multicast within a vlan

Vinayaka Raman · ‎09-16-2013

Platform: WS-C4506-E (MPC8548)
IOS: cat4500e-IPBASEK9-M

There is a VLAN 10 SVI on this switch and the ACL is accounting lots of multicast traffic. The SVI has both primary and secondary range configured.

Vlan 10 has many host in primary and secondary range that is multicast capable.
IGMP snooping is enabled by default.

CS2#show ip igmp snooping vlan 10
Global IGMP Snooping configuration:
-------------------------------------------
IGMP snooping                : Enabled
IGMPv3 snooping (minimal)    : Enabled
Report suppression           : Enabled
TCN solicit query            : Disabled
TCN flood query count        : 2
Robustness variable          : 2
Last member query count      : 2
Last member query interval   : 1000

Vlan 10:
--------
IGMP snooping                       : Enabled
IGMPv2 immediate leave              : Disabled
Multicast router learning mode      : pim-dvmrp
CGMP interoperability mode          : IGMP_ONLY
Robustness variable                 : 2
Last member query count             : 2
Last member query interval          : 1000

I wanted to make sure multicasting within this vlan 10 works without any problem
None of the switchports show a multicast entry. Therefore I am little suspicious that multicast within this vlan is working correctly or not.
I have made no special multicast configuration for this.

Sample log:

Sep 16 06:46:00.299: %SEC-6-IPACCESSLOGRP: list Manufacturing_ACL_190 denied igmp x.x.x.x -> 224.0.0.106, 1 packet

CS2#show mac address-table multicast
Vlan Mac Address Type Ports
---- ----------- ---- -----
CS2#

Regards
Vinayak

Regards Vinayak

Lei Tian · ‎09-16-2013

Hi Vinayak,

Do you see any group from 'show ip igmp group'? What multiple group are you running in vlan 10? Is it multicast in layer 2 only? How's your SVI confgiured?

HTH,

Lei Tian

Vinayaka Raman · ‎09-16-2013

NOPE..it is layer 2 multicast only.

interface Vlan10
description Manufacturing VLAN
ip address x.x.x.x 255.255.255.0 secondary
ip address y.y.y.y 255.255.255.0
ip access-group Manufacturing_ACL_190 in
standby 10 ip y.y.y.y
standby 10 ip x.x.x.x secondary
standby 10 timers 1 3
standby 10 priority 105
standby 10 preempt
standby 10 name hsrp_mftg_vlan_gw
end

CS2#show ip igmp groups
IGMP Connected Group Membership
Group Address Interface Uptime Expires Last Reporter Group Accounted
CS2#

Regards
Vinayak

Regards Vinayak

Lei Tian · ‎09-16-2013

Hi,

For multicast in layer 2 only network, you need a router becomes IGMP querier. You can do that by either enable pim under SVI or just enabel IGMP querier. The layer 2 mcast traffic should not hit your interface ACL.

HTH,

Lei Tian

Vinayaka Raman · ‎09-16-2013

Ok...i will study about igmp querier and then configure it..should the end host be aware of who is igmp querier?

even if i have mutlicast between primary and secondary range of same SVI, the igmp packets will not hit my acl?

Regards
Vinayak

Regards Vinayak

Joseph W. Doherty · ‎09-16-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

If multicast sender and receiver are within the same L2 broadcast domain, multicast should work unless you're running across a switch that does IGMP snooping. An IGMP snooper needs an IGMP querier so it will know which ports want to receive the multicast traffic.

Normally multicast router gateway act as an IGMP querier, but some L2 IGMP snooping switches can do this function too.

If I remember correctly, to enable IGMP querier on a L3 interface, just enable PIM in the L3 interface.