[Sysname-pim6] undo bsm-fragment enable
bsr-policy (IPv6 PIM view)
Use bsr-policy to configure a BSR policy to define the legal bootstrap router (BSR) address range.
Use undo bsr-policy to remove the configuration.
Syntax
bsr-policy acl6-number
undo bsr-policy
Default
BSR policies are not configured, and bootstrap messages from any IPv6 multicast sources are regarded
as valid.
Views
IPv6 PIM view
Predefined user roles
network-admin
Parameters
acl6-number: Specifies an IPv6 basic ACL by its number in the range of 2000 to 2999.
Usage guidelines
You can use this command to guard against BSR spoofing.
In an IPv6 basic ACL, the source keyword matches the source address in bootstrap messages.
If you specify the vpn-instance keyword in an ACL rule, the rule does not take effect. The other optional
parameters except the time-range keyword and the fragment keyword in the ACL rules are ignored.
Examples
# On the public network, configure a BSR policy so that only the devices on the subnet 2001::2/64 can
act as the BSR.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] rule permit source 2001::2 64
[Sysname-acl6-basic-2000] quit
[Sysname] ipv6 pim
[Sysname-pim6] bsr-policy 2000
Related commands
c-bsr (IPv6 PIM view)
c-bsr (IPv6 PIM view)
Use c-bsr to configure a candidate-BSR (C-BSR).
Use undo c-bsr to remove a C-BSR.
301
To Next Page
Loading...
Need help?
General
