35-13
Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide
78-17058-01
Chapter35 Configuring MSDP Configuring MSDP
To remove the filter, use the no ip msdp sa-filter out {ip-address | name} [list access-list-number]
[route-map map-tag] global configuration c omma nd.
This example shows how to allow only (S,G) pairs that pass access list 100 to be forwarded in an SA
message to the peer named switch.cisco.com:
Switch(config)# ip msdp peer switch.cisco.com connect-source gigabitethernet0/1
Switch(config)# ip msdp sa-filter out switch.cisco.com list 100
Switch(config)# access-list 100 permit ip 171.69.0.0 0.0.255.255 224.20 0 0.0.255.255
Step3 access-list access-list-number {deny |
permit} protocol source source-wildcard
destination destination-wildcard
(Optional) Create an IP extended access list, repeating the command a s
many times as necessary.
For access-list-number, enter the number specified in Step 2.
The deny keyword denies access if the conditi ons are matched . The
permit keyword permits access if the conditions are matched.
For protocol, enter ip as the protocol name.
For source, enter the number of the network or host from which the
packet is being sent.
For source-wildcard, enter the wildcard bits in dotted decimal
notation to be applied to the source. Place ones in the bit positions
that you want to ignore.
For destination, enter the number of the network or host to which
the packet is being sent.
For destination-wildcard, enter the wildcard bits in dotted decimal
notation to be applied to the destination. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Step4 end Return to privileged EXEC mode.
Step5 show running-config Verify your entries.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose