3348 igmp snooping is not working

Question

recently we bought power connect 3348 switch... We need to use for media multicasting,, we dont want multicast packets flooded to all ports... so we want to enable igmp snooping...

before enabling igmp snooping ( Global parameters), switch is flooding all multicast packets to all ports. So we enabled igmp snooping (Global parameters) from web interface and saved changes.. even then it is flooding multicast packets to all ports...

here i am posting firmware version and boot messages so that it might be useful for debugging

i am in desperate need of igmp snooping

can anybody help how to make it work ( i don't want switch to flood multicast packets to all ports

configuration done after buying product

1. added new user with level 15 privileges

username xxxx password xxxx level 15

2. default gateway

ip default-gateway 192.168.0.5

Before "igmp snooping" enabled:

two computers are connected to two ports, one computer started multicasting data at particular address ( eg. 239.2.2.2 ). It seems - switch forwards data to all ports, so we can see multicast data at the other computer ports, even thought it didn't joined multicast group

After "igmp snooping" enabled

using http interface we have enabled "igmp snooping", even then it still forwarding multicasted packets to all ports

thanks u

Boot Message:

**************************************************
***************** SYSTEM RESET *****************
**************************************************
Booting...

------ Performing the Power-On Self Test (POST) ------

UART Channel Loopback Test........................PASS

Testing the System Cache..........................PASS

Testing the System SDRAM..........................PASS

Boot1 Checksum Test...............................PASS

Boot2 Checksum Test...............................PASS

Flash Image Validation Test.......................PASS

Testing CPU PCI Bus Device Configuration..........PASS

BOOT Software Version 1.0.0.13 Built 11-May-2003 14:58:20
Processor: MPC8245 Rev 0.14, 250 MHz (Bus: 100MHz), 32 MByte SDRAM.
I-Cache 16 KB, linesize 32.D-Cache 16 KB, linesize 32.
Cache Enabled.

Autoboot in 2 seconds - press RETURN or Esc. to abort and enter prom.
Preparing to decompress...

Decompressing SW from image-1
8ae000
OK
Running from RAM...

.
Update Host params for stand-alone

******************************************************************
*** Running SW Ver. 1.2.0.6 Date 15-Nov-2004 Time 14:22:46 ***
******************************************************************

HW version is 00.00.03
Base Mac address is: 00:11:43:96:19:6a
Dram size is : 32M bytes
Dram first block size is : 20M bytes
Dram first PTR is : 0xB20000
Flash size is: 8M

STAND ALONE
The BCM5625_A1 0 initiate successfully
The BCM5625_A1 1 initiate successfully
01-Jan-2000 01:01:13 %SSHD-W-NOHOSTKEY: SSH has been enabled but an encryption .For key generation use the 'crypto key generate' commands. The service will st.01-Jan-2000 01:01:14 %INIT-I-InitCompleted: Initialization task is completed

console> 01-Jan-2000 01:01:14 %BOX-I-PSUP: Power Supply #1 is up
01-Jan-2000 01:01:14 %BOX-W-PSNOTPRES: Power Supply #2 is not present
01-Jan-2000 01:01:14 %LINK-W-Down: 1/e1
01-Jan-2000 01:01:14 %LINK-W-Down: 1/e2
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e3
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e4
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e5
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e6
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e7
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e8
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e9
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e10
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e11
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e12
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e13
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e14
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e15
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e16
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e17
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e18
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e19
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e2001-Jan-2000 01:01:16 %LINK-W-Down: 1/e25
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e26
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e27
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e28
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e29
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e30
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e31
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e32
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e33
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e34
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e35
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e36
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e37
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e38
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e39
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e40
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e41
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e42
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e43
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e44
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e45
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e46
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e47
01-Jan-2000 01:01:17 %LINK-W-Down: 1/e48
01-Jan-2000 01:01:17 %LINK-W-Down: 1/g1
01-Jan-2000 01:01:17 %LINK-W-Down: 1/g2
01-Jan-2000 01:01:17 %LINK-I-Up: Vlan 1
01-Jan-2000 01:01:17 %LINK-I-Up: 1/e1
01-Jan-2000 01:01:17 %LINK-I-Up: 1/e33

01-Jan-2000 01:01:15 %LINK-W-Down: 1/e21
01-Jan-2000 01:01:15 %LINK-W-Down: 1/e22
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e23
01-Jan-2000 01:01:16 %LINK-W-Down: 1/e24

DELL-Cuong N. · Answer

The steps for configuring IGMP snooping on a 33xx is slightly more involved then just enabling IGMP snooping a the global level.  If you were using a 52xx switch then enabling IGMP snooping would be all you needed to do :-).  Here is a document which explain these steps in detail - http://www.dell.com/downloads/global/products/pwcnt/en/app_note_6.pdf   Let me know if you have any further issue after you try the steps describe in this document.   Cuong.

sapient1234 · Answer

Dear Cuong,

thanks for ur reply... I understood that 3348 needs multicast router to work properly.. Ok I will arrange one multicast router, But when i enabled igmp snooping without router, switch should not pass multicast packets to any port ( bcoz, it cannot listen IGMP queries and responses) instead it is flooding packets to all ports ..

can u explain why it is happening,, is switch is intelligent enough to detect the presence of multicast router and acts as a normal switch when it don't find any multicast router ??

thanks

Ranganadh

DELL-Cuong N. · Answer

As I understand it you only configure IGMP snooping command from the "global scope". Is that correct? If so then that's not quite enough. For the 3348, there are several other commands you must configure in order for it to work. Please read the document carefully and make sure you configure the switch correctly. It is not enough to just enable IGMP snooping from the Global scope on the 3348 switch.

If you have more questions please send me your configuration (do a "show running-config" then send me the configuration on your switch).

Cuong.

sapient1234 · Answer

Dear Cuong,

thanks for ur help.. Here I am giving u complete steps which i followed to test igmp snooping.. And also the setup for testing ... I followed the each and every step which i learnt from the document which u have recommended..

the switch automatically detected multicast router.. Even then switch is flooding multicast packets to all the ports even though client didn't joined multicast group.. ( i using ethereal, open source ethernet snooper)...

Can u go through the following the message and tell me whether i am missing something...

I am unable to understand where i am doing mistake... if u want to see the system i am assign public ip to the switch, so that u can directly access the switch..

thank u very much ... waiting for ur reply

regards

Ranganadh

steps:

1. console# delete startup-config ---> starting from factory setting

2. console(config)# username admin password xxxx level 15
console(config)# interface vlan 1
console(config-if)# ip address 1921
% bad parameter value
console(config-if)# ip address 192.168.0.200 255.255.255.0
console(config-if)# exit
console(config)# ip default-gateway 192.168.0.5

3. console(config)# ip igmp snooping

4. console(config)# bridge multicast filtering

5. console(config)# interface vlan 1
console(config-if)# ip igmp snooping mrouter learn-pim-dvmrp

6. copy running-config startup-config

7. console# show running-config
bridge multicast filtering
ip igmp snooping
interface vlan 1
ip igmp snooping
exit
interface vlan 1
ip address 192.168.0.200 255.255.255.0
exit
ip default-gateway 192.168.0.5
username admin password 54680d064baff4d3b91b4404d4a77fdf level 15 encrypted

8. console# show ip igmp snooping mrouter

VLAN Ports
------- ----------------------------------------
1 1/e45

9. console# show ip igmp snooping interface 1

IGMP Snooping is globaly enabled
IGMP Snooping is enabled on VLAN 1
IGMP host timeout is 260 sec
IGMP Immediate leave is disabled. IGMP leave timeout is 10 sec
IGMP mrouter timeout is 300 sec
Automatic learning of multicast router ports is enabled

10. console# show ip igmp snooping grout
% Unrecognized command
console# show ip igmp snooping groups

Vlan IP Address Querier Ports
------ ------------------------ ------- -----------------------------------
1 224-239.255|127.255.250 Yes 1/e33
1 224-239.255|127.255.254 Yes 1/e33

System Setup:

three m/cs are connected to 3348 switch
- one is acting as a multicast router
- one is acting as a multicast data transmitter
- and on the other machine i am running ethereal ( ethernet snooper to see the ethernet data)

