L2 Multicast - IGMP snooping querier data flow and optimization

Alex-Pr · ‎01-28-2022

Hi there,

Looking at a campus LAN that is setup in a spanned layer two topology that has a few multicast flows and I am trying to get it fixed up to a more ideal data flow/resiliency.

The core runs multiple VRFs for different tenants/BU/Zones plus many vlans that are isolated for specific purposes and segmented by firewalls. At this point there is no need to L3 Multicast routing so it all lives in L2.

There is one edge switch that is designated as the IGMP snooping querier (via the command "ip igmp snooping querier". ) Aside from a couple vlans that have equipment on it running a mrouter this one edge switch is really doing all the membership management.

The problem that I see is that there is an inefficient flow of data. The switch is acting as a receiver for all multicast traffic. it is not forwarding it (unless a port off that switch requires it).

Is there an way to control per vlan where the snooping querier. The command seems to not be able to make it selective per vlan. As example, where the headend of an IPTV system that has many channels coming off a satellite feed I would like that switch to act as the querier for that specific vlan so that it only sends the channels requested by set top boxes around the campus. Currently because the querier is across the network, the entire payload traverses the network.

If not this, how would you suggest to approach the overall multicast design. I am not against opening multicast to layer 3 routing within each VRF, it just hasn't been required so I like to keep things simple.

I've attached a simple high level design.

Thank you.

Reza Sharifi · ‎01-28-2022

Hi,

Not sure what type of switch you are using but most Cisco switches support the command within a vlan. Example:

ip igmp snooping vlan x querier

Also, if there is no need for layer-3 multicast routing, layer-2 should just work fine.

HTH

paul driver · ‎01-30-2022

Hello

@Alex-Pr wrote:

The core runs multiple VRFs for different tenants/BU/Zones plus many vlans that are isolated for specific purposes and segmented by firewalls. At this point there is no need to L3 Multicast routing so it all lives in L2.

There is one edge switch that is designated as the IGMP snooping querier (via the command "ip igmp snooping querier". )

Looking at your topology, I would say try applying the igmp snooping querier or statically define a mrouter port on each of those switch's attaching to the MC Source

At a pure L2 level and with igmp snooping enabled none of the switch's would have no designated mrouter port , So any any igmp report they receive would not be forwarded, unless as you have shown a querier is applied or igmp snooping is disabled and in that case MC would be broadcasted.

Also my understanding on certain IOS catalyst switches is without any designated MC L3 router snooping is disabled if no relevant querier is found on the switch(s), Can you confirm if snooping is enabled and they all have a mrouter port designated.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Joseph W. Doherty · ‎01-30-2022

"The problem that I see is that there is an inefficient flow of data. The switch is acting as a receiver for all multicast traffic. it is not forwarding it (unless a port off that switch requires it)."

Traditionally, that's how multicast works, i.e. the sender of a multicast stream just transmits it. If you're worried about a switch receiving multicast traffic it doesn't need to forward, very, very likely that's a non-problem for the switch. Reason being, since Ethernet started out on shared media, NIC hardware, generally, drops frames (except broadcast frames) that are of no interest.

However, if the switch is forwarding multicast traffic, I've seen switches have difficultity if there's a very high volume multicast replication needed.

One issue, to watch for, Ethernet, at L2, lumps groups of IP L3 multicast into the same L2 multicast address. This means it's possible for a switch to replicate multicast traffic it really doesn't need to.

Unclear why you want to control multicast querier per VLAN, beyond wanting to "break" all L2 multicast, on a VLAN, if IGMP snooping is enabled and if there's no querier.

If your switches, within the same L2 domain, are being IGMP snooped, multicast (re-transmission) should be limited to the ports that want it. (This also applies, I believe, between switches.)

BTW, before there were IGMP snooping switches, switches flooded all multicast to all ports, even if no port wanted it. If there were zero clients, L3 multicast would preclude (constantly) flooding a L2 segment, but even with 1 multicast client, again w/o IGMP snooping, all ports were multicast flooded.