Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
626
Views
0
Helpful
0
Replies

Filter VRRPv3 announcements on outgoing interface

Arne Vellinga
Level 1
Level 1

‎11-15-2018 07:43 AM

Is it possible to filter outgoing VRRPv3 announcements on the VRRPv3 interface?

 

I have the following interface on my CSR1000 router:

 

interface GigabitEthernet1
 service instance 10 ethernet
  encapsulation dot1q 10
  rewrite ingress tag pop 1 symmetric
  mac access-group NO-VRRP out

  ip access-group NO-VRRP-IPv4

  ipv6 traffic-filter NO-VRRP-IPv6
  bridge-domain 10

 

On my bridgedomain i am running a VRRPv3 configuration with IP-SLA tracking.

I just want to use my VRRPv3 configuration in combination with the IP-SLA tracking, so i want to filter out all the VRRPv3 announcements.

 

I first tried to configure an ip access-list, but the messages don't seem to be filtered:

 

Extended IP access list NO-VRRP-IPv4
    10 deny 112 any host 224.0.0.18
    20 permit ip any any
IPv6 access list NO-VRRP-IPv6
    deny 112 any host FF02::12 sequence 10
    permit ipv6 any any sequence 20

 

Than i tried to configure a mac access-list, but here the messages also aren't filtered:

 

mac access-list extended NO-VRRP
 deny   0000.5e00.0100 0000.0000.00ff host 0100.5e00.0012
 deny   0000.5e00.0200 0000.0000.00ff host 3333.0000.0012
 permit host 0000.0000.0000 host 0000.0000.0000

 

Is this due to VRRP generating messages directly on the interface, or is it an configuration mistake?

 

 

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card