All things related to multicast

["John Center" <>]

Hi Bill,

Yes, it's configured for SAP & the router is listening to the group. 
What I don't understand is why it would appear that a SAP packet 
originating from the tunnel with a foreign IP address is trying to go 
back out to Abilene.

Thanks.

        -John


John Center
Villanova University

Bill Owens wrote:
> On Tue, Sep 13, 2005 at 12:18:27PM -0400, John Center wrote:
>
> > Hi,
> >
> > I have a very simple outbound ACL on our I2 interface that prevents 
> > someone from our network spoofing other addresses.  I have a "deny any 
> > log-input" statement to catch what interface the spoofed address is 
> > coming from.  I've have seen a number of messages logged that look like 
> > this:
> >
> > Sep 13 08:49:48.949 EDT: %SEC-6-IPACCESSLOGP: list OUT-I2-ACCESS denied 
> > udp 128.59.31.169(1027) (Tunnel0 ) -> 224.2.127.254(9875), 1 packet
> >
> > We tunnel our multicast traffic to the campus, but I don't understand 
> > why we would see a packet sourced from outside our network to the 
> > SAP/SDR address.  This is probably something obvious, but not to me... ;-)
> >
> > An explanation would be greatly appreciated.
>
>
> Is your router configured to listen to SAP/SDR? I can't remember the config command offhand but it should 
> be obvious in your config, or you can try "show ip sap" or "show ip sdp". I think you 
> should also be able to check with a "show ip igmp groups" and see whether the router itself is 
> listening to the group.
>
> Bill.