Manualshelf

R0106-HP MSR Router Series IP Multicast Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router
919293949596979899100
89
Syntax
crp-policy acl-number
undo crp-policy
Default
No restrictions are defined for the legal C-RP address range and the multicast group range, and all
received C-RP messages are regarded legal.
Views
PIM view
Predefined user roles
network-admin
Parameters
acl-number: Specifies an IPv4 advanced ACL number in the range of 3000 to 3999.
Usage guidelines
To guard against C-RP spoofing, you can use this command to configure a legal C-RP address range and
the multicast group range to which the C-RP is designated.
In an ACL, the source keyword defines the legal C-RP address range, and the destination keyword
defines the multicast group range to which the C-RP is designated. If the source keyword is not specified
in the ACL, all C-RPs are considered to be legal. If the destination keyword is not specified in the ACL, the
C-RPs are supposed to be designated to all multicast groups.
If you specify a VPN instance in the ACL, the ACL does not take effect. The other optional parameters
except the time-range keyword and the fragment keyword are ignored.
When the device compares the advertisement message against the destination field in the ACL, it uses
only the prefix of the multicast group range in the advertisement message. For example, the multicast
group range specified in a C-RP advertisement message is 224.1.0.0/16. If the prefix 224.1.0.0 is in the
multicast group range specified in the destination field of the ACL, the advertisement message passes the
filtering. Otherwise, the advertisement message is discarded.
Examples
# On the public network, configure the legal C-RP address range to 1.1.1.1/24 and the multicast group
ra n g e t o 225.1.1.0 / 24 , s o t h a t o n l y d e v i c e s i n t h e a d d re s s r a n g e o f 1.1.1.1 / 24 c a n b e C - R P s f o r t h e
multicast group range 225.1.1.0/24.
<Sysname> system-view
[Sysname] acl number 3000
[Sysname-acl-adv-3000] rule permit ip source 1.1.1.1 0.0.0.255 destination 225.1.1.0
0.0.0.255
[Sysname-acl-adv-3000] quit
[Sysname] pim
[Sysname-pim] crp-policy 3000
Related commands
c-rp (PIM view)
display interface register-tunnel
Use display interface register-tunnel to display information about the register-tunnel interface.