Thanks for your time. I may be misunderstanding something here.
The way I see it, filtering allows me to keep sources for different multicast streams separate. The problem is that on the client VLAN (vlan225), multicast traffic can be recorded and replayed for further analysis. During replay, a new source of multicast data with the same exact characteristics as the original one appears on vlan225. I can't distinguish it from the real-time data stream (which comes in on vlan 224) except that it comes from a different interface. So I need to configure the switch so it does not accept sources on vlan225, only sinks.
I believe that ACL has the same issue: I need to distinguish between sources and sinks, not multicast streams. I could block multicast addresses to stop data flow, but not the igmp traffic that will tell the RP that there is a (false) new source for a particular data stream. Or am I missing something?
To be more concrete, here are my two vlans setups:
ip routing
ip multicast
ip igmp
ip pimsm
ip pimsm rp-address 10.0.20.22 224.0.0.0 240.0.0.0
interface vlan 224
routing
name MCupstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.20.22 255.255.255.0
exit
interface vlan 225
routing
name MCdownstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.30.22 255.255.255.0
exit
How do I make sure that a source for any multicast stream incoming on vlan 224 gets registered and distributed, while the very same stream incoming on vlan 225 would be dropped silently?
deschepperdirk1
5 Posts
0
May 10th, 2012 00:00
Thanks for your time. I may be misunderstanding something here.
The way I see it, filtering allows me to keep sources for different multicast streams separate. The problem is that on the client VLAN (vlan225), multicast traffic can be recorded and replayed for further analysis. During replay, a new source of multicast data with the same exact characteristics as the original one appears on vlan225. I can't distinguish it from the real-time data stream (which comes in on vlan 224) except that it comes from a different interface. So I need to configure the switch so it does not accept sources on vlan225, only sinks.
I believe that ACL has the same issue: I need to distinguish between sources and sinks, not multicast streams. I could block multicast addresses to stop data flow, but not the igmp traffic that will tell the RP that there is a (false) new source for a particular data stream. Or am I missing something?
To be more concrete, here are my two vlans setups:
ip routing
ip multicast
ip igmp
ip pimsm
ip pimsm rp-address 10.0.20.22 224.0.0.0 240.0.0.0
interface vlan 224
routing
name MCupstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.20.22 255.255.255.0
exit
interface vlan 225
routing
name MCdownstream
ip igmp
ip igmp version 2
ip multicast ttl-threshold 0
no ip pimdm
ip pimsm
ip address 10.0.30.22 255.255.255.0
exit
How do I make sure that a source for any multicast stream incoming on vlan 224 gets registered and distributed, while the very same stream incoming on vlan 225 would be dropped silently?
TIA,
- Dirk
deschepperdirk1
5 Posts
0
May 11th, 2012 00:00
Hello?
deschepperdirk1
5 Posts
0
May 14th, 2012 00:00
Thanks.
deschepperdirk1
5 Posts
0
May 21st, 2012 04:00
Hi Daniel, is there a number for that group in Belgium?
Thanks,
- Dirk