Users Guide

Table Of Contents
PIM neighbor filters
The PIM neighbor filter allows you to control a PIM router from forming an adjacency with a neighbor router.
By default, PIM-enabled neighbor devices exchange Hello packets at regular intervals and through these message exchanges
become PIM neighbors. You can use a neighbor filter ACL to ensure that the switch accepts only the appropriate PIM neighbors.
The ACL is configured on a per-interface basis to filter PIM Hello packets from sources you want to deny or permit. If the
access list is applied for the neighbor filter, then the destination prefix is ignored.
To use PIM neighbor filtering on an IPv4 PIM-enabled interface, use the following command:
ip pim neighbor-filter <acl-name>
NOTE: This feature does not filter Candidate-RP advertisements and is intended only to filter PIM Hello messages between
PIM neighbors.
Configure PIM neighbor filter
Before you configure a PIM neighbor filter, enable multicast routing globally and PIM on the participating interfaces. For more
information, see the ip multicast-routing and ip pim sparse-mode commands.
To configure a neighbor filter that applies an ACL to the interface:
1. Configure an ACL in CONFIGURATION mode. You can specify the ACL name up to 140 characters.
OS10# configure terminal
OS10(config)# ip access-list pim_nbr_filter
OS10(config-ipv4-acl)# permit ip 10.10.10.2/32 any
The PIM neighbor filter uses only the source information from access-list for filtering neighbors.
2. Configure an Ethernet interface. This command enables INTERFACE configuration mode.
OS10(config)# interface ethernet 1/1/1
3. Configure a filter that applies the previously created ACL (pim_nbr_filter) to the PIM interface.
OS10(conf-if-eth1/1/1)# ip pim neighbor-filter pim_nbr_filter
PIM register filters
The PIM register filter prevents the PIM source Designated Router (DR) from sending register packets to a Rendezvous Point
(RP) for the specified multicast source and group. When the register packets are blocked, the RP cannot learn (S,G) and
therefore cannot pull the traffic from the source and forward it to downstream routers and receivers. Thus, the unauthorized
groups and sources are prevented from registering with an RP router.
You can apply register message filters on an FHR (DR) to control outgoing register messages or apply them on an RP to control
incoming register messages. When the register filter is applied on the FHR or RP node, it does not affect the Shortest Path Tree
(SPT) created using the IGMPv3 joins.
To configure register filter for IPv4 PIM, use the following command:
ip pim [vrf <vrf-name>] register-filter <acl-name>
To view details of the configured PIM register filters, use the following command:
show ip pim [vrf <vrf-name>] register-filter <group address> <source address>
Configure PIM register filters
Before you configure a PIM register filter, enable multicast routing globally and establish PIM neighborship between routers.
Multicast
1075