Configuring MLD Snooping

This module contains details of configuring MLD snooping

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Information About Configuring IPv6 MLD Snooping

You can use Multicast Listener Discovery (MLD) snooping to enable efficient distribution of IP Version 6 (IPv6) multicast data to clients and routers in a switched network on the switch.

Understanding MLD Snooping

In IP Version 4 (IPv4), Layer 2 switches can use Internet Group Management Protocol (IGMP) snooping to limit the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast devices. In IPv6, MLD snooping performs a similar function. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data, instead of being flooded to all ports in a VLAN. This list is constructed by snooping IPv6 multicast control packets.

MLD is a protocol used by IPv6 multicast routers to discover the presence of multicast listeners (nodes wishing to receive IPv6 multicast packets) on the links that are directly attached to the routers and to discover which multicast packets are of interest to neighboring nodes. MLD is derived from IGMP; MLD Version 1 (MLDv1) is equivalent to IGMPv2, and MLD Version 2 (MLDv2) is equivalent to IGMPv3. MLD is a subprotocol of Internet Control Message Protocol Version 6 (ICMPv6), and MLD messages are a subset of ICMPv6 messages, identified in IPv6 packets by a preceding Next Header value of 58.

The switch supports two versions of MLD snooping:

  • MLDv1 snooping detects MLDv1 control packets and sets up traffic bridging based on IPv6 destination multicast addresses.

  • MLDv2 basic snooping (MBSS) uses MLDv2 control packets to set up traffic forwarding based on IPv6 destination multicast addresses.

The switch can snoop on both MLDv1 and MLDv2 protocol packets and bridge IPv6 multicast data based on destination IPv6 multicast addresses.


Note


The switch does not support MLDv2 enhanced snooping, which sets up IPv6 source and destination multicast address-based forwarding.


MLD snooping can be enabled or disabled globally or per VLAN. When MLD snooping is enabled, a per-VLAN IPv6 multicast address table is constructed in software and hardware. The switch then performs IPv6 multicast-address based bridging in hardware.

MLD Messages

MLDv1 supports three types of messages:

  • Listener Queries are the equivalent of IGMPv2 queries and are either General Queries or Multicast-Address-Specific Queries (MASQs).

  • Multicast Listener Reports are the equivalent of IGMPv2 reports

  • Multicast Listener Done messages are the equivalent of IGMPv2 leave messages.

MLDv2 supports MLDv2 queries and reports, as well as MLDv1 Report and Done messages.

Message timers and state transitions resulting from messages being sent or received are the same as those of IGMPv2 messages. MLD messages that do not have valid link-local IPv6 source addresses are ignored by MLD routers and switches.

MLD Queries

The switch sends out MLD queries, constructs an IPv6 multicast address database, and generates MLD group-specific and MLD group-and-source-specific queries in response to MLD Done messages. The switch also supports report suppression, report proxying, Immediate-Leave functionality, and static IPv6 multicast group address configuration.

When MLD snooping is disabled, all MLD queries are flooded in the ingress VLAN.

When MLD snooping is enabled, received MLD queries are flooded in the ingress VLAN, and a copy of the query is sent to the CPU for processing. From the received query, MLD snooping builds the IPv6 multicast address database. It detects multicast router ports, maintains timers, sets report response time, learns the querier IP source address for the VLAN, learns the querier port in the VLAN, and maintains multicast-address aging.


Note


When the IPv6 multicast router is a Catalyst 6500 switch and you are using extended VLANs (in the range 1006 to 4094), IPv6 MLD snooping must be enabled on the extended VLAN on the Catalyst 6500 switch in order for the Catalyst 2960, 2960-S, 2960-C, 2960-X or 2960-CX switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch.


When a group exists in the MLD snooping database, the switch responds to a group-specific query by sending an MLDv1 report. When the group is unknown, the group-specific query is flooded to the ingress VLAN.

When a host wants to leave a multicast group, it can send out an MLD Done message (equivalent to IGMP Leave message). When the switch receives an MLDv1 Done message, if Immediate- Leave is not enabled, the switch sends an MASQ to the port from which the message was received to determine if other devices connected to the port should remain in the multicast group.

Multicast Client Aging Robustness

You can configure port membership removal from addresses based on the number of queries. A port is removed from membership to an address only when there are no reports to the address on the port for the configured number of queries. The default number is 2.

Multicast Router Discovery

Like IGMP snooping, MLD snooping performs multicast router discovery, with these characteristics:

  • Ports configured by a user never age out.

  • Dynamic port learning results from MLDv1 snooping queries and IPv6 PIMv2 packets.

  • If there are multiple routers on the same Layer 2 interface, MLD snooping tracks a single multicast router on the port (the router that most recently sent a router control packet).

  • Dynamic multicast router port aging is based on a default timer of 5 minutes; the multicast router is deleted from the router port list if no control packet is received on the port for 5 minutes.

  • IPv6 multicast router discovery only takes place when MLD snooping is enabled on the switch.

  • Received IPv6 multicast router control packets are always flooded to the ingress VLAN, whether or not MLD snooping is enabled on the switch.

  • After the discovery of the first IPv6 multicast router port, unknown IPv6 multicast data is forwarded only to the discovered router ports (before that time, all IPv6 multicast data is flooded to the ingress VLAN).

MLD Reports

The processing of MLDv1 join messages is essentially the same as with IGMPv2. When no IPv6 multicast routers are detected in a VLAN, reports are not processed or forwarded from the switch. When IPv6 multicast routers are detected and an MLDv1 report is received, an IPv6 multicast group address is entered in the VLAN MLD database. Then all IPv6 multicast traffic to the group within the VLAN is forwarded using this address. When MLD snooping is disabled, reports are flooded in the ingress VLAN.

When MLD snooping is enabled, MLD report suppression, called listener message suppression, is automatically enabled. With report suppression, the switch forwards the first MLDv1 report received by a group to IPv6 multicast routers; subsequent reports for the group are not sent to the routers. When MLD snooping is disabled, report suppression is disabled, and all MLDv1 reports are flooded to the ingress VLAN.

The switch also supports MLDv1 proxy reporting. When an MLDv1 MASQ is received, the switch responds with MLDv1 reports for the address on which the query arrived if the group exists in the switch on another port and if the port on which the query arrived is not the last member port for the address.

MLD Done Messages and Immediate-Leave

When the Immediate-Leave feature is enabled and a host sends an MLDv1 Done message (equivalent to an IGMP leave message), the port on which the Done message was received is immediately deleted from the group.You enable Immediate-Leave on VLANs and (as with IGMP snooping), you should only use the feature on VLANs where a single host is connected to the port. If the port was the last member of a group, the group is also deleted, and the leave information is forwarded to the detected IPv6 multicast routers.

When Immediate Leave is not enabled in a VLAN (which would be the case when there are multiple clients for a group on the same port) and a Done message is received on a port, an MASQ is generated on that port. The user can control when a port membership is removed for an existing address in terms of the number of MASQs. A port is removed from membership to an address when there are no MLDv1 reports to the address on the port for the configured number of queries.

The number of MASQs generated is configured by using the ipv6 mld snooping last-listener-query count global configuration command. The default number is 2.

The MASQ is sent to the IPv6 multicast address for which the Done message was sent. If there are no reports sent to the IPv6 multicast address specified in the MASQ during the switch maximum response time, the port on which the MASQ was sent is deleted from the IPv6 multicast address database. The maximum response time is the time configured by using the ipv6 mld snooping last-listener-query-interval global configuration command. If the deleted port is the last member of the multicast address, the multicast address is also deleted, and the switch sends the address leave information to all detected multicast routers.

Topology Change Notification Processing

When topology change notification (TCN) solicitation is enabled by using the ipv6 mld snooping tcn query solicit global configuration command, MLDv1 snooping sets the VLAN to flood all IPv6 multicast traffic with a configured number of MLDv1 queries before it begins sending multicast data only to selected ports. You set this value by using the ipv6 mld snooping tcn flood query count global configuration command. The default is to send two queries. The switch also generates MLDv1 global Done messages with valid link-local IPv6 source addresses when the switch becomes the STP root in the VLAN or when it is configured by the user. This is same as done in IGMP snooping.