DELL-Cuong N. · Answer

From your setup, I understand that you have a router capable of supporting multicast.  You have a server generating multicast packets.  Do you also have a client which has joined in the multicast group?   The L2 switch is only listening for multicast join packet to determine when to stop flooding multicast packets.  It will continue to flood until a client join, once that happens it will stop flooding and send only to clients which has joined the group.   Does your setup have a client which has joined the multicast group?   Cuong.

hardwired · Answer

Cuong, If what you are saying is correct, it sounds like IGMP is broken on the 3348.  Shouldn't the multicast packets only flood each port breifly, not continually to see if anyone wants to join.  If it doesn't receive any join requests, shouldn't it start blocking the multicast stream to all ports.  If it receives a join request it would only send the stream to that single port.  It doesn't make sense that it would continue to flood all ports if nobody wants the multicast.

sapient1234 · Answer

Dear Cuong,

I gone thru your reply and I found that 3348 will flood multicast packets to all ports, untill it finds one igmp join message. After receiving atleast one igmp join message, it will stop flooding packets and sends only to the requested ports...

Now my 3348 igmp snooping is working like this... Now it is difficult for me to use this switch 3348 in my project. In my project we are going to multicast approximately 400 Mbps data stream, but any client needs less than 50 Mbps at a time, 3348 has uplink of 1Gbps.. So we thought we can use this switch... but now it is very difficult for us to use this switch... since it will try to flood all 400 Mbps data to all 100 Mbps ports in worst case scenario, where no listner is there... which is unacceptable....

Can u tell me solution to this problem.... is it possible to get updated firmware (3348) from Dell.. not to flood multicast packets untill somebody joins the multicast group...or is there any other switch which will do the same...

I am still unable to understand one thing.... why switch is flooding multicast packets to all ports when nobody is listening... it really puzzled me ??

DELL-Cuong N. · Answer

Although there are really no standard for how IGMP snooping works in L2 switches, this is a very typical behavior for L2 switches when implementing this feature. The L2 switch normal behavior is to flood unrecognized packets of which multicast and broadcast are considered to be and so the default behavior is to flood. Remember that an L2 switch primary responsibility is to switch Ethernet packets. The support for IGMP snooping in the L2 switch is really meant as a helper function and is there only to support multicast routers and media stream servers.

So let me explain the idea of IGMP snooping for L2 switches. Note the word "snooping". Normally the L2 switch does not really have a role in this typically L3 function. A media stream is generated from a server to a multicast address. The multicast router will forward traffic to a set of ports on which it has heard JOIN requests. The client may join at anytime even prior to the stream initiating. The router will not send out traffic to ports on which no JOIN has been heard.

So what you described previously is actually a function of how L3 switches (multicast routers) work not how L2 switches work.

So officially an L2 switch has no role in this operation (no standard defined role). But if the L2 switch remain passive and behave normally where it simply flood unrecognized packets then it will result in unnecessary traffic going to ports on which no client has joined. So the L2 switch helps by "snooping" the IGMP packets it sees. By looking at the IGMP packets it can determine where the multicast routers are and the ports on which it has seen an IGMP join for clients of a multicast group. Knowning where the multicast routers are will help the switch to forward IGMP report (join request) for a multicast group only to the router (necessary to prevent accidentally suppressing JOIN request from clients for the same multicast group when using IGMPv1 or v2 protocol). Knowning which ports have clients for a multicast group help the L2 switch to know where to forward MAC multicast packets.

This is the extent of IGMP snooping function in the L2 switch, which is the typical behavior for L2 switches in regard to IGMP snooping feature.

Let me ask you something here. Is your network setup like this?

media stream server connected to the L2 switch.
multicast router connected to the L2 switch.
media stream clients connected to the L2 switch.

In this case the media stream server is sending out media stream on a multicast address to the L2 switch. This is flooded. The multicast router see the multicast stream and periodically sends out a query for membership. If no membership JOIN is seen then the multicast router will not send the media stream, but in the meanwhile the media server will continue to send multicast packets to the L2 switch which will continue to flood. When a client JOIN then the switch will know where the clients are and stop flooding. The MAC multicast will be sent only to the router and to the client. Note that the router is actually also repeating the multicast packets but it will not send back out the port on which it received it so you do not see duplicate multicast packets on the network. If there are clients connected to other ports on the multicast router then these clients will see the media stream from the router.

