Skip to Content.
Sympa Menu

wg-multicast - Re: what to put in multicast boundary access list

Subject: All things related to multicast

List archive

Re: what to put in multicast boundary access list


Chronological Thread 
  • From: Amel Caldwell <>
  • To: Toerless Eckert <>
  • Cc: Tom Pusateri <>, Alan Crosswell <>, <>
  • Subject: Re: what to put in multicast boundary access list
  • Date: Fri, 5 Apr 2002 12:51:00 -0800 (Pacific Standard Time)

Sorry for the confusion, I responded in the original context of the full
message and was not explicit enough. It was SA filtering I was referring to.

Here is the original full text:

Date: Fri, 22 Jun 2001 15:27:32 -0700 (Pacific Daylight Time)
From: Amel Caldwell
<>
To: Toerless Eckert
<>
Cc: Alan Crosswell
<>,


Subject: Re: what to put in multicast boundary access list

Do you know what group 225.1.2.3 is for? I was snooping around some WWW sites
and noticed it was one (if not the most popular) in terms of SA entries. I
noticed this is true on my routers as well, so went looking to find out what
it was by doing a Google search and it looked like a lot of different apps put
that address in as an example.

Amel

On Fri, 22 Jun 2001, Toerless Eckert wrote:

>On Fri, Jun 22, 2001 at 03:16:02PM -0400, Alan Crosswell wrote:
>> In http://www.abilene.iu.edu/content.cgi?page=mc-cookbook it says:
>>
>> >This is the multicast-boundary list we presently use in Abilene, and
>> >there have been some suggestions for additional values for which we're
>> >soliciting feedback/consensus from the I2 community. The expressions
>> >below block sending RP announce and discovery packets and set the
>> >accepted administrative scoping to block 'local' multicast.
>> >
>> > ip access-list standard multicast-boundary
>> > deny 224.0.1.39
>> > deny 224.0.1.40
>> > deny 239.0.0.0 0.255.255.255
>> > permit any
>>
>> Is there a more up-to-date list of recommended groups to drop at the
>> boundary? For example, I noticed I am getting NTP from about 8 sources.
>
>I don't think you need to drop more with the boundary-command, it is
>sufficient to discard the rest via MSDP. Just also do an inbound MSDP
>filter. Check out
>
> ftp://ftpeng.cisco.com/ipmulticast/config-notes/msdp-sa-filter.txt
>
>for the latest list of offenders (eg: non 239 group used for scoped
>applications). If you know more, please tell me and i'll add.
>
>Cheers
> Toerless
>
>

Regards

Amel

On Fri, 5 Apr 2002, Toerless Eckert wrote:

>Good catch, somebody must have copied over MSDP SA-filter lists into
>boundary definitions !
>
>On Fri, Apr 05, 2002 at 12:27:42PM -0800, Tom Pusateri wrote:
>> I hope there is an error here.
>>
>> Nobody should be filtering SSM (232/8) at their borders.
>>
>> Tom
>>
>> In message
>> <.
>> edu> you write:
>> >Funny you should ask. I just ran accross it in:
>> >
>> >http://www.ietf.org/internet-drafts/draft-ietf-mboned-ipv4-mcast-bcp-00.txt
>> >
>> >Part of this near the bottom lists some groups to filter and this is
>> >included
>> >and said to be Altiris.
>> >
>> > 224.0.1.2/32: SGI Dogfight game and related services
>> > 224.0.1.3/32: RWHOD
>> > 224.0.1.8/32: Suns NIS+
>> > 224.0.1.22/32: SVRLOC
>> > 224.0.1.24/32: MICROSOFT-DS
>> > 224.0.1.25/32
>> > 224.0.1.35/32: SVRLOC-DA
>> > 224.0.1.39/32: Ciscos Rendezvous Point Announcement Protocol
>> > 224.0.1.40/32: Ciscos Rendezvous Point Discovery Protocol
>> > 224.0.1.60/32: HPs Device Discovery Protocol
>> > 224.0.2.1/32: rwho group (BSD)
>> > 224.0.2.2/32: Suns Remote Procedure Call Protocol
>> > 225.1.2.3/32: Altiris
>> > 229.55.150.208/32: Norton Ghost disk duplication software
>> > 232.0.0.0/8: Source-Specific Multicast
>> > 234.42.42.42/30: ImageCast
>> > 239.0.0.0/8: Administratively Scoped IPv4 Group Addresses
>> >
>> >I've been filtering 225.1.2.3 for a while with no ill-effects.
>> >
>> >Amel
>> >
>> >On Fri, 5 Apr 2002, Alan Crosswell wrote:
>> >
>> >>>Do you know what group 225.1.2.3 is for? I was snooping around some
>> >>>WWW sit
>> >es
>> >>I think it's just people picking a number at random. Avoid 224.* 'cuz
>> >>many
>> >>of those are well known, so start with 225 and then do 1.2.3.
>> >>/a
>
>




Archive powered by MHonArc 2.6.16.

Top of Page