Information About IGMP Snooping
Note We recommend that you do not disable IGMP snooping on the switch. If you disable IGMP snooping, you may see reduced multicast performance because of excessive false flooding within the switch.
The Internet Group Management Protocol (IGMP) snooping software examines Layer 2 IP multicast traffic within a VLAN to discover the ports where interested receivers reside. Using the port information, IGMP snooping can reduce bandwidth consumption in a multi-access LAN environment to avoid flooding the entire VLAN. The IGMP snooping feature tracks which ports are attached to multicast-capable routers to help the routers forward IGMP membership reports. The IGMP snooping software responds to topology change notifications. By default, IGMP snooping is enabled on the switch.
Figure 4-1 shows an IGMP snooping switch that sits between the host and the IGMP router. The IGMP snooping switch snoops the IGMP membership reports and Leave messages and forwards them only when necessary to the connected IGMP routers.
Figure 4-1 IGMP Snooping Switch
The IGMP snooping software operates upon IGMPv1, IGMPv2, and IGMPv3 control plane packets where Layer 3 control plane packets are intercepted and influence the Layer 2 forwarding behavior.
For more information about IGMP, see Chapter2, “Configuring IGMP”
The Cisco NX-OS IGMP snooping software has the following proprietary features:
- Source filtering that allows forwarding of multicast packets based on destination and source IP.
- Multicast forwarding based on IP address rather than MAC address.
- Optimized multicast flooding (OMF) that forwards unknown traffic to routers only and performs no data driven state creation.
For more information about IGMP snooping, see RFC 4541.
This section includes the following topics:
IGMPv1 and IGMPv2
Both IGMPv1 and IGMPv2 support membership report suppression, which means that if two hosts on the same subnet want to receive multicast data for the same group, then the host that receives a member report from the other host suppresses sending its report. Membership report suppression occurs for hosts that share a port.
If no more than one host is attached to each VLAN switch port, then you can configure the fast leave feature in IGMPv2. The fast leave feature does not send last member query messages to hosts. As soon as the software receives an IGMP leave message, the software stops forwarding multicast data to that port.
IGMPv1 does not provide an explicit IGMP leave message, so the software must rely on the membership message timeout to indicate that no hosts remain that want to receive multicast data for a particular group.
Note The software ignores the configuration of the last member query interval when you enable the fast leave feature because it does not check for remaining hosts.
The IGMPv3 snooping implementation on Cisco NX-OS supports full IGMPv3 snooping, which provides constrained flooding based on the (S, G) information in the IGMPv3 reports. This source-based filtering enables the switch to constrain multicast traffic to a set of ports based on the source that sends traffic to the multicast group.
By default, the software tracks hosts on each VLAN port. The explicit tracking feature provides a fast leave mechanism. Because every IGMPv3 host sends membership reports, report suppression limits the amount of traffic that the switch sends to other multicast-capable routers. When report suppression is enabled, and no IGMPv1 or IGMPv2 hosts requested the same group, the software provides proxy reporting. The proxy feature builds the group state from membership reports from the downstream hosts and generates membership reports in response to queries from upstream queriers.
Even though the IGMPv3 membership reports provide a full accounting of group members on a LAN segment, when the last host leaves, the software sends a membership query. You can configure the parameter last member query interval. If no host responds before the timeout, the software removes the group state.
IGMP Snooping Querier
When PIM is not enabled on an interface because the multicast traffic does not need to be routed, you must configure an IGMP snooping querier to send membership queries. You define the querier in a VLAN that contains multicast sources and receivers but no other active querier.
When an IGMP snooping querier is enabled, it sends out periodic IGMP queries that trigger IGMP report messages from hosts that want to receive IP multicast traffic. IGMP snooping listens to these IGMP reports to establish appropriate forwarding.
IGMP Filtering on Router Ports
IGMP filtering allows users to configure a router port on the switch that leads the switch to a Layer 3 multicast switch. The switch stores all manually configured static router ports in its router port list.
