224.0.1.22, you need to block the destination address, not the source address. Access-list deny ip 224.0.1.22 only block packets originated from the specified address. You should use extended access-list to make it work. For example:

access-list deny ip any 224.0.1.22

Hope this helps,

Hang

New Member

Re: how to block 224.0.1.22 on layer 3 switch

Thanks. I did use destination=224.0.1.22 and the MAC, sorry I do not make my question clear.

It looks like multicast automatically feed to all of the vlan on a switch, I need to apply the ACL to all vlans??

New Member

Re: how to block 224.0.1.22 on layer 3 switch

Rico,

Per Cisco document, "Any switch port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in the VLAN." Therefore, instead of flooding traffic to all vlans on a switch for multicast traffic, the switch only flood the port(s) belong to the same vlan. Thus, you don't need to apply the ACL to all vlans.

Thanks,

Hang

344
Views
0
Helpful
3
Replies
CreatePlease login to create content