How to Configure IPv6 MLD Snooping

Default MLD Snooping Configuration

Table 1. Default MLD Snooping Configuration

Feature

Default Setting

MLD snooping (Global)

Disabled.

MLD snooping (per VLAN)

Enabled. MLD snooping must be globally enabled for VLAN MLD snooping to take place.

IPv6 Multicast addresses

None configured.

IPv6 Multicast router ports

None configured.

MLD snooping Immediate Leave

Disabled.

MLD snooping robustness variable

Global: 2; Per VLAN: 0.

Note

 

The VLAN value overrides the global setting. When the VLAN value is 0, the VLAN uses the global count.

Last listener query count

Global: 2; Per VLAN: 0.

Note

 

The VLAN value overrides the global setting. When the VLAN value is 0, the VLAN uses the global count.

Last listener query interval

Global: 1000 (1 second); VLAN: 0.

Note

 

The VLAN value overrides the global setting. When the VLAN value is 0, the VLAN uses the global interval.

TCN query solicit

Disabled.

TCN query count

2.

MLD listener suppression

Enabled.

MLD Snooping Configuration Guidelines

When configuring MLD snooping, consider these guidelines:

  • You can configure MLD snooping characteristics at any time, but you must globally enable MLD snooping by using the ipv6 mld snooping global configuration command for the configuration to take effect.

  • When the IPv6 multicast router is a Catalyst 6500 switch and you are using extended VLANs (in the range 1006 to 4094), IPv6 MLD snooping must be enabled on the extended VLAN on the Catalyst 6500 switch in order for the switch to receive queries on the VLAN. For normal-range VLANs (1 to 1005), it is not necessary to enable IPv6 MLD snooping on the VLAN on the Catalyst 6500 switch.

  • MLD snooping and IGMP snooping act independently of each other. You can enable both features at the same time on the switch.

  • The maximum number of address entries allowed for the switch is 1000.

Enabling or Disabling MLD Snooping on the Switch

By default, IPv6 MLD snooping is globally disabled on the switch and enabled on all VLANs. When MLD snooping is globally disabled, it is also disabled on all VLANs. When you globally enable MLD snooping, the VLAN configuration overrides the global configuration. That is, MLD snooping is enabled only on VLAN interfaces in the default state (enabled).

You can enable and disable MLD snooping on a per-VLAN basis or for a range of VLANs, but if you globally disable MLD snooping, it is disabled in all VLANs. If global snooping is enabled, you can enable or disable VLAN snooping.

To globally enable MLD snooping on the switch, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 mld snooping

Example:


Device(config)# ipv6 mld snooping

Enables MLD snooping on the switch.

Step 4

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 5

copy running-config startup-config

Example:


Device(config)# copy running-config startup-config

(Optional) Save your entries in the configuration file.

Step 6

reload

Example:


Device(config)# reload

Reload the operating system.

Enabling or Disabling MLD Snooping on a VLAN

To enable MLD snooping on a VLAN, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 mld snooping

Example:


Device(config)# ipv6 mld snooping

Enables MLD snooping on the switch.

Step 4

ipv6 mld snooping vlan vlan-id

Example:


Device(config)# ipv6 mld snooping vlan 1

Enables MLD snooping on the VLAN. The VLAN ID range is 1 to 1001 and 1006 to 4094.

Note

 

MLD snooping must be globally enabled for VLAN snooping to be enabled.

Step 5

end

Example:


Device(config)# ipv6 mld snooping vlan 1

Returns to privileged EXEC mode.

Configuring a Static Multicast Group

Hosts or Layer 2 ports normally join multicast groups dynamically, but you can also statically configure an IPv6 multicast address and member ports for a VLAN.

To add a Layer 2 port as a member of a multicast group, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 mld snooping vlan vlan-id static ipv6_multicast_address interface interface-id

Example:


Device(config)# ipv6 mld snooping vlan 1 static 3333.0000.1111 interface gigabitethernet
0/1

Configures a multicast group with a Layer 2 port as a member of a multicast group:

  • vlan-id is the multicast group VLAN ID. The VLAN ID range is 1 to 1001 and 1006 to 4094.

  • ipv6_multicast_address is the 128-bit group IPv6 address. The address must be in the form specified in RFC 2373.

  • interface-id is the member port. It can be a physical interface or a port channel (1 to 6).

Step 4

end

Example:


Device(config)# end

Returns to privileged EXEC mode.

Step 5

Use one of the following:

  • show ipv6 mld snooping address
  • show ipv6 mld snooping address vlan vlan-id

Example:


Device# show ipv6 mld snooping address

or

Device# show ipv6 mld snooping vlan 1

Verifies the static member port and the IPv6 address.

Enabling MLD Immediate Leave

To enable MLDv1 immediate leave, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 mld snooping vlan vlan-id immediate-leave

Example:

Device(config)# ipv6 mld snooping vlan 1 immediate-leave

Enables MLD Immediate Leave on the VLAN interface.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode.

Step 5

show ipv6 mld snooping vlan vlan-id

Example:

Device# show ipv6 mld snooping vlan 1

Verifies that Immediate Leave is enabled on the VLAN interface.

Configuring MLD Snooping Queries

To configure MLD snooping query characteristics for the switch or for a VLAN, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ipv6 mld snooping robustness-variable value

Example:

Device(config)# ipv6 mld snooping robustness-variable 3

(Optional) Sets the number of queries that are sent before switch will deletes a listener (port) that does not respond to a general query. The range is 1 to 3; the default is 2.

Step 4

ipv6 mld snooping vlan vlan-id robustness-variable value

Example:

Device(config)# ipv6 mld snooping vlan 1 robustness-variable 3

(Optional) Sets the robustness variable on a VLAN basis, which determines the number of general queries that MLD snooping sends before aging out a multicast address when there is no MLD report response. The range is 1 to 3; the default is 0. When set to 0, the number used is the global robustness variable value.

Step 5

ipv6 mld snooping last-listener-query-count count

Example:

Device(config)# ipv6 mld snooping last-listener-query-count 7

(Optional) Sets the number of MASQs that the switch sends before aging out an MLD client. The range is 1 to 7; the default is 2. The queries are sent 1 second apart.

Step 6

ipv6 mld snooping vlan vlan-id last-listener-query-count count

Example:

Device(config)# ipv6 mld snooping vlan 1 last-listener-query-count 7

(Optional) Sets the last-listener query count on a VLAN basis. This value overrides the value configured globally. The range is 1 to 7; the default is 0. When set to 0, the global count value is used. Queries are sent 1 second apart.

Step 7

ipv6 mld snooping last-listener-query-interval interval

Example:

Device(config)# ipv6 mld snooping last-listener-query-interval 2000

(Optional) Sets the maximum response time that the switch waits after sending out a MASQ before deleting a port from the multicast group. The range is 100 to 32,768 thousands of a second. The default is 1000 (1 second).

Step 8

ipv6 mld snooping vlan vlan-id last-listener-query-interval interval

Example:

Device(config)# ipv6 mld snooping vlan 1 last-listener-query-interval 2000

(Optional) Sets the last-listener query interval on a VLAN basis. This value overrides the value configured globally. The range is 0 to 32,768 thousands of a second. The default is 0. When set to 0, the global last-listener query interval is used.

Step 9

ipv6 mld snooping tcn query solicit

Example:

Device(config)# ipv6 mld snooping tcn query solicit

(Optional) Enables topology change notification (TCN) solicitation, which means that VLANs flood all IPv6 multicast traffic for the configured number of queries before sending multicast data to only those ports requesting to receive it. The default is for TCN to be disabled.

Step 10

ipv6 mld snooping tcn flood query count count

Example:

Device(config)# ipv6 mld snooping tcn flood query count 5

(Optional) When TCN is enabled, specifies the number of TCN queries to be sent. The range is from 1 to 10; the default is 2.

Step 11

end

Returns to privileged EXEC mode.

Step 12

show ipv6 mld snooping querier [ vlan vlan-id]

Example:

Device(config)# show ipv6 mld snooping querier vlan 1

(Optional) Verifies that the MLD snooping querier information for the switch or for the VLAN.

