cancel
Showing results for 
Search instead for 
Did you mean: 

Need to block Apple TV discovery across WAN links

davidwaldrop
New Contributor
I have a ICX 7450 and multiple ICX 7250s connected using OSPF on a layer 2 WAN.  Many of the sites have Apple TV devices.  Locations are able to see the Apple TV's from all locations.  Therefore, I need to block this discovery and keep it contained at each location.  What ports do I need to configure in an ACL to drop this type of traffic? 
3 REPLIES 3

andrew_giancol1
Contributor III
UDP port 5353 according to Apple. We 'contain' our displays via the Wi-Fi Fencing options. Hope this helps.

netwizz
Contributor III
Andrew is correct; however, the protocol they use is Bonjour, which is predominantly a Layer-2 protocol.  My understanding is that it does Multicast to 224.0.0.251

Is your WAN a stretched VLAN?  I would not expect this to be an issue across a routed network unless you are running something like PIM https://en.wikipedia.org/wiki/Protocol_Independent_Multicast

ip access-list extended blockAPLTV
sequence 10 deny udp any any eq 5353
sequence 20 permit ip any any

On your WAN port (i.e. your VE interface)

Interface ve 100
ip access-group blockAPLTV in

michael_brado
Esteemed Contributor II
See also this article on optimizing WLAN for streaming media devices and Chromecast or AppleTV:
https://support.ruckuswireless.com/articles/000009674