IGMP Snooping
This module describes how to enable and configure the Ethernet Virtual Connection (EVC)-based IGMP Snooping feature globally and on bridge domains.
- Finding Feature Information
- Information About IGMP Snooping
- How to Configure IGMP Snooping
- Additional References
- Feature Information for IGMP Snooping
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Information About IGMP Snooping
IGMP Snooping
Multicast traffic becomes flooded because a device usually learns MAC addresses by looking into the source address field of all the frames that it receives. A multicast MAC address is never used as the source address for a packet. Such addresses do not appear in the MAC address table, and the device has no method for learning them.
IP Multicast Internet Group Management Protocol (IGMP), which runs at Layer 3 on a multicast device, generates Layer 3 IGMP queries in subnets where the multicast traffic must be routed. IGMP (on a device) sends out periodic general IGMP queries.
IGMP Snooping is an Ethernet Virtual Circuit (EVC)-based feature set. EVC decouples the concept of VLAN and broadcast domain. An EVC is an end-to-end representation of a single instance of a Layer 2 service being offered by a provider. In the Cisco EVC framework, bridge domains are made up of one or more Layer 2 interfaces known as service instances. A service instance is the instantiation of an EVC on a given port on a given device. A service instance is associated with a bridge domain based on the configuration.
Traditionally, a VLAN is a broadcast domain, and physical ports are assigned to VLANs as access ports; the VLAN tag in a packet received by a trunk port is the same number as the internal VLAN broadcast domain. With EVC, an Ethernet Flow Point (EFP) is configured and associated with a broadcast domain. The VLAN tag is used to identify the EFP only and is no longer used to identify the broadcast domain.
When you enable EVC-based IGMP snooping on a bridge domain, the bridge domain interface responds at Layer 2 to the IGMP queries with only one IGMP join request per Layer 2 multicast group. Each bridge domain represents a Layer 2 broadcast domain. The bridge domain interface creates one entry per subnet in the Layer 2 forwarding table for each Layer 2 multicast group from which it receives an IGMP join request. All hosts interested in this multicast traffic send IGMP join requests and are added to the forwarding table entry. During a Layer 2 lookup on a bridge domain to which the bridge domain interface belongs, the bridge domain forwards the packets to the correct EFP. When the bridge domain interface hears the IGMP Leave group message from a host, it removes the table entry of the host.
Layer 2 multicast groups learned through IGMP snooping are dynamic. However, you can statically configure Layer 2 multicast groups. If you specify group membership for a multicast group address statically, your static setting supersedes any automatic manipulation by IGMP snooping. Multicast group membership lists can consist of both user-defined and IGMP snooping-learned-settings.
Restrictions for IGMP Snooping
-
IGMP snooping is only supported on a Bridge Domain when OTV is enabled on ASR 1000 routers.
-
If IGMP snooping is configured on a Bridge Domain with OTV enabled, then the IGMP snooping process limits the multicast traffic. In this scenario, the snooping tables are populated.
-
If IGMP snooping is configured on a Bridge Domain without OTV, the IGMP snooping process does not limit multicast traffic. In this scenario, the snooping tables are not populated and the multicast traffic floods the entire VLAN.
How to Configure IGMP Snooping
- Enabling IGMP Snooping
- Configuring IGMP Snooping Globally
- Configuring IGMP Snooping on a Bridge Domain Interface
- Configuring an EFP
- Verifying IGMP Snooping
Enabling IGMP Snooping
1.
enable
2.
configure terminal
3.
ip igmp snooping
4.
bridge-domain
bridge-id
5.
ip igmp snooping
6.
end
DETAILED STEPS
Configuring IGMP Snooping Globally
Perform this task to modify the global configuration for IGMP snooping.
IGMP snooping must be enabled. IGMP snooping is enabled by default.
1.
enable
2.
configure terminal
3.
ip igmp snooping robustness-variable
variable
4.
ip igmp snooping tcn query solicit
5.
ip igmp snooping tcn flood query count
count
6.
ip igmp snooping report-suppression
7.
ip igmp snooping explicit-tracking-limit limit
8.
ip igmp snooping last-member-query-count
count
9.
ip igmp snooping last-member-query-interval
interval
10.
ip igmp snooping check {
ttl |
rtr-alert-option }
11.
exit
DETAILED STEPS
Configuring IGMP Snooping on a Bridge Domain Interface
Perform this task to modify the IGMP snooping configuration on a bridge domain interface.
1.
enable
2.
configure terminal
3.
bridge-domain
bridge-id
4.
ip igmp snooping immediate-leave
5.
ip igmp snooping robustness-variable
variable
6.
ip igmp snooping report-suppression
7.
ip igmp snooping explicit-tracking
8.
ip igmp snooping explicit-tracking-limit limit
9.
ip igmp snooping last-member-query-count
count
10.
ip igmp snooping last-member-query-interval
interval
11.
ip igmp snooping access-group
{acl-number |
acl-name}
12.
ip igmp snooping limit
num
[except
{acl-number |
acl-name}]
13.
ip igmp snooping minimum-version
{2 |
3}
14.
ip igmp snooping check {
ttl |
rtr-alert-option }
15.
ip igmp snooping static source
source-address
interface
port-type port-number
16.
end
DETAILED STEPS
Configuring an EFP
Perform this task to configure IGMP snooping features on an EFP.
The EFP and bridge domain must be previously configured. Configuring a service instance on a Layer 2 port creates a pseudoport or Ethernet Flow Point (EFP) on which you configure Ethernet Virtual Connection (EVC) features. See the “Configuring Ethernet Virtual Connections on the Cisco ASR 1000 Router” section of the Carrier Ethernet Configuration Guide for configuration information.
1.
enable
2.
configure terminal
3.
router-guard ip multicast efps
4.
interface
type number
5.
service instance
id
ethernet
6.
router-guard multicast
7.
ip igmp snooping tcn flood
8.
ip igmp snooping access-group {acl-number |
acl-name}
9.
ip igmp snooping limit
num
[except
{acl-number |
acl-name}]
10.
end
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. |
Step 3 |
router-guard ip multicast efps
Example: Device(config)# router-guard ip multicast efps |
(Optional) Enables the router guard for all EFPs. |
Step 4 |
interface
type number
Example: Device(config)# interface BDI100 |
(Optional) Specifies the bridge domain interface to be configured. |
Step 5 |
service instance
id
ethernet
Example: Device(config-if)# service instance 333 ethernet |
(Optional) Enters Ethernet service configuration mode for configuring the EFP. |
Step 6 |
router-guard multicast
Example: Device(config-if-srv)# router-guard multicast |
(Optional) Configures a router guard on an EFP. |
Step 7 |
ip igmp snooping tcn flood
Example: Device(config-if-srv)# no ip igmp snooping tcn flood |
(Optional) Disables TCN flooding on an EFP. TCN flooding is enabled by default. |
Step 8 |
ip igmp snooping access-group {acl-number |
acl-name}
Example: Device(config-if-srv)# ip igmp snooping access-group 44 |
(Optional) Configures ACL-based filtering on an EFP. |
Step 9 |
ip igmp snooping limit
num
[except
{acl-number |
acl-name}]
Example: Device(config-if-srv)# ip igmp snooping limit 1300 except test1 |
(Optional) Limits the number of IGMP groups or channels allowed on an EFP. |
Step 10 |
end
Example: Device(config-if-srv)# end |
Returns to privileged EXEC mode. |
Verifying IGMP Snooping
1.
enable
2.
show igmp snooping [count [bd
bd-id]]
3.
show igmp snooping groups bd
bd-id [
count |
ip-address [verbose] [hosts |
sources |
summary ]]
4.
show igmp snooping membership bd
bd-id
5.
show igmp snooping mrouter [bd
bd-id]
6.
show igmp snooping counters [bd
bd-id]
DETAILED STEPS
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
Step 2 |
show igmp snooping [count [bd
bd-id]]
Example: Device(config)# show igmp snooping |
Displays configuration for IGMP snooping, globally or by bridge domain. |
Step 3 |
show igmp snooping groups bd
bd-id [
count |
ip-address [verbose] [hosts |
sources |
summary ]]
Example: Device(config)# show igmp snooping groups bd 100 |
Displays snooping information for groups by bridge domain. |
Step 4 |
show igmp snooping membership bd
bd-id
Example: Device(config)# show igmp snooping membership bd 100 |
Displays IGMPv3 host membership information. |
Step 5 |
show igmp snooping mrouter [bd
bd-id]
Example: Device(config)# show igmp snooping mrouter |
Displays multicast ports, globally or by bridge domain. |
Step 6 |
show igmp snooping counters [bd
bd-id]
Example: Device(config)# show snooping counters |
Displays IGMP snooping counters, globally or by bridge domain. |
Additional References
Technical Assistance
Description |
Link |
---|---|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
Feature Information for IGMP Snooping
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.Feature Name |
Releases |
Feature Information |
---|---|---|
IGMP Snooping |
Cisco IOS XE Release 3.5S 15.2(4)S |
IGMP snooping is an IP multicast constraining mechanism based on the Ethernet Virtual Connection (EVC) infrastructure. IGMP snooping examines Layer 3 information (IGMP Join/Leave messages) in the IGMP packets sent between hosts and routers. The following commands were introduced or modified: ip igmp snooping, ip igmp snooping check, ip igmp snooping explicit-track ing limit, ip igmp snooping immediate leave, ip igmp snooping last-member-query count, ip igmp snooping last-member-query interval, ip igmp snooping report-suppression, ip igmp snooping robustness-variable, ip igmp snooping static, ip igmp snooping tcn flood (if-srv), ip igmp snooping tcn flood query, ip igmp snooping tcn flood query solicit, router guard ip multicast efps |