When an IGMP packet is received, the switch forwards the traffic through the router port in the VLAN. The switch recognizes a port as a router port through the PIM hello message or the IGMP query received by the switch.
IGMP filtering is typically used in a virtual port channel (vPC) topology or in a small network with a simple topology where the network traffic is predictable.
IGMP Snooping on Virtual Port Channels
IGMP snooping on a vPC switch is determined by the vPC peer link that receives an IGMP report or query. The multicast control packets required for IGMP snooping need to be seen by IGMP in both the vPC switches.
When an IGMP report or query is received by the vPC peer link on a non-vPC port, the vPC peer link on the switch acts as an output interface (OIF) for a multicast group or router port and floods the packet on the vPC peer link, vPC links, and non-vPC links using Cisco Fabric Services (CFS), which means that the individual packets are encapsulated as CFS packets and sent over the vPC peer link. The peer vPC switch that receives this packet on the vPC peer link floods it on all non-vPC links and adds the peer link to the router port list.
When an IGMP report or query is received by the vPC peer link on a vPC port, the vPC port acts as the router port list and the switch floods the packet on the vPC link, vPC peer link, and non-vPC links using CFS. The peer vPC switch that receives this packet on the vPC peer link floods it on all non-vPC links and adds the vPC port to the router port list. If the vPC port is down, the IGMP snooping software on the switch forwards the packet to the vPC peer link and the peer vPC switch then forwards the packets to all VLANs.
When IGMP snooping on a vPC switch goes down or is not enabled, the IGMP report or query is sent through the vPC peer link to the peer vPC switch that is running IGMP snooping. The vPC peer link is set as an OIF for a multicast group or router port.
If switch virtual interfaces (SVIs) are enabled on the VLANs of the vPC peers, each vPC peer acts as a designated router (DR) to forward the multicast traffic. If the vPC peer link fails, the SVIs and vPC peer links on the vPC secondary switch also goes down. The primary vPC switch then forwards all traffic.
IGMP Snooping with VRFs
You can define multiple virtual routing and forwarding (VRF) instances. An IGMP process supports all VRFs.
You can use the show commands with a VRF argument to provide a context for the information displayed. The default VRF is used if no VRF argument is supplied.
For information about configuring VRFs, see the Cisco Nexus 5500 Series NX-OS Unicast Routing Configuration Guide, Release 6.0.
Guidelines and Limitations for IGMP Snooping
IGMP snooping has the following guidelines and limitations:
- If you are configuring vPC peers, the differences in the IGMP snooping configuration options between the two switches have the following results:
– If IGMP snooping is enabled on one switch but not the other, then the switch on which snooping is disabled floods all multicast traffic.
– A difference in multicast router or static group configuration can cause traffic loss.
– The fast leave, explicit tracking, and report suppression options can differ if they are used for forwarding traffic.
– If a query parameter is different between the switches, one switch expires the multicast state faster while the other switch continues to forward. This difference results in either traffic loss or forwarding for an extended period.
– If an IGMP snooping querier is configured on both switches, only one of them will be active because an IGMP snooping querier shuts down if a query is seen in the traffic.
– A vPC peer link is a valid link for IGMP multicast forwarding.
– If the vPC link on a switch is configured as an output interface (OIF) for a multicast group or router port, the vPC link on the peer switch must also be configured as an output interface for a multicast group or router port.
– In SVI VLANs, the vPC peers must have the multicast forwarding state configured for the vPC VLANs to forward multicast traffic directly through the vPC link instead of the peer link.
– Fabric Extenders do not support mrouter ports.
- On Cisco Nexus 5548 switch, multicast traffic to groups in the range [225-239].0.0.x should not be used as there will be no S, G, or multicast MAC addresses learned for these groups. For example, use group 184.108.40.206 instead of group 220.127.116.11.