All things related to multicast

[Bill Owens <>]

On Tue, Feb 08, 2011 at 10:13:51AM -0800, Eli Dart wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> we're still seeing SA thresholds kick in (we warn at 125k SAs).
> 
> Any chance folks might be interested in putting bogon filters on MSDP?
>  A huge amount of this is for unallocated space....

You mean like this:

nyc-7600#sh access-list 111
Extended IP access list 111
    10 deny ip any host 224.0.1.2
    20 deny ip any host 224.0.1.3
    30 deny ip any host 224.0.1.22 (55856958 matches)
    40 deny ip any host 224.0.1.24 (1229686 matches)
    50 deny ip any host 224.0.1.35 (4277170 matches)
    60 deny ip any host 224.0.1.39
    70 deny ip any host 224.0.1.40
    80 deny ip any host 224.0.1.60 (20458891 matches)
    90 deny ip any host 224.0.2.2 (201 matches)
    100 deny ip any 224.0.0.0 0.0.0.255
    110 deny ip any 232.0.0.0 0.255.255.255 (410 matches)
    120 deny ip any 239.0.0.0 0.255.255.255 (106878518 matches)
    130 deny ip 10.0.0.0 0.255.255.255 any (1494 matches)
    140 deny ip 127.0.0.0 0.255.255.255 any
    150 deny ip 172.16.0.0 0.15.255.255 any (1347864 matches)
    160 deny ip 192.168.0.0 0.0.255.255 any (65275056 matches)
    170 permit ip any any (1700264484 matches)

I guess that's why I'm only seeing 17k (as of right now) and you're seeing 
125k?

Bill.