Multicast IPs strictly locally significant?
Hi Everyone,
Here is a question for the follow-the-packet experts. Are multicast packets strictly locally significant? Is there any way a malicious user from outside the network can use them?
For example, in a 10.0.0.0 network, will 224.0.0.0 multicasts *only* be visible to the LAN? Or can a malicious user see them? Can a multicast packet be directed out to the internet in a usable way?
Thanks!
Here is a question for the follow-the-packet experts. Are multicast packets strictly locally significant? Is there any way a malicious user from outside the network can use them?
For example, in a 10.0.0.0 network, will 224.0.0.0 multicasts *only* be visible to the LAN? Or can a malicious user see them? Can a multicast packet be directed out to the internet in a usable way?
Thanks!
Comments
-
MAC_Addy
Member Posts: 1,740 ■■■■□□□□□□
It depends on what the routing is between the routers for the "internet" side. Typically it's BGP, it does multicast, but I don't think it can be used in a malicious manner.2017 Certification Goals:
CCNP R/S -
fredrikjj
Member Posts: 879
It depends on whether the routers are enabled for IP multicast forwarding, and whether there is multicast state installed in the forwarding tables via PIM. If you are not using multicast, there won't be, and the multicast packets will not leave the local subnet even if someone sends packets with TTL > 1.
PS.
"Can a multicast packet be directed out to the internet in a usable way?"
Only if you use tunneling techniques.