R3721-F3210-F3171-HP High-End Firewalls Network Management Command Reference-6PW101
625
By default, SA messages received or to be forwarded are not filtered. Namely, all SA messages are
accepted or forwarded.
In addition to controlling SA message receiving and forwarding by using this command, you can also
configure a filtering rule for creating SA messages using the import-source command.
Related commands: display msdp peer-status and import-source.
Examples
# Configure a filtering rule in the public network so that SA messages will be forwarded to MSDP peer
125.10.7.6 only if they match ACL 3100.
<Sysname> system-view
[Sysname] acl number 3100
[Sysname-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0
0.0.255.255
[Sysname-acl-adv-3100] quit
[Sysname] msdp
[Sysname-msdp] peer 125.10.7.6 connect-interface gigabitethernet 0/1
[Sysname-msdp] peer 125.10.7.6 sa-policy export acl 3100
peer sa-request-policy
Syntax
peer peer-address sa-request-policy [ acl acl-number ]
undo peer peer-address sa-request-policy
View
Public network MSDP view
Default level
2: System level
Parameters
peer-address: MSDP peer address.
acl-number: Basic ACL number, in the range of 2000 to 2999. If you provide this argument, the SA
requests of only the multicast groups that match the ACL will be accepted and other SA requests will be
ignored. If you do not provide this argument, all SA requests will be ignored.
Description
Use peer sa-request-policy to configure a filtering rule for SA request messages.
Use undo peer sa-request-policy to remove the configured SA request filtering rule.
Be default, SA request messages are not filtered.
Related commands: display msdp peer-status.
Examples
# Configure an SA request filtering rule in the public network so that SA messages from the MSDP peer
175.58.6.5 will be accepted only if the multicast group address in the SA messages is in the range of
225 .1.1.0 / 24 .
<Sysname> system-view
[Sysname] acl number 2001