Multicast PIM Accept RP

PIM Accept RP is a security feature on Cisco IOS routers that prevents unwanted rendezvous points in the PIM sparse mode domain. By default, an RP will accept all multicast groups in the 224.0.0.0/4 range (the entire class D range), but if we want, we can configure our router to allow only PIM join/prune messages toward the groups that we want.

Let me demonstrate this feature using a very simple topology:

Only two routers. R1 will be our rendezvous point. Let’s configure this network so that PIM sparse mode is enabled and R1 becomes the RP:

R1(config)#ip multicast-routing
R1(config)#ip pim rp-address 192.168.12.1
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip pim sparse-mode 

R2(config)#ip multicast-routing 
R2(config)#ip pim rp-address 192.168.12.1
R2(config)#interface fastEthernet 0/0
R2(config-if)#ip pim sparse-mode 

This is how we enable multicast routing, configure R1 as the RP, and enable sparse mode. Let’s take a look at what multicast groups R1 will serve:

R1#show ip pim rp mapping 
PIM Group-to-RP Mappings

Group(s): 224.0.0.0/4, Static
    RP: 192.168.12.1 (?)

R2#show ip pim rp mapping 
PIM Group-to-RP Mappings

Group(s): 224.0.0.0/4, Static
    RP: 192.168.12.1 (?)

Both routers agree that R1 is the RP for the multicast group range 224.0.0.0/4. Let’s change it so that it only accepts multicast group 239.1.1.1:

R1(config)#ip pim accept-rp 192.168.12.1 GROUPS

R1(config)#ip access-list standard GROUPS
R1(config-std-nacl)#permit 239.1.1.1

The ip pim accept-rp command lets us define what groups we want to be the RP for. Let’s test to see if it works:

R2(config)#interface fastEthernet 0/0
R2(config-if)#ip igmp join-group 239.2.2.2

We will configure R2 to join the multicast group address 239.2.2.2. Let’s see what R1 thinks of it:

R1#
%PIM-6-INVALID_RP_JOIN: Received (*, 239.2.2.2) Join from 192.168.12.2 for invalid RP 192.168.12.1

As you can see above, it is being rejected. Remember that this command is not an “RP” command. It can be configured on all PIM-enabled routers in your network. If you only configure it on the RP, then unwanted PIM join messages can traverse the network, but they will be dropped at the RP. If you don’t want this, then you should configure this on all PIM-enabled routers in your network.

Table of Content

---

Unit 1. Introduction to Multicast

• Introduction to Multicast
• Multicast IP Addresses Overview
• Multicast MAC to IP Address mapping

Unit 2: IGMP (Internet Group Management Protocol)

• Multicast IGMP Version 1
• Multicast IGMP Version 2
• Multicast IGMP Version 3
• Multicast IGMP Filter
• Multicast IGMP Proxy

Unit 3: Multicast L2

• Multicast IGMP Snooping
• IGMP Snooping without Router
• Multicast CGMP (Cisco Group Management Protocol)

Unit 4: Multicast L3

• Multicast Routing
• Multicast PIM Dense Mode
• Multicast PIM Sparse Mode
• Multicast PIM Sparse-Dense Mode
• Multicast PIM Auto RP
• Multicast PIM BSR (Bootstrap)
• RPF (Reverse Path Forwarding)
• Multicast Tunnel RPF Failure
• PIM Designated Router
• PIM Assert
• Multicast PIM Prune Override
• Multicast PIM Register Message
• Anycast RP
• Multicast MSDP SA Filtering
• Multicast Bidirectional PIM
• Multicast Stub Routing and IGMP Helper
• Source Specific Multicast
• Multicast PIM Accept RP
• Multicast PIM Accept Register
• Multicast Auto-RP Mapping agent behind Spoke
• PIM NBMA Mode
• Multicast Boundary Filtering
• Multicast PIM Snooping

Unit 5:  IPv6 Multicast

• IPv6 Multicast BSR and RP
• Embedded RP for IPv6