02-13-2014 09:53 AM - edited 03-07-2019 06:11 PM
Hi All,
I was trying to simulate the IGMP Join group scenario using a router as the receiver and configuring the "ip igmp join-group 224.1.1.1" on its Lan interface and did a wireshark capture of the IGMP join reques. I was surprised to see it being sent to the group address 224.1.1.1. As per all the theory I've gone through I understand that to keep multicast confined only to the intended receivers at L2 the switches identify the ports on which the interested hosts are connected via IGMP snooping , CGM or static binding.
And the multicast mac for that group is bound to those ports for the period of time those hosts intend to receive traffic on that group. In the scenario I've explained earlier the host sends a join to the multicast address but how would the switch know on what port the router is connected and the join request on the multicast destination needs to go to the router. The router hasn't yet sent any query message on the Lan for that group. I always thought that unsolicited Join requests go to the all routers address 224.0.0.2 so that it can reach all the router connected on the broadcast network adn the one's with M'cast routing enabled can respond.
Thanks in Advance
Umesh
Solved! Go to Solution.
02-13-2014 10:33 AM
Umesh
The key point is the switch doesn't know which port is the router port if indeed there is a router connected to that LAN segment.
And so because the destination mac address is unknown ie. it is not mapped to any port(s) yet it is flooded to all ports in that vlan which would include the router port if there was one.
The reason the actual group address is used is to suppress the same membership report from multiple clients in the same vlan ie. if a client is about to send a membership report but then sees one for the same group it does not send it's own because only one is needed to inform the router that there are client(s) wanting to receive the multicast stream on that LAN segment.
Jon
02-13-2014 10:33 AM
Umesh
The key point is the switch doesn't know which port is the router port if indeed there is a router connected to that LAN segment.
And so because the destination mac address is unknown ie. it is not mapped to any port(s) yet it is flooded to all ports in that vlan which would include the router port if there was one.
The reason the actual group address is used is to suppress the same membership report from multiple clients in the same vlan ie. if a client is about to send a membership report but then sees one for the same group it does not send it's own because only one is needed to inform the router that there are client(s) wanting to receive the multicast stream on that LAN segment.
Jon
02-13-2014 10:39 AM
Hi Jon,
Thanks for your inputs, I just ignored the basics for a while, "the unknown unicast theory". Just goes to show why its so important to always know your basics as thoroughly as possible at all times.
Regards
Umesh
02-13-2014 10:43 AM
Umesh
Just goes to show why its so important to always know your basics as thoroughly as possible at all times.
I know exactly what you mean. I have lost count of the number of times i have confused myself by forgetting the most basic things
Jon
02-13-2014 03:07 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The key point is the switch doesn't know which port is the router port if indeed there is a router connected to that LAN segment.
I believe, snooping switched do "know" multicast router ports by looking for multicast query packets.
The reason the actual group address is used is to suppress the same membership report from multiple clients in the same vlan ie. if a client is about to send a membership report but then sees one for the same group it does not send it's own because only one is needed to inform the router that there are client(s) wanting to receive the multicast stream on that LAN segment.
I also believe, for snooping switches, membership (reply) reports are not forwarded to hosts ports but the router ports gets at least one. This because, as Jon notes, if a host sees another membership report, it suppresses sending its own, but if it doesn't send one, the snooping switch doesn't know whether a host wants that multicast.
02-13-2014 03:13 PM
Joseph
I believe, snooping switched do "know" multicast router ports by looking for multicast query packets
They do but in the scenario described here there has been no query. When a host wants to join a group it can either wait for an IGMP query from the L3 device or it can send an IGMP membership report. In this case it was about a host sending a membership report before any query so IGMP snooping has had nothing to snoop on so it is flooded to all ports hence every other host and the router (if there is one) see it.
Lot of multicast threads today
Jon
02-13-2014 03:27 PM
Touché
02-13-2014 08:04 PM
Joseph brings up an interesting point, and one that I have never understood. If IGMP snooping relies on IGMP reports to know where to send the multicast stream, then doesn't report suppression break the IGMP snooping model?
Kevin Dorrell
Luxembourg
Sent from Cisco Technical Support Android App
02-14-2014 12:57 AM
This is described perfectly by Beau Williamson in the now somewhat aged Developing IP Multicast Networks, Volume I. I have the sad admission that I think this book is an excellent read, and while it's approaching 15 years in press, I still think it's the best book to go for anyone wanting to learn multicast.
So, as per Maintaining the Group with IGMP Snooping in Chapter 14:
- Router A periodically multicasts a General Query to the All Hosts group, 224.0.0.1 (MAC address 0x0100.5E00.0001). The switch's CPU intercepts the General Query and retransmits it out all ports on the switch. (See Figure 14-11.)
- Each host that is a member of the group (in this case, Hosts 1 and 4) sends an IGMP Report in response to the General Query. (See Figure 14-12.) Notice that because the switch's CPU is intercepting all IGMP messages, the hosts do not hear each other's IGMP Report. This effectively overrides the host's report suppression mechanism, forcing each to send an IGMP Report. This is necessary so that the switch's CPU receives an IGMP Report on every port where there is a member of the group so it will maintain those ports in the port list.
- To keep the IGMP Group Membership State alive in the router, the LAN switch must forward either one or more (preferably only one) of the IGMP Reports up to Router A.
The key point is made in 2, in that IGMP snooping has to break the report suppression mechanism such that it can keep track of the receivers.
Regards
02-14-2014 02:55 AM
Steve / Kevin
My multicast knowlegde is getting a considerable refresher course in the past few days and that specific point had never occured to me before.
The more you get to know the more you realise how much more there is to learn
Steve, doesn't that book explain what we saw with your testing the other day then
Jon
02-14-2014 03:10 AM
Agree 100% with you on the learning. And the problem is that just when I think I'm starting to understand something, an innocent little question comes along, sows that seed of doubt and sends me into a tail spin.
As far as the other problem.... if only the book did explain the issue. I've not found it yet so need to keep digging.
Regards
02-14-2014 03:19 AM
And the problem is that just when I think I'm starting to understand something, an innocent little question comes along, sows that seed of doubt and sends me into a tail spin
That is the only "problem" with participating in these forums. Lost count of the number of times it has happened to me.
Jon
02-15-2014 11:15 PM
Hi Gents
Found an interesting Doc on what Steve just explained
The switch knows where the router port is , the moment PIM is started to the Lan facing interface on the router. It listens to below listed packets and understands the port as a router port.
So I believe my initial understanding that the switch does not know where the router is ( if there is one ) when a host first sends a report to the group was wrong. If there is a router conneted the switch will always know that, if there isn't one the switch will broadcast the report out all ports.
And when I read the IGMP Snooping section in this document, I realized how important a role the switch plays when it comes to IGMP functioning, more that what I knew after reading Routing TCP/IP Vol 2.
The document explains that the switch uses its proxy reporting feature to forward the report messages to the router ports 1 message every 10secs and not all reports or replies sent by the receivers are forwarded to the router. The unsolicited or reply reports are used by the switch only to learn the ports where the interested hosts are connected.
It is also says someting intersteng fact about leave messages, The switch actually send a group specific query on that specific switch port that sent a leave message. If the switch does not receive any reply and if there are no interested hosts for that group other than the router port only then will the switch forward the leave group message to the router to ask the router to stop sending for this group. Very Very interesting !!!
It'll be interesting to test this in a LAB and do some debug that would show the swicth acutally doing all this.
Regards
Umesh
02-16-2014 05:25 AM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Yes, that's all true, but I think why Jon mentioned what I initially posted (and later Steve's book text), might not explain what was initially seen, is router/switch IGMP snooping interaction is based on router's interface being configured with PIM. In your case, router's port was configured as a multicast host.
I suspect the answer to your observed behavior is, if a IGMP snooping switch doesn't recognize a IGMP querier, and it isn't doing that role itself (some can be enabled to do so, for LAN segments w/o a multicast router), the IGMP snooping switch uses non-IGMP-snooping rules. (BTW, this is basically also what Jon was saying is his first post about a router, but the key, again, I think is lack of an IGMP querier.)
PS:
Yes, IGMP snooping is rather involved, as is Cisco's earlier CGMP. Cascaded IGMP snooping swtitches interesting too, as the downstream switch will treat it's uplink to the next IGMP switch like a router port, or perhaps more precisely, the querier port.
Also interesting is the less well known PIM snooping on some Cisco switches.
02-16-2014 05:58 AM
Joseph,
According to the cisco doc the switch would always know about the router port, because of the PIM hello messages that are sent on the Lan facing interface of the router which gets cascaded to all ports which are part of that vlan. Would that not mean that even before the actual query or join requests start the switch knows where the router actually is.
Regards
Umesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide