47-11
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter47 Configuring MSDP
Configuring MSDP
Beginning in privileged EXEC mode, follow these steps to configure one of these options. This
procedure is optional.
To return to the default setting, use the no ip msdp filter-sa-request {ip-address | name} global
configuration command.
This example shows how to configure the switch to filter SA request messages from the MSDP peer
at 171.69.2.2. SA request messages from sources on network 192.4.22.0 pass access list 1 and are
accepted; all others are ignored.
Switch(config)# ip msdp filter sa-request 171.69.2.2 list 1
Switch(config)# access-list 1 permit 192.4.22.0 0.0.0.255
Controlling Source Information that Your Switch Forwards
By default, the switch forwards all SA messages it receives to all its MSDP peers. However, you can
prevent outgoing messages from being forwarded to a peer by using a filter or by setting a time-to-live
(TTL) value. These methods are described in the next sections.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ip msdp filter-sa-request ip-address |
name
or
ip msdp filter-sa-request {ip-address |
name} list access-list-number
Filter all SA request messages from the specified MSDP peer.
or
Filter SA request messages from the specified MSDP peer for groups
that pass the standard access list. The access list describes a multicast
group address. The range for the access-list-number is 1 to 99.
Step3 access-list access-list-number {deny |
permit} source [source-wildcard]
Create an IP standard access list, repeating the command as many times
as necessary.
For access-list-number, the range is 1 to 99.
The deny keyword denies access if the conditions are matched. The
permit keyword permits access if the conditions are matched.
For source, enter the number of the network or host from which the
packet is being sent.
(Optional) For source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Step4 end Return to privileged EXEC mode.
Step5 show running-config Verify your entries.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.