4000 Router Series IP Multicast Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

151

152

153

154

155

156

157

158

159

160

145

To guard against IPv6 PIM message attacks, you can configure a legal source address range for hello

messages on interfaces of routers to ensure the correct IPv6 PIM neighboring relationship.

To configure a hello message filter:

Ste

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter interface view.

interface interface-type

interface-number

N/A

3. Configure a hello message

filter.

ipv6 pim neighbor-policy

acl6-number

By default, no hello message filter

exists.

If an IPv6 PIM neighbor's hello

messages cannot pass the filter, the

neighbor is automatically removed

when its maximum number of hello

attempts is reached.

Configuring IPv6 PIM hello message options

In either an IPv6 PIM-DM domain or an IPv6 PIM-SM domain, hello messages exchanged among routers

contain the following configurable options:

• DR_Priority (for IPv6 PIM-SM only)—Priority for DR election. The device with the highest priority

wins the DR election. You can configure this option for all the routers in a shared-media LAN that

directly connects to the IPv6 multicast source or the receivers.

• Holdtime—IPv6 PIM neighbor lifetime. If a router receives no hello message from a neighbor when

the neighbor lifetime expires, it regards the neighbor failed or unreachable.

• LAN_Prune_Delay—Delay of forwarding prune messages on a shared-media LAN. This option

consists of LAN delay (namely, prune message delay), override interval, and neighbor tracking

support (namely, the capability to disable join message suppression).

The prune message delay defines the delay time for a router to forward a received prune message

to the upstream routers. The override interval defines a time period for a downstream router to

override a prune message. If the prune message delay or override interval on different IPv6 PIM

routers on a shared-media LAN are different, the largest value takes effect.

A router does not immediately prune an interface after it receives a prune message from the

interface. Instead, it starts a timer (the prune message delay plus the override interval). If interface

receives a join message before the override interval expires, the router does not prune the

interface. Otherwise, the router prunes the interface when the timer (the prune message delay plus

the override interval) expires.

You can enable the neighbor tracking function (or disable the join message suppression function)

on an upstream router to track the states of the downstream nodes that have sent the join message

and the joined state holdtime timer has not expired. If you want to enable the neighbor tracking

function, you must enable it on all IPv6 PIM routers on a shared-media LAN. Otherwise, the

upstream router cannot track join messages from every downstream routers..

• Generation ID—A router generates a generation ID for hello messages when an interface is

enabled with IPv6 PIM. The generation ID is a random value, but only changes when the status of

the router changes. If an IPv6 PIM router finds that the generation ID in a hello message from the

upstream router has changed, it assumes that the status of the upstream router has changed. In this

case, it sends a join message to the upstream router for status update. You can configure an