Disabling MLD Listener Message Suppression

MLD snooping listener message suppression is enabled by default. When it is enabled, the switch forwards only one MLD report per multicast router query. When message suppression is disabled, multiple MLD reports could be forwarded to the multicast routers.

To disable MLD listener message suppression, perform this procedure:

Procedure

  Command or Action Purpose

Step 1

enable

Example:


Device> enable 

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enter global configuration mode.

Step 3

no ipv6 mld snooping listener-message-suppression

Example:

Device(config)# no ipv6 mld snooping listener-message-suppression

Disable MLD message suppression.

Step 4

end

Example:

Device(config)# end

Return to privileged EXEC mode.

Step 5

show ipv6 mld snooping

Example:

Device# show ipv6 mld snooping

Verify that IPv6 MLD snooping report suppression is disabled.

Displaying MLD Snooping Information

You can display MLD snooping information for dynamically learned and statically configured router ports and VLAN interfaces. You can also display IPv6 group address multicast entries for a VLAN configured for MLD snooping.

Table 2. Commands for Displaying MLD Snooping Information

Command

Purpose

show ipv6 mld snooping [ vlan vlan-id ]

Displays the MLD snooping configuration information for all VLANs on the switch or for a specified VLAN.

(Optional) Enter vlan vlan-id to display information for a single VLAN. The VLAN ID range is 1 to 1001 and 1006 to 4094.

show ipv6 mld snooping mrouter [ vlan vlan-id ]

Displays information on dynamically learned and manually configured multicast router interfaces. When you enable MLD snooping, the switch automatically learns the interface to which a multicast router is connected. These are dynamically learned interfaces.

(Optional) Enters vlan vlan-id to display information for a single VLAN. The VLAN ID range is 1 to 1001 and 1006 to 4094.

show ipv6 mld snooping querier [ vlan vlan-id ]

Displays information about the IPv6 address and incoming port for the most-recently received MLD query messages in the VLAN.

(Optional) Enters vlan vlan-id to display information for a single VLAN.The VLAN ID range is 1 to 1001 and 1006 to 4094.

show ipv6 mld snooping address [count | vlan vlan-id]

Displays all IPv6 multicast address information or specific IPv6 multicast address information for the switch or a VLAN.

  • Enters count to show the group count on the switch or in a VLAN.

  • Enters user to display MLD snooping user-configured group information for the switch or for a VLAN.

show ipv6 mld snooping address vlan vlan-id [ ipv6-multicast-address ]

Displays MLD snooping for the specified VLAN and IPv6 multicast address.

Configuration Examples for Configuring MLD Snooping

Configuring a Static Multicast Group: Example

This example shows how to statically configure an IPv6 multicast group:


Device# configure terminal
Device(config)# ipv6 mld snooping vlan 2 static 3333.0000.1111 interface gigabitethernet0/1
Device(config)# end

Configuring a Multicast Router Port: Example

This example shows how to add a multicast router port to VLAN 200:


		Device# configure terminal
		Device(config)# ipv6 mld snooping vlan 200 mrouter interface gigabitethernet
            
            0/2
		Device(config)# exit
		

Enabling MLD Immediate Leave: Example

This example shows how to enable MLD Immediate Leave on VLAN 130:


		Device# configure terminal
		Device(config)# ipv6 mld snooping vlan 130 immediate-leave
		Device(config)# exit
		

Configuring MLD Snooping Queries: Example

This example shows how to set the MLD snooping global robustness variable to 3:


		Device# configure terminal
		Device(config)# ipv6 mld snooping robustness-variable 3
		Device(config)# exit
		

This example shows how to set the MLD snooping last-listener query count for a VLAN to 3:


		Device# configure terminal
		Device(config)# ipv6 mld snooping vlan 200 last-listener-query-count 3
		Device(config)# exit
		

This example shows how to set the MLD snooping last-listener query interval (maximum response time) to 2000 (2 seconds):


		Device# configure terminal
		Device(config)# ipv6 mld snooping last-listener-query-interval 2000
		Device(config)# exit