Scribd
Upload
1K views

Multicast Basics Part 2

IGMPv3 adds source-specific filtering capabilities which require applications to use new APIs and operating system support. It uses a new multicast address for hosts to send reports to and does not support report suppression. IGMP snooping allows switches to examine IGMP messages and only forward traffic to ports with interested receivers to avoid flooding an entire VLAN. Rate-limiting can prevent denial of service attacks from excessive IGMP reports.

Uploaded by

Ratnesh Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
1K views

Multicast Basics Part 2

IGMPv3 adds source-specific filtering capabilities which require applications to use new APIs and operating system support. It uses a new multicast address for hosts to send reports to and does not support report suppression. IGMP snooping allows switches to examine IGMP messages and only forward traffic to ports with interested receivers to avoid flooding an entire VLAN. Rate-limiting can prevent denial of service attacks from excessive IGMP reports.

Uploaded by

Ratnesh Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 26

IGMPv3 & IGMP

Snooping
Basics 2

IGMPv3
RFC 4604
Adds Include/Exclude Source Lists
Enables hosts to listen only to a specified subsets
of the hosts
sending to the group
Requires new IPMulticastListen API
- New IGMPv3 stack required in the O/S
Apps must be rewritten to use IGMPv3
include/Exclude features

IGMPv3
New Membership Report address
- 224.0.0.22 (IGMPv3 Routers)
- All IGMPv3 hosts send reports to this address
- instead of the target address as in IGMPv1/v2
- All IGMPv3 Routers listen to this address
- Hosts do not listen or respond to this address
No Report Suppression
- All Hosts on wire respond to Queries
- Response Interval may be tuned over broad range
- Useful when large numbers of hosts reside on
subnet

IGMPv3 Example

IGMPv3 Joining a Group

IGMPv3- Joining specific


Source(s)

IGMPv3-Excluding specific
Source(s)

IGMPv3-Maintaining State

IGMP Snooping & Verification

IGMP Snooping (Join)

IGMP Snooping (Join)

IGMP Snooping (Join)

IGMP Snooping (Join)

IGMP Snooping
(default behavior regarding IGMP Leave
Processing)

IGMP Snooping
(default behavior regarding Leave Processing)

IGMP Snooping
(default behavior regarding Leave Processing)

IGMP Snooping
(Leave with Fast Leave Processing enable)

IGMP Snooping
(Leave with Fast Leave Processing enable)

IGMP Snooping
(default behavior regarding IGMP Leaving)

IGMP Snooping Configuration


- IOS-based Switches: IGMP Snooping is on by
default
- To turn if off/on:
> IOS:
Router(config)# [no] ip igmp snooping
Enabling IGMP Snooping Fast-Leave (off by
default)
> switch(config-if)# ip igmp snooping fastleave

Denial of Service

Rate-Limiters to the Rescue

Router(config)# mls rate-limit multicast ipv4 igmp 20000 40


In the command above:
20000 = maximum of 20,000 IGMP Reports allowed per-second to be
sent to CPU (configurable)
40 = In any given millisecond, maximum of 40-IGMP Reports allowed to
sent to CPU (configurable)
Packing counting and drops done in hardware .

Verifying IGMP Snooping(IOS)

Verifying IGMP Snooping


(Cat6500)

Note: In the cat6500 the SP process


did all the multicast related things ,
i.e igmp snooping

Verifying IGMP Snooping


(Cat6500)

Verifying IGMP Snooping (other


Switches)

You might also like