This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

permit only specific mcast groups

permit only specific mcast groups

Alexandr_P
Valued Contributor

‎09-01-2017 10:25 AM

Hi, all!

I need to permit only specific mcast groups (for example 239.1.1.1 and 239.2.2.2), other - deny.
EXOS 15.3
For this moment I havn't possibility to test this case.

Can somebody tell me - would it be working ACL:

entry SeparateMcast {
if {
destination-address 239.1.1.1/32;
destination-address 239.2.2.2/32;
}
then {
permit;
}
}
if {
destination-address 224.0.0.0/4;
}
then {
deny;
}
}

Or may be present other solution?

Thank you!
3 REPLIES 3

Patrick_Voss
Extreme Employee

‎09-01-2017 10:43 AM

Hello Alexandr,

You should be able to do that but you will need to create separate entries for each destination address. The switch will error out while trying to apply if there are two of the same match conditions in one entry.
0 Kudos

BrandonC
Extreme Employee
In response to Patrick_Voss

‎09-01-2017 10:43 AM

Hi Alex,

That looks like it should work to me. I think your match condition may be off on the last entry though, if you want to block all multicast (224.0.0.0/4).
0 Kudos

Alexandr_P
Valued Contributor
In response to Patrick_Voss

‎09-01-2017 10:43 AM

Hello, Patrick!

You right.
I'm write at first step and then remember that it have to be 2 separate entries.

Like this:
entry e1 {
if {
destination-address 239.1.1.1/32;
}
then
{
permit;
}}
entry e2 {
if {
destination-address 239.2.2.2/32;
}
then
{
permit;
}}
entry Drop {
if {
destination-address 239.22.0.0/16;
}
then
{
deny;
}}
0 Kudos
GTM-P2G8KFN