< Home

register-policy (IPv4)

Function

The register-policy command sets the rules used by an RP to filter Register messages.

The undo register-policy command restores the default setting.

By default, the rules for filtering Register messages are not configured.

Format

register-policy advanced-acl-number

undo register-policy

Parameters

Parameter Description Value
advanced-acl-number Specifies the number of the advanced ACL that defines the rules for filtering packets based on source addresses or group addresses. The value is an integer that ranges from 3000 to 3999.

Views

PIM view of public network instance or PIM view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To prevent the attack of invalid Register messages, you can configure devices to receive or deny Register messages according to the packet filtering rules.

If the (S, G) entry contained in a Register message does not pass the filtering of the ACL or the ACL does not filter the entry, RP discards the Register message. The multicast source cannot register with the RP.

If advanced-acl-number is set in the register-policy command but the corresponding ACL is not defined, the RP discards all Register messages. The RP cannot register with any multicast source.

The register-policy command and the acl command are used together. In the ACL view, you can set the multicast source address range by specifying the source parameter in the rule command, and set the multicast group address range by specifying the destination parameter in the rule command.

Prerequisites

IP multicast routing has been enabled using the multicast routing-enable command.

Precautions

When the register-policy command is used on the RP, only Register messages matching the rule of the ACL are received by the RP. If an undefined ACL is specified, the RP denies all Register messages.

This command is valid for only PIM-SM.

The register-policy command takes effect for only subsequently received Register messages. The multicast entries that have been registered successfully are not deleted and can still be used for multicast data forwarding.

Example

# Configure the RP to receive Register packets sent by the source on network segment 10.10.0.0/16 to group 225.1.0.0/16.

<HUAWEI> system-view
[HUAWEI] acl number 3000
[HUAWEI-acl-adv-3000] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[HUAWEI-acl-adv-3000] quit
[HUAWEI] multicast routing-enable
[HUAWEI] pim
[HUAWEI-pim] register-policy 3000
Parent Topic: IPv4 PIM Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >