Table of Contents
Advertisement
Chapter 46
Configuring MSDP
Controlling Source Information that Your Switch Receives
By default, the switch receives all SA messages that its MSDP RPF peers send to it. However, you can
control the source information that you receive from MSDP peers by filtering incoming SA messages.
In other words, you can configure the switch to not accept them.
You can perform one of these actions:
•
•
•
Beginning in privileged EXEC mode, follow these steps to apply a filter. This procedure is optional.
Command
Step 1
configure terminal
Step 2
ip msdp sa-filter in ip-address | name
or
ip msdp sa-filter in {ip-address | name}
list access-list-number
or
ip msdp sa-filter in {ip-address | name}
route-map map-tag
Step 3
access-list access-list-number {deny |
permit} protocol source source-wildcard
destination destination-wildcard
OL-13270-06
Filter all incoming SA messages from an MSDP peer
Specify an IP extended access list to pass certain source/group pairs
Filter based on match criteria in a route map
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
Purpose
Enter global configuration mode.
Filter all SA messages from the specified MSDP peer.
or
From the specified peer, pass only those SA messages that pass the IP
extended access list. The range for the extended access-list-number
is 100 to 199.
If both the list and the route-map keywords are used, all conditions
must be true to pass any (S,G) pair in incoming SA messages.
or
From the specified MSDP peer, pass only those SA messages that meet
the match criteria in the route map map-tag.
If all match criteria are true, a permit from the route map passes routes
through the filter. A deny will filter routes.
(Optional) Create an IP extended access list, repeating the command as
many times as necessary.
For access-list-number, enter the number specified in Step 2.
•
The deny keyword denies access if the conditions are matched. The
•
permit keyword permits access if the conditions are matched.
For protocol, enter ip as the protocol name.
•
For source, enter the number of the network or host from which the
•
packet is being sent.
For source-wildcard, enter the wildcard bits in dotted decimal
•
notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
For destination, enter the number of the network or host to which
•
the packet is being sent.
For destination-wildcard, enter the wildcard bits in dotted decimal
•
notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Configuring MSDP
46-15
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
