beautypg.com

Configuring a multicast user control policy – H3C Technologies H3C S10500 Series Switches User Manual

Page 51

background image

36

To do...

Use the command...

Remarks

Enter system view

system-view

Enter IGMP-snooping view

igmp-snooping

Configure 802.1p precedence for
IGMP messages

dot1p-priority priority-number

Required
The default 802.1p precedence for
IGMP messages is 0.

Configuring 802.1p precedence for IGMP messages in a VLAN

Follow these steps to configure 802.1p precedence for IGMP messages in a VLAN:

To do...

Use the command...

Remarks

Enter system view

system-view

Enter VLAN view

vlan vlan-id

Configure 802.1p precedence for
IGMP messages in the VLAN

igmp-snooping dot1p-priority
priority-number

Required
The default 802.1p precedence for
IGMP messages is 0.

Configuring a multicast user control policy

Multicast user control policies are configured on access switches to allow only authorized users to receive
requested multicast traffic flows. This helps restrict users from ordering certain multicast-on-demand

programs.
In practice, a device first needs to perform authentication (802.1X authentication, for example) on

connected hosts through a RADIUS server. Then, the device uses the configured multicast user control

policy to perform multicast access control on authenticated users as follows:

After receiving an IGMP report from a host, the access switch matches the multicast group address
and multicast source address carried in the report with the configured policies. If a match is found,

the host is allowed to join the multicast group. Otherwise, the join report is dropped by the access
switch.

After receiving an IGMP leave message from a host, the access switch matches the multicast group
and source addresses with the policies. If a match is found, the host is allowed to leave the group.

Otherwise, the leave message is dropped by the access switch.

Follow these steps to configure a multicast user control policy

To do...

Use the command...

Remarks

Enter system view

system-view

Create a user profile and enter its

view

user-profile profile-name

Configure a multicast user control
policy

igmp-snooping access-policy
acl-number

Required
No policy is configured by default.

That is, a host can join or leave a

valid multicast group at any time.

Return to system view

quit

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: