This test checks that the flooding limitation for multicast is working correctly in the network. To protect the network from loops in customer equipment and from malicious DoS attacks, a limit should be imposed on the rate of multicast traffic from an individual customer port. Such a limit needs to be enforced before the traffic reaches the ISP.
- Malicious sends IP multicast traffic at a rate twice as high as the multicast flooding limit expected to be in place.
- The rate of the received traffic at the ISP is above the expected limit.
This test conforms to SEC Access Certification ID "SEC-CM-NP-1".
- Malicious Customer: A customer interface performing malicious actions.
- ISP: A central node on a trusted port. The test requires that the ISP Test Agent reside in the same Layer 2 network as customers.
- Expected rate limitation (Mbit/s): Rate limit in Mbit/s expected to be imposed on multicast traffic from an individual customer. Default: 1 Mbit/s.
- Expected packets/second limitation: Rate limit in packets/s expected to be imposed on multicast traffic from an individual customer. Default: 100 packets/s.
- IP multicast addresses: IP multicast addresses to be tested. Default: 220.127.116.11, 18.104.22.168