Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3823
Views
5
Helpful
8
Replies

Ask the Expert- Layer 3 Multicast: Security and Best Practices

Hilda Arteaga
Cisco Employee
Cisco Employee

‎11-27-2017 04:30 PM - edited ‎03-01-2019 06:16 PM

 

This topic is a chance to discuss more about Layer 3 multicast and the best practices to identify possible threats and take security measures. Ask your questions about basic multicast, the best security practices for use of this technology, and recommendations for how to configure an auto rendezvous point (RP) and Bootstrap (BSR) in multicast protocols, particularly on RP distribution methods. This event includes a live demonstration of Layer 3 multicast technology

 

To participate in this event, please use the Join the Discussion : Cisco Ask the Expertbutton below to ask your questions

 

Ask questions from Monday 20th, November to Friday 8th December 2017 

 

Featured Speakers 

 

LEspejel.jpgLuis Espejel is the Telecommunications Manager of IENova, an Oil & Gas company. Currently he works with Cisco IOS® and Cisco IOS XE platforms, and NX to some extent. He has also worked as a Senior Engineer with the Routing Protocols team in Cisco’s Global Technical Assistance Center (TAC), as a Network and Telecommunications Manager for GM’s Mexico subsidiary, and in the Engineering Department for Axtel, a major Internet Service Provider. Luis holds an Electronics and Communication degree and postgraduate degrees, one in marketing and one in telecommunications. He has several certifications such as Google Power Search, ITIL foundations, Certified Ethical hacker, CCNA in DC, Cybersecurity Specialist, and a CCIE in R&S (#52804) among others. 

 

MiguelPerez.pngMiguel Perez is a Customer Support Engineer at the Cisco Technical Support Center at the Routing protocols team, where he has been collaboration in the past 3 years. Before he has worked Getronics, a Cisco partner, and in AT&T as a Support Engineer. Miguel holds a Bachelor’s Degree in Electronics and Communication engineering. He holds several certifications such as: CCNA, CCNP, CCDA and CCDP.

 

Luis and Miguel might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the  Contact Center Community

Find more information regards this topic  https://supportforums.cisco.com/t5/network-infrastructure/ct-p/4461-network-infrastructure 

 

Webcast slides

**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions

 

 

Cisco Ask the Expert

Labels:
0 Helpful
8 Replies 8

wvelizpl
Level 1
Level 1

‎11-30-2017 04:30 AM

Good Day

 

Can you upload the video recording and Q&A session

 

Regards

 

Wilson

0 Helpful

Hilda Arteaga
Cisco Employee
Cisco Employee
In response to wvelizpl

‎11-30-2017 03:26 PM

Hi wvelizpl

You can find the video here

 

0 Helpful

Hilda Arteaga
Cisco Employee
Cisco Employee
In response to Hilda Arteaga

‎12-05-2017 01:30 PM

Could you please help to answer these questions from the a live session:

 

What issues are introduced with using VSS or VPC in the core?
Do you know how to harden Multicast environment?
What are the possible threats to Multicast?
Are there any security best practices?

0 Helpful

Hilda Arteaga
Cisco Employee
Cisco Employee

‎11-30-2017 10:45 AM

Hi Luis and Miguel

Thanks for the Webcast session, we learn a lot. 

Please help to answer the questions that weren't covered during the alive session: 

 

Do you recommend to use 239/8 or not to use it?
This this still the same issue if you have the 7Ks as your RP router?
When you mention 224.0.40? You mean Auto RP

0 Helpful

lespejel
Level 3
Level 3
In response to Hilda Arteaga

‎11-30-2017 11:44 AM - edited ‎11-30-2017 11:47 AM

Regarding if you should use 239.0.0.0/8, consider that segment is private, it's the analog for 10.0.0.0/8, meaning you have to use it in your organization.

 

Please consult Multicast Address ranges from IANA:

https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml

CCIE 52804
0 Helpful

lespejel
Level 3
Level 3
In response to Hilda Arteaga

‎11-30-2017 11:59 AM

Regarding Nx7K, please share specific questions you may have.

 

Here's a brief guide to start with Multicast in NX7K.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/multicast/configuration/guide/n7k_multic_cli_5x/overview.html

 

And the configuration guide:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/multicast/configuration/guide/n7k_multic_cli_5x/pim.html

CCIE 52804
0 Helpful

lespejel
Level 3
Level 3
In response to Hilda Arteaga

‎11-30-2017 12:01 PM - edited ‎11-30-2017 01:20 PM

Hello

 

when I mention 224.0.1.40 I mean AutoRP discovery messages.

Those messages are sent by the RP Mapping agent to inform all PIM routers of available RP candidates in the network. Those candidates inform the mapping agent with RP announcement messages using 224.0.1.39 to share it's IP address and what groups they are working with as RP.

 

https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-multicast/whitepaper_c11-508498.html

CCIE 52804
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card