- Title
- 3800x3600xscgTOC
- Preface
- Overview
- Using the Command-Line Interface
- Assigning the Switch IP Address and Default Gateway
- Configuring Cisco IOS Configuration Engine
- Administering the Switch
- Configuring Synchronous Ethernet
- Configuring the Switch External Alarms
- Configuring SDM Templates
- Configuring Switch-Based Authentication
- Configuring Interfaces
- Configuring VLANs
- Configuring Ethernet Virtual Connections (EVCs)
- Configuring Command Macros
- Configuring STP
- Configuring MSTP
- Configuring Optional Spanning-Tree Features
- Configuring Resilient Ethernet Protocol
- Configuring DHCP Features
- Configuring Dynamic ARP Inspection
- Configuring IGMP Snooping
- Configuring PIM Snooping
- Configuring IEEE 802.1x Port-Based Authentication
- Configuring IEEE 802.1ad
- Configuring Traffic Control
- Configuring CDP
- Configuring LLDP and LLDP-MED
- Configuring UDLD
- Configuring System Message Logging
- Configuring RMON
- Using the SD Flash Memory Module
- Configuring SNMP
- Configuring Embedded Event Manager
- Configuring Network Security with ACLs
- Configuring IPv6 ACLs
- Configuring Quality of Service (QoS)
- Hierarchical Color-Aware Policing
- Configuring Multi-level Priority Queues
- Configuring Policy-Based Routing (PBR)
- Configuring Control Plane Policing (CoPP)
- Configuring EtherChannels
- Configuring IP Unicast Routing
- Configuring IPv6 Unicast Routing
- Configuring IPv6 VPN over MPLS
- Configuring Virtual Router Redundancy Protocol
- Configuring HSRP
- Configuring Cisco IOS IP SLAs Operations
- Configuring Enhanced Object Tracking
- Configuring Ethernet OAM, CFM, and E-LMI
- Configuring Y.1731 Performance Monitoring
- Configuring Ethernet Data Plane Loopback
- L2VPN Protocol-Based CLIs
- Configuring IP Multicast Routing
- Configuring Multicast VPN
- Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS
- Multiprotocol Label Switching Load Balancing
- MPLS Traffic Engineering Bundled Interface Support
- Configuring OSPF TTL Security Check
- Configuring Switched Port Analyzer (SPAN)
- Configuring Ethernet Ring Protection
- Auto-IP
- Troubleshooting
- Configuring Online Diagnostics
- Supported MIBs
- Working with the Cisco IOS File System, Configuration Files, and Software Images
- Configuring MPLS Transport Profile
- Unsupported Commands
- Index
Cisco ME 3800x and ME 3600x Switches Software Configuration Guide, Cisco IOS Release 15.4(2)S
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- April 7, 2021
Chapter: Configuring IGMP Snooping
- Understanding IGMP Snooping
- Configuring IGMP Snooping
- Displaying IGMP Snooping Information
- Configuring IGMP Filtering and Throttling
- Displaying IGMP Filtering and Throttling Configuration
Configuring IGMP Snooping
This chapter describes how to configure Internet Group Management Protocol (IGMP) snooping on the Cisco ME 3800X and ME 3600X switch. It also includes procedures for controlling multicast group membership by using IGMP filtering and procedures for configuring the IGMP throttling action.
Note
For complete syntax and usage information for the commands used in this chapter, see the switch command reference for this release and the Cisco IOS IP Multicast Command Reference at
http://www.cisco.com/en/US/docs/ios-xml/ios/ipmulti/command/imc-cr-book.html
- Understanding IGMP Snooping
- Configuring IGMP Snooping
- Displaying IGMP Snooping Information
- Configuring IGMP Filtering and Throttling
- Displaying IGMP Filtering and Throttling Configuration
Note You can either manage IP multicast group addresses through features such as IGMP snooping, or you can use static IP addresses.
Understanding IGMP Snooping
Layer 2 switches can use IGMP snooping to constrain the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast devices. As the name implies, IGMP snooping requires the LAN switch to snoop on the IGMP transmissions between the host and the router and to keep track of multicast groups and member ports. When the switch receives an IGMP report from a host for a particular multicast group, the switch adds the host port number to the forwarding table entry; when it receives an IGMP Leave Group message from a host, it removes the host port from the table entry. It also periodically deletes entries if it does not receive IGMP membership reports from the multicast clients.
Note For more information on IP multicast and IGMP, see RFC 1112 and RFC 2236.
The multicast router sends out periodic general queries to all VLANs. All hosts interested in this multicast traffic send join requests and are added to the forwarding table entry. The switch creates one entry per VLAN in the IGMP snooping IP multicast forwarding table for each group from which it receives an IGMP join request.
The switch supports IP multicast group-based bridging, rather than MAC-addressed based groups. With multicast MAC address-based groups, if an IP address being configured translates (aliases) to a previously configured MAC address or to any reserved multicast MAC addresses (in the range 224.0.0.xxx), the command fails. Because the switch uses IP multicast groups, there are no address aliasing issues.
The IP multicast groups learned through IGMP snooping are dynamic. However, you can statically configure multicast groups by using the ip igmp snooping vlan vlan-id static ip_address interface interface-id global configuration command. However this command is only supported on switchport SVI interfaces and not on EFP SVI interfaces. If you specify group membership for a multicast group address statically, your setting supersedes any automatic manipulation by IGMP snooping. Multicast group membership lists can consist of both user-defined and IGMP snooping-learned settings.
If a port spanning-tree, a port group, or a VLAN ID changes, the IGMP snooping-learned multicast groups from this port on the VLAN are deleted.
These sections describe IGMP snooping characteristics:
- IGMP Support
- IGMP Versions
- Joining a Multicast Group
- Leaving a Multicast Group
- Immediate Leave
- IGMP Configurable-Leave Timer
- IGMP Report Suppression
IGMP Support
IGMP snooping is supported over Switch Ports, EVCs, Ethernet over MPLS (EoMPLS), and Virtual Private LAN Services (VPLS) over Pseudowire (PW).
IGMP snooping supports the following:
- configuration of IGMP snooping over EVC interfaces with a single EFP or multiple EFPs per bridge domain.
- L2 multicast deployment on the customer access side of a network. Enabling IGMP snooping on EVCs allows snooping of IGMP requests.
Tags should be popped from a packet before the packet is sent to the IGMP snooping, using the rewrite ingress tag pop 1/2 symmetric command.
Note IGMP snooping is not supported on Pseudowire if the core interface is an svi.
IGMP Versions
The switch supports IGMP Version 1, IGMP Version 2, and IGMP Version 3. These versions are interoperable on the switch. For example, if IGMP snooping is enabled on an IGMPv1 switch and the switch receives an IGMPv2 report from a host, the switch can forward the IGMPv2 report to the multicast router.
Note The switches support IGMPv3 snooping based only on the destination multicast MAC address. They do not support snooping based on the source MAC address or on proxy reports.
An IGMPv3 switch supports Basic IGMPv3 Snooping Support (BISS), which includes support for the snooping features on IGMPv1 and IGMPv2 switches and for IGMPv3 membership report messages. BISS constrains the flooding of multicast traffic when your network includes IGMPv3 hosts. It constrains traffic to approximately the same set of ports as the IGMP snooping feature on IGMPv2 or IGMPv1 hosts.
An IGMPv3 switch can receive messages from and forward messages to a device running the Source Specific Multicast (SSM) feature. For more information about source-specific multicast with IGMPv3 and IGMP, refer to the IP Multicast: IGMP Configuration Guide, Cisco IOS Release 15.x.
Joining a Multicast Group
When a host connected to the switch wants to join an IP multicast group and it is an IGMP Version 2 client, it sends an unsolicited IGMP join message, specifying the IP multicast group to join. Alternatively, when the switch receives a general query from the router, it forwards the query to all ports in the VLAN. IGMP Version 1 or Version 2 hosts wanting to join the multicast group respond by sending a join message to the switch. The switch CPU creates a multicast forwarding-table entry for the group if it is not already present. The CPU also adds the interface where the join message was received to the forwarding-table entry. The host associated with that interface receives multicast traffic for that multicast group. See Figure 20-1.
Figure 20-1 Initial IGMP Join Message
Router A sends a general query to the switch, which forwards the query to ports 2 through 5, which are all members of the same VLAN. Host 1 wants to join multicast group 224.1.2.3 and multicasts an IGMP membership report (IGMP join message) to the group. The switch CPU uses the information in the IGMP report to set up a forwarding-table entry, as shown in Table 20-1 , that includes the port numbers connected to Host 1 and the router.
|
|
|
|
|---|---|---|
The switch hardware can distinguish IGMP information packets from other packets for the multicast group. The information in the table tells the switching engine to send frames addressed to the 224.1.2.3 multicast IP address that are not IGMP packets to the router and to the host that has joined the group.
If another host (for example, Host 4) sends an unsolicited IGMP join message for the same group (Figure 20-2), the CPU receives that message and adds the port number of Host 4 to the forwarding table as shown in Table 20-2 . Note that because the forwarding table directs IGMP messages to only the CPU, the message is not flooded to other ports on the switch. Any known multicast traffic is forwarded to the group and not to the CPU.
Figure 20-2 Second Host Joining a Multicast Group
|
|
|
|
|---|---|---|
Multicast-capable router ports are added to the forwarding table for every Layer 2 multicast entry. The switch learns of such ports through one of these methods:
Leaving a Multicast Group
The router sends periodic multicast general queries, and the switch forwards these queries through all ports in the VLAN. Interested hosts respond to the queries. If at least one host in the VLAN wishes to receive multicast traffic, the router continues forwarding the multicast traffic to the VLAN. The switch forwards multicast group traffic only to those hosts listed in the forwarding table for that IP multicast group maintained by IGMP snooping.
When hosts want to leave a multicast group, they can silently leave, or they can send a leave message. When the switch receives a leave message from a host, it sends a group-specific query to learn if any other devices connected to that interface are interested in traffic for the specific multicast group. The switch then updates the forwarding table for that MAC group so that only those hosts interested in receiving multicast traffic for the group are listed in the forwarding table. If the router receives no reports from a VLAN, it removes the group for the VLAN from its IGMP cache.
Immediate Leave
Immediate Leave is only supported on IGMP Version 2 hosts.
The switch uses IGMP snooping Immediate Leave to remove from the forwarding table an interface that sends a leave message without the switch sending group-specific queries to the interface. The VLAN interface is pruned from the multicast tree for the multicast group specified in the original leave message. Immediate Leave ensures optimal bandwidth management for all hosts on a switched network, even when multiple multicast groups are simultaneously in use.
Note You should only use the Immediate Leave feature on VLANs where a single host is connected to each port. If Immediate Leave is enabled in VLANs where more than one host is connected to a port, some hosts might inadvertently be dropped.
For configuration steps, see the “Enabling IGMP Immediate Leave” section.
IGMP Configurable-Leave Timer
You can configure the time that the switch waits after sending a group-specific query to determine if hosts are still interested in a specific multicast group. The IGMP leave response time can be configured from 100 to 5000 milliseconds. The timer can be set either globally or on a per-VLAN basis. The VLAN configuration of the leave time overrides the global configuration.
For configuration steps, see the “Configuring the IGMP Leave Timer” section.
IGMP Report Suppression
Note IGMP report suppression is supported only when the multicast query has IGMPv1 and IGMPv2 reports.
The switch uses IGMP report suppression to forward only one IGMP report per multicast router query to multicast devices. When IGMP router suppression is enabled (the default), the switch sends the first IGMP report from all hosts for a group to all the multicast routers. The switch does not send the remaining IGMP reports for the group to the multicast routers. This feature prevents duplicate reports from being sent to the multicast devices.
If the multicast router query includes requests only for IGMPv1 and IGMPv2 reports, the switch forwards only the first IGMPv1 or IGMPv2 report from all hosts for a group to all the multicast routers.
If the multicast router query also includes requests for IGMPv3 reports, the switch forwards all IGMPv1, IGMPv2, and IGMPv3 reports for a group to the multicast devices.
If you disable IGMP report suppression, all IGMP reports are forwarded to the multicast routers. For configuration steps, see the “Disabling IGMP Report Suppression” section.
Configuring IGMP Snooping
IGMP snooping allows switches to examine IGMP packets and make forwarding decisions based on their content.
- Default IGMP Snooping Configuration
- Enabling or Disabling IGMP Snooping
- Configuring a Multicast Router Port
- Configuring a Host Statically to Join a Group
- Enabling IGMP Immediate Leave
- Configuring the IGMP Leave Timer
- Configuring TCN-Related Commands
- Disabling IGMP Report Suppression
Default IGMP Snooping Configuration
|
|
|
|---|---|
TCN1 flood query count |
|
|
|
Enabling or Disabling IGMP Snooping
By default, IGMP snooping is globally enabled on the switch. When globally enabled or disabled, it is also enabled or disabled in all existing VLAN interfaces. IGMP snooping is by default enabled on all VLANs, but can be enabled and disabled on a per-VLAN basis.
Global IGMP snooping overrides the VLAN IGMP snooping. If global snooping is disabled, you cannot enable VLAN snooping. If global snooping is enabled, you can enable or disable VLAN snooping.
Beginning in privileged EXEC mode, follow these steps to globally enable IGMP snooping on the switch:
|
|
|
|
|---|---|---|
Globally enable IGMP snooping in all existing VLAN interfaces. |
||
To globally disable IGMP snooping on all VLAN interfaces, use the no ip igmp snooping global configuration command.
Beginning in privileged EXEC mode, follow these steps to enable IGMP snooping on a VLAN interface:
|
|
|
|
|---|---|---|
Enable IGMP snooping on the VLAN interface.The VLAN ID range is 1 to 1001 and 1006 to 4094. Note IGMP snooping must be globally enabled before you can enable VLAN snooping. |
||
To disable IGMP snooping on a VLAN interface, use the no ip igmp snooping vlan vlan-id global configuration command for the specified VLAN number.
Configuring a Multicast Router Port
To add a multicast router port (add a static connection to a multicast router), use the ip igmp snooping vlan mrouter global configuration command on the switch.
Note Static connections to multicast routers are supported only on switch ports.
Beginning in privileged EXEC mode, follow these steps to enable a static connection to a multicast router:
To remove a multicast router port from the VLAN, use the no ip igmp snooping vlan vlan-id mrouter interface interface-id global configuration command.
This example shows how to enable a static connection to a multicast router:
(config)# ip igmp snooping vlan 200 mrouter interface gigabitethernet0/2
(config)# end
Configuring a Host Statically to Join a Group
Hosts or Layer 2 ports normally join multicast groups dynamically, but you can also statically configure a host on an interface.
Beginning in privileged EXEC mode, follow these steps to add a Layer 2 port as a member of a multicast group:
|
|
|
|
|---|---|---|
ip igmp snooping vlan vlan-id static ip_address interface interface-id |
Statically configure a Layer 2 port as a member of a multicast group: |
|
To remove the Layer 2 port from the multicast group, use the no ip igmp snooping vlan vlan-id static mac-address interface interface-id global configuration command.
This example shows how to statically configure a host on a port:
Enabling IGMP Immediate Leave
When you enable IGMP Immediate Leave, the switch immediately removes a port when it detects an IGMP Version 2 leave message on that port. You should only use the Immediate-Leave feature when there is a single receiver present on every port in the VLAN.
Note Immediate Leave is supported only on IGMP Version 2 hosts.
Beginning in privileged EXEC mode, follow these steps to enable IGMP Immediate Leave:
|
|
|
|
|---|---|---|
Verify that Immediate Leave is enabled on the VLAN interface. |
||
To disable IGMP Immediate Leave on a VLAN, use the no ip igmp snooping vlan vlan-id immediate-leave global configuration command.
This example shows how to enable IGMP Immediate Leave on VLAN 130:
Configuring the IGMP Leave Timer
Follow these guidelines when configuring the IGMP leave timer:
- You can configure the leave time globally or on a per-VLAN basis.
- Configuring the leave time on a VLAN overrides the global setting.
- The default leave time is 1000 milliseconds.
- The IGMP configurable leave time is only supported on hosts running IGMP Version 2.
- The actual leave latency in the network is usually the configured leave time. However, the leave time might vary around the configured time, depending on real-time CPU load conditions, network delays and the amount of traffic sent through the interface.
Beginning in privileged EXEC mode, follow these steps to enable the IGMP configurable-leave timer:
Use the no ip igmp snooping last-member-query-interva l global configuration command to globally reset the IGMP leave timer to the default setting.
Use the no ip igmp snooping vlan vlan-id last-member-query-interval global configuration command to remove the configured IGMP leave-time setting from the specified VLAN.
Configuring TCN-Related Commands
These sections describe how to control flooded multicast traffic during a TCN event:
Controlling the Multicast Flooding Time After a TCN Event
You can control the time that multicast traffic is flooded after a TCH event by using the ip igmp snooping tcn flood query count global configuration command. This command configures the number of general queries for which multicast data traffic is flooded after a TCN event. Some examples of TCN events are the client changed its location and the receiver is on same port that was blocked but is now forwarding, and a port went down without sending a leave message.
If you set the TCN flood query count to 1 by using the ip igmp snooping tcn flood query count command, the flooding stops after receiving one general query. If you set the count to 7, the flooding of multicast traffic due to the TCN event lasts until 7 general queries are received. Groups are relearned based on the general queries received during the TCN event.
Beginning in privileged EXEC mode, follow these steps to configure the TCN flood query count:
|
|
|
|
|---|---|---|
Specify the number of IGMP general queries for which the multicast traffic is flooded. The range is 1 to 10. By default, the flooding query count is 2. |
||
To return to the default flooding query count, use the no ip igmp snooping tcn flood query count global configuration command.
Recovering from Flood Mode
When a topology change occurs, the spanning-tree root sends a special IGMP leave message (also known as global leave) with the group multicast address 0.0.0.0. However, when you enable the ip igmp snooping tcn query solicit global configuration command, the switch sends the global leave message whether or not it is the spanning-tree root. When the router receives this special leave, it immediately sends general queries, which expedite the process of recovering from the flood mode during the TCN event. Leaves are always sent if the switch is the spanning-tree root regardless of this configuration command. By default, query solicitation is disabled.
Beginning in privileged EXEC mode, follow these steps to enable the switch sends the global leave message whether or not it is the spanning-tree root:
|
|
|
|
|---|---|---|
Send an IGMP leave message (global leave) to speed the process of recovering from the flood mode caused during a TCN event. By default, query solicitation is disabled. |
||
To return to the default query solicitation, use the no ip igmp snooping tcn query solicit global configuration command.
Disabling Multicast Flooding During a TCN Event
When the switch receives a TCN, multicast traffic is flooded to all the ports until two general queries are received. If the switch has many ports with attached hosts that are subscribed to different multicast groups, the flooding might exceed the capacity of the link and cause packet loss. You can use the ip igmp snooping tcn flood interface configuration command to control this behavior.
Beginning in privileged EXEC mode, follow these steps to disable multicast flooding on an interface:
|
|
|
|
|---|---|---|
Specify the interface to be configured, and enter interface configuration mode. |
||
Disable the flooding of multicast traffic during a spanning-tree TCN event. |
||
To re-enable multicast flooding on an interface, use the ip igmp snooping tcn flood interface configuration command.
Disabling IGMP Report Suppression
Note IGMP report suppression is supported only when the multicast query has IGMPv1 and IGMPv2 reports. This feature is not supported when the query includes IGMPv3 reports.
IGMP report suppression is enabled by default. When it is enabled, the switch forwards only one IGMP report per multicast router query. When report suppression is disabled, all IGMP reports are forwarded to the multicast routers.
Beginning in privileged EXEC mode, follow these steps to disable IGMP report suppression:
|
|
|
|
|---|---|---|
To re-enable IGMP report suppression, use the ip igmp snooping report-suppression global configuration command.
Displaying IGMP Snooping Information
You can display IGMP snooping information for dynamically learned and statically configured router ports and VLAN interfaces. You can also display MAC address multicast entries for a VLAN configured for IGMP snooping.
To display IGMP snooping information, use one or more of the privileged EXEC commands in Table 20-4 .
For more information about the keywords and options in these commands, see the command reference for this release.
Configuring IGMP Filtering and Throttling
In some environments, for example, metropolitan or multiple-dwelling unit (MDU) installations, you might want to control the set of multicast groups to which a user on a switch port can belong. You can control the distribution of multicast services, such as IP/TV, based on some type of subscription or service plan. You might also want to limit the number of multicast groups to which a user on a switch port can belong.
With the IGMP filtering feature, you can filter multicast joins on a per-port basis by configuring IP multicast profiles and associating them with individual switch ports. An IGMP profile can contain one or more multicast groups and specifies whether access to the group is permitted or denied. If an IGMP profile denying access to a multicast group is applied to a switch port, the IGMP join report requesting the stream of IP multicast traffic is dropped, and the port is not allowed to receive IP multicast traffic from that group. If the filtering action permits access to the multicast group, the IGMP report from the port is forwarded for normal processing. You can also set the maximum number of IGMP groups that a Layer 2 interface can join.
IGMP filtering controls only group-specific query and membership reports, including join and leave reports. It does not control general IGMP queries. IGMP filtering has no relationship with the function that directs the forwarding of IP multicast traffic. The filtering feature operates in the same manner whether IGMP or MVR is used to forward the multicast traffic.
IGMP filtering is applicable only to the dynamic learning of IP multicast group addresses, not static configuration.
With the IGMP throttling feature, you can set the maximum number of IGMP groups that a Layer 2 interface can join. If the maximum number of IGMP groups is set, the IGMP snooping forwarding table contains the maximum number of entries, and the interface receives an IGMP join report, you can configure an interface to drop the IGMP report or to replace the randomly selected multicast entry with the received IGMP report.
Note IGMPv3 join and leave messages are not supported on switches running IGMP filtering.
These sections contain this configuration information:
- Default IGMP Filtering and Throttling Configuration
- Configuring IGMP Profiles (optional)
- Applying IGMP Profiles (optional)
- Setting the Maximum Number of IGMP Groups (optional)
- Configuring the IGMP Throttling Action (optional)
Default IGMP Filtering and Throttling Configuration
Table 20-5 shows the default IGMP filtering configuration.
|
|
|
|---|---|
When the maximum number of groups is in forwarding table, the default IGMP throttling action is to deny the IGMP report. For configuration guidelines, see the “Configuring the IGMP Throttling Action” section.
Configuring IGMP Profiles
To configure an IGMP profile, use the ip igmp profile global configuration command with a profile number to create an IGMP profile and to enter IGMP profile configuration mode. From this mode, you can specify the parameters of the IGMP profile to be used for filtering IGMP join requests from a port. When you are in IGMP profile configuration mode, you can create the profile by using these commands:
- deny : Specifies that matching addresses are denied; this is the default.
- exit : Exits from igmp-profile configuration mode.
- no : Negates a command or returns to its defaults.
- permit : Specifies that matching addresses are permitted.
- range : Specifies a range of IP addresses for the profile. You can enter a single IP address or a range with a start and an end address.
