HP 6125G HP 6125G & 6125G/XG Blade Switches IP Multicast Configuration - Page 131
Configuring a BSR
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 131 highlights
Each C-RP encapsulates a timeout value in its C-RP-Adv messages. After receiving a C_RP-Adv message, the BSR obtains this timeout value and starts a C-RP timeout timer. If the BSR fails to hear a subsequent C-RP-Adv message from the C-RP when this timer times out, the BSR assumes the C-RP to have expired or become unreachable. The C-RP timers need to be configured on C-RP routers. To configure C-RP timers globally: Step 1. Enter system view. 2. Enter PIM view. 3. Configure the C-RP-Adv interval. 4. Configure C-RP timeout time. Command system-view pim c-rp advertisement-interval interval c-rp holdtime interval Remarks N/A N/A Optional 60 seconds by default Optional 150 seconds by default For more information about the configuration of other timers in PIM-SM, see "Configuring PIM common timers." Configuring a BSR A PIM-SM domain can have only one BSR, but must have at least one C-BSR. Any router can be configured as a C-BSR. Elected from C-BSRs, the BSR is responsible for collecting and advertising RP information in the PIM-SM domain. Configuring a C-BSR C-BSRs should be configured on routers in the backbone network. When you configure a router as a C-BSR, be sure to specify a PIM-SM-enabled interface on the router. The BSR election process is summarized as follows: 1. Initially, every C-BSR assumes itself to be the BSR of this PIM-SM domain and uses its interface IP address as the BSR address to send bootstrap messages. 2. When a C-BSR receives the bootstrap message of another C-BSR, it first compares its own priority with the other C-BSR's priority carried in the message. The C-BSR with a higher priority wins. If a tie exists in the priority, the C-BSR with a higher IP address wins. The loser uses the winner's BSR address to replace its own BSR address and no longer assumes itself to be the BSR, and the winner retains its own BSR address and continues to assume itself to be the BSR. BSR legal address against BSR spoofing Configuring a legal range of BSR addresses enables filtering of bootstrap messages based on the address range, thereby preventing a maliciously configured host from masquerading as a BSR. You must make the same configuration on all routers in the PIM-SM domain. The typical BSR spoofing cases and the corresponding preventive measures are as follows: • Some maliciously configured hosts can forge bootstrap messages to fool routers and change RP mappings. Such attacks often occur on border routers. Because a BSR is inside the network whereas hosts are outside the network, you can protect a BSR against attacks from external hosts by enabling the border routers to perform neighbor checks and RPF checks on bootstrap messages and to discard unwanted messages. 120