Join policies are used in Protocol Independent Multicast (PIM) configurations to prevent the transportation of multicast traffic across a network and the dropping of packets at a scope at the edge of the network. PIM Join filters reduce the potential for denial of service (DoS) attacks and PIM state explosion—large numbers of Joins forwarded to each router on the RPT, resulting in memory consumption. See the Importing PIM Join/Register Policies section of the Multicast Routing Guide for more information.
(*,G) or (S,G) is the information used to forward unicast or multicast packets.
group-address matches the group address policy in join/prune messages
group-address ‟group-address-policy”
source-address matches the source address in join/prune messages
source-address 192.168.0.1
interface matches any join message received on the specified interface
interface port 1/1/1
neighbor matches any join message received from the specified neighbor
neighbor 1.1.1.1
The following configuration example does not allow join messages for group 229.50.50.208/32 and source 192.168.0.1 but allows other join messages.
Configuring policy-statement
A:ALA-B>config>router# policy-options
A:ALA-B>config>router>policy-options# begin
A:ALA-B>config>router>policy-options# policy-statement foo
A:ALA-B>config>router>policy-options>policy-statement$ entry 10
A:ALA-B>config>router>policy-options>policy-statement>entry$ from
A:ALA-B>config>router>policy-options>policy-statement>entry>from$ group-address
‟group-address-policy”
A:ALA-B>config>router>policy-options>policy-statement>entry>from$ source-address
192.168.0.1
A:ALA-B>config>router>policy-options>policy-statement>entry>from$ exit
A:ALA-B>config>router>policy-options>policy-statement>entry# action reject
A:ALA-B>config>router>policy-options>policy-statement>entry#