Connecting this way means that you are using the router only to participate in the IGMP protocol to send out queries and reports since the L2 switch cannot initiate these messages and the L2 switch is used to snoop on those packets to handle the membership and packet forwarding only. The router can also be used to repeat the media stream to other network.

This setup can work for you if your server is setup to not send out the stream until there is at least one client who has joined the multicast group. Meaning you join the client first then you initiate the stream.

If you intend to send the stream out all the time and let the clients connect when they want (not sure why you do this since you will use up resources of the switch and routers and server even when there is no one to consume to the data) then I think you might try the following setup:

Connect the router to the L2 switch.
Connect your clients to the L2 switch.
Connect the media server to the multicast router.

Now the router will see the stream and will not send out the stream until it hears a JOIN from some client. When it hears a join it will send out the multicast stream to the L2 switch, since the L2 switch has also heard the JOIN it will only forward to the clients. In this case everything will work the way you want it, meaning that the router will not send the stream to the L2 switch until at least one client has joined.

Anyway, if you need additional help, please send a network diagram along with detail requirements for your application. Also please let us know the make/model of the router you are using and the media stream server. Also let us know your network setup (IP address, VLAN, etc).

Cuong.

sapient1234 · Answer

Dear Cuong,

Your latest message is very informative... We misunderstood the 3348 L2 functionality... I will discuss with my collegues and let u know if i need help.....

And I had few more questions

1. Is 5000 series switches, which has internal IGMP Queriers also floods multicast packets to all the ports until it receives atleast one IGMP Join message ?? if yes, then I think I need multicast router between multicast streaming server and 5xxx series switch ..

2. what about 6xxx series switches ?? I this it will work as multicast router.. so it will independently works without any external devices. I mean I can connect streaming server to any port and clients to any ports..... and it will dynamically filters all the packets send s to only to the clients, which joined in multicast group..

thanks any way

Ranganadh

DELL-Cuong N. · Answer

The 5xxx series is also an L2 switch series so it will have the same function in regard to IGMP snooping although it is a bit easier to configure (see the document I referenced earlier). The 6xxx series is a series of L2/L3 switches so it is both an L2 switch and an L3 router.  The 6xxx series does support IP multicast and DVMRP so it can operate as a Multicast Router in your network. So yes, you may put the 6xxx router in your network and it will support both the multicast function at the L3 layer and it also support IGMP snooping at the L2 layer. Cuong.

jrizzo · Answer

Hi -
I am having a similar problem.

I have an application that spews multicast traffic. I don't want the multicast traffic sent to every port. What do I do specifically for the following situation?


+--------+     +--------+
| Host A |     | Host C |
+--------+     +--------+
      |            |
  +------+     +------+
  | 3348 |-----| 6024 |
  +------+     +------+
      |            |
+--------+     +--------+
| Host B |     | Host D |
+--------+     +--------+

1) Host A and B are on the same VLAN and IP network connected to a 3348. Host A is sending multicast traffic. Host B and all other hosts connected to the same VLAN on the 3348 see the traffic. The default gateway for the IP network resides on the 6024. How do I keep the multicast traffic from Host A from being seen by all the other hosts on the VLAN?

2) Host C and D are on the same VLAN and IP network(not the same VLAN as Hosts A & B) connected to a 6024. Host C is sending multicast traffic. Host D and all other hosts connected to the same VLAN see the traffic. How do I keep the multicast traffic from Host C from being seen by all the other hosts on the VLAN?

Thanks,
Joe

Message Edited by jrizzo on 07-22-2005 05:23 PM

DELL-Cuong N. · Answer

Please review the rest of the thread. I have posted a link to a document as well as detail explanation on how an L2 and L3 switches support multicasting. Please review the information provided. I believe the thread answers your questions. The key is that an L2 switch will send multicast to all ports unless it sees a JOIN so if you connect the multicast stream directly to an L2 switch you must make sure your client join before you start the multicast stream on your server (assuming you configured everything correctly - again please see the document I referenced earlier).

Cuong.

Networking General

3348 igmp snooping is not working

Was this post helpful?