enabling/dissabling ip multicast traffic in real time on a Cisco router using windows script

enabling/dissabling ip multicast traffic in real time on a Cisco router using windows script
NewsGroups | Search | Tools
User Password
Register Now! Lost Password?
 comp.dcom.sys.cisco  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
enabling/dissabling ip multicast traffic in real time on a Cisco router using windows script Art 07-23-2005
Posted by Art on July 23, 2005, 9:10 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Scenario: A network (IP) with X amount of surveillance cameras. All cameras
transmit video via Mpeg 2 multicast (IGMP version 2 & PIM SM). External
clients connect to the private network via a router 3700 series. Under
normal conditions a client should be able to request any video stream. Under
special circumstances some video streams are not allowed to go to the
external clients, but still need to be available inside the local network.



Question: Is it possible to dynamically activate or deactivate access
control list on the edge router, from a windows application? Some kind of
scripting maybe?



The operators that are watching the videos from the local network should be
able to enable/disable video streams from going out to the remote clients.



Any thoughts?





Posted by Ivan Ostres on July 24, 2005, 9:00 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
kn662ae@bellsouth.net says...
> Question: Is it possible to dynamically activate or deactivate access
> control list on the edge router, from a windows application? Some kind of
> scripting maybe?
>
>
>
> The operators that are watching the videos from the local network should be
> able to enable/disable video streams from going out to the remote clients.
>
>
>
> Any thoughts?
>
>

It could be done on various ways but I think you'll have to script in
any way. One way would be to add/remove an access-list trough a script
or add/remove "ip multicast ttl-threshold ttl-value" command. You could
probably do the same using SNMP and that could be much "cleaner" way to
do it. www.cisco.com is your friend.


--
Ivan

*** User rot13 to see my eMail address ***


Posted by Art on July 26, 2005, 11:57 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Ivan, Thanks for your response you nailed it!

using the command on the interface receiving the multicast:
" The ip multicast ttl-threshold <value> command means that any packets with
a TTL lower than the specified threshold, in this case, 15, are not
forwarded. This command is usually used to provide a border to keep internal
multicast traffic from drifting out of the intranet. " extracted from:
http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080094b55
..shtml#ttlsetting

It is very easy to me to change via SNMP the TTL value of the multicast
video server (encoder) on the fly. I know how many hops the multicast video
has to travel from source to destination (width of my network). My longest
hop count is 4, if I set my edge router with a TTL of 10 for example, I
will set the ttl on the encoder to 13 when I don't want the video to go out
and 15 when I do.

By doing this I don't have to do anything with the router via scripts or
anything like that.

Some video encoders are not 4 hops apart from the edge router, so a database
with the right TTL per video encoder will be needed. For example an encoder
connected to the network where the edge is connected to, shall be set to a
TTL value of 10 in order to be blocked. (asuming my previous example of
setting a threshold of 10 in the router.)

Thanks!

"Ivan Ostres" <> wrote in message
> says...
> > Question: Is it possible to dynamically activate or deactivate access
> > control list on the edge router, from a windows application? Some kind
of
> > scripting maybe?
> >
> >
> >
> > The operators that are watching the videos from the local network should
be
> > able to enable/disable video streams from going out to the remote
clients.
> >
> >
> >
> > Any thoughts?
> >
> >
>
> It could be done on various ways but I think you'll have to script in
> any way. One way would be to add/remove an access-list trough a script
> or add/remove "ip multicast ttl-threshold ttl-value" command. You could
> probably do the same using SNMP and that could be much "cleaner" way to
> do it. www.cisco.com is your friend.
>
>
> --
> Ivan
>
> *** User rot13 to see my eMail address ***




Similar ThreadsPosted
Ciscoworks syslog real-time viewer November 22, 2006, 1:55 am
FirePlotter - real-time session monitoring for PIX/ASA September 3, 2007, 11:42 am
Good tool for reporting real-time and trend stats for multiple VPN 3000 concentrators? November 29, 2005, 9:58 am
How to config two Cisco PIX devices to allow multicast traffic through the VPN tuunel between the two. March 3, 2006, 4:42 pm
How to configure 2950 switch to synchronize time with Windows server? July 4, 2007, 5:42 am
Cisco 2811 to Windows 2003 IpSec tunnel - SAs fine but no traffic... March 3, 2006, 4:10 pm
Flow control and multicast or broadcast traffic August 7, 2006, 12:14 pm
I need to know what the real though put is on a 3600 series router October 17, 2008, 5:08 am
Multicast broadcast traffic forwarding to wrong interface July 11, 2007, 10:41 am
Setting up VPN from Windows XP to a Cisco router April 18, 2006, 3:28 pm

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map