Showing results for 
Search instead for 
Did you mean: 

Need to block Apple TV discovery across WAN links

New Contributor
I have a ICX 7450 and multiple ICX 7250s connected using OSPF on a layer 2 WAN.  Many of the sites have Apple TV devices.  Locations are able to see the Apple TV's from all locations.  Therefore, I need to block this discovery and keep it contained at each location.  What ports do I need to configure in an ACL to drop this type of traffic? 

Contributor III
UDP port 5353 according to Apple. We 'contain' our displays via the Wi-Fi Fencing options. Hope this helps.

Contributor III
Andrew is correct; however, the protocol they use is Bonjour, which is predominantly a Layer-2 protocol.  My understanding is that it does Multicast to

Is your WAN a stretched VLAN?  I would not expect this to be an issue across a routed network unless you are running something like PIM

ip access-list extended blockAPLTV
sequence 10 deny udp any any eq 5353
sequence 20 permit ip any any

On your WAN port (i.e. your VE interface)

Interface ve 100
ip access-group blockAPLTV in

Esteemed Contributor II
See also this article on optimizing WLAN for streaming media devices and Chromecast or AppleTV: