All things related to multicast

[Alan Crosswell <>]

BCP is to *not* run "ip sap listen" on your routers.  After all, they
are routers, not hosts:-)  Back in the day, there was an IOS bug that
would crash your 7500 router when a malformed SAP announcement was
received, so many of us turned off "ip sap listen" back then.

There still is the rate-limiting issue.  If someone DoSes SAP, then if
you rate limit, odds are you will lose the good announcements and SAP
will become useless.  In fact, this is yet one more reason why we should
abandon ASM and switch over to SSM.  Easier said than done though.

/a

Morytko, Steve wrote:
> We saw 100% CPU on any (Cisco) router that had “ip sap listen”
> configured but traffic impact seemed minimal. A “show proc cpu” had the
> “SDP ??” process very active. Routers without it were fine. I wouldn’t
> be surprised if I’ve failed to apply a filter that would have stopped
> this. If you have one and wouldn’t mind posting it I suspect I might not
> be the only one that would like to see it.
> 
>  
> 
> Thanks - Steve
> 
>  
> 
> Steve Morytko
> 
> UConn UITS Network Engineering
> 
> 860-486-1405
> 
> 
>  
> <mailto:>
> 
>  
> 
>  
> 
>  
>