cancel
Showing results for 
Search instead for 
Did you mean: 

How to deny or drop multicast on switch B5G124-48P2

How to deny or drop multicast on switch B5G124-48P2

Salvador_Gallo
New Contributor II
the costumer need block de multicast and only pass unicast, on switch B5G124-48P2 for the CCTV solution with GENETEC
4 REPLIES 4

Erik_Auerswald
Contributor II
Hi Salvador,

to block IP multicast, you could write an ACL that drops the destination IP range 224.0.0.0/4 and allows anything else, and bind that to the switch ports.

Alternatively you could write a policy that either drops the above destination IP range, or drops the destination MAC address range 01-00-5E-00-00-00/25 and apply the policy to the respective ports.

Erik

EtherMAN
Contributor III
I would dig deeper into this request. This is almost like asking a switch to block all broadcast traffic. You can make sure IGMP snooping is enabled and all mcast traffic that does not have a valid connection will not be forwarded. I am not sure how you could do an policy that would block all mcast traffic on ingress ports because there may be built in forwarders at the hardware level ??? Still seems to be a rather strange request and if it asked of me I would talk more with the client and get a deeper understanding of what he was trying to do along with equipment and networks configurations.

The policy would filter on the multicast IP address range.

Curtis_Parish1
New Contributor III
I have never heard of blocking all multicast on a switch but I am guessing that would be done by applying a policy that blocks the multicast addresses at the edge ports.
GTM-P2G8KFN