Configuring A Bsr - HP MSR1002-4 Configuration Manual
Flexnetwork msr series
Hide thumbs
Also See for MSR1002-4:
- Installation manual (46 pages) ,
- Configuration manual (108 pages) ,
- Command reference manual (471 pages)
Table of Contents
Advertisement
•
As a best practice, configure the loopback interface address of an RP member device as the RP
member address. If you add multiple interface addresses of an RP member device to an
Anycast RP set, the lowest IP address becomes the RP member address. The rest of the
interface addresses become backup RP member addresses.
To configure Anycast RP:
Step
1.
Enter system view.
2.
Enter PIM view.
3.
Configure Anycast RP.
Configuring a BSR
You must configure a BSR if C-RPs are configured to dynamically select the RP. You do not need to
configure a BSR when you have configured only a static RP but no C-RPs.
A PIM-SM domain can have only one BSR, but must have a minimum of one C-BSR. Any router can
be configured as a C-BSR. Elected from C-BSRs, the BSR is responsible for collecting and
advertising RP information in the PIM-SM domain.
Configuring a C-BSR
The BSR election process is summarized as follows:
1.
Initially, each C-BSR regards itself as the BSR of the PIM-SM domain and sends a BSM to
other routers in the domain.
2.
When a C-BSR receives the BSM from another C-BSR, it compares its own priority with the
priority carried in the message. The C-BSR with a higher priority wins the BSR election. If a tie
exists in the priority, the C-BSR with a higher IP address wins. The loser uses the winner's BSR
address to replace its own BSR address and no longer regards itself as the BSR. The winner
retains its own BSR address and continues to regard itself as the BSR.
The elected BSR distributes the RP-set information collected from C-RPs to all routers in the
PIM-SM domain. All routers use the same hash algorithm to select an RP for a specific multicast
group.
A BSR policy enables a PIM-SM router to filter BSR messages by using an ACL that specifies the
legal BSR addresses. It is used to guard against the following BSR spoofing cases:
•
Some maliciously configured hosts can forge BSMs to fool routers and change RP mappings.
Such attacks often occur on border routers.
•
When an attacker controls a router on the network, the attacker can configure the router as a
C-BSR to win the BSR election. Through this router, the attacker controls the advertising of RP
information.
When you configure a C-BSR, follow these restrictions and guidelines:
•
Configure C-BSRs on routers that are on the backbone network.
•
Reserve a relatively large bandwidth between the C-BSR and the other devices in the PIM-SM
domain.
•
You must configure the same BSR policy on all routers in the PIM-SM domain. The BSR policy
discards illegal BSR messages, but it partially guards against BSR attacks on the network. If an
attacker controls a legal BSR, the problem still exists.
Command
system-view
pim
vpn-instance
[
vpn-instance-name ]
anycast-rp
anycast-rp-address
member-rp-address
108
Remarks
N/A
N/A
By default, Anycast RP is not
configured.
You can repeat this command to
add
multiple
RP
addresses to the Anycast RP set.
member
- Quick Links:
- Table of Contents
- Introduction to Multicast
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
