How to block all multicast traffic on port?

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi everybody!
My question is Which is most efficient way to block all ingress multicast traffic on port?
Photo of eyeV

eyeV

  • 2,484 Points 2k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of OscarK

OscarK, ESE

  • 7,912 Points 5k badge 2x thumb
Official Response
The simpliest method would be creating an ACL.

Apply the following ACL on the ports or vlans.

entry BlkMcast {
 if {
  destination-address 224.0.0.0/4;
 }
 then {
  deny;
  count BlockedMcast;
 }
}

This will block also 244.0.0.x multicasts, if you have OSPF or any other routing protocol running you might need to permit that before this block statement.