741
Configuring MSDP
Configuring MSDP
However, you can configure the switch to ignore all SA requests from an MSDP peer. You can also honor only those SA
request messages from a peer for groups described by a standard access list. If the groups in the access list pass, SA
request messages are accepted. All other such messages from the peer for other groups are ignored.
Follow this procedure to configure one of these options. This procedure is optional.
DETAILED STEPS
To return to the default setting, use the no ip msdp filter-sa-request {ip-address | name} global configuration command.
EXAMPLE
This example shows how to configure the switch to filter SA request messages from the MSDP peer at 171.69.2.2. SA
request messages from sources on network 192.4.22.0 pass access list 1 and are accepted; all others are ignored.
Switch(config)# ip msdp filter sa-request 171.69.2.2 list 1
Switch(config)# access-list 1 permit 192.4.22.0 0.0.0.255
Table 0-4
Command Purpose
1. configure terminal Enter global configuration mode.
2. ip msdp filter-sa-request
ip-address | name
or
ip msdp filter-sa-request
{ip-address | name} list
access-list-number
Filter all SA request messages from the specified MSDP peer.
or
Filter SA request messages from the specified MSDP peer for
groups that pass the standard access list. The access list
describes a multicast group address. The range for the
access-list-number is 1 to 99.
3. access-list access-list-number
{deny | permit} source
[source-wildcard]
Create an IP standard access list, repeating the command as
many times as necessary.
For access-list-number, the range is 1 to 99.
The deny keyword denies access if the conditions are
matched. The permit keyword permits access if the
conditions are matched.
For source, enter the number of the network or host from
which the packet is being sent.
(Optional) For source-wildcard, enter the wildcard bits in
dotted decimal notation to be applied to the source. Place
ones in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit
deny statement for everything.
4. end Return to privileged EXEC mode.
5. show running-config Verify your entries.
6. copy running-config
startup-config
(Optional) Save your entries in the configuration file.
To Next Page
Loading...
Need help?
General
