All things related to multicast

[Pekka Savola <>]

Hi,

We're providing anycast-RP service to universities.  The problem is that 
some universities are sending a lot of junk to our anycast RP, and in some 
cases this may cause quite a load on the RP routers.  This junk includes:

1) global source addresses, global but identifiable group addresses (e.g.
   norton ghost -like applications)

2) global source addresses, pretty much random group addresses (e.g. by
   various p2p softwares, rtp "broadcast" addresses some voip phones are
   using etc.)

3) private source addresses, group address either in category 1) or 2).

We can drop these at the RP end, but I'm wondering if there is any BCP or 
just suggestions how the institutions should configure their equipment not 
to spew junk at us.

An "alternative" to this would be to connect sites just using MSDP but 
this seems pretty heavyweight for most users. (And then they couldn't use 
Linux as a DR because there is no software.)

I guess 1) and 2) could be tackled by blacklisting non-allocated IANA 
address space (but this will impair the use of local apps that do use 
addresses in that range) in "ip pim rp-address x.x.x.x ACL". 3) seems like 
a more difficult problem. You can't filter based on source address in 
rp-address ACLs.  What are the other options?  Drop these in input ACL at 
the LAN border (may impair valid use of intra-campus multicast)?  Some 
other means?

I'd be interested in hearing experiences how folks have dealt with this 
(or if they tried, failed, and just scrapped mcast or moved to MSDP).

Pekka Savola