bsr-policy (PIM view)
Use bsr-policy to configure a BSR policy.
Use undo bsr-policy to restore the default.
Syntax
bsr-policy ipv4-acl-number
undo bsr-policy
Default
No BSR policy exists, and all bootstrap messages are regarded as legal.
Views
PIM view
Predefined user roles
network-admin
Parameters
ipv4-acl-number: Specifies an IPv4 basic ACL by its number in the range of 2000 to 2999.
Usage guidelines
A BSR policy filters bootstrap messages to guard against BSR spoofing.
When you configure a rule in the IPv4 basic ACL, follow these restrictions and guidelines:
For the rule to take effect, do not specify the vpn-instance vpn-instance option.
The source source-address source-wildcard option specifies a BSR address.
Among the other optional parameters, only the fragment keyword and the time-range time-range-name option take effect.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure a BSR policy on the public network so that only the devices on subnet 10.1.1.0/24 can act as the BSR.
<Sysname> system-view [Sysname] acl basic 2000 [Sysname-acl-ipv4-basic-2000] rule permit source 10.1.1.0 0.0.0.255 [Sysname-acl-ipv4-basic-2000] quit [Sysname] pim [Sysname-pim] bsr-policy 2000
Related commands
c-bsr (PIM view)