The administrator must ensure that a PIM neighbor filter is bound to all interfaces that have PIM enabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-30578 | NET-MCAST-002 | SV-40314r1_rule | Medium |
| Description |
|---|
| Protocol Independent Multicast (PIM) is a routing protocol used to build multicast distribution tress for forwarding multicast traffic across the network infrastructure. PIM traffic must be limited to only known PIM neighbors by configuring and binding a PIM neighbor filter to those interfaces that have PIM enabled. |
| STIG | Date |
|---|---|
| Perimeter Router Security Technical Implementation Guide | 2018-11-28 |
Details
| Check Text ( C-39167r1_chk ) |
|---|
| Review the router or multi-layer switch to determine if either IPv4 or IPv6 multicast routing is enabled. If either is enabled, verify that all interfaces enabled for PIM has a neighbor filter to only accept PIM control plane traffic from the documented routers according to the multicast topology diagram. |
| Fix Text (F-34301r1_fix) |
|---|
| If IPv4 or IPv6 multicast routing is enabled, ensure that all interfaces enabled for PIM has a neighbor filter to only accept PIM control plane traffic from the documented routers according to the multicast topology diagram. |