All things related to multicast

[Leonard Giuliano <>]

On Thu, 10 May 2007, debbie fligor wrote:

-) > 
-) > In a router you want to block 232.0.0.0/4 outbound but not inbound, which
-) > is generally pretty simple.
-) 

Also, blocking all of 224/4 (I assume that's what Marshall meant) may have 
other problems, like preventing protocols like OSPF and VRRP, which use 
mcast, from working.  So you may want to allow just 224.0.0/24 to get out.

-) 
-) I think you have to be careful where you do this.  If it's at your campus
-) edge, that should work. If it's on the net where the users are because you
-) don't want that traffic in your core at all, you need to be careful.
-) 
-)  I was planning on using an ACL to block a specific group from going out an
-) interface in order to keep traffic local to that net and mentioned this to 
an
-) SE. He said he'd just had that come up elsewhere, and if I applied that ACL
-) to that interface the router would drop it before processing the IGMP and
-) then couldn't be the IGMP querier for that group (which I needed it to be).
-) This is for Foundry gear, others may be different.
-) 
-) Also what Bruce said below about IGMP for joins applies as well.
-)