Manualshelf

HP VPN Firewall Appliances Network Management Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
671672673674675676677678679680
647
<Sysname> system-view
[Sysname] interface gigabitethernet 0/1
[Sysname-GigabitEthernet0/1] pim holdtime join-prune 280
Related commands
holdtime assert
holdtime join-prune
pim holdtime assert
pim neighbor-policy
Use pim neighbor-policy to configure a legal source address range for hello messages to guard against
hello message spoofing.
Use undo pim neighbor-policy to restore the default.
Syntax
pim neighbor-policy acl-number
undo pim neighbor-policy
Default
No source address range for hello messages is configured. That is, all the received hello messages are
considered legal.
Views
Interface view
Default command level
2: System level
Parameters
acl-number: Specifies a basic ACL, in the range of 2000 to 2999. When the ACL is defined, the source
keyword in the rule command specifies a legal source address range for hello messages.
Examples
# Configure a legal source address range for hello messages on GigabitEthernet 0/1 so that only the
devices on the 10.1.1.0/24 subnet can become PIM neighbors of this router.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 10.1.1.0 0.0.0.255
[Sysname-acl-basic-2000] quit
[Sysname] interface gigabitethernet 0/1
[Sysname-GigabitEthernet0/1] pim neighbor-policy 2000
pim require-genid
Use pim require-genid to enable rejection of hello messages without Generation_ID.
Use undo pim require-genid to restore the default.