IGMP Snooping on SG300

nma_xdcinema · ‎04-04-2012

Hello,

I have some problems with IGMP snooping feature on the SG300 switch.

I want to filter multicast dinamycally with IGMP snooping.

To configure our switch I use the web page:

- In Multicast I first enable: Bridge Multicast Filtering Status

- Thzn I enable IGMP snooping

- Then I enable IGMP Snooping on my VLAN

During my tests I stream a video (UDP multicast). This stream is present on all the ports of my VLAN with IGMP snooping normally configured. Also, I can't see any entry in the IGMP/MLD IP Multicast Group Table where I should normally see my multicast address.

Any idea why it's not working ? Problem with SG300 (in last fw version) ?

David Hornstein · ‎04-05-2012

Hi Nicolas,

Thought i would try it out, I am using switch order number SRW2008P-K9-NA (SG300-10P) version 1 hardware with firmware 1.1.2.0.

My test

My multicast router is a UC320W (192.168.10.1)

I have three PC's in my test.

Multicast source PC is streaming one packet per second to destination multicast address 234.55.66.77

I have a PC capturing, via wireshark, IGMP and the multicast packets of interest.

I have another PC that is a active member of the multicast group, labeled multicast receiver in the diagram above.

My test was for the PC labeled multicast receiver , to leave the multicast group and then join the multicast group. Here is the wireshark capture below.

Interpretation of the capture

When a multicast receiver left a multicast stream,.tne router and switch both flooded IGMP general queries.

You will note the BLUE section of the trace, that showed the Multicast flooding at one frame per second.

When the multicast receiver again joined multicast group 234.55.66.77, the wireshark showed that the multicast stream stopped flooding to my PC port.

It could only be IGMP snooping that stopped that multicast flooding behaviour..

Do you have a IPv4 Router acting as a multicast querier, you really need one, but always usefult o check release notes if there is a relevant bug that that affects you.

In the release notes for version 1.1.2,.x firmware it says;

Problem: When the Mrouter learning mode is changed between "user defined" to "auto" and vice-versa, the IGMP Querier election process doesn't start. (Bugs00132805)

Solution: Disable IGMP Snooping and re-enable again, every time the Mrouter

learning mode is changed to start the Querier election process.

Problem: Source specific multicast filtering is not supported on VLAN that has Bonjour/VSDP enabled. (Bugs00131405)

Solution: There is no workaround.

If you suspect something is behaving differently since the last switch firmware release, could you please open a case with the good folk at the Small Business Support Center (SBSC).

www.cisco.com/go/sbsc

regards Dave

Alpha-Linux · ‎04-11-2012

Hi,

i'm in process of setting up some SG300-10 for using in a Multicast environment.

The domain includes actually 4 switches, setup with 3 vlans.

Vlan1: Mgmt

Vlan10: Mcast Primary

Valn20: Mcast Secondary

All the switches Mgmt-IP-Addresses are configured in Vlan1; Vlan10 and Vlan20 do not have IP-Addresses configured.

(all Switches running in Layer2-Mode)

Since i do not have a Multicast-Router in this scenario, one of the switches is configured as Querier (the STP-root)

So my question here: Does the Querier IP-Address have to be reachable within the Mcast-Vlans ? (vlan10 and vlan20)

regards, Markus

michalpas · ‎04-30-2012

Hi,

The setup you describe won't work. This is because the switch in L2 mode has only one ip address. The querier will send IGMP queries with this address in all vlans. Operating System (e.g Linux) in vlans beside management vlan will receive the queries but won't respond to them because source ip in a query (generated by switch) is in a different ip subnet.

I see 3 solutions:

1) Install a router on the network to act as a qurier or

2) Change the mode of operation of the switch to L3 and assign proper ip addresses in all vlans (switch will send out queries with source ip address that is in the same subnet as other devices connected to it) or

3) One no so good solution is to force an invalid ip address in Linux on the ethernet device (from management vlan) so it responds to those queries

Thanks.

michalpas · ‎04-07-2012

Hi,

Entries in the IGMP/MLD IP Multicast Group Table show up according to IGMP rules.

http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00800b0871.shtml says:

"In general, addresses from 224.0.0.1 to 224.0.0.255 are reserved and used by various protocols (standard or proprietary, such as Hot Standby Router Protocol (HSRP)). Cisco recommends that you not use these for GDA in a multicast network. CGMP and IGMP snooping do not work with this reserved address range."

Second source on this topic is http://tools.ietf.org/html/rfc4541 - 2.1.2. Data Forwarding Rules point 2)

---

You should have at least one IGMP querier on you lan. This is usually done by a router. If you only have switches or want a backup querier enable it in IGMP snooping configuration page.

---

For the second requirement to see only wanted traffic you will probably be interested in filtering unwanted multicast traffic. See switch web interface, menu Multicast > Unregistered Multicast. Make sure to test this feature because it also filters traffic in 224.0.0.X (except 224.0.0.1) so it can break your current applications. If you use anything in that range you will have to manually managed it.

I hope this helps in any way.