< Home

igmp ip-source-policy

Function

The igmp ip-source-policy command enables filtering of IGMP Report/Leave messages based on source addresses.

The undo igmp ip-source-policy command disables filtering of IGMP Report/Leave messages based on source addresses.

By default, the switch does not filter IGMP Report/Leave messages based on source addresses.

Format

igmp ip-source-policy [ basic-acl-number ]

undo igmp ip-source-policy

Parameters

Parameter Description Value
basic-acl-number Specifies the number of a basic ACL, which defines the range of source addresses. The value is an integer that ranges from 2000 to 2999.

Views

GE interface view, XGE interface view, MultiGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, GE sub-interface view, XGE sub-interface view, MultiGE sub-interface view, 25GE sub-interface view, 40GE sub-interface view, 100GE sub-interface view, Eth-Trunk sub-interface view, VLANIF interface view, loopback interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

IGMP runs on member hosts and their directly connected multicast devices. A multicast device processes all received Report/Leave messages. For security purposes, you can configure the multicast device to filter Report/Leave messages received on an interface.

Prerequisites

IP multicast routing has been enabled using the multicast routing-enable command.

Precautions

IGMP Report/Leave messages are encapsulated in IP packets. The igmp ip-source-policy command configures the switch to check the source address in the IP header of each received Report/Leave message. The switch filters Report/Leave messages based on the following rules (if ACL rules are not configured):

  • If the source IP address of a Report/Leave message is 0.0.0.0 or on the same network segment as the IP address of the inbound interface, the switch processes the Report/Leave message.
  • If the source IP address of a Report/Leave message is on a different network segment than the IP address of the inbound interface, the switch discards the Report/Leave message.

If you have specified an ACL rule, the interface filters out the IGMP Report/Leave messages whose source addresses do not match the ACL rule.

The igmp ip-source-policy command works with the acl command. For a numbered ACL, you can configure the source address of IGMP messages by specifying the source parameter in the rule command in the basic ACL view.

Example

# Enable filtering of IGMP Report/Leave messages based on source addresses on VLANIF100.
<HUAWEI> system-view
[HUAWEI] multicast routing-enable
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] igmp ip-source-policy
# Configure VLANIF100 to accept the IGMP Report/Leave messages with the source address 10.10.1.1.
<HUAWEI> system-view
[HUAWEI] multicast routing-enable
[HUAWEI] acl number 2001
[HUAWEI-acl-basic-2001] rule permit source 10.10.1.1 0
[HUAWEI-acl-basic-2001] quit
[HUAWEI] interface vlanif 100
[HUAWEI-Vlanif100] igmp ip-source-policy 2001
# Enable filtering of IGMP Report/Leave messages based on source addresses on GE0/0/1.
<HUAWEI> system-view
[HUAWEI] multicast routing-enable
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] undo portswitch
[HUAWEI-GigabitEthernet0/0/1] igmp ip-source-policy
Parent Topic: IGMP Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >