igmp snooping - sender & receiver on same vlan

Answered Question
Sep 13th, 2010
User Badges:

Background:

Before whenever our Desktop group used Altiris to image PC's & laptops, it became broadcast because no PIM RP was available to facilitate the register process (I think), even though the sender & receivers are all in the same vlan.

So we simply implemented PIM routing on the core L3 3560 to enable multicast.


Question1:

Would the image that the source sends have to traverse through the L3 3560 (PIM router), and then back down the tree to reach the receivers?

Or would the multicast stream propagate through the access / distribution switches, w/o having to go through the 3560 first?

All the switches have IGMP snooping enabled.


Most of the multicast documents I've read seem to only cover forwarding scenarios based on L3 PIM routers, and not L2 switches.

While I have a basic understanding on how multicast forwarding & IGMP snooping work, I'm clueless on how the multicast stream looks like on a LAN.


Question2:

Follow-up to Q1, if the sender & receivers happen to be on the same L2 access switch, would the multicast stream reach the receivers directly, or would the stream go up to the PIM router (L3 3560), and then back down to the L2 switch?


Question3:
How would the scenario change if sender & receivers are on different subnet/vlan? (assuming PIM is enabled on all SVI's)
Would an access switch have different snooping tables for each vlan?
Or would multicast stream have to be PIM routed by the L3 switch?

Correct Answer by Peter Paluch about 6 years 10 months ago

Hello,


First of all, you can use the IGMP Snooping Querier facility on your switches to make a switch perform an IGMP Querier function without actually performing the multicast routing. IGMP Snooping Querier functionality can be thus implemented even on a Layer2 switch. In essence, the IGMP Snooping Querier switch sends IGMP Queries into the appropriate VLAN to facilitate the proper function of IGMP Snooping, without needing a real multicast router to send these queries.


You may want to read more about this functionality in this document (this is a Configuration Guide for 2960 series switches but it applies also to 3560):


http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swigmp.html#wp1193337

Question1:

Would the image that the source sends have to traverse through the L3 3560 (PIM router), and then back down the tree to reach the receivers?

Or would the multicast stream propagate through the access / distribution switches, w/o having to go through the 3560 first?

All the switches have IGMP snooping enabled.


In a Layer2 domain with IGMP Snooping enabled, a multicast packet is delivered through all STP Forwarding interfaces in the active spanning tree for the particular VLAN that are


  1. Either subscribed to this group by means of IGMP Join messages
  2. Or identified as multicast router ports by receiving PIM or DVMRP messages


In essence, the multicast will be flooded to all recipients along the spanning tree in the VLAN and towards all multicast routers. The traffic will not be "doubled" by going to a PIM router and then being reflected back into the same VLAN.


Question2:

Follow-up to Q1, if the sender & receivers happen to be on the same L2 access switch, would the multicast stream reach the receivers directly, or would the stream go up to the PIM router (L3 3560), and then back down to the L2 switch?


The multicast stream would be delivered from sources to destinations on the same L2 switch directly. It will also flow up towards the PIM router but the PIM router will not reflect the stream back to the network where it was originated.


Question3:
How would the scenario change if sender & receivers are on different subnet/vlan? (assuming PIM is enabled on all SVI's)
Would an access switch have different snooping tables for each vlan?
Or would multicast stream have to be PIM routed by the L3 switch?


If the senders and receivers are in different VLANs then the multicast stream has to be rerouted from one VLAN to another through the PIM router. Even if two ports on a single access switch are subscribed to the same multicast group but are assigned to different access VLANs, the switch is not allowed to leak multicast packets from one VLAN to another despite the fact that the multicast IP addresses are identical. In this case, the multicast traffic on one VLAN must traverse up to the PIM router and be rerouted to the second VLAN, travelling back through the topology to the same access switch and being sent out the ports in the second VLAN.


Best regards,

Peter

Correct Answer by Jon Marshall about 6 years 10 months ago

huangedmc wrote:


Background:

Before whenever our Desktop group used Altiris to image PC's & laptops, it became broadcast because no PIM RP was available to facilitate the register process (I think), even though the sender & receivers are all in the same vlan.

