Configuring IPv6 PIM Silent

Usage Scenario

At the access layer, if an interface on the router directly connected to a host is enabled with the IPv6 PIM protocol, PIM neighbors can be established on the interface to process various PIM protocol packets. However, the configuration brings security risks. If some hosts send a large number of malicious PIM IPv6 Hello messages, there is a possibility that the router crashes.

To address this problem, configure PIM silent on the interface. After PIM silent is configured, the interface cannot receive or forward PIM packets. All PIM neighbors and PIM state machines on this interface are deleted. Then, this interface automatically becomes a Designated router (DR). Multicast Listener Discovery (MLD) is not affected on the interface.

PIM silent applies only to the router interface that directly connects the router to only one host network segment.

If PIM silent is enabled on the interface connected to a router, the IPv6 PIM neighbor relationships cannot be established and a multicast fault occurs.

If the host network segment is connected to multiple routers and IPv6 PIM silent is enabled on interfaces of multiple routers, the interfaces become static DRs. In this situation, multiple DRs exist in this network segment, which incurs multicast faults.

Pre-configuration Tasks

Before configuring IPv6 PIM silent, complete the following tasks:

• Configure a unicast routing protocol to ensure that unicast routes are reachable.

• Configure IPv6 PIM-SM.

• Configure MLD.