Multicast Traffic on switch

Unanswered Question
Feb 2nd, 2007

Hello,

How do I limit Multicast traffic on a switch. I have a switch (switch A) on the network that I use for imaging new PC. The image server (Ghost) and the PC's are connected to this switch A and switch A has a trunk to other switch on the network.

When I start imaging, the whole network comes down as a result of multicast traffic. I have enabled ip multicast routing and ip pim sparse-dense mode on the interface vlan, and still the network is affected.

How do I limit Multicast traffic to Switch A, and prevent it from going over the trunk to other switches on the network?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amit.seth Tue, 02/06/2007 - 02:20

Hi Holley,

You could choose any of the following methods depending on your requirement.

1. Switch(config-if)# switchport block multicast Blocks unknown multicast forwarding to the port.

2.If you are open to the trunk port moving to blocking state when there is a flood of Multicast Traffic. You could try the following alternative

Switch(config-if)# storm-control {broadcast | multicast | unicast} level {level [level-low] | pps pps [pps-low]}

The keywords have these meanings:

For level, specify the rising threshold level for broadcast, multicast, or unicast traffic as a percentage of the bandwidth. The storm control action occurs when traffic utilization reaches this level.

Switch(config-if)# storm-control action {shutdown | trap}

Specifies the action to be taken when a storm is detected

3.You can also try and put ACL's on the trunk port for Multicast Traffic(224.0.0.0 - 239.0.0.0). I have not yet tried this.

HTH.

Amit

p.holley Wed, 02/28/2007 - 09:26

Thanks,

I have tried all the above and multicasting still brings down the network.

Sample int config.

int fa0/1

description to other cisco switch

switchport mode access

switchport access vlan 10

switchport block multicast

storm-control multicast 10

storm-control action shutdown

ip access-group 101 out

access-list 101 deny ip 224.0.0.0 15.255.255.255 any

access-list 101 deny any 224.0.0.0 15.255.255.255

access-list 101 permit ip any any

int vlan 10

ip address

ip access-group 101 in

ip access-group 101 out

Actions

This Discussion