So we simply implemented PIM routing on the core L3 3560 to enable multicast.


Question1:

Would the image that the source sends have to traverse through the L3 3560 (PIM router), and then back down the tree to reach the receivers?

Or would the multicast stream propagate through the access / distribution switches, w/o having to go through the 3560 first?

All the switches have IGMP snooping enabled.


Most of the multicast documents I've read seem to only cover forwarding scenarios based on L3 PIM routers, and not L2 switches.

While I have a basic understanding on how multicast forwarding & IGMP snooping work, I'm clueless on how the multicast stream looks like on a LAN.


Question2:

Follow-up to Q1, if the sender & receivers happen to be on the same L2 access switch, would the multicast stream reach the receivers directly, or would the stream go up to the PIM router (L3 3560), and then back down to the L2 switch?


Question3:
How would the scenario change if sender & receivers are on different subnet/vlan? (assuming PIM is enabled on all SVI's)
Would an access switch have different snooping tables for each vlan?
Or would multicast stream have to be PIM routed by the L3 switch?


There are a number of things to cover here.


IGMP snooping allows a switch to listen to the responses to IGMP queries and record which ports on the switch are interested in the multcast stream. The key thing to understand about IGMP snooping is that if there is nothing to make the IGMP queries then IGMP snooping will simply not work and the multicast will be treated as a broadcast and sent to all ports.


So what makes IGMP queries -


1) a L3 interface that has PIM (either sparse or dense mode) enabled


2) on most Cisco switches you can enable what is called the "igmp snooping querier" function which means you would not need to enable PIM on the L3 interface.


The 3560 does indeed support the "igmp snooping querier" so if you only want multicast traffic within one vlan and you do not need to multicast the traffic across L3 interfaces ie. multicast routing then you do not need to enable PIM on any L3 interfaces.


Having said that you have enabled PIM on the L3 interface. Nothing wrong with that although as i say the querier function may be a better option if no multicast routing is needed.


In answer to your specific questions -


1) No, the stream does not have to go via the L3 interface because the switch has recorded which ports want to receive the multicast stream within that vlan. Same thing stands for mutliple switches.


At L2 the multicast stream has a mac-address which is derived from the L3 multicast group address.


2) Would receive them directly.


3) If source and receiver were on different vlans then you would need multicast routing and as you say both of the L3 vlans would need to have PIM enabled.


As far as the switch and IGMP snooping is concerned, the switch would keep a record of the relevant ports per multicast stream or more specifically per multicast mac-address.


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Peter Paluch Mon, 09/13/2010 - 08:46
User Badges:
  • Cisco Employee,

Hello,


First of all, you can use the IGMP Snooping Querier facility on your switches to make a switch perform an IGMP Querier function without actually performing the multicast routing. IGMP Snooping Querier functionality can be thus implemented even on a Layer2 switch. In essence, the IGMP Snooping Querier switch sends IGMP Queries into the appropriate VLAN to facilitate the proper function of IGMP Snooping, without needing a real multicast router to send these queries.


You may want to read more about this functionality in this document (this is a Configuration Guide for 2960 series switches but it applies also to 3560):


http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/swigmp.html#wp1193337

Question1:

Would the image that the source sends have to traverse through the L3 3560 (PIM router), and then back down the tree to reach the receivers?

Or would the multicast stream propagate through the access / distribution switches, w/o having to go through the 3560 first?

All the switches have IGMP snooping enabled.


In a Layer2 domain with IGMP Snooping enabled, a multicast packet is delivered through all STP Forwarding interfaces in the active spanning tree for the particular VLAN that are


  1. Either subscribed to this group by means of IGMP Join messages
  2. Or identified as multicast router ports by receiving PIM or DVMRP messages


In essence, the multicast will be flooded to all recipients along the spanning tree in the VLAN and towards all multicast routers. The traffic will not be "doubled" by going to a PIM router and then being reflected back into the same VLAN.


Question2:

Follow-up to Q1, if the sender & receivers happen to be on the same L2 access switch, would the multicast stream reach the receivers directly, or would the stream go up to the PIM router (L3 3560), and then back down to the L2 switch?


The multicast stream would be delivered from sources to destinations on the same L2 switch directly. It will also flow up towards the PIM router but the PIM router will not reflect the stream back to the network where it was originated.


Question3:
How would the scenario change if sender & receivers are on different subnet/vlan? (assuming PIM is enabled on all SVI's)
Would an access switch have different snooping tables for each vlan?
Or would multicast stream have to be PIM routed by the L3 switch?


If the senders and receivers are in different VLANs then the multicast stream has to be rerouted from one VLAN to another through the PIM router. Even if two ports on a single access switch are subscribed to the same multicast group but are assigned to different access VLANs, the switch is not allowed to leak multicast packets from one VLAN to another despite the fact that the multicast IP addresses are identical. In this case, the multicast traffic on one VLAN must traverse up to the PIM router and be rerouted to the second VLAN, travelling back through the topology to the same access switch and being sent out the ports in the second VLAN.


Best regards,

Peter

Correct Answer
Jon Marshall Mon, 09/13/2010 - 08:37
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

huangedmc wrote:


Background:

Before whenever our Desktop group used Altiris to image PC's & laptops, it became broadcast because no PIM RP was available to facilitate the register process (I think), even though the sender & receivers are all in the same vlan.

So we simply implemented PIM routing on the core L3 3560 to enable multicast.


Question1:

Would the image that the source sends have to traverse through the L3 3560 (PIM router), and then back down the tree to reach the receivers?

Or would the multicast stream propagate through the access / distribution switches, w/o having to go through the 3560 first?

All the switches have IGMP snooping enabled.


Most of the multicast documents I've read seem to only cover forwarding scenarios based on L3 PIM routers, and not L2 switches.

While I have a basic understanding on how multicast forwarding & IGMP snooping work, I'm clueless on how the multicast stream looks like on a LAN.


Question2:

Follow-up to Q1, if the sender & receivers happen to be on the same L2 access switch, would the multicast stream reach the receivers directly, or would the stream go up to the PIM router (L3 3560), and then back down to the L2 switch?


Question3:
How would the scenario change if sender & receivers are on different subnet/vlan? (assuming PIM is enabled on all SVI's)
Would an access switch have different snooping tables for each vlan?
Or would multicast stream have to be PIM routed by the L3 switch?


There are a number of things to cover here.


IGMP snooping allows a switch to listen to the responses to IGMP queries and record which ports on the switch are interested in the multcast stream. The key thing to understand about IGMP snooping is that if there is nothing to make the IGMP queries then IGMP snooping will simply not work and the multicast will be treated as a broadcast and sent to all ports.


So what makes IGMP queries -


1) a L3 interface that has PIM (either sparse or dense mode) enabled


2) on most Cisco switches you can enable what is called the "igmp snooping querier" function which means you would not need to enable PIM on the L3 interface.


The 3560 does indeed support the "igmp snooping querier" so if you only want multicast traffic within one vlan and you do not need to multicast the traffic across L3 interfaces ie. multicast routing then you do not need to enable PIM on any L3 interfaces.


Having said that you have enabled PIM on the L3 interface. Nothing wrong with that although as i say the querier function may be a better option if no multicast routing is needed.


In answer to your specific questions -


1) No, the stream does not have to go via the L3 interface because the switch has recorded which ports want to receive the multicast stream within that vlan. Same thing stands for mutliple switches.


At L2 the multicast stream has a mac-address which is derived from the L3 multicast group address.


2) Would receive them directly.


3) If source and receiver were on different vlans then you would need multicast routing and as you say both of the L3 vlans would need to have PIM enabled.


As far as the switch and IGMP snooping is concerned, the switch would keep a record of the relevant ports per multicast stream or more specifically per multicast mac-address.


Jon

Actions

This Discussion