Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14874
Views
5
Helpful
1
Replies

switchport block multicast

Go to solution
tedauction
Level 1
Level 1

‎07-26-2017 08:03 PM - edited ‎03-08-2019 11:29 AM

Hello, as part of our normal switch build I notice these two commands are to be placed on every switch access port:

switchport block multicast

no ip igmp snooping tcn flood

Are these two commands really necessary or recommended as standard procedure to put on a switchport ?

We do use multicast traffic on our LAN for certain ports.

Thanks kindly for any advice.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎07-27-2017 06:43 AM

Hi,

I think it is good idea to have these commands in your basic config.

Occasionally, unknown unicast or multicast traffic is flooded to a switch port because a MAC address has timed out or has not been learned by the switch. (This condition is especially undesirable for a private VLAN isolated port.) To guarantee that no unicast and multicast traffic is flooded to the port, use the switchport block unicast and switchport block multicast commands to enable flood blocking on the switch.

link:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/configuration/guide/conf/uniflood.html

With the no ip igmp snooping tcn flood command, you can disable multicast flooding on a switch interface following a topology change. Only the multicast groups that have been joined by a port are sent to that port, even during a topology change.

link:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/multi.html

HTH

View solution in original post

1 Reply 1

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎07-27-2017 06:43 AM

Hi,

I think it is good idea to have these commands in your basic config.

Occasionally, unknown unicast or multicast traffic is flooded to a switch port because a MAC address has timed out or has not been learned by the switch. (This condition is especially undesirable for a private VLAN isolated port.) To guarantee that no unicast and multicast traffic is flooded to the port, use the switchport block unicast and switchport block multicast commands to enable flood blocking on the switch.

link:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/configuration/guide/conf/uniflood.html

With the no ip igmp snooping tcn flood command, you can disable multicast flooding on a switch interface following a topology change. Only the multicast groups that have been joined by a port are sent to that port, even during a topology change.

link:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/multi.html

HTH

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card