configure msdp peer sa-filter

configure msdp peer [remoteaddr | all] sa-filter [in | out] [filter-name | none] {vr vr_name}

Description

This command configures an incoming or outgoing policy filter for SA messages.

Syntax Description

peer all Specifies all MSDP peers.
remoteaddr Specifies the IP address of the MSDP peer.
in Associates the SA filter with inbound SA messages.
out Associates the SA filter with outbound SA messages.
filter-name Specifies the name of the policy associated with an SA filter. To remove an SA filter, enter the none CLI keyword instead of filter-name.
vr_name Specifies the name of the virtual router to which this command applies. If a name is not specified, it is extracted from the current CLI context.

Default

By default, no SA filter is configured for an MSDP peer. That is, incoming and outgoing SA messages are not filtered.

Usage Guidelines

This command configures an SA filter such that only a specified set of SA messages are accepted or sent to a peer. Note that an SA filter does not adversely impact the flow of SA request and response messages.

To remove an SA filter, enter the none CLI keyword instead of filter-name.

You can use the following policy attributes in an SA filter policy. All other attributes are ignored.
  • Match:
    • multicast-group
    • multicast-source
    • pim-rp
  • Set:
    • permit
    • deny

Example

The following example configures an incoming SA messages filter on an MSDP peer with the IP address 192.168.45.43:

configure msdp peer 192.168.45.43 sa-filter in allow_229

History

This command was first available in ExtremeXOS 12.0.

Platform Availability

This command is available on platforms that support the appropriate license. For complete information about software licensing, including how to obtain and upgrade your license and which licenses support the MSDP feature, see the Switch Engine 32.2 Feature License Requirements document.