enabling/dissabling ip multicast traffic in real time on a Cisco router using windows script

Discussion in 'Cisco' started by Art, Jul 24, 2005.

  1. Art

    Art Guest

    Scenario: A network (IP) with X amount of surveillance cameras. All cameras
    transmit video via Mpeg 2 multicast (IGMP version 2 & PIM SM). External
    clients connect to the private network via a router 3700 series. Under
    normal conditions a client should be able to request any video stream. Under
    special circumstances some video streams are not allowed to go to the
    external clients, but still need to be available inside the local network.



    Question: Is it possible to dynamically activate or deactivate access
    control list on the edge router, from a windows application? Some kind of
    scripting maybe?



    The operators that are watching the videos from the local network should be
    able to enable/disable video streams from going out to the remote clients.



    Any thoughts?
    Art, Jul 24, 2005
    #1
    1. Advertising

  2. Art

    Ivan Ostres Guest

    In article <tTBEe.18541$>,
    says...
    > Question: Is it possible to dynamically activate or deactivate access
    > control list on the edge router, from a windows application? Some kind of
    > scripting maybe?
    >
    >
    >
    > The operators that are watching the videos from the local network should be
    > able to enable/disable video streams from going out to the remote clients.
    >
    >
    >
    > Any thoughts?
    >
    >


    It could be done on various ways but I think you'll have to script in
    any way. One way would be to add/remove an access-list trough a script
    or add/remove "ip multicast ttl-threshold ttl-value" command. You could
    probably do the same using SNMP and that could be much "cleaner" way to
    do it. www.cisco.com is your friend.


    --
    Ivan

    *** User rot13 to see my eMail address ***
    Ivan Ostres, Jul 24, 2005
    #2
    1. Advertising

  3. Art

    Art Guest

    Ivan, Thanks for your response you nailed it!

    using the command on the interface receiving the multicast:
    " The ip multicast ttl-threshold <value> command means that any packets with
    a TTL lower than the specified threshold, in this case, 15, are not
    forwarded. This command is usually used to provide a border to keep internal
    multicast traffic from drifting out of the intranet. " extracted from:
    http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080094b55
    ..shtml#ttlsetting

    It is very easy to me to change via SNMP the TTL value of the multicast
    video server (encoder) on the fly. I know how many hops the multicast video
    has to travel from source to destination (width of my network). My longest
    hop count is 4, if I set my edge router with a TTL of 10 for example, I
    will set the ttl on the encoder to 13 when I don't want the video to go out
    and 15 when I do.

    By doing this I don't have to do anything with the router via scripts or
    anything like that.

    Some video encoders are not 4 hops apart from the edge router, so a database
    with the right TTL per video encoder will be needed. For example an encoder
    connected to the network where the edge is connected to, shall be set to a
    TTL value of 10 in order to be blocked. (asuming my previous example of
    setting a threshold of 10 in the router.)

    Thanks!

    "Ivan Ostres" <> wrote in message
    news:...
    > In article <tTBEe.18541$>,
    > says...
    > > Question: Is it possible to dynamically activate or deactivate access
    > > control list on the edge router, from a windows application? Some kind

    of
    > > scripting maybe?
    > >
    > >
    > >
    > > The operators that are watching the videos from the local network should

    be
    > > able to enable/disable video streams from going out to the remote

    clients.
    > >
    > >
    > >
    > > Any thoughts?
    > >
    > >

    >
    > It could be done on various ways but I think you'll have to script in
    > any way. One way would be to add/remove an access-list trough a script
    > or add/remove "ip multicast ttl-threshold ttl-value" command. You could
    > probably do the same using SNMP and that could be much "cleaner" way to
    > do it. www.cisco.com is your friend.
    >
    >
    > --
    > Ivan
    >
    > *** User rot13 to see my eMail address ***
    Art, Jul 27, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Pinko_Commie
    Replies:
    1
    Views:
    1,399
    Erik Tamminga
    Mar 6, 2004
  2. Replies:
    3
    Views:
    1,940
  3. Replies:
    1
    Views:
    2,362
  4. m1hoelbl
    Replies:
    1
    Views:
    3,541
    m1hoelbl
    May 20, 2008
  5. HostedSwitch
    Replies:
    0
    Views:
    755
    HostedSwitch
    Sep 19, 2008
Loading...

Share This Page