Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4724
Views
15
Helpful
5
Replies

Multicast traffic flooded to all ports

Go to solution
Berkeloid
Level 1
Level 1

‎01-14-2023 01:30 AM

Hi all,

I'm trying to diagnose an issue with multicast traffic.  I have enabled IGMP snooping, and everything appears to work normally.  If I set up two hosts on the switch, each listening to a different multicast IP, then tcpdump on the hosts shows that they are only receiving traffic on the multicast IPs they have requested - all good.

However if one of those hosts then leaves the multicast group (and there are no other hosts still subscribed), the switch starts flooding that multicast IP to all ports.  But only that IP with no listeners - the other multicast IP that still has a host subscribed to it, continues to be sent to only the subscriber's switch port.  (So it's not TCN as that should affect all multicast IPs.)

In other words, when the last host leaves a multicast group, it does not stop receiving multicast traffic for that IP, but rather every other port on the switch starts receiving it too.

As long as there is at least one host in the network subscribed to a multicast IP, then the traffic only goes to the necessary ports.  But any multicast IP that has no subscribers at all, it gets flooded to all switch ports.

It is causing me a problem because some of my devices cannot handle that amount of traffic, suddenly being flooded with a bunch of multicast addresses they never requested.

How can I configure the switch so that if there are no subscribers to a given multicast IP, the traffic is just not forwarded to any ports?

The switches I am seeing this on are 2960S and 2975GS.

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎01-14-2023 03:25 AM

 

                                        >....The switches I am seeing this on are 2960S and 2975GS.
  - These devices exist already for a while , I would start by using latest advisory software release on this model(s) , chance is that current IOS version might be old, check if that can help , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

5 Replies 5

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎01-14-2023 03:25 AM

 

                                        >....The switches I am seeing this on are 2960S and 2975GS.
  - These devices exist already for a while , I would start by using latest advisory software release on this model(s) , chance is that current IOS version might be old, check if that can help , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Go to solution
Georg Pauwen
VIP
VIP

‎01-14-2023 03:46 AM

Hello,

as far as I recall, IGMP snooping only works when there are multicast routers in your network. I assume you have those ?

0 Helpful

Go to solution
Berkeloid
Level 1
Level 1

‎01-14-2023 05:14 AM

Hmm, you're right.  I had already updated to the latest firmware but the 2975 is so old it's not even on the Cisco site any more, and there are some IPv6 bugs in its firmware.  I took it out of the loop to try it with just the 2960 alone which has much newer firmware (IOS 15.x vs the 2975's latest 12.x) and I don't see this problem on the 2960 only.  So it looks like one more bug in the 2975's firmware.  Maybe it is time to retire this one.

As for the multicast router, you don't need one for IGMP snooping to work.  When each host wants to receive traffic destined for a specific multicast IP address, it broadcasts an IGMP message asking to join that group.  The switch picks this up and starts repeating any traffic sent to that multicast IP on that port.  A multicast router is only needed when you want to send multicast traffic between different subnets/VLANs, as IGMP (and IGMP snooping) only works within a single subnet/VLAN/broadcast domain.

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to Berkeloid

‎01-14-2023 09:07 AM

@Georg Pauwen's "as far as I recall, IGMP snooping only works when there are multicast routers in your network."

@Berkeloid's "As for the multicast router, you don't need one for IGMP snooping to work."

I believe, actually, for IGMP snooping to work correctly, you're supposed to have a IGMP querier on the L2 multicast domain.  Normally this is done by a multicast router, but switches that support IGMP snooping often support this function if there's no multicast router.

(From what I was just reading, w/o an IGMP querier, your IGMP might not work as expected.  What happens appears it might vary by device implementation.  If you don't have an active IGMP querier, possibly your 2960 deals with that better than the 2975.  You might also check if your 2960 supports being the IGMP querier, and if it does, insure it's enabled.  See Configuring the IGMP Snooping Querier for more info.)

0 Helpful

Go to solution
paul driver
VIP
VIP

‎01-14-2023 02:26 PM

Hello

@Berkeloid wrote:

Hi all,

In other words, when the last host leaves a multicast group, it does not stop receiving multicast traffic for that IP, but rather every other port on the switch starts receiving it too.

how can I configure the switch so that if there are no subscribers to a given multicast IP, the traffic is just not forwarded to any ports?

IGMPV2 You can set igmp immediate leave request so MC being flooded to all ports within a vlan will upon a receipt of a immediate leave request for the MC group for that vlan, the switch will send out a group specific query to determine if any other host exists and if no other join request is received the vlan will be pruned from the mc tree, however if you have multiple hosts attached to a single port then any immediate-leave can inadvertently drop those hosts residing on the same port as the originated leave request 

IGMPV3 immediate leave is on by default, with explicit host tracking which is able to detect single a host behind a specific port thus negating the problem in IGMPv2 immediate leave request has.

example:
ip igmp snooping vlan x immediate-leave
ip igmp snooping vlan x explicit-tracking

Switch IGMP Snooping Default Configuration Values

Feature
Default Value

IGMP snooping

Enabled

Multicast routers

None configured

Explicit Host Tracking

Enabled for IGMPv3; Not available for IGMPv2

Immediate-leave processing

Enabled for IGMPv3; Disabled for IGMPv2

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents