Yes Jon , the Port is in Same VLAN. 

is their any way i can Block the UDP going out of this switch interface . Besides ACL any way Out ?

i have   switch conneting decoders on 7 Ports  this decoders generate the Video on UDP port 3000 .. all 7 ports in VALN 144 .

Now when i connect any device on any port with VLAN 144 the device is reciving all the UDP multicast . No matter if its requested by by device or not .

this 7 Ports are generating traffice up to 100 Mbps and this is causing issue .

I want to block or restrict the traffic  leaving out of this interfaces .

I hople i was able to explain the situation .

when i used a Planet Switch  for same setup i had an option to limit trafic / restrict trafice out of the Switch Ports and it worked good .

I need to replace the Planet Switch with Cisco do we have any Option with Cisco .

Okay, that is a different problem. You cannot block it with an acl because as i say acl can only be applied inbound on physical ports.

But there is a solution. You need to -

1) enable IGMP snooping on the switch. This should already be enabled

2) I'm assuming you do not have PIM enabled on the L3 vlan 144 interface ?  If this is correct you then need to configure the IGMP snooping querier function which will make IGMP queries for the switch to listen to. See this link for how to configure it -

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_52_se/configuration/guide/swigmp.html#wp1193337

Once you have done the switch should not send the multicast stream out of ports where there is a device attached that has not requested that stream.

Jon

Thanks a lot Jon ,

D

its good document i hope it will solve my problem .

please could you help me understand   " Snooping Querier "  can this be IP address of the machine which is Asking for the

Multicast UDP Streem .

what i have is switch with 7 Decoders and 1 Encoder this Decoders are in VLAN 144 and Encoder as will is in this VLAN 144

We have decoders Producing the UDP video stream on port 3000 and the Encoder is receiving the Stream for processing .

their is No IP on the switch at all NO router involved its plain L2 network .

Thanks again for your response .

The IGMP snooping querier needs an IP address from somewhere. I understand it is a plain L2 network. Is this switch connected to any other switch(es)/routers and if so how in terms of vlans/IP addressing.

Jon

OH!!!  

Sorry we have VLAN 1 on that switch with ip address .

the config is as follows

!

interface GigabitEthernet2/0/48

switchport access vlan 144

switchport mode access

macro description cisco-desktop

spanning-tree portfast

interface GigabitEthernet2/0/45

switchport access vlan 144

switchport mode access

macro description cisco-desktop

spanning-tree portfast

spanning-tree bpduguard enable

!

interface Vlan1
ip address 10.0.0.103 255.255.255.0  

VLAN 144 is on other switch ,connecting to this switch   VLAN 144 has Ip range 192.168.250.0 255.255.255.0 

and the Decoders user Multicast IPs  as  

239.0.170.1

239.0.171.1

239.0.172.1   so on

So does vlan 144 have a L3 vlan interface on another switch that is connected via a trunk or an access port in vlan 144 ie if you have a client in vlan 144 does it have a default gateway so it can send traffic to other vlans ?

Jon

Thanks Jon ,

VLAN 144 doesnot has L3 interface and looks like there is no IP defined for VLAN144. But i can assigne the subnet to this VLAN 144 , i will assign IP 192.168.250.1 255.255.255.128 to it

and  make it as a Snooping Querier. does that sounds correct ,  again .. my multicast IPs are diffrent . and the reciver IP is in 192.168.250.0  range .

i am trying to figure out if Snooping Querier  is the IP of  system which is trying to request this multicast UDP packets . Or it should be the IP for the Switch .

the objective is we need some decoders to connet to this encoder for video.  Decoders generating Video and single encoder reviving them . i understand that for this unicast should be good idea , but our encoder do not support unicast .

.

once again thanks for your responce.

The snooping querier should be tied to the switch not the machine requesting the stream. It doesn't have to be the actual switch you are on it could configured on the switch with the vlan 144 L3 vlan interface as long as that switch was connected to your switch using a trunk with vlan 144 allowed on it.

Jon