< Home

Configuring a Join Information Filtering Policy

Context

To prevent access of unauthorized users, configure a join information filtering policy to specify a valid source address range for join information contained in Join/Prune messages.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number

    The interface view is displayed.

  3. (Optional) On an Ethernet interface, run undo portswitch

    The interface is switched to Layer 3 mode.

    By default, an Ethernet interface works in Layer 2 mode.

    Only the S5720-EI, S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-EI, S6720-HI, S6720S-EI, S6730-H, S6730S-H, S6730-S, and S6730S-S support switching between Layer 2 and Layer 3 modes.

  4. Run pim join-policy { asm basic-acl-number | ssm advanced-acl-number | advanced-acl-number }

    A Join information filtering policy is configured and a valid source address range is specified.

    When configuring an ACL rule for the interface, use the permit parameter to configure the interface to accept only Join information with addresses in a specified range. If no rule is configured in the ACL, the interface discards Join information in Join/Prune messages from all addresses.

Parent Topic: Adjusting Control Parameters for Join/Prune Messages
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >