05-22-2013 12:44 AM - edited 03-07-2019 01:29 PM
Hi,
in testlab we use pim-sm with bootstrap router on sup7 with IOS-XE 03.04.00.SG
Does anybody know if there is a possibility to prevent non authorized rp from connecting to the candidate bootstrap routers?
We found several security recommendations concering limiting registering of sources at the rp, rate-limits etc, but no possibility to control rp connecting to the bsr.
Best Regards,
Thorsten
Solved! Go to Solution.
05-22-2013 05:37 AM
Are you sure;
ip pim bsr-candidate loopback [interface-number] [ hash-mask-length ] [priority] [accept-rp-candidate
Use the accept rp to filter via acl?
Simon
05-22-2013 01:29 AM
Is this what you are looking for?
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti/command/imc_i3.html#wp4057542967
Sent from Cisco Technical Support Android App
05-22-2013 02:43 AM
I don't think so.
We want to allow only our defined rp to connect to the bsr. I hoped we can do this by an access-list similar to the way you can filter sources/groups from being registered at the rp with
ip pim accept-register list
05-22-2013 05:37 AM
Are you sure;
ip pim bsr-candidate loopback [interface-number] [ hash-mask-length ] [priority] [accept-rp-candidate
Use the accept rp to filter via acl?
Simon
05-22-2013 07:02 AM
sorry, my mistake, first time I followed your link my browser pointed to a wrong part of the document.
perfect, that's what I was looking for.
I'll test it.
Many thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide