Skip to Content.
Sympa Menu

wg-multicast - RE: dynamic access controll on multicast groups

Subject: All things related to multicast

List archive

RE: dynamic access controll on multicast groups


Chronological Thread 
  • From: <>
  • To: "Lee, Kang" <>,
  • Subject: RE: dynamic access controll on multicast groups
  • Date: Sun, 11 Nov 2007 22:13:07 +0100
  • Sensitivity: Normal

Hi Kang,

Thanks for your responds. I seem to believe also this is far from easy.
Nevertheless on basis of your answer, i will continue to investigate the
possibilities here.

Anyhow this document would be nice to have to start with at first.

regards,

Ruud Toonders

---- "Lee schreef:
> In Cisco case, there are no well defined mechanism but still have few
> method to achieve your goal.
>
>
>
> IGMP runs on switch level and that is last mile for the users. So if you
> control access to IGMP group, you can do some level of access control
> but this is pretty tough to do on each user based. In Cisco, these are
> called multicast profiling and igmp access-group. I can send you more
> detail doc. It is not intuitive.
>
>
>
> Then you can control which rp is hadnlding what groups by putting some
> more filter. Again this does not work as way as typical access list.
>
>
>
> To control each user, it is possible but it is almost impractical. That
> is how much I know.
>
>
>
> Thanks
>
>
>
> From: Ruud Toonders
> [mailto:]
>
> Sent: Sunday, November 11, 2007 4:06 AM
> To:
>
> Subject: dynamic access controll on multicast groups
>
>
>
> Hi All,
>
>
>
> I am bit of a newbie in this, but does anybody know how I can
> dynamically do access control on multicast group reception?
>
>
>
> For example:
>
> I have different multicast groups A,B,C for usergroups gA, gB, gC.
>
> Normally I can assign VLANs and setup ACL's in such a way that for
> example:
>
> -users to gA can only see Group A
>
> -users to gB can only see Group A,B
>
> -users to gC can only see Group B,C
>
>
>
> However as soon as a user belonging to gB gets the new access right to
> belong to group gC, then manually we need to reassign the VLAN again for
> him.
>
> Is there a simpler/easier way of doing this preferably from an external
> piece of software or software interface?
>
>
>
> Regards,
>
>
>
> Ruud Toonders
>
>
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.503 / Virus Database: 269.15.28/1123 - Release Date:
> 10/11/2007 15:47
>




Archive powered by MHonArc 2.6.16.

Top of Page