Configuring A Bsr - HP MSR1002-4 Configuration Manual
Flexnetwork msr series
Hide thumbs
Also See for MSR1002-4:
- Installation manual (46 pages) ,
- Configuration manual (108 pages) ,
- Command reference manual (471 pages)
Table of Contents
Advertisement
Configuring a BSR
You must configure a BSR if C-RPs are configured to dynamically select the RP. You do not need to
configure a BSR when you have configured only a static RP but no C-RPs.
An IPv6 BIDIR-PIM domain can have only one BSR, but must have a minimum of one C-BSR. Any
router can be configured as a C-BSR. Elected from C-BSRs, the BSR is responsible for collecting
and advertising RP information in the IPv6 BIDIR-PIM domain.
The BSR election process is summarized as follows:
1.
Initially, each C-BSR regards itself as the BSR of the IPv6 BIDIR-PIM domain and sends BSMs
to other routers in the domain.
2.
When a C-BSR receives the BSM from another C-BSR, it compares its own priority with the
priority carried in the message. The C-BSR with a higher priority wins the BSR election. If a tie
exists in the priority, the C-BSR with a higher IPv6 address wins. The loser uses the winner's
BSR address to replace its own BSR address and no longer regards itself as the BSR. The
winner retains its own BSR address and continues to regard itself as the BSR.
The elected BSR distributes the RP-set information collected from C-RPs to all routers in the IPv6
BIDIR-PIM domain. All routers use the same hash algorithm to get an RP for a specific IPv6 multicast
group.
Configuring a C-BSR
IMPORTANT:
Because the BSR and other devices exchange a large amount of information in the IPv6 BIDIR-PIM
domain, reserve a large bandwidth between the C-BSR and other devices.
A BSR policy enables the router to filter BSR messages by using an ACL that specifies the legal BSR
addresses. Configure a BSR policy to guard against the following BSR spoofing cases:
•
Some maliciously configured hosts can forge BSMs to fool routers and change RP mappings.
Such attacks often occur on border routers.
•
When an attacker controls a router on the network, the attacker can configure the router as a
C-BSR to win the BSR election. Through this router, the attacker controls the advertising of RP
information.
When you configure a C-BSR, follow these restrictions and guidelines:
•
C-BSRs should be configured on routers on the backbone network.
•
You must configure the same BSR policy on all routers in the IPv6 BIDIR-PIM domain. The BSR
policy discards illegal BSR messages, but it partially guards against BSR attacks on the
network. If an attacker controls a legal BSR, the problem still exists.
To configure a C-BSR:
Step
1.
Enter system view.
2.
Enter IPv6 PIM view.
3.
Configure a C-BSR.
4.
(Optional.) Configure a BSR
policy.
Command
system-view
ipv6
pim
[
vpn-instance
vpn-instance-name ]
c-bsr
ipv6-address
[
scope-id
]
[
hash-length
hash-length | priority priority ] *
bsr-policy ipv6-acl-number
353
Remarks
N/A
N/A
scope
By default, no C-BSRs exist.
By default, no BSR policies exist,
and all bootstrap messages are
regarded as legal.
- Quick Links:
- Table of Contents
- Introduction to Multicast
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
