3Com Switch 4800G 24-Port Configuration Manual page 645

You can configure these parameters at three levels: global configuration level,
■
global scope level, and BSR admin-scope level.
By default, the global scope parameters and BSR admin-scope parameters are
■
those configured at the global configuration level.
Parameters configured at the global scope level or BSR admin-scope level have
■
higher priority than those configured at the global configuration level.
Performing basic C-BSR configuration
A PIM-SM domain can have only one BSR, but must have at least one C-BSR. Any
router can be configured as a C-BSR. Elected from C-BSRs, a BSR is responsible for
collecting and advertising RP information in the PIM-SM.
C-BSRs should be configured on routers in the backbone network. When
configuring a router as a C-BSR, make sure that router is PIM-SM enabled. The BSR
election process is as follows:
Initially, every C-BSR assumes itself to be the BSR of this PIM-SM domain, and
■
uses its interface IP address as the BSR address to send bootstrap messages.
When a C-BSR receives the bootstrap message of another C-BSR, it first
■
compares its own priority with the other C-BSR's priority carried in the
message. The C-BSR with a higher priority wins. If there is a tie in the priority,
the C-BSR with a higher IP address wins. The loser uses the winner's BSR
address to replace its own BSR address and no longer assumes itself to be the
BSR, while the winner keeps its own BSR address and continues assuming itself
to be the BSR.
Configuring a legal range of BSR addresses enables filtering of BSR messages
based on the address range, thus to prevent malicious hosts from initiating attacks
by disguising themselves as legitimate BSRs. To protect legitimate BSRs from being
maliciously replaced, preventive measures are taken specific to the following two
situations:
1 Some malicious hosts intend to fool routers by forging BSR messages and change
the RP mapping relationship. Such attacks often occur on border routers. Because
a BSR is inside the network whereas hosts are outside the network, you can
protect a BSR against attacks from external hosts by enabling border routers to
perform neighbor check and RPF check on BSR messages and discard unwanted
messages.
2 When a router in the network is controlled by an attacker or when an illegal router
is present in the network, the attacker can configure such a router to be a C-BSR
and make it win BSR election so as to gain the right of advertising RP information
in the network. After being configured as a C-BSR, a router automatically floods
the network with BSR messages. As a BSR message has a TTL value of 1, the whole
network will not be affected as long as the neighbor router discards these BSR
messages. Therefore, if a legal BSR address range is configured on all routers in the
entire network, all routers will discard BSR messages from out of the legal address
range, and thus this kind of attacks can be prevented.
The above-mentioned preventive measures can partially protect the security of
BSRs in a network. However, if a legal BSR is controlled by an attacker, the
above-mentioned problem will also occur.
Configuring PIM-SM 645