11-26-2019 06:13 PM
CDP and STP - these frames are sent to well-known MAC addresses 01:00:0c:cc:cc:cc and 01:80:C2:00:00:00, respectively.
How do Cisco switches handle multicast traffic? Is layer 2 multicast traffic sent to devices that do an IGMP join to the CDP / STP multicast group? Or is IGMP only used to join a layer 3 multicast group (IP address)?
If IGMP snooping is disabled on the Cisco switch, does it change the switch's behavior of which ports the multicast layer 2 traffic is sent to?
11-27-2019 04:22 AM
Hi
See the answer to this thread:
https://community.cisco.com/t5/switching/multicast-layer-2-flooding-and-cdp-vtp/td-p/2758332
CDP (01:00:0c:cc:cc:cc) and LLDP (01:80:C2:00:00:0E) are link layer discovery protocols. This traffic is sent/received only between directly connected devices.
Only multicast macs with the oui 01:00:5E map to a multicast group 224.0.0.0 - 239.255.255.255 so igmp is not required for cdp/lldp etc.
hth
Andy
11-27-2019 07:20 AM
Thanks Andy.
That link helped. Can you please explain how the switch decides which ports to send CDP, VTP, DTP, or PVST+ frames out to?
CDP floods its advertisement frames out, but how does it know on which port(s) Cisco equipment lives? Also, I am testing out a MikroTik device, so it looks like CDP is not only used on Cisco equipment - you'd have to keep around a MAC OUI database.
If you tell me that CDP floods its advertisements out of ports that have Cisco MAC addresses, we run into the issue of "nobody's talking to each other because they are not aware of each other's presence".
Also, on your point:
"Only multicast macs with the oui 01:00:5E map to a multicast group 224.0.0.0 - 239.255.255.255 so igmp is not required for cdp/lldp etc."
The "all hosts" multicast group 224.0.0.1 - are you saying that devices need to IGMP join this group? If it's "all hosts" on the subnet, it doesn't make much sense to me that hosts would need to explicitly join it.
11-27-2019 08:03 AM
Hello Sam,
Range 224.0.0.1-255 is specially allocated for local network control. Multicast traffic to this addresses should be flooded by default within local network (VLAN), but not outside, it's not routable. IGMP snooping does not affect this range.
CDP, STP, DTP frames also by default are flooded via all the ports, where these protocols are enabled/VLANs allowed. Switch is not aware, what is connected on other side.
11-27-2019 08:21 AM
Hi Sam
CDP is enabled globally by default (enabled on all interfaces) - it can be disabled globally with "no cdp run". It can also be disabled on a per interface basis with "no cdp enable".
CDP is a Cisco protocol but they can licence it out to other vendors.
A device being a member of the "all hosts" group indicates that it is multicast capable (has already joined a group).
hth
Andy
11-27-2019 04:10 PM - edited 11-27-2019 04:25 PM
Thanks Andy.
It looks like hosts do not explicitly join the "all hosts" multicast group, 224.0.0.1.
I did a local SPAN across all VLANs and saw membership queries sent out to 224.0.0.1 (which itself is a multicast address), but I didn't see any membership reports for 224.0.0.1 sent back to 224.0.0.1.
I have IGMP snooping enabled on my switch:
sh ip igmp snooping ?
detail Show opertational state info
groups Show group information
mrouter Show routers on Catalyst Vlans
querier Show IGMP querier information
vlan Snooping info in a Catalyst Vlan
| Output modifiers
<cr>
SARCOMERE#sh ip igmp snooping
Global IGMP Snooping configuration:
-------------------------------------------
IGMP snooping : Enabled
IGMPv3 snooping (minimal) : Enabled
Report suppression : Enabled
TCN solicit query : Disabled
TCN flood query count : 2
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Vlan X:
--------
IGMP snooping : Enabled
IGMPv2 immediate leave : Disabled
Multicast router learning mode : pim-dvmrp
CGMP interoperability mode : IGMP_ONLY
Robustness variable : 2
Last member query count : 2
Last member query interval : 1000
Here's the out output of "show ip igmp membership all". I don't see 224.0.0.1 as one of the groups.
sh ip igmp membership all
Flags: A - aggregate, T - tracked
L - Local, S - static, V - virtual, R - Reported through v3
I - v3lite, U - Urd, M - SSM (S,G) channel
1,2,3 - The version of IGMP, the group is in
Channel/Group-Flags:
/ - Filtering entry (Exclude mode (S,G), Include mode (G))
Reporter:
<mac-or-ip-address> - last reporter if group is not explicitly tracked
<n>/<m> - <n> reporter in include mode, <m> reporter in exclude
Channel/Group Reporter Uptime Exp. Flags Interface
*,239.2.0.252 <REDACTED> 00:02:43 02:16 2A VlX
*,239.255.255.250 <REDACTED> 1w0d 02:13 2A VlX
*,239.255.255.250 <REDACTED> 3w0d 02:29 2A VlX
*,239.255.3.22 <REDACTED> 13:24:02 02:25 2A VlX
*,239.255.3.22 <REDACTED> 1w0d 02:14 2A VlX
*,239.228.228.228 <REDACTED> 1w0d 02:27 2A VlX
*,239.228.228.229 <REDACTED> 1w0d 02:32 2A VlX
*,224.0.1.40 <REDACTED> 3w0d 02:31 2LA VlX
#
11-27-2019 11:43 PM
Hi Sam
Have a look through the ietf standard for igmp v2:
https://tools.ietf.org/html/rfc2236
For 224.0.0.1:
"The all-systems group (address 224.0.0.1) is handled as a special case. The host starts in Idle Member state for that group on every interface, never transitions to another state, and never sends a report for that group."
hth
Andy
11-27-2019 04:31 AM
Hello,
in addition to the other post, when you disable IGMP snooping (which is enabled by default, on most switches), multicast traffic is indeed flooded to all ports on the switch.
11-28-2019 11:26 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide