3Com Switch 4500 Family Manual page 307
4500 series
Hide thumbs
Also See for Switch 4500 Family:
- Configuration manual (742 pages) ,
- Getting started manual (134 pages) ,
- Quick reference manual (17 pages)
Table of Contents
Advertisement
The ACL rule defines a multicast address or a multicast address range (for example 224.0.0.1 to
239.255.255.255) and is used to:
Allow the port(s) to join only the multicast group(s) defined in the rule by a permit statement.
Inhibit the port(s) from joining the multicast group(s) defined in the rule by a deny statement.
A port can belong to multiple VLANs, you can configure only one ACL rule per VLAN on a port.
If no ACL rule is configured, all the multicast groups will be filtered.
Since most devices broadcast unknown multicast packets by default, this function is often used
together with the function of dropping unknown multicast packets to prevent multicast streams from
being broadcast as unknown multicast packets to a port blocked by this function.
The configuration performed in system view takes effect on all ports of the switch if no VLAN is
specified; if one or more VLANs are specified, the configuration takes effect on all ports in the
specified VLAN(s).
The configuration performed in Ethernet port view takes effect on the port no matter which VLAN it
belongs to if no VLAN is specified; if one or more VLANs are specified, the configuration takes
effect on the port only if the port belongs to the specified VLAN(s).
Examples
# Configure a multicast group filter to allow receivers attached to Ethernet 1/0/1 to access the multicast
streams for groups 225.0.0.0 to 225.255.255.255.
Configure ACL 2000.
<Sysname>system-view
System View: return to User View with Ctrl+Z.
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[Sysname-acl-basic-2000] quit
Create VLAN 2 and add Ethernet1/0/1 to VLAN 2.
[Sysname] vlan 2
[Sysname-vlan2] port Ethernet 1/0/1
[Sysname-vlan2] quit
Apply ACL 2000 on Ethernet1/0/1 to allow it to join only the IGMP multicast groups defined in the
rule of ACL 2000.
[Sysname] interface Ethernet 1/0/1
[Sysname-Ethernet1/0/1] igmp-snooping group-policy 2000 vlan 2
[Sysname-Ethernet1/0/1] quit
# Configure a multicast group filter to allow receivers attached to Ethernet 1/0/2 to access the multicast
streams for any groups except groups 225.0.0.0 to 225.0.0.255.
Configure ACL 2001.
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule deny source 225.0.0.0 0.0.0.255
[Sysname-acl-basic-2001] rule permit source any
2-9
Advertisement
Chapters
Table of Contents