The default is for the switch to have no IGMP profiles configured. When a profile is configured, if neither the permit nor deny keyword is included, the default is to deny access to the range of IP addresses.
Beginning in privileged EXEC mode, follow these steps to create an IGMP profile:
To delete a profile, use the no ip igmp profile profile number global configuration command.
To delete an IP multicast address or range of IP multicast addresses, use the no range ip multicast address IGMP profile configuration command.
This example shows how to create IGMP profile 4 allowing access to the single IP multicast address and how to verify the configuration. If the action was to deny (the default), it would not appear in the show ip igmp profile output display.
Applying IGMP Profiles
To control access as defined in an IGMP profile, use the ip igmp filter interface configuration command to apply the profile to the appropriate interfaces. You can apply IGMP profiles only to Layer 2 access ports; you cannot apply IGMP profiles to routed ports or SVIs. You cannot apply profiles to ports that belong to an EtherChannel port group. You can apply a profile to multiple interfaces, but each interface can have only one profile applied to it.
Beginning in privileged EXEC mode, follow these steps to apply an IGMP profile to a switch port:
To remove a profile from an interface, use the no ip igmp filter profile number interface configuration command.
This example shows how to apply IGMP profile 4 to a port:
Setting the Maximum Number of IGMP Groups
You can set the maximum number of IGMP groups that a Layer 2 interface can join by using the ip igmp max-groups interface configuration command. Use the no form of this command to set the maximum back to the default, which is no limit.
This restriction can be applied to Layer 2 ports only; you cannot set a maximum number of IGMP groups on routed ports or SVIs. You can use this command on a logical EtherChannel interface but cannot use it on ports that belong to an EtherChannel port group.
Beginning in privileged EXEC mode, follow these steps to set the maximum number of IGMP groups in the forwarding table:
To remove the maximum group limitation and return to the default of no maximum, use the no ip igmp max-groups interface configuration command.
This example shows how to limit to 25 the number of IGMP groups that a port can join.
Configuring the IGMP Throttling Action
After you set the maximum number of IGMP groups that a Layer 2 interface can join, you can configure an interface to replace the existing group with the new group for which the IGMP report was received by using the ip igmp max-groups action replace interface configuration command. Use the no form of this command to return to the default, which is to drop the IGMP join report.
Follow these guidelines when configuring the IGMP throttling action:
- This restriction can be applied only to Layer 2 ports. You can use this command on a logical EtherChannel interface but cannot use it on ports that belong to an EtherChannel port group.
- When the maximum group limitation is set to the default (no maximum), entering the ip igmp max-groups action { deny | replace } command has no effect.
- If you configure the throttling action and set the maximum group limitation after an interface has added multicast entries to the forwarding table, the forwarding-table entries are either aged out or removed, depending on the throttling action.
– If you configure the throttling action as deny, the entries that were previously in the forwarding table are not removed but are aged out. After these entries are aged out and the maximum number of entries is in the forwarding table, the switch drops the next IGMP report received on the interface.
– If you configure the throttling action as replace, the entries that were previously in the forwarding table are removed. When the maximum number of entries is in the forwarding table, the switch replaces a randomly selected entry with the received IGMP report.
To prevent the switch from removing the forwarding-table entries, you can configure the IGMP throttling action before an interface adds entries to the forwarding table.
Beginning in privileged EXEC mode, follow these steps to configure the throttling action when the maximum number of entries is in the forwarding table:
To return to the default action of dropping the report, use the no ip igmp max-groups action interface configuration command.
This example shows how to configure a port to remove a randomly selected multicast entry in the forwarding table and to add an IGMP group to the forwarding table when the maximum number of entries is in the table.
Displaying IGMP Filtering and Throttling Configuration
You can display IGMP profile characteristics, and you can display the IGMP profile and maximum group configuration for all interfaces on the switch or for a specified interface. You can also display the IGMP throttling configuration for all interfaces on the switch or for a specified interface.
Use the privileged EXEC commands in Table 20-6 to display IGMP filtering and throttling configuration:
Feedback