accept-register access-list


accept-register access-list <ACL-RULE>

no accept-register access-list <ACL-RULE>


Configures ACL on RP to filter PIM Register packets from unauthorized sources. The ACL specified will contain the (S,G) traffic in register packets to permitted or denied.

The no form of this command removes the currently configured ACL rule.

Command context




Specifies the ACL rule name.


Administrators or local user group members with execution rights for this command.


When register ACL is associated with a PIM Router, PIM protocol will store the source and destination address details along with the action (permit or deny).

Upon receiving the register messages, a look up is made to check if the S and G in the packet is in the permitted list. If there is no match or if there is a deny rule match, a register stop message is immediately sent and the packet is dropped and no further action is taken. Permitted packets will go through the normal flow.

Loopback interfaces are special interfaces where only unicast PIM messages are updated. This includes Register, Register Stop, and Candidate RP Advertisements.

When a loopback interface is configured as the RP, the ACL drop counters will be updated on the interface on which the packets are received.


Configuring ACL on RP with an ACL rule named pim_regv6_acl:

switch(config)# access-list ipv6 pim_regv6_acl
switch(config-acl-ipv6)# 10 permit any 20.::1 ff1e::1
switch(config-acl-ipv6)# 20 deny any 30::1 ff1e::3
switch(config)# router pim6
switch(config-pim6)# accept-register access-list pim_regv6_acl