04-20-2013 09:18 PM - edited 11-18-2020 03:02 AM
Multicast Group Address and port no. Conflict:
#Don't reference the Multicast Group address configured on WLC to anywhere or any Multicast application in the network.
#Use unique Mobility Multicast group address per wlc.
#The CAPWAP multicast group configured on the controllers should be different for different controllers. It should be unique per WLC for AP to join that Multicast group on that WLC.
#The controller drops any multicast packets sent to the capwap and lwapp UDP port numbers capwap - 5246, 5247, 5248. LWAPP - 12222, 12223, and 12224. Make sure the multicast applications on your network do not use those port numbers.
Multicast on Static Anchor or Guest Anchor:
#Any Multicast traffic is dropped at Anchor(guest anchor scenario), Only Bonjour with mDNS enabled is exceptional since Service advertisements are forwarded to foreigh WLC when using airprint/airplay server wired to anchor WLC.
Multicast support on different WLC platform:
#WLC 2500 supports AP Multicast Mode Multicast only, it doesn't support unicast.
#WLC 7500 on central switching doesn't forwarded Multicast in Multicast or Unicase mode.
#vWLC doesn't support Multicast at all.
#MAx supported mgid on 5508 is 100.
Multicast on different AP Mode:
#Multicast is not supported on Cisco 600 Series OfficeExtend Access Points.
#Does Multicast Routing required for an AP to join WLC's Multicast group when AP is on L3 network. No, the AP to WLC traffic is unicast irrespective of traffic type.
#Irrespective of AP Multicsat mode on WLC, HREAP/Flexconnect mode AP doesn't join WLC's Multicast group, It deliver the Multicast using Unicast mode on central switching.
#On any WLC platform, HREAP/Flexconnect locally switched client bridges Wireless Multicast packets to infrastrucutre. And AP bridges infrastructure multicast traffic to wlan. It works similar to wired client connected on the flex AP connected swith.
#On flex AP, IGMP snooping is not supported for Locally switched traffic.
#With AAA override using local switching on flexconnect AP, need to enable a command from link (http://tinyurl.com/d5ws8j6) to forward the Mulitcast traffic from AP to wired infrastrcture, it is blocked by default. The Multicst traffic will cross the L2 boundry once enabled.
#After an AP joins a controller and downloads its configuration, the AP issues an IGMP request in order to join the controller LWAPP/CAPWAP multicast group. This triggers the normal setup for the multicast state in the multicast-enabled routers, between the controller and APs. The source IP address for the multicast group is the controller management interface IP address, not the AP-manager IP address used for Layer 3 mode.
#Enable Multicasting for Mesh AP from cli of WLC. ref: http://tinyurl.com/ce82uev
#How to check/verify AP has joined Multicast group. (will be updated)
#AP reboot not on changing AP Multicast mode to Multicast from unicast or vice-versa.
Multicast Security:
#Downstream Multicast/Broadcast doesn't work on wlan when - 'GTK randomize'feature is enabled on it.
#Controller ACLs cannot block multicast traffic recieved from wired networks that is destined to wireless clients. Controller ACLs are processed for multicast traffic initiated from wireless clients, destined to wired networks or other wireless clients on the same controller.
#Peer-to-peer blocking does not apply to multicast traffic.
#Passive client feature support for multicast-unicast mode is introduced from 7.0.116.0, previous it use to support Multicast-Multicast mode only.
#How to disable Multicast on one ssid only - config network multicast l2mcast disable INTFNAME
#In multicast unicast mode traffic which is sent from WLC to AP is sent from ap-manager ip as source for capwap traffic rather than management ip as in the case for multicast mode.
#With multicast enabled, any kind of multicast packet received on the VLAN from the first hop router is transmitted over the wireless including HSRP hellos, all router, EIGRP, and PIM multicast packets.
Multicast Roaming:
#Multicast traffic is supported with access point group VLANs. However, if the client roams from one access point to another, the client might stop receiving multicast traffic, unless IGMP snooping is enabled. So, Multicast would break without igmp snooping when doing L3 roaming.
#AP groups do not allow multicast roaming across group boundaries. Similar behavior when using AAA override.
IPv6 Multicast:
#Currently ACLs do not filter ICMPv6.
#When you disable the Global Multicast Mode, the controller still forwards the IPv6 ICMP multicast messages, such as router announcements and DHCPv6 solicits, as these are required for IPv6 to work. As a result, enabling the Global Multicast Mode on the controller does not impact the ICMPv6 and the DHCPv6 messages. These messages will always be forwarded irrespective of whether or not the Global Multicast Mode is enabled.
Multicast Performance on Wireless and Wired:
QoS in Multicast:
#When the controller receives a multicast packet from any of the client VLANs on the first hop router, it transmits the packet to the LWAPP/CAPWAP multicast group via the management interface at the lowest QoS level. The QoS bits for the LWAPP multicast packet are hard-coded at the lowest level and cannot be changed by the user.
#Configure QoS priority for downlink Multicast traffic - Wireless>> Profiles>> Select one>> From the Multicast Default Priority drop-down list, choose the QoS priority for multicast data frames transmitted by the AP to stations in the WLAN.
Multicast Datarates:
#AP delievers Multicast packet at mandatory datarate, This can be tweaked using RF profile based on the deployment/requirement.
#Broadcast and multicast (if enabled) are sent at the lowest associated data rate (to ensure that all clients can receive the packets). This reduces the throughput of the WLAN because traffic must wait until frames are processed at the slower rate.
#If more than one data rate is set to mandatory, multicast and broadcast frames are sent at the highest common mandatory transmission rate of all associated clients (the lowest mandatory receive rate of all of the clients). This allows all clients to receive broadcast packets.
#Use Videostream feature to send Multicast as Unicast to use unicast datarate on wireless at AP.
Multicast with AAA override/AP group/Interface group:
#WLAN using feature AP group/AAA Override/Interface group to assign multiple vlan statically or dynamically will get duplicate packets even if igmp snooping enabled because 2 mgid is created for same multicast group ie., one per vlan and no duplicates seen if igmp snooping disabled, however with igmp disabled multicast traffic is sent on all the WLANs which are mapped to same vlan from where client has registered if there is atleast one client on each WLAN.
#With interface groups, multiple VLANs are mapped to a single SSID. When the clients in different VLANs subscribe to a Multicast stream, duplicate entries are created in the WLC for a single SSID. As a result, single multiple streams may be sent multiple times over the air depending on the number of VLANs present in an interface group. In order to prevent this, Using vlan select feature where a single VLAN is selected as the representative VLAN for flow of all IGMP and multicast over the air.
IGMP Snooping:
#Enabling of IGMP snooping on the controller helps to collect IGMP reports from the hosts and sends each AP a list of hosts that are listening to any multicast group. The AP then forwards multicast packets only to those hosts.
#When IGMP snooping is enabled, WLC receives the igmp report, creates entry for multicast group address and vlan, assigns mgid-X, generates reports to infrastrcuture, updates the APx about the mgid and client info. Means, can see mgid created for the Multicast client(mapped to multicast group) sending igmp request packet. This mgid is used by the WLC to map the client on that AP, so once the downlink Multicast packet hits the AP from WLC and doesn't forward it
to the air, if there is no entry for that client on that particular AP. If there are client(s) found on a single or multiple wlan using same vlan then Multicast traffic is broadcasted to those wlans. Note: AP receives all the multicast traffic from its controller even though there is no client listening to the corresponding multicast traffic, however it drops at the ap, if no mgid found for any client.
Multicast Wired to Wireless:
#The controller always uses the management interface for sending multicast packets. Access points in the multicast group receive the packet and forward it to all the BSSIDs mapped to the interface on which clients receive multicast traffic. From the access point perspective, the multicast appears to be a broadcast to all SSIDs.
#Prefer to use LAG when Multicast mode Multicast is enabled on wlc for large network.
#DHCP, Arp generated broadcasts are not forwarded to wireless clients however directed broadcast does, Use Multicast to forward directed broadcast to conserve the wireless bandwidth efficiently.
#When multicast is enabled, it is global in nature, meaning it is enabled for every WLAN configured regardless if multicast is needed by that WLAN or not. The unified wireless solution is not able to distinguish between data link layer versus network layer multicast traffic neither is the WLC capable of
filtering specific multicast traffic. Therefore, the following additional steps should be considered:
•Disable CDP on interfaces connecting to WLCs.
•Port filter incoming CDP and HSRP traffic on VLANs connecting to the WLCs.
•Remember that multicast is enabled for all WLANs on the WLC, including the Guest WLAN, therefore multicast security including link layer multicast security must be considered.
At Layer 3, the random IP destinations targeted by macof also use the multicast address space. Thus, the distribution layer switches that have multicast turned on experience high CPU usage levels as the protocol independent multicast (PIM) process attempts to handle the false routes.
Handy Doc. Thanks Saravanan.
+5 surely.
Amjad, You're Welcome and Thanks for the Rating.
Hi,
Very good doc! I'm trying to find out if the design we want to do will help us or give us more problems...
We want to create different AP groups within the same hospital to manipulate the SSID's that will be broadcasted and the RF environment. All the AP groups within an hospital will have the same SSID-VLAN mapping so there will be no L3 roam when there will be client roaming between AP Groups.
I'm trying to find out, given this design, if we will be able to acheive seamless roaming between AP Groups for unicast and multicast.
Thanks!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: