C
HAPTER
17
| Multicast Filtering
Layer 2 IGMP (Snooping and Query for IPv4)
– 612 –
multicast traffic will be flooded to all VLAN ports. If many ports have
subscribed to different multicast groups, flooding may cause excessive
packet loss on the link between the switch and the end host. Flooding
may be disabled to avoid this, causing multicast traffic to be delivered
only to those ports on which multicast group members have been
learned. Otherwise, the time spent in flooding mode can be manually
configured to reduce excessive loading.
When the spanning tree topology changes, the root bridge sends a
proxy query to quickly re-learn the host membership/port relations for
multicast channels. The root bridge also sends an unsolicited Multicast
Router Discover (MRD) request to quickly locate the multicast routers in
this VLAN.
The proxy query and unsolicited MRD request are flooded to all VLAN
ports except for the receiving port when the switch receives such
packets.
◆ TCN Query Solicit – Sends out an IGMP general query solicitation
when a spanning tree topology change notification (TCN) occurs.
(Default: Disabled)
When the root bridge in a spanning tree receives a TCN for a VLAN
where IGMP snooping is enabled, it issues a global IGMP leave message
(or query solicitation). When a switch receives this solicitation, it floods
it to all ports in the VLAN where the spanning tree change occurred.
When an upstream multicast router receives this solicitation, it
immediately issues an IGMP general query.
A query solicitation can be sent whenever the switch notices a topology
change, even if it is not the root bridge in spanning tree.
◆ Router Alert Option – Discards any IGMPv2/v3 packets that do not
include the Router Alert option. (Default: Disabled)
As described in Section 9.1 of RFC 3376 for IGMP Version 3, the Router
Alert Option can be used to protect against DOS attacks. One common
method of attack is launched by an intruder who takes over the role of
querier, and starts overloading multicast hosts by sending a large
number of group-and-source-specific queries, each with a large source
list and the Maximum Response Time set to a large value.
To protect against this kind of attack, (1) routers should not forward
queries. This is easier to accomplish if the query carries the Router
Alert option. (2) Also, when the switch is acting in the role of a
multicast host (such as when using proxy routing), it should ignore
version 2 or 3 queries that do not contain the Router Alert option.
◆ Unregistered Data Flooding – Floods unregistered multicast traffic
into the attached VLAN. (Default: Disabled)
Once the table used to store multicast entries for IGMP snooping and
multicast routing is filled, no new entries are learned. If no router port
is configured in the attached VLAN, and unregistered-flooding is
disabled, any subsequent multicast traffic not found in the table is
dropped, otherwise it is flooded throughout the VLAN.
To Next Page
Loading...
Need help?
General
