< Home

peer sa-policy

Function

The peer sa-policy command sets a filtering policy for SA messages received or forwarded.

The undo peer sa-policy command restores the default configuration.

By default, the SA messages received and forwarded are not filtered. That is, all (S, G) entries are received and forwarded to MSDP peers.

Format

peer peer-address sa-policy { import | export } [ acladvanced-acl-number ]

undo peer peer-address sa-policy { import | export }

Parameters

Parameter Description Value
peer-address Specifies the address of a remote MSDP peer. The address is in dotted decimal notation.
import Receives the SA messages from a specified MSDP peer.

After the import parameter is used, when an SA message reaches the local switch from the specified peer, the local switch filters the message using the import policy to determine whether to process the SA message.

 -
export Forwards the SA messages to a specified MSDP peer.

After the export parameter is used, a switch filters an SA message using the export policy to determine whether to forward the SA message.

 -
acl Indicates the ACL that defines the import or export policy.
  • In the import policy, if this parameter is not configured, the switch does not receive SA messages from any MSDP peer; if this parameter is configured, the switch receives SA messages that carry the (S, G) entry only from a specified MSDP peer.
  • In the export policy, if this parameter is not configured, the switch does not forward SA messages from any MSDP peer; if this parameter is configured, the switch forwards SA messages that carry the (S, G) entry only to a specified MSDP peer.
 -
advanced-acl-number Specifies the number of the advanced ACL. The number is an integer that ranges from 3000 to 3999.

Views

MSDP view of the public network instance or MSDP view of the VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the peer sa-policy command is configured, MSDP can filter (S, G) forwarding entries carried in the SA message received from or forwarded to specified MSDP peers based on multicast source addresses, to control transmission of multicast source information.

You can also run the import-source command on the peer nearest to a source to control the creation of SA messages.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Example

# Configure the switch to forward only the SA messages that pass the ACL3100 filtering to peer 10.10.7.6.

<HUAWEI> system-view
[HUAWEI] acl number 3100
[HUAWEI-acl-adv-3100] rule permit ip source 10.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[HUAWEI-acl-adv-3100] quit
[HUAWEI] multicast routing-enable
[HUAWEI] msdp
[HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100
[HUAWEI-msdp] peer 10.10.7.6 sa-policy export acl 3100
Parent Topic: MSDP Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >