beautypg.com

Configuring an ipv6 multicast data filter, Configuring a hello message filter – H3C Technologies H3C S10500 Series Switches User Manual

Page 411

background image

396

Determine the assert timeout time (global value/interface value).

Determine the join/prune interval (global value/interface level value).

Determine the join/prune timeout (global value/interface value).

Determine the IPv6 multicast source lifetime.

Determine the maximum size of join/prune messages.

Determine the maximum number of (S, G) entries in a join/prune message.

Configuring an IPv6 multicast data filter

In either an IPv6 PIM-DM domain or an IPv6 PIM-SM domain, routers can check passing-by IPv6 multicast

data based on the configured filtering rules and determine whether to continue forwarding the IPv6

multicast data. In other words, IPv6 PIM routers can act as IPv6 multicast data filters. These filters can help

implement traffic control on one hand, and control the information available to downstream receivers to
enhance data security on the other hand.
Follow these steps to configure an IPv6 multicast data filter:

To do...

Use the command...

Remarks

Enter system view

system-view

Enter IPv6 PIM view

pim ipv6

Configure an IPv6 multicast group
filter

source-policy acl6-number

Required
No IPv6 multicast data filter by default

NOTE:

Generally, a smaller distance from the filter to the IPv6 multicast source results in a more remarkable
filtering effect.

This filter works not only on independent IPv6 multicast data but also on IPv6 multicast data
encapsulated in register messages.

Configuring a hello message filter

Along with the wide applications of IPv6 PIM, the security requirement for the protocol is becoming

increasingly demanding. The establishment of correct IPv6 PIM neighboring relationships is a

prerequisite for secure application of IPv6 PIM. To guide against IPv6 PIM message attacks, you can

configure a legal source address range for hello messages on interfaces of routers to ensure the correct

IPv6 PIM neighboring relationships.
Follow these steps to configure a hello message filter:

To do…

Use the command…

Remarks

Enter system view

system-view

Enter interface view

interface interface-type
interface-number

Configure a hello message filter

pim ipv6 neighbor-policy
acl6-number

Required
No hello message filter